WO2017185577A1 - Esim card data sharing method, and related device and system - Google Patents

Esim card data sharing method, and related device and system Download PDF

Info

Publication number
WO2017185577A1
WO2017185577A1 PCT/CN2016/097461 CN2016097461W WO2017185577A1 WO 2017185577 A1 WO2017185577 A1 WO 2017185577A1 CN 2016097461 W CN2016097461 W CN 2016097461W WO 2017185577 A1 WO2017185577 A1 WO 2017185577A1
Authority
WO
WIPO (PCT)
Prior art keywords
esim
server
data
authentication
mobile terminal
Prior art date
Application number
PCT/CN2016/097461
Other languages
French (fr)
Chinese (zh)
Inventor
贺才强
Original Assignee
宇龙计算机通信科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 宇龙计算机通信科技(深圳)有限公司 filed Critical 宇龙计算机通信科技(深圳)有限公司
Publication of WO2017185577A1 publication Critical patent/WO2017185577A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/08Allotting numbers to messages; Counting characters, words or messages
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/183Processing at user equipment or user record carrier

Definitions

  • the present invention relates to the field of mobile communications technologies, and in particular, to an eSIM card data sharing method and related devices and systems.
  • SIM Subscriber Identity Module
  • eSIM embedded Subscriber Identity Module
  • the mobile terminal pre-installed with the eSIM card can be used as the master device, and other mobile terminals without the eSIM card can be used as the mobile terminal.
  • the slave device can establish a connection with the master device through the short-range communication technology, so that the eSIM card data provided by the master device can be shared and used.
  • the user needs to carry the master device with him or her as a slave device. If the eSIM card data sharing source of the device does not carry the master device, the data sharing of the eSIM card cannot be realized, which increases the limitation of data sharing of the eSIM card.
  • the embodiment of the invention provides an eSIM card data sharing method, related device and system, and does not need To carry the data sharing of the eSIM card by carrying the main device with you, the limitation of data sharing of the eSIM card is reduced.
  • the first aspect of the embodiment of the present invention discloses an eSIM card data sharing method, including:
  • the server receives an authentication request from the second mobile terminal, where the authentication request includes the identification information of the embedded customer identification module card eSIM and the authentication information;
  • the server transmits the target eSIM data to the second mobile terminal.
  • the target eSIM data is shared by the first mobile terminal
  • the method further includes:
  • the server in response to the eSIM card activation request, acquires eSIM data corresponding to the eSIM card activation request, and sends the eSIM data to the first mobile terminal.
  • the method further includes:
  • the server receives the security level and key information of each service in the eSIM data sent by the first mobile terminal, and encrypts the eSIM data by using the key information.
  • the method before the server determines that the authentication request requests the security level of the authentication, the method further includes:
  • the server matches the authentication information with the key information
  • the method further includes:
  • the server uses, as the target eSIM data, a service in the eSIM data whose security level is not greater than the security level of the authentication request request authentication.
  • the second aspect of the embodiment of the present invention discloses an eSIM card data sharing method, including:
  • the second mobile terminal sends an authentication request to the server, where the server determines that the authentication request requests the security level of the authentication, and obtains the target eSIM data after the authentication information is authenticated, wherein the authentication request includes the embedded client. Identifying the identification information of the module card eSIM and the authentication information;
  • the second mobile terminal receives target eSIM data sent by the server, wherein the target eSIM data includes eSIM data that matches the security level.
  • a third aspect of the embodiment of the present invention discloses a server, including:
  • a first receiving unit configured to receive an authentication request from the second mobile terminal, where the authentication request includes the identification information of the embedded customer identification module card eSIM and the authentication information;
  • a determining unit configured to determine a security level of the authentication request requesting authentication
  • a first acquiring unit configured to acquire target eSIM data when the authentication information is authenticated, where the target eSIM data includes eSIM data that matches the security level;
  • a first sending unit configured to send the target eSIM data to the second mobile terminal.
  • the target eSIM data is shared by the first mobile terminal
  • the server further includes:
  • a second receiving unit configured to receive an eSIM card activation request sent by the first mobile terminal
  • a second acquiring unit configured to obtain eSIM data corresponding to the eSIM card activation request in response to the eSIM card activation request;
  • a second sending unit configured to send the eSIM data to the first mobile terminal.
  • the server further includes:
  • a third receiving unit configured to receive a security level and key information of each service in the eSIM data sent by the first mobile terminal
  • an encryption unit configured to encrypt the eSIM data by using the key information.
  • the server further includes:
  • a matching unit configured to match the authentication information with the key information
  • the target data generating unit is configured to use, as the target eSIM data, a service in the eSIM data whose security level is not greater than the security level of the authentication request request authentication.
  • a fourth aspect of the embodiments of the present invention discloses a mobile terminal, including:
  • a first sending unit configured to send an authentication request to the server, where the server determines that the authentication request requests a security level of the authentication, and obtains target eSIM data after the authentication information is authenticated, wherein the authentication request includes The embedded customer identification module card eSIM identification information and authentication information;
  • a receiving unit configured to receive target eSIM data sent by the server, where the target eSIM data includes eSIM data that matches the security level.
  • a fifth aspect of the embodiments of the present invention discloses an eSIM card data sharing system, including a first mobile terminal, a second mobile terminal, and a server:
  • the first mobile terminal is configured to send an eSIM card activation request to the server;
  • the server is configured to obtain, according to the eSIM card activation request, eSIM data corresponding to the eSIM card activation request, and send the eSIM data to the first mobile terminal;
  • the first mobile terminal is further configured to send, to the server, a security level and key information of each service in the eSIM data;
  • the second mobile terminal is configured to send an authentication request to the server, where the authentication request includes identifier information of the embedded client identification module card eSIM and authentication information;
  • the server is further configured to determine a security level of the authentication request request authentication, and if the authentication information is authenticated, acquire target eSIM data, where the target eSIM data includes eSIM data that matches the security level;
  • the server is further configured to send the target eSIM data to the second mobile terminal.
  • the server is further configured to encrypt the eSIM data by using the key information
  • the server is further configured to match the authentication information with the key information
  • the server is further configured to use, as the target eSIM data, a service in the eSIM data whose security level is not greater than the security level of the authentication request request authentication.
  • the embodiment of the present invention has the following advantages: the server receives the authentication request from the second mobile terminal, where the authentication request includes the identification information of the embedded customer identification module card eSIM and the authentication information; the server determines the above The authentication request requests the security level of the authentication. If the authentication information is authenticated, the target eSIM data is acquired, wherein the target eSIM data includes eSIM data that matches the security level; and the server sends the target eSIM data to the second mobile terminal.
  • the second mobile terminal only needs to use the target eSIM data shared by the master device when there is a network, and does not need to carry the master device with the host device, thereby reducing the limitation of the eSIM card data sharing.
  • FIG. 1 is a schematic structural diagram of an eSIM card data sharing network disclosed in an embodiment of the present invention
  • FIG. 2 is a schematic flowchart of a method for sharing data of an eSIM card according to an embodiment of the present invention
  • FIG. 3 is a schematic flowchart diagram of another eSIM card data sharing method according to an embodiment of the present invention.
  • FIG. 4 is a schematic structural diagram of a server according to an embodiment of the present invention.
  • FIG. 5 is a schematic structural diagram of another server according to an embodiment of the present invention.
  • FIG. 6 is a schematic structural diagram of a mobile terminal according to an embodiment of the present disclosure.
  • FIG. 7 is a schematic structural diagram of another mobile terminal according to an embodiment of the present disclosure.
  • FIG. 8 is a schematic structural diagram of an eSIM card data sharing system according to an embodiment of the present invention.
  • the embodiment of the invention provides an eSIM card data sharing method and related device and system, which can realize eSIM card data sharing without carrying the host device, and reduces the limitation of the eSIM card data sharing. The details are described below separately.
  • FIG. 1 is a schematic structural diagram of an eSIM card data sharing network according to an embodiment of the present invention.
  • the first mobile terminal, the server, and the second mobile terminal may be included, where the first mobile terminal may communicate with the server through the Internet, and the second mobile terminal may also use the Internet. Communicate with the server.
  • the first mobile terminal can be used as The master device is installed with an eSIM card as a data sharing source.
  • the second mobile terminal can selectively install an eSIM card.
  • the second mobile terminal refers to another mobile terminal that is different from the first mobile terminal.
  • the number of the second mobile terminal can be When the number of the second mobile terminals is one or more, the types of the second mobile terminals may be the same or different, which is not limited in the embodiment of the present invention.
  • the first mobile terminal may first activate its own eSIM card from the server, obtain eSIM data from the server, and set the security of each service in the eSIM data.
  • the level and the key information are sent to the server, the server stores the setting information, and encrypts the eSIM data.
  • the second mobile terminal sends an authentication request to the server, and the server responds to the authentication request to determine the security of the authentication request request authentication.
  • the level in the case that the authentication is passed, the service in the eSIM data whose security level is not greater than the security level of the authentication request request authentication is used as the target eSIM data, and is sent to the second mobile terminal.
  • the sending verification request obtains the target eSIM data shared in the eSIM data, and does not need to carry the first mobile terminal with the user, which reduces the limitation of the eSIM card data sharing.
  • FIG. 2 is a schematic flowchart diagram of a method for sharing data of an eSIM card according to an embodiment of the present invention. As shown in FIG. 2, the eSIM card data sharing method may include the following steps:
  • the server receives an authentication request from the second mobile terminal, where the authentication request includes the identifier information of the embedded client identification module card eSIM and the authentication information.
  • the second mobile terminal may include a mobile terminal running an Android operating system, an iOS operating system, a Windows operating system, or other operating systems, such as a mobile phone, a mobile computer, a tablet, and a personal digital assistant (Personal Digital Assistant, A mobile terminal such as a PDA), a smart watch, smart glasses, a smart bracelet, or the like, and an eSIM card can be selectively installed in the second mobile terminal.
  • Android operating system an iOS operating system
  • Windows operating system or other operating systems
  • a mobile terminal such as a PDA
  • an eSIM card can be selectively installed in the second mobile terminal.
  • the encrypted eSIM data is pre-stored in the server, and the security level is set for each service in the eSIM data, and the security level may be the same or different.
  • the security level of the data service may be set.
  • the security level of the voice call service is two
  • the security level of the short message service is three, and the higher the level, the greater the authority.
  • the server receives the authentication request of the second mobile terminal, for example, selecting the eSIM card sharing option to be enabled in the second mobile terminal, and the eSIM that can be selected may be listed at this time.
  • the user sends an authentication request to the server, where the authentication request includes the identifier information of the eSIM card and the authentication information.
  • the identifier information of the eSIM card refers to a digital sequence, a two-dimensional code, a character sequence, and the like that can be uniquely identified by the server.
  • the authentication information corresponding to the identifier information of the eSIM card may be a digital password, a graphic password, or a fingerprint information.
  • One or more combinations of iris information and the like are not specifically limited in the embodiments of the present invention.
  • the server determines the security level of the authentication request request authentication, and if the authentication information is authenticated, the target eSIM data is obtained, where the target eSIM data includes eSIM data that matches the security level;
  • the server after receiving the authentication request, matches the authentication information, and determines the security level of the authentication request request authentication, and obtains the target eSIM data after the authentication information matches. For example, if the security level of the authentication request request authentication is two-level, the server uses the data service and the voice call service with the security level of the primary and secondary levels in the eSIM data as the target eSIM data. Further, different target eSIM data can be obtained through different authentication levels.
  • the server sends the target eSIM data to the second mobile terminal.
  • the target eSIM data is acquired by the server in step 202, the target eSIM data is sent to the second mobile terminal, and the second mobile terminal can use the corresponding service after receiving the target eSIM data.
  • the eSIM card data sharing can be implemented without carrying the host device, and the limitation of the eSIM card data sharing is reduced.
  • FIG. 3 is a schematic flowchart diagram of another eSIM card data sharing method according to an embodiment of the present invention. As shown in FIG. 3, the eSIM card data sharing method may include the following steps:
  • the first mobile terminal sends an eSIM card activation request to the server.
  • the first mobile terminal may include a mobile terminal running an Android operating system, an iOS operating system, a Windows operating system, or other operating systems, such as a mobile phone, a mobile computer, a tablet, and a personal digital assistant (Personal Digital Assistant, A mobile terminal such as a PDA), a smart watch, a smart glasses, a smart bracelet, and the like, and an eSIM card is installed in the first mobile terminal.
  • Android operating system an iOS operating system
  • Windows operating system or other operating systems
  • a mobile terminal such as a PDA
  • a smart watch such as a PDA
  • smart glasses such as a smart glasses, a smart bracelet, and the like
  • an eSIM card is installed in the first mobile terminal.
  • the first mobile terminal may select its own carrier network, and send an eSIM card activation request to the corresponding operator server, where the eSIM card activation request carries the user identity identifier (such as an ID number, etc.) and the selection Package service.
  • the user identity identifier such as an ID number, etc.
  • the server obtains eSIM data corresponding to the eSIM card activation request in response to the foregoing eSIM card activation request.
  • the server After receiving the eSIM card activation request, the server obtains eSIM data corresponding to the eSIM card activation request (ie, the package service carried in the eSIM card activation request), and sets a corresponding one for the eSIM card.
  • Identification information which may be a digital sequence, a two-dimensional code, a sequence of characters, and the like of the eSIM card.
  • the server sends the eSIM data to the first mobile terminal.
  • the first mobile terminal sends, to the server, a security level and key information of each service in the eSIM data.
  • the security level for example, can set the security level of the data service to one level, the security level of the voice call service to two levels, the security level of the short message service to three levels, and the higher the level, the greater the authority, and the key information can be set at the same time.
  • the key information may be one or more combinations of a digital password, a graphic password, a fingerprint information, an iris information, and the like, which are not specifically limited in the embodiments of the present invention.
  • the server receives the security level and key information of each service in the eSIM data, and encrypts the eSIM data by using the key information.
  • the eSIM data After receiving the security level and key information of each service in the eSIM data by the server in step 304, the eSIM data is encrypted by using the key information.
  • the second mobile terminal sends an authentication request to the server, where the authentication request includes the identifier information of the eSIM card and the authentication information.
  • the server matches the foregoing authentication information with the key information.
  • the server sends an authentication failure message to the second mobile terminal.
  • the server determines the security level of the authentication request request authentication.
  • the server uses, as the target eSIM data, a service in the eSIM data whose security level is not greater than the security level of the authentication request request authentication.
  • the server sends the target eSIM data to the second mobile terminal.
  • the server After receiving the authentication request sent by the second mobile terminal, the server matches the authentication information with the key information, and if the matching fails, sends an authentication failure message to the second mobile terminal, prompting to re-enter the authentication information. If the matching is passed, determining that the authentication request requesting the security level of the authentication, and the service in the eSIM data whose security level is not greater than the security level of the authentication request request authentication is used as the target eSIM data, for example, if the authentication request requesting the authentication security level is In the second level, the server uses the data service and the voice call service with the security level of the primary and secondary levels in the eSIM data as the target eSIM data, and sends the target eSIM data to the second mobile terminal.
  • the second mobile terminal may send a logout instruction to the server, so that the server may log out the target eSIM data shared by the second mobile terminal in response to the logout instruction.
  • the second mobile terminal only needs to use the target eSIM data shared by the first mobile terminal when there is a network, and does not need to carry the first mobile terminal with the mobile terminal, thereby reducing the data sharing of the eSIM card. limitation.
  • the embodiment of the invention further provides a server, as shown in FIG. 4, comprising:
  • the first receiving unit 401 is configured to receive an authentication request from the second mobile terminal, where the authentication request includes the identifier information of the eSIM card and the authentication information;
  • a determining unit 402 configured to determine a security level of the foregoing authentication request requesting authentication
  • the first obtaining unit 403 is configured to acquire target eSIM data when the authentication information is authenticated, wherein the target eSIM data includes eSIM data that matches the security level;
  • the first sending unit 404 is configured to send the target eSIM data to the second mobile terminal.
  • the server shown in FIG. 4 may further include:
  • a second receiving unit 405, configured to receive an eSIM card activation request sent by the first mobile terminal
  • the second obtaining unit 406 is configured to obtain, according to the eSIM card activation request, the eSIM data corresponding to the eSIM card activation request.
  • a second sending unit 407 configured to send the foregoing eSIM data to the first mobile terminal
  • the third receiving unit 408 is configured to receive a security level and key information of each service in the eSIM data sent by the first mobile terminal;
  • the encryption unit 409 is configured to encrypt the eSIM data by using the key information.
  • the matching unit 410 is configured to match the foregoing authentication information with the key information.
  • the target data generating unit 411 is configured to use, as the target eSIM data, a service in which the security level of the eSIM data is not greater than the security level of the authentication request request authentication.
  • the eSIM card activation request sent by the first mobile terminal is first received by the second receiving unit 405, and the eSIM data corresponding to the eSIM card activation request is obtained by the second obtaining unit 406 in response to the eSIM card activation request.
  • the foregoing eSIM data is sent to the first mobile terminal by the second sending unit 407, and the security level of each service in the eSIM data is set by the first mobile terminal, and then received by the first mobile terminal by the third receiving unit 408.
  • the security level and key information of each service in the eSIM data, and the eSIM data is encrypted by the encryption unit 409 by using the key information, and further, the server receives the authentication request from the second mobile terminal through the first receiving unit 401. And the matching information is matched with the key information by the matching unit 410, and the determining unit 402 determines the security level of the authentication request requesting the authentication. After the matching of the authentication information is successful, the eSIM data is obtained by the target data generating unit 411. The security level is not greater than the security of the authentication request request authentication, etc. ESIM service as the target data, and acquires the target data by the first eSIM acquisition unit 403, and then transmits the data to the second target eSIM mobile terminal 404 through the first transmitting unit.
  • FIG. 5 is a schematic structural diagram of another server according to an embodiment of the present invention.
  • the server may include at least one processor 501, such as a CPU, at least one network interface 502, a user interface 503, a memory 504, a database unit 505, and at least one communication bus 506.
  • the communication bus 506 is used to implement connection communication between these components.
  • User interface 503 can include a display, a keyboard, and the like.
  • the memory 504 may be a high speed RAM memory or a non-volatile memory such as at least one disk memory.
  • the memory 504 can optionally also be at least one storage device located remotely from the aforementioned processor 501.
  • a memory 504 as a computer storage medium may include an operating system, a network communication module, a user interface module, and an eSIM card data sharing program.
  • the network interface 502 is mainly used to connect the mobile terminal for data communication, and the processor 501 can be used to call the eSIM card data sharing program stored in the memory 504, and perform the following operations:
  • the service in the eSIM data whose security level is not greater than the security level of the authentication request request authentication is used as the target eSIM data;
  • the target eSIM data is transmitted to the second mobile terminal through the network interface 502.
  • server shown in FIG. 5 only indicates the components required in the server for performing the eSIM card data sharing method disclosed in the embodiment of the present invention, and other components that the server can have are not marked in the embodiment of the present invention because This does not affect the implementation of embodiments of the invention.
  • the embodiment of the invention further provides a mobile terminal, as shown in FIG. 6, comprising:
  • the first sending unit 601 is configured to send an authentication request to the server, where the server determines the security level of the authentication request request authentication, and obtains the target eSIM data after the authentication information is authenticated, wherein the identifier includes the identifier of the eSIM card.
  • Information and authentication information ;
  • the receiving unit 602 is configured to receive target eSIM data sent by the server, where the target eSIM data includes eSIM data that matches the security level.
  • FIG. 7 is a schematic structural diagram of another mobile terminal according to an embodiment of the present invention.
  • the mobile terminal can include at least one processor 701, such as a CPU, at least one network interface 702, a user interface 703, a memory 704, a database unit 705, and at least one communication bus 706.
  • the communication bus 706 is used to implement connection communication between these components, and the user interface 703 may include a display, a keyboard, and the like.
  • the memory 704 may be a high speed RAM memory or a non-volatile memory such as at least one disk memory.
  • the memory 704 can optionally also be at least one storage device located remotely from the aforementioned processor 701.
  • a memory 704 as a computer storage medium
  • the operating system, the network communication module, the user interface module, and the eSIM card data sharing program may be included.
  • the network interface 702 is mainly used to connect to the server for data communication; and the processor 701 can be used to call the eSIM card data sharing program stored in the memory 704, and perform the following operations:
  • the server determines the security level of the authentication request request authentication, and obtains the target eSIM data after the authentication information is authenticated, wherein the authentication request includes the identifier information and the authentication information of the eSIM card. ;
  • the target eSIM data transmitted by the server is received through the network interface 702, wherein the target eSIM data includes eSIM data that matches the security level.
  • the mobile terminal shown in FIG. 7 only indicates components required for performing the eSIM card data sharing method disclosed in the embodiment of the present invention, and other components that can be provided by the mobile terminal are not used in the embodiments of the present invention. Indicated as this does not affect the implementation of embodiments of the present invention.
  • FIG. 8 is a schematic structural diagram of an eSIM card data sharing system according to an embodiment of the present invention.
  • the eSIM card data sharing system may include a first mobile terminal 801, a second mobile terminal 802, and a server 803, wherein the first mobile terminal 801 and the second mobile terminal 802 are respectively connected to the server 803 via the Internet. ,among them:
  • the first mobile terminal 801 is configured to send an eSIM card activation request to the server 803.
  • the server 803 is configured to obtain, according to the eSIM card activation request, the eSIM data corresponding to the eSIM card activation request, and send the eSIM data to the first mobile terminal 801;
  • the first mobile terminal 801 is further configured to send, to the server 803, a security level and key information of each service in the eSIM data.
  • the second mobile terminal 802 is configured to send an authentication request to the server 803, where the authentication request includes the identifier information of the eSIM card and the authentication information;
  • the server 803 is further configured to determine a security level of the authentication request request authentication, and if the authentication information is authenticated, acquire target eSIM data, where the target eSIM data includes eSIM data that matches the security level;
  • the server 803 is further configured to send the target eSIM data to the second mobile terminal 802.
  • the eSIM data is sent to the server 803 at the first mobile terminal 801.
  • the server 803 is further configured to encrypt the eSIM data by using the key information;
  • the server 803 is further configured to match the foregoing authentication information with the key information.
  • the server 803 is further configured to use, as the target eSIM data, a service in which the security level of the eSIM data is not greater than the security level of the authentication request request authentication.
  • each unit included is only divided according to functional logic, but is not limited to the above division, as long as the corresponding function can be implemented.
  • the specific names of the respective functional units are only for convenience of distinguishing from each other, and are not intended to limit the scope of protection of the present invention.
  • the storage medium may be a flash memory disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like, which can store program code.

Abstract

Disclosed are an eSIM card data sharing method, and a related device and system, which are applied to the technical field of mobile communications. The method comprises: a server receiving an authentication request from a second mobile terminal, the authentication request comprising identification information about an embedded subscriber identity module (eSIM) and authentication information; the server determining the security level of authentication requested by the authentication request, and if authentication of the authentication information is passed, acquiring target eSIM data, the target eSIM data comprising eSIM data matched with the security level; and the server sending the target eSIM data to the second mobile terminal. With implementation of the embodiments of the present invention, a second mobile terminal can load target eSIM data from a server under the condition that there is a network, without carrying a master device around, thereby reducing the limitation of eSIM card data sharing.

Description

一种eSIM卡数据共享方法及相关设备、系统ESIM card data sharing method and related device and system
本申请要求于2016年4月29日提交中国专利局,申请号为201610289356.0、发明名称为“一种eSIM卡数据共享方法及相关设备、系统”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims priority to Chinese Patent Application No. 201610289356.0, entitled "ESIM Card Data Sharing Method and Related Equipment, System", filed on April 29, 2016, the entire contents of which are hereby incorporated by reference. Combined in this application.
技术领域Technical field
本发明涉及移动通信技术领域,尤其涉及一种eSIM卡数据共享方法及相关设备、系统。The present invention relates to the field of mobile communications technologies, and in particular, to an eSIM card data sharing method and related devices and systems.
背景技术Background technique
随着移动终端及通信技术的发展,移动终端愈来愈追求超薄、屏幕超大的效果,而传统的客户识别模块卡(Subscriber Identity Module,SIM)占据了移动终端较大的硬件空间,因此嵌入式客户识别模块卡(embedded Subscriber Identity Module,eSIM)技术逐渐崭露头角。所谓eSIM技术是移动终端在出厂时SIM卡就会被预装在移动终端里,不仅节省了硬件空间,而且用户可以根据所在地的信号强弱或者套餐优劣随时切换运营网络。With the development of mobile terminals and communication technologies, mobile terminals are increasingly pursuing ultra-thin and large screen effects, while the traditional Subscriber Identity Module (SIM) occupies a large hardware space of mobile terminals, so it is embedded. The embedded Subscriber Identity Module (eSIM) technology is gradually emerging. The so-called eSIM technology is that the SIM card will be pre-installed in the mobile terminal when the mobile terminal is shipped, which not only saves the hardware space, but also the user can switch the operation network at any time according to the strength of the local signal or the quality of the package.
在工作和生活中,为适应不同场景的应用需求,越来越多的用户开始拥有多个移动终端,例如拥有多部大小不一样的手机、平板电脑、智能手环等,从而,用户可以在不同的场景选用合适的移动终端进行使用,例如户外运动可以使用小型手机,上班办公可以使用中型手机,休闲上网则可以使用大型手机等。In work and life, in order to adapt to the application needs of different scenarios, more and more users start to have multiple mobile terminals, such as having multiple mobile phones, tablets, smart bracelets, etc., so that users can Different scenarios are selected using suitable mobile terminals, such as small mobile phones for outdoor sports, medium-sized mobile phones for work, and large mobile phones for casual Internet access.
在此基础上,为避免多个移动终端使用不同eSIM卡时所存在的费用高、信息紊乱等问题,可以将预装有eSIM卡的移动终端作为主设备,其它没有装eSIM卡的移动终端作为从设备,从设备可以通过近距离通信技术与主设备建立连接,从而可以对主设备提供的eSIM卡数据进行共享使用,但是采用这种共享方式,需要用户随身携带主设备,用于作为各个从设备的eSIM卡数据共享源,如果用户没有携带主设备,就无法实现eSIM卡的数据共享,增大了eSIM卡数据共享的局限性。On the basis of this, in order to avoid the problems of high cost and information disorder when multiple mobile terminals use different eSIM cards, the mobile terminal pre-installed with the eSIM card can be used as the master device, and other mobile terminals without the eSIM card can be used as the mobile terminal. From the device, the slave device can establish a connection with the master device through the short-range communication technology, so that the eSIM card data provided by the master device can be shared and used. However, in this sharing mode, the user needs to carry the master device with him or her as a slave device. If the eSIM card data sharing source of the device does not carry the master device, the data sharing of the eSIM card cannot be realized, which increases the limitation of data sharing of the eSIM card.
发明内容Summary of the invention
本发明实施例提供了一种eSIM卡数据共享方法及相关设备、系统,不需 要随身携带主设备即可实现eSIM卡的数据共享,降低了eSIM卡数据共享的局限性。The embodiment of the invention provides an eSIM card data sharing method, related device and system, and does not need To carry the data sharing of the eSIM card by carrying the main device with you, the limitation of data sharing of the eSIM card is reduced.
本发明实施例第一方面公开了一种eSIM卡数据共享方法,包括:The first aspect of the embodiment of the present invention discloses an eSIM card data sharing method, including:
服务器接收来自第二移动终端的认证请求,所述认证请求中包含嵌入式客户识别模块卡eSIM的标识信息以及认证信息;The server receives an authentication request from the second mobile terminal, where the authentication request includes the identification information of the embedded customer identification module card eSIM and the authentication information;
所述服务器确定所述认证请求请求认证的安全等级,若对所述认证信息认证通过,则获取目标eSIM数据,所述目标eSIM数据包含与所述安全等级匹配的eSIM数据;Determining, by the server, the security level of the authentication request requesting authentication, and if the authentication information is authenticated, acquiring target eSIM data, where the target eSIM data includes eSIM data that matches the security level;
所述服务器向所述第二移动终端发送所述目标eSIM数据。The server transmits the target eSIM data to the second mobile terminal.
作为一种可选的实施方式,所述目标eSIM数据由第一移动终端所共享;As an optional implementation manner, the target eSIM data is shared by the first mobile terminal;
所述服务器接收来自第二移动终端的认证请求之前,所述方法还包括:Before the server receives the authentication request from the second mobile terminal, the method further includes:
所述服务器接收第一移动终端发送的eSIM卡激活请求;Receiving, by the server, an eSIM card activation request sent by the first mobile terminal;
所述服务器响应所述eSIM卡激活请求,获取与所述eSIM卡激活请求对应的eSIM数据,并向所述第一移动终端发送所述eSIM数据。The server, in response to the eSIM card activation request, acquires eSIM data corresponding to the eSIM card activation request, and sends the eSIM data to the first mobile terminal.
作为一种可选的实施方式,所述向所述第一移动终端发送所述eSIM数据之后,所述方法还包括:As an optional implementation manner, after the sending the eSIM data to the first mobile terminal, the method further includes:
所述服务器接收所述第一移动终端发送的所述eSIM数据中各项服务的安全等级以及密钥信息,并用所述密钥信息对所述eSIM数据进行加密。The server receives the security level and key information of each service in the eSIM data sent by the first mobile terminal, and encrypts the eSIM data by using the key information.
作为一种可选的实施方式,所述服务器确定所述认证请求请求认证的安全等级之前,所述方法还包括:As an optional implementation manner, before the server determines that the authentication request requests the security level of the authentication, the method further includes:
所述服务器将所述认证信息与所述密钥信息进行匹配;The server matches the authentication information with the key information;
所述对所述认证信息认证通过之后,所述方法还包括:After the authentication information is authenticated, the method further includes:
所述服务器将所述eSIM数据中安全等级不大于所述认证请求请求认证的安全等级的服务作为目标eSIM数据。The server uses, as the target eSIM data, a service in the eSIM data whose security level is not greater than the security level of the authentication request request authentication.
本发明实施例第二方面公开了一种eSIM卡数据共享方法,包括:The second aspect of the embodiment of the present invention discloses an eSIM card data sharing method, including:
第二移动终端向服务器发送认证请求,由所述服务器确定所述认证请求请求认证的安全等级并在对所述认证信息认证通过后获取目标eSIM数据,其中,所述认证请求中包含嵌入式客户识别模块卡eSIM的标识信息以及认证信息;The second mobile terminal sends an authentication request to the server, where the server determines that the authentication request requests the security level of the authentication, and obtains the target eSIM data after the authentication information is authenticated, wherein the authentication request includes the embedded client. Identifying the identification information of the module card eSIM and the authentication information;
所述第二移动终端接收所述服务器发送的目标eSIM数据,其中,所述目标eSIM数据包含与所述安全等级匹配的eSIM数据。 The second mobile terminal receives target eSIM data sent by the server, wherein the target eSIM data includes eSIM data that matches the security level.
本发明实施例第三方面公开了一种服务器,包括:A third aspect of the embodiment of the present invention discloses a server, including:
第一接收单元,用于接收来自第二移动终端的认证请求,所述认证请求中包含嵌入式客户识别模块卡eSIM的标识信息以及认证信息;a first receiving unit, configured to receive an authentication request from the second mobile terminal, where the authentication request includes the identification information of the embedded customer identification module card eSIM and the authentication information;
确定单元,用于确定所述认证请求请求认证的安全等级;a determining unit, configured to determine a security level of the authentication request requesting authentication;
第一获取单元,用于在对所述认证信息认证通过时,获取目标eSIM数据,所述目标eSIM数据包含与所述安全等级匹配的eSIM数据;a first acquiring unit, configured to acquire target eSIM data when the authentication information is authenticated, where the target eSIM data includes eSIM data that matches the security level;
第一发送单元,用于向所述第二移动终端发送所述目标eSIM数据。a first sending unit, configured to send the target eSIM data to the second mobile terminal.
作为一种可选的实施方式,所述目标eSIM数据由第一移动终端所共享;As an optional implementation manner, the target eSIM data is shared by the first mobile terminal;
所述服务器还包括:The server further includes:
第二接收单元,用于接收第一移动终端发送的eSIM卡激活请求;a second receiving unit, configured to receive an eSIM card activation request sent by the first mobile terminal;
第二获取单元,用于响应所述eSIM卡激活请求,获取与所述eSIM卡激活请求对应的eSIM数据;a second acquiring unit, configured to obtain eSIM data corresponding to the eSIM card activation request in response to the eSIM card activation request;
第二发送单元,用于向所述第一移动终端发送所述eSIM数据。a second sending unit, configured to send the eSIM data to the first mobile terminal.
作为一种可选的实施方式,所述服务器还包括:As an optional implementation manner, the server further includes:
第三接收单元,用于接收所述第一移动终端发送的所述eSIM数据中各项服务的安全等级以及密钥信息;a third receiving unit, configured to receive a security level and key information of each service in the eSIM data sent by the first mobile terminal;
加密单元,用于用所述密钥信息对所述eSIM数据进行加密。And an encryption unit, configured to encrypt the eSIM data by using the key information.
作为一种可选的实施方式,所述服务器还包括:As an optional implementation manner, the server further includes:
匹配单元,用于将所述认证信息与所述密钥信息进行匹配;a matching unit, configured to match the authentication information with the key information;
目标数据生成单元,用于将所述eSIM数据中安全等级不大于所述认证请求请求认证的安全等级的服务作为目标eSIM数据。The target data generating unit is configured to use, as the target eSIM data, a service in the eSIM data whose security level is not greater than the security level of the authentication request request authentication.
本发明实施例第四方面公开了一种移动终端,包括:A fourth aspect of the embodiments of the present invention discloses a mobile terminal, including:
第一发送单元,用于向服务器发送认证请求,由所述服务器确定所述认证请求请求认证的安全等级并在对所述认证信息认证通过后获取目标eSIM数据,其中,所述认证请求中包含嵌入式客户识别模块卡eSIM的标识信息以及认证信息;a first sending unit, configured to send an authentication request to the server, where the server determines that the authentication request requests a security level of the authentication, and obtains target eSIM data after the authentication information is authenticated, wherein the authentication request includes The embedded customer identification module card eSIM identification information and authentication information;
接收单元,用于接收所述服务器发送的目标eSIM数据,其中,所述目标eSIM数据包含与所述安全等级匹配的eSIM数据。And a receiving unit, configured to receive target eSIM data sent by the server, where the target eSIM data includes eSIM data that matches the security level.
本发明实施例第五方面公开了一种eSIM卡数据共享系统,包括第一移动终端、第二移动终端以及服务器: A fifth aspect of the embodiments of the present invention discloses an eSIM card data sharing system, including a first mobile terminal, a second mobile terminal, and a server:
所述第一移动终端,用于向所述服务器发送eSIM卡激活请求;The first mobile terminal is configured to send an eSIM card activation request to the server;
所述服务器,用于响应所述eSIM卡激活请求,获取与所述eSIM卡激活请求对应的eSIM数据,并向所述第一移动终端发送所述eSIM数据;The server is configured to obtain, according to the eSIM card activation request, eSIM data corresponding to the eSIM card activation request, and send the eSIM data to the first mobile terminal;
所述第一移动终端,还用于向所述服务器发送所述eSIM数据中各项服务的安全等级以及密钥信息;The first mobile terminal is further configured to send, to the server, a security level and key information of each service in the eSIM data;
所述第二移动终端,用于向所述服务器发送认证请求,所述认证请求中包含嵌入式客户识别模块卡eSIM的标识信息以及认证信息;The second mobile terminal is configured to send an authentication request to the server, where the authentication request includes identifier information of the embedded client identification module card eSIM and authentication information;
所述服务器,还用于确定所述认证请求请求认证的安全等级,若对所述认证信息认证通过,则获取目标eSIM数据,所述目标eSIM数据包含与所述安全等级匹配的eSIM数据;The server is further configured to determine a security level of the authentication request request authentication, and if the authentication information is authenticated, acquire target eSIM data, where the target eSIM data includes eSIM data that matches the security level;
所述服务器,还用于向所述第二移动终端发送所述目标eSIM数据。The server is further configured to send the target eSIM data to the second mobile terminal.
作为一种可选的实施方式,As an alternative embodiment,
所述服务器,还用于用所述密钥信息对所述eSIM数据进行加密;The server is further configured to encrypt the eSIM data by using the key information;
所述服务器,还用于将所述认证信息与所述密钥信息进行匹配;The server is further configured to match the authentication information with the key information;
所述服务器,还用于将所述eSIM数据中安全等级不大于所述认证请求请求认证的安全等级的服务作为目标eSIM数据。The server is further configured to use, as the target eSIM data, a service in the eSIM data whose security level is not greater than the security level of the authentication request request authentication.
从以上技术方案可以看出,本发明实施例具有以下优点:服务器接收来自第二移动终端的认证请求,其中,认证请求中包含嵌入式客户识别模块卡eSIM的标识信息以及认证信息;服务器确定上述认证请求请求认证的安全等级,若对上述认证信息认证通过,则获取目标eSIM数据,其中,目标eSIM数据包含与安全等级匹配的eSIM数据;服务器向第二移动终端发送上述目标eSIM数据。实施本发明实施例,第二移动终端仅需要在有网络的情况下即可使用主设备共享的目标eSIM数据,不需要随身携带主设备,降低了eSIM卡数据共享的局限性。As can be seen from the above technical solution, the embodiment of the present invention has the following advantages: the server receives the authentication request from the second mobile terminal, where the authentication request includes the identification information of the embedded customer identification module card eSIM and the authentication information; the server determines the above The authentication request requests the security level of the authentication. If the authentication information is authenticated, the target eSIM data is acquired, wherein the target eSIM data includes eSIM data that matches the security level; and the server sends the target eSIM data to the second mobile terminal. In the embodiment of the present invention, the second mobile terminal only needs to use the target eSIM data shared by the master device when there is a network, and does not need to carry the master device with the host device, thereby reducing the limitation of the eSIM card data sharing.
附图说明DRAWINGS
为了更清楚地说明本发明实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简要介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域的普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。 In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly described below. It is obvious that the drawings in the following description are only some embodiments of the present invention, Those skilled in the art can also obtain other drawings based on these drawings without paying for inventive labor.
图1是本发明实施例公开的一种eSIM卡数据共享网络构架示意图;1 is a schematic structural diagram of an eSIM card data sharing network disclosed in an embodiment of the present invention;
图2是本发明实施例公开的一种eSIM卡数据共享方法的流程示意图;2 is a schematic flowchart of a method for sharing data of an eSIM card according to an embodiment of the present invention;
图3是本发明实施例公开的另一种eSIM卡数据共享方法的流程示意图;FIG. 3 is a schematic flowchart diagram of another eSIM card data sharing method according to an embodiment of the present invention; FIG.
图4是本发明实施例公开的一种服务器的结构示意图;4 is a schematic structural diagram of a server according to an embodiment of the present invention;
图5是本发明实施例公开的另一种服务器的结构示意图;FIG. 5 is a schematic structural diagram of another server according to an embodiment of the present invention; FIG.
图6是本发明实施例公开的一种移动终端的结构示意图;FIG. 6 is a schematic structural diagram of a mobile terminal according to an embodiment of the present disclosure;
图7是本发明实施例公开的另一种移动终端的结构示意图;FIG. 7 is a schematic structural diagram of another mobile terminal according to an embodiment of the present disclosure;
图8是本发明实施例公开的一种eSIM卡数据共享系统的结构示意图。FIG. 8 is a schematic structural diagram of an eSIM card data sharing system according to an embodiment of the present invention.
具体实施方式detailed description
为了使本发明的目的、技术方案和优点更加清楚,下面将结合附图对本发明作进一步地详细描述,显然,所描述的实施例仅仅是本发明一部份实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其它实施例,都属于本发明保护的范围。The present invention will be further described in detail with reference to the accompanying drawings, in which . All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
本发明的说明书和权利要求书及上述附图中的术语“第一”和“第二”是用于区别不同对象,而非用于描述特定顺序。此外,术语“包括”以及它们任何变形,意图在于覆盖不排他的包含。例如包含了一系列步骤或单元的过程、方法、系统、产品或设备没有限定于已列出的步骤或单元,而是可选地还包括没有列出的步骤或单元,或可选地还包括对于这些过程、方法、产品或设备固有的其它步骤或单元。The terms "first" and "second" in the specification and claims of the present invention and the above drawings are used to distinguish different objects, and are not intended to describe a particular order. Moreover, the term "comprise" and any variants thereof are intended to cover a non-exclusive inclusion. For example, a process, method, system, product, or device that comprises a series of steps or units is not limited to the listed steps or units, but optionally also includes steps or units not listed, or alternatively Other steps or units inherent to these processes, methods, products or equipment.
本发明实施例提供了一种eSIM卡数据共享方法及相关设备、系统,不需要随身携带主设备即可实现eSIM卡数据共享,降低了eSIM卡数据共享的局限性。以下分别进行详细说明。The embodiment of the invention provides an eSIM card data sharing method and related device and system, which can realize eSIM card data sharing without carrying the host device, and reduces the limitation of the eSIM card data sharing. The details are described below separately.
为了更好理解本发明实施例公开的一种eSIM卡数据共享方法及相关设备、系统,下面先对本发明实施例适用的网络构架进行描述。请参阅图1,图1是本发明实施例公开的一种eSIM卡数据共享网络构架示意图。在图1所示的eSIM卡数据共享网络构架中,可以包括第一移动终端、服务器及第二移动终端,其中,第一移动终端可以通过互联网与服务器通信连接,第二移动终端也可以通过互联网与服务器通信连接。需要说明的是,第一移动终端可以作为 主设备,安装有eSIM卡,作为数据共享源,第二移动终端中可以选择性地安装eSIM卡,第二移动终端是指区别于第一移动终端的其他移动终端,第二移动终端的数量可以是一个或一个以上,特别地,当第二移动终端的数量是一个以上时,所有的第二移动终端的类型可以相同,也可以不相同,本发明实施例不作限定。在图1所示的eSIM卡数据共享网络构架中,第一移动终端可以先从服务器中激活自身的eSIM卡,从服务器中获取eSIM数据,在此基础上,设置eSIM数据中各项服务的安全等级以及密钥信息并发送给服务器,服务器存储该设置信息,并对eSIM数据进行加密,进一步地,第二移动终端向服务器发送认证请求,服务器响应该认证请求,确定该认证请求请求认证的安全等级,在认证通过的情况下,将eSIM数据中安全等级不大于上述认证请求请求认证的安全等级的服务作为目标eSIM数据,并发送给第二移动终端。通过实施图1所示的eSIM卡数据共享网络构架,仅需要第一移动终端预先将eSIM数据中各项服务的安全等级以及密钥信息保存至服务器,其余的第二移动终端就可以通过向服务器发送验证请求得到上述eSIM数据中共享的目标eSIM数据,不需要随身携带第一移动终端,降低了eSIM卡数据共享的局限性。In order to better understand an eSIM card data sharing method and related devices and systems disclosed in the embodiments of the present invention, a network architecture to which the embodiments of the present invention are applied will be described below. Please refer to FIG. 1. FIG. 1 is a schematic structural diagram of an eSIM card data sharing network according to an embodiment of the present invention. In the eSIM card data sharing network architecture shown in FIG. 1, the first mobile terminal, the server, and the second mobile terminal may be included, where the first mobile terminal may communicate with the server through the Internet, and the second mobile terminal may also use the Internet. Communicate with the server. It should be noted that the first mobile terminal can be used as The master device is installed with an eSIM card as a data sharing source. The second mobile terminal can selectively install an eSIM card. The second mobile terminal refers to another mobile terminal that is different from the first mobile terminal. The number of the second mobile terminal can be When the number of the second mobile terminals is one or more, the types of the second mobile terminals may be the same or different, which is not limited in the embodiment of the present invention. In the eSIM card data sharing network architecture shown in FIG. 1, the first mobile terminal may first activate its own eSIM card from the server, obtain eSIM data from the server, and set the security of each service in the eSIM data. The level and the key information are sent to the server, the server stores the setting information, and encrypts the eSIM data. Further, the second mobile terminal sends an authentication request to the server, and the server responds to the authentication request to determine the security of the authentication request request authentication. The level, in the case that the authentication is passed, the service in the eSIM data whose security level is not greater than the security level of the authentication request request authentication is used as the target eSIM data, and is sent to the second mobile terminal. By implementing the eSIM card data sharing network architecture shown in FIG. 1, only the first mobile terminal needs to save the security level and key information of each service in the eSIM data to the server in advance, and the remaining second mobile terminals can pass to the server. The sending verification request obtains the target eSIM data shared in the eSIM data, and does not need to carry the first mobile terminal with the user, which reduces the limitation of the eSIM card data sharing.
基于图1所示的eSIM卡数据共享网络构架,本发明实施例公开了一种eSIM卡数据共享方法。请参阅图2,图2是本发明实施例公开的一种eSIM卡数据共享方法的流程示意图。如图2所示,该eSIM卡数据共享方法可以包括以下步骤:Based on the eSIM card data sharing network architecture shown in FIG. 1, an embodiment of the present invention discloses an eSIM card data sharing method. Please refer to FIG. 2. FIG. 2 is a schematic flowchart diagram of a method for sharing data of an eSIM card according to an embodiment of the present invention. As shown in FIG. 2, the eSIM card data sharing method may include the following steps:
201、服务器接收来自第二移动终端的认证请求,该认证请求中包含嵌入式客户识别模块卡eSIM的标识信息以及认证信息;201. The server receives an authentication request from the second mobile terminal, where the authentication request includes the identifier information of the embedded client identification module card eSIM and the authentication information.
本发明实施例中,第二移动终端可以包括运行Android操作系统、iOS操作系统、Windows操作系统或其他操作系统的移动终端,例如移动电话、移动电脑、平板电脑、个人数字助理(Personal Digital Assistant,PDA)、智能手表、智能眼镜、智能手环等移动终端,在第二移动终端中可以选择性地安装eSIM卡。In the embodiment of the present invention, the second mobile terminal may include a mobile terminal running an Android operating system, an iOS operating system, a Windows operating system, or other operating systems, such as a mobile phone, a mobile computer, a tablet, and a personal digital assistant (Personal Digital Assistant, A mobile terminal such as a PDA), a smart watch, smart glasses, a smart bracelet, or the like, and an eSIM card can be selectively installed in the second mobile terminal.
本发明实施例中,服务器中预先保存有经过加密后的eSIM数据,并且为eSIM数据中的各项服务设置有安全等级,该安全等级可以相同也可以不同,例如,可以设置数据服务的安全等级为一级,语音通话服务的安全等级为二级,短信服务的安全等级为三级,并且等级越高,权限越大。 In the embodiment of the present invention, the encrypted eSIM data is pre-stored in the server, and the security level is set for each service in the eSIM data, and the security level may be the same or different. For example, the security level of the data service may be set. For the first level, the security level of the voice call service is two, and the security level of the short message service is three, and the higher the level, the greater the authority.
本发明实施例中,在使用eSIM卡数据共享功能时,服务器接收第二移动终端的认证请求,例如,在第二移动终端中选择开启eSIM卡共享选项,此时可以列举出可以供选择的eSIM卡,用户选择需要的eSIM卡之后,即向服务器发送认证请求,该认证请求中包含eSIM卡的标识信息以及认证信息。其中,eSIM卡的标识信息是指可以让服务器唯一识别该eSIM卡的数字序列、二维码、字符序列等,与eSIM卡的标识信息对应的认证信息可以是数字密码、图形密码、指纹信息、虹膜信息等一种或多种组合,本发明实施例均不作具体限定。In the embodiment of the present invention, when the eSIM card data sharing function is used, the server receives the authentication request of the second mobile terminal, for example, selecting the eSIM card sharing option to be enabled in the second mobile terminal, and the eSIM that can be selected may be listed at this time. After the user selects the required eSIM card, the user sends an authentication request to the server, where the authentication request includes the identifier information of the eSIM card and the authentication information. The identifier information of the eSIM card refers to a digital sequence, a two-dimensional code, a character sequence, and the like that can be uniquely identified by the server. The authentication information corresponding to the identifier information of the eSIM card may be a digital password, a graphic password, or a fingerprint information. One or more combinations of iris information and the like are not specifically limited in the embodiments of the present invention.
202、服务器确定上述认证请求请求认证的安全等级,若对上述认证信息认证通过,则获取目标eSIM数据,该目标eSIM数据包含与安全等级匹配的eSIM数据;The server determines the security level of the authentication request request authentication, and if the authentication information is authenticated, the target eSIM data is obtained, where the target eSIM data includes eSIM data that matches the security level;
本发明实施例中,服务器接收到认证请求之后,对上述认证信息进行匹配,并确定上述认证请求请求认证的安全等级,在认证信息匹配通过之后,获取目标eSIM数据。例如,若认证请求请求认证的安全等级为二级,则服务器将eSIM数据中安全等级为一级和二级的数据服务和语音通话服务作为目标eSIM数据。进一步地,可以通过不同的认证等级获取不同的目标eSIM数据。In the embodiment of the present invention, after receiving the authentication request, the server matches the authentication information, and determines the security level of the authentication request request authentication, and obtains the target eSIM data after the authentication information matches. For example, if the security level of the authentication request request authentication is two-level, the server uses the data service and the voice call service with the security level of the primary and secondary levels in the eSIM data as the target eSIM data. Further, different target eSIM data can be obtained through different authentication levels.
203、服务器向第二移动终端发送上述目标eSIM数据。203. The server sends the target eSIM data to the second mobile terminal.
通过步骤202服务器获取目标eSIM数据之后,向第二移动终端发送该目标eSIM数据,第二移动终端接收到上述目标eSIM数据之后即可使用相应的服务。After the target eSIM data is acquired by the server in step 202, the target eSIM data is sent to the second mobile terminal, and the second mobile terminal can use the corresponding service after receiving the target eSIM data.
在图2所描述的方法中,不需要随身携带主设备即可实现eSIM卡数据共享,降低了eSIM卡数据共享的局限性。In the method described in FIG. 2, the eSIM card data sharing can be implemented without carrying the host device, and the limitation of the eSIM card data sharing is reduced.
基于图1所示的eSIM卡数据共享网络构架,本发明实施例公开了另一种eSIM卡数据共享方法。请参阅图3,图3是本发明实施例公开的另一种eSIM卡数据共享方法的流程示意图。如图3所示,该eSIM卡数据共享方法可以包括以下步骤:Based on the eSIM card data sharing network architecture shown in FIG. 1, the embodiment of the present invention discloses another eSIM card data sharing method. Please refer to FIG. 3. FIG. 3 is a schematic flowchart diagram of another eSIM card data sharing method according to an embodiment of the present invention. As shown in FIG. 3, the eSIM card data sharing method may include the following steps:
301、第一移动终端向服务器发送eSIM卡激活请求;301. The first mobile terminal sends an eSIM card activation request to the server.
本发明实施例中,第一移动终端可以包括运行Android操作系统、iOS操作系统、Windows操作系统或其他操作系统的移动终端,例如移动电话、移动电脑、平板电脑、个人数字助理(Personal Digital Assistant,PDA)、智能手表、智能眼镜、智能手环等移动终端,在第一移动终端中安装有eSIM卡。 In the embodiment of the present invention, the first mobile terminal may include a mobile terminal running an Android operating system, an iOS operating system, a Windows operating system, or other operating systems, such as a mobile phone, a mobile computer, a tablet, and a personal digital assistant (Personal Digital Assistant, A mobile terminal such as a PDA), a smart watch, a smart glasses, a smart bracelet, and the like, and an eSIM card is installed in the first mobile terminal.
本发明实施例中,第一移动终端可以选择自己的运营商网络,并向对应的运营商服务器发送eSIM卡激活请求,该eSIM卡激活请求中携带用户身份标识(如身份证号等)以及选择的套餐服务。In the embodiment of the present invention, the first mobile terminal may select its own carrier network, and send an eSIM card activation request to the corresponding operator server, where the eSIM card activation request carries the user identity identifier (such as an ID number, etc.) and the selection Package service.
302、服务器响应上述eSIM卡激活请求,获取与该eSIM卡激活请求对应的eSIM数据;302. The server obtains eSIM data corresponding to the eSIM card activation request in response to the foregoing eSIM card activation request.
服务器接收到上述eSIM卡激活请求后,响应该eSIM卡激活请求,获取与该eSIM卡激活请求对应的eSIM数据(即eSIM卡激活请求中携带的套餐服务),并为该eSIM卡设置一个对应的标识信息,该标识信息可以是该eSIM卡的数字序列、二维码、字符序列等。After receiving the eSIM card activation request, the server obtains eSIM data corresponding to the eSIM card activation request (ie, the package service carried in the eSIM card activation request), and sets a corresponding one for the eSIM card. Identification information, which may be a digital sequence, a two-dimensional code, a sequence of characters, and the like of the eSIM card.
303、服务器向第一移动终端发送该eSIM数据;303. The server sends the eSIM data to the first mobile terminal.
304、第一移动终端向服务器发送上述eSIM数据中各项服务的安全等级以及密钥信息;304. The first mobile terminal sends, to the server, a security level and key information of each service in the eSIM data.
通过步骤303第一移动终端接收到服务器发送的eSIM数据之后,用户可以获取第一移动终端的最高用户权限,从而可以修改第一移动终端中的系统信息,可以为eSIM数据中的各项服务设置安全等级,例如,可以设置数据服务的安全等级为一级,语音通话服务的安全等级为二级,短信服务的安全等级为三级,并且等级越高,权限越大,同时可以设置密钥信息,该密钥信息可以是数字密码、图形密码、指纹信息、虹膜信息等一种或多种组合,本发明实施例均不作具体限定。After the first mobile terminal receives the eSIM data sent by the server, the user can obtain the highest user right of the first mobile terminal, so that the system information in the first mobile terminal can be modified, and the service settings in the eSIM data can be set. The security level, for example, can set the security level of the data service to one level, the security level of the voice call service to two levels, the security level of the short message service to three levels, and the higher the level, the greater the authority, and the key information can be set at the same time. The key information may be one or more combinations of a digital password, a graphic password, a fingerprint information, an iris information, and the like, which are not specifically limited in the embodiments of the present invention.
305、服务器接收上述eSIM数据中各项服务的安全等级以及密钥信息,并用该密钥信息对上述eSIM数据进行加密;305. The server receives the security level and key information of each service in the eSIM data, and encrypts the eSIM data by using the key information.
通过步骤304服务器接收上述eSIM数据中各项服务的安全等级以及密钥信息之后,用该密钥信息对上述eSIM数据进行加密。After receiving the security level and key information of each service in the eSIM data by the server in step 304, the eSIM data is encrypted by using the key information.
306、第二移动终端向服务器发送认证请求,该认证请求中包含eSIM卡的标识信息以及认证信息;306. The second mobile terminal sends an authentication request to the server, where the authentication request includes the identifier information of the eSIM card and the authentication information.
307、服务器将上述认证信息与密钥信息进行匹配;307. The server matches the foregoing authentication information with the key information.
308、若匹配未通过,服务器向第二移动终端发送认证失败消息;308. If the matching fails, the server sends an authentication failure message to the second mobile terminal.
309、若匹配通过,服务器确定上述认证请求请求认证的安全等级;309. If the matching is passed, the server determines the security level of the authentication request request authentication.
310、服务器将eSIM数据中安全等级不大于上述认证请求请求认证的安全等级的服务作为目标eSIM数据; 310. The server uses, as the target eSIM data, a service in the eSIM data whose security level is not greater than the security level of the authentication request request authentication.
311、服务器向第二移动终端发送该目标eSIM数据。311. The server sends the target eSIM data to the second mobile terminal.
通过步骤306服务器接收到第二移动终端发送的认证请求后,将上述认证信息与上述密钥信息进行匹配,若匹配未通过,则向第二移动终端发送认证失败信息,提示重新输入认证信息,若匹配通过,则确定上述认证请求请求认证的安全等级,并将eSIM数据中安全等级不大于上述认证请求请求认证的安全等级的服务作为目标eSIM数据,例如,若认证请求请求认证的安全等级为二级,则服务器将eSIM数据中安全等级为一级和二级的数据服务和语音通话服务作为目标eSIM数据,并向第二移动终端发送该目标eSIM数据。After receiving the authentication request sent by the second mobile terminal, the server matches the authentication information with the key information, and if the matching fails, sends an authentication failure message to the second mobile terminal, prompting to re-enter the authentication information. If the matching is passed, determining that the authentication request requesting the security level of the authentication, and the service in the eSIM data whose security level is not greater than the security level of the authentication request request authentication is used as the target eSIM data, for example, if the authentication request requesting the authentication security level is In the second level, the server uses the data service and the voice call service with the security level of the primary and secondary levels in the eSIM data as the target eSIM data, and sends the target eSIM data to the second mobile terminal.
作为一种可选的实施方式,在不需要使用共享服务时,第二移动终端可以向服务器发送注销指令,从而服务器可以响应该注销指令,注销第二移动终端中共享的目标eSIM数据。As an optional implementation manner, when the shared service is not needed, the second mobile terminal may send a logout instruction to the server, so that the server may log out the target eSIM data shared by the second mobile terminal in response to the logout instruction.
在图3所描述的方法中,第二移动终端仅需要在有网络的情况下即可使用第一移动终端共享的目标eSIM数据,不需要随身携带第一移动终端,降低了eSIM卡数据共享的局限性。In the method described in FIG. 3, the second mobile terminal only needs to use the target eSIM data shared by the first mobile terminal when there is a network, and does not need to carry the first mobile terminal with the mobile terminal, thereby reducing the data sharing of the eSIM card. limitation.
本发明实施例还提供了一种服务器,如图4所示,包括:The embodiment of the invention further provides a server, as shown in FIG. 4, comprising:
第一接收单元401,用于接收来自第二移动终端的认证请求,其中,上述认证请求中包含eSIM卡的标识信息以及认证信息;The first receiving unit 401 is configured to receive an authentication request from the second mobile terminal, where the authentication request includes the identifier information of the eSIM card and the authentication information;
确定单元402,用于确定上述认证请求请求认证的安全等级;a determining unit 402, configured to determine a security level of the foregoing authentication request requesting authentication;
第一获取单元403,用于在对上述认证信息认证通过时,获取目标eSIM数据,其中,上述目标eSIM数据包含与上述安全等级匹配的eSIM数据;The first obtaining unit 403 is configured to acquire target eSIM data when the authentication information is authenticated, wherein the target eSIM data includes eSIM data that matches the security level;
第一发送单元404,用于向第二移动终端发送上述目标eSIM数据。The first sending unit 404 is configured to send the target eSIM data to the second mobile terminal.
本发明实施例中,图4所示的服务器还可以包括:In the embodiment of the present invention, the server shown in FIG. 4 may further include:
第二接收单元405,用于接收第一移动终端发送的eSIM卡激活请求;a second receiving unit 405, configured to receive an eSIM card activation request sent by the first mobile terminal;
第二获取单元406,用于响应上述eSIM卡激活请求,获取与上述eSIM卡激活请求对应的eSIM数据;The second obtaining unit 406 is configured to obtain, according to the eSIM card activation request, the eSIM data corresponding to the eSIM card activation request.
第二发送单元407,用于向第一移动终端发送上述eSIM数据;a second sending unit 407, configured to send the foregoing eSIM data to the first mobile terminal;
第三接收单元408,用于接收第一移动终端发送的上述eSIM数据中各项服务的安全等级以及密钥信息;The third receiving unit 408 is configured to receive a security level and key information of each service in the eSIM data sent by the first mobile terminal;
加密单元409,用于用上述密钥信息对eSIM数据进行加密;The encryption unit 409 is configured to encrypt the eSIM data by using the key information.
匹配单元410,用于将上述认证信息与密钥信息进行匹配; The matching unit 410 is configured to match the foregoing authentication information with the key information.
目标数据生成单元411,用于将上述eSIM数据中安全等级不大于认证请求请求认证的安全等级的服务作为目标eSIM数据;The target data generating unit 411 is configured to use, as the target eSIM data, a service in which the security level of the eSIM data is not greater than the security level of the authentication request request authentication.
本发明实施例中,首先通过第二接收单元405接收第一移动终端发送的eSIM卡激活请求,通过第二获取单元406响应上述eSIM卡激活请求,获取与上述eSIM卡激活请求对应的eSIM数据,通过第二发送单元407向第一移动终端发送上述eSIM数据,由第一移动终端对上述eSIM数据中的各项服务的安全等级进行设置,然后通过第三接收单元408接收第一移动终端发送的上述eSIM数据中各项服务的安全等级以及密钥信息,并通过加密单元409用上述密钥信息对eSIM数据进行加密,进一步地,服务器通过第一接收单元401接收来自第二移动终端的认证请求,并通过匹配单元410将上述认证信息与密钥信息进行匹配,通过确定单元402确定上述认证请求请求认证的安全等级,在对上述认证信息匹配成功后,通过目标数据生成单元411将上述eSIM数据中安全等级不大于认证请求请求认证的安全等级的服务作为目标eSIM数据,并通过第一获取单元403获取该目标eSIM数据,然后通过第一发送单元404向第二移动终端发送上述目标eSIM数据。In the embodiment of the present invention, the eSIM card activation request sent by the first mobile terminal is first received by the second receiving unit 405, and the eSIM data corresponding to the eSIM card activation request is obtained by the second obtaining unit 406 in response to the eSIM card activation request. The foregoing eSIM data is sent to the first mobile terminal by the second sending unit 407, and the security level of each service in the eSIM data is set by the first mobile terminal, and then received by the first mobile terminal by the third receiving unit 408. The security level and key information of each service in the eSIM data, and the eSIM data is encrypted by the encryption unit 409 by using the key information, and further, the server receives the authentication request from the second mobile terminal through the first receiving unit 401. And the matching information is matched with the key information by the matching unit 410, and the determining unit 402 determines the security level of the authentication request requesting the authentication. After the matching of the authentication information is successful, the eSIM data is obtained by the target data generating unit 411. The security level is not greater than the security of the authentication request request authentication, etc. ESIM service as the target data, and acquires the target data by the first eSIM acquisition unit 403, and then transmits the data to the second target eSIM mobile terminal 404 through the first transmitting unit.
本发明实施例中,各功能单元的具体实现方式可以参考方法实施例中的描述,本发明实施例将不作复述。In the embodiment of the present invention, the specific implementation manners of the functional units may be referred to the description in the method embodiments, and the embodiments of the present invention will not be repeated.
进一步地,如图5所示,图5是本发明实施例公开的另一种服务器的结构示意图。如图5所示,该服务器可以包括:至少一个处理器501,例如CPU,至少一个网络接口502,用户接口503,存储器504、数据库单元505,至少一个通信总线506。其中,通信总线506用于实现这些组件之间的连接通信。用户接口503可以包括显示屏(Display)、键盘(Keyboard)等。存储器504可以是高速RAM存储器,也可以是非不稳定的存储器(non-volatile memory),例如至少一个磁盘存储器。存储器504可选的还可以是至少一个位于远离前述处理器501的存储装置。如图5所示,作为一种计算机存储介质的存储器504中可以包括操作系统、网络通信模块、用户接口模块以及eSIM卡数据共享程序。Further, as shown in FIG. 5, FIG. 5 is a schematic structural diagram of another server according to an embodiment of the present invention. As shown in FIG. 5, the server may include at least one processor 501, such as a CPU, at least one network interface 502, a user interface 503, a memory 504, a database unit 505, and at least one communication bus 506. Among them, the communication bus 506 is used to implement connection communication between these components. User interface 503 can include a display, a keyboard, and the like. The memory 504 may be a high speed RAM memory or a non-volatile memory such as at least one disk memory. The memory 504 can optionally also be at least one storage device located remotely from the aforementioned processor 501. As shown in FIG. 5, a memory 504 as a computer storage medium may include an operating system, a network communication module, a user interface module, and an eSIM card data sharing program.
在图5所示的服务器中,网络接口502主要用于连接移动终端进行数据通信,而处理器501可以用于调用存储器504中存储的eSIM卡数据共享程序,并执行以下操作: In the server shown in FIG. 5, the network interface 502 is mainly used to connect the mobile terminal for data communication, and the processor 501 can be used to call the eSIM card data sharing program stored in the memory 504, and perform the following operations:
通过网络接口502接收第一移动终端发送的eSIM卡激活请求;Receiving, by using the network interface 502, an eSIM card activation request sent by the first mobile terminal;
响应上述eSIM卡激活请求,获取与上述eSIM卡激活请求对应的eSIM数据,并通过网络接口502向第一移动终端发送上述eSIM数据;Responding to the eSIM card activation request, acquiring eSIM data corresponding to the eSIM card activation request, and transmitting the eSIM data to the first mobile terminal through the network interface 502;
通过网络接口502接收第一移动终端发送的上述eSIM数据中各项服务的安全等级以及密钥信息;Receiving, by the network interface 502, a security level and key information of each service in the foregoing eSIM data sent by the first mobile terminal;
用上述密钥信息对eSIM数据进行加密;Encrypting the eSIM data with the above key information;
通过网络接口502接收来自第二移动终端的认证请求,其中,上述认证请求中包含eSIM卡的标识信息以及认证信息;Receiving, by the network interface 502, an authentication request from the second mobile terminal, where the authentication request includes the identifier information of the eSIM card and the authentication information;
将上述认证信息与密钥信息进行匹配,确定上述认证请求请求认证的安全等级;Matching the foregoing authentication information with the key information to determine a security level of the authentication request requesting the authentication;
在匹配通过之后,将上述eSIM数据中安全等级不大于认证请求请求认证的安全等级的服务作为目标eSIM数据;After the matching is passed, the service in the eSIM data whose security level is not greater than the security level of the authentication request request authentication is used as the target eSIM data;
通过网络接口502向第二移动终端发送上述目标eSIM数据。The target eSIM data is transmitted to the second mobile terminal through the network interface 502.
需要说明的是,图5所示的服务器仅仅标示了服务器中用于执行本发明实施例公开的eSIM卡数据共享方法所需的组件,对于服务器能够具备的其他组件本发明实施例不作标示,因为这不影响本发明实施例的实现。It should be noted that the server shown in FIG. 5 only indicates the components required in the server for performing the eSIM card data sharing method disclosed in the embodiment of the present invention, and other components that the server can have are not marked in the embodiment of the present invention because This does not affect the implementation of embodiments of the invention.
本发明实施例还提供了一种移动终端,如图6所示,包括:The embodiment of the invention further provides a mobile terminal, as shown in FIG. 6, comprising:
第一发送单元601,用于向服务器发送认证请求,由服务器确定上述认证请求请求认证的安全等级并在对上述认证信息认证通过后获取目标eSIM数据,其中,上述认证请求中包含eSIM卡的标识信息以及认证信息;The first sending unit 601 is configured to send an authentication request to the server, where the server determines the security level of the authentication request request authentication, and obtains the target eSIM data after the authentication information is authenticated, wherein the identifier includes the identifier of the eSIM card. Information and authentication information;
接收单元602,用于接收服务器发送的目标eSIM数据,其中,上述目标eSIM数据包含与安全等级匹配的eSIM数据。The receiving unit 602 is configured to receive target eSIM data sent by the server, where the target eSIM data includes eSIM data that matches the security level.
进一步地,如图7所示,图7是本发明实施例公开的另一种移动终端的结构示意图。如图7所示,该移动终端可以包括:至少一个处理器701,例如CPU,至少一个网络接口702,用户接口703,存储器704、数据库单元705、至少一个通信总线706。其中,通信总线706用于实现这些组件之间的连接通信,用户接口703可以包括显示屏(Display)、键盘(Keyboard)等。存储器704可以是高速RAM存储器,也可以是非不稳定的存储器(non-volatile memory),例如至少一个磁盘存储器。存储器704可选的还可以是至少一个位于远离前述处理器701的存储装置。如图7所示,作为一种计算机存储介质的存储器704 中可以包括操作系统、网络通信模块、用户接口模块以及eSIM卡数据共享程序。Further, as shown in FIG. 7, FIG. 7 is a schematic structural diagram of another mobile terminal according to an embodiment of the present invention. As shown in FIG. 7, the mobile terminal can include at least one processor 701, such as a CPU, at least one network interface 702, a user interface 703, a memory 704, a database unit 705, and at least one communication bus 706. The communication bus 706 is used to implement connection communication between these components, and the user interface 703 may include a display, a keyboard, and the like. The memory 704 may be a high speed RAM memory or a non-volatile memory such as at least one disk memory. The memory 704 can optionally also be at least one storage device located remotely from the aforementioned processor 701. As shown in FIG. 7, a memory 704 as a computer storage medium The operating system, the network communication module, the user interface module, and the eSIM card data sharing program may be included.
在图7所示的移动终端中,网络接口702主要用于连接服务器进行数据通信;而处理器701可以用于调用存储器704中存储的eSIM卡数据共享程序,并执行以下操作:In the mobile terminal shown in FIG. 7, the network interface 702 is mainly used to connect to the server for data communication; and the processor 701 can be used to call the eSIM card data sharing program stored in the memory 704, and perform the following operations:
通过网络接口702向服务器发送认证请求,由服务器确定上述认证请求请求认证的安全等级并在对上述认证信息认证通过后获取目标eSIM数据,其中,上述认证请求中包含eSIM卡的标识信息以及认证信息;Sending an authentication request to the server through the network interface 702, the server determines the security level of the authentication request request authentication, and obtains the target eSIM data after the authentication information is authenticated, wherein the authentication request includes the identifier information and the authentication information of the eSIM card. ;
通过网络接口702接收服务器发送的目标eSIM数据,其中,上述目标eSIM数据包含与安全等级匹配的eSIM数据。The target eSIM data transmitted by the server is received through the network interface 702, wherein the target eSIM data includes eSIM data that matches the security level.
需要说明的是,图7所示的移动终端仅仅标示了移动终端中用于执行本发明实施例公开的eSIM卡数据共享方法所需的组件,对于移动终端能够具备的其他组件本发明实施例不作标示,因为这不影响本发明实施例的实现。It should be noted that the mobile terminal shown in FIG. 7 only indicates components required for performing the eSIM card data sharing method disclosed in the embodiment of the present invention, and other components that can be provided by the mobile terminal are not used in the embodiments of the present invention. Indicated as this does not affect the implementation of embodiments of the present invention.
基于图1所示的eSIM卡数据共享网络构架,本发明实施例公开了一种eSIM卡数据共享系统。请参阅图8,图8是本发明实施例公开的一种eSIM卡数据共享系统的结构示意图。如图8所示,该eSIM卡数据共享系统可以包括第一移动终端801、第二移动终端802以及服务器803,其中,第一移动终端801、第二移动终端802分别通过互联网与服务器803通信连接,其中:Based on the eSIM card data sharing network architecture shown in FIG. 1, an embodiment of the present invention discloses an eSIM card data sharing system. Please refer to FIG. 8. FIG. 8 is a schematic structural diagram of an eSIM card data sharing system according to an embodiment of the present invention. As shown in FIG. 8, the eSIM card data sharing system may include a first mobile terminal 801, a second mobile terminal 802, and a server 803, wherein the first mobile terminal 801 and the second mobile terminal 802 are respectively connected to the server 803 via the Internet. ,among them:
第一移动终端801,用于向服务器803发送eSIM卡激活请求;The first mobile terminal 801 is configured to send an eSIM card activation request to the server 803.
服务器803,用于响应上述eSIM卡激活请求,获取与上述eSIM卡激活请求对应的eSIM数据,并向第一移动终端801发送该eSIM数据;The server 803 is configured to obtain, according to the eSIM card activation request, the eSIM data corresponding to the eSIM card activation request, and send the eSIM data to the first mobile terminal 801;
第一移动终端801,还用于向服务器803发送上述eSIM数据中各项服务的安全等级以及密钥信息;The first mobile terminal 801 is further configured to send, to the server 803, a security level and key information of each service in the eSIM data.
第二移动终端802,用于向服务器803发送认证请求,上述认证请求中包含eSIM卡的标识信息以及认证信息;The second mobile terminal 802 is configured to send an authentication request to the server 803, where the authentication request includes the identifier information of the eSIM card and the authentication information;
服务器803,还用于确定上述认证请求请求认证的安全等级,若对上述认证信息认证通过,则获取目标eSIM数据,其中,该目标eSIM数据包含与上述安全等级匹配的eSIM数据;The server 803 is further configured to determine a security level of the authentication request request authentication, and if the authentication information is authenticated, acquire target eSIM data, where the target eSIM data includes eSIM data that matches the security level;
服务器803,还用于向第二移动终端802发送上述目标eSIM数据。The server 803 is further configured to send the target eSIM data to the second mobile terminal 802.
本发明实施例中,在第一移动终端801向服务器803发送上述eSIM数据 中各项服务的安全等级以及密钥信息之后,服务器803,还用于用上述密钥信息对上述eSIM数据进行加密;In the embodiment of the present invention, the eSIM data is sent to the server 803 at the first mobile terminal 801. After the security level of each service and the key information, the server 803 is further configured to encrypt the eSIM data by using the key information;
服务器803,还用于将上述认证信息与密钥信息进行匹配;The server 803 is further configured to match the foregoing authentication information with the key information.
服务器803,还用于将上述eSIM数据中安全等级不大于认证请求请求认证的安全等级的服务作为目标eSIM数据。The server 803 is further configured to use, as the target eSIM data, a service in which the security level of the eSIM data is not greater than the security level of the authentication request request authentication.
值得注意的是,上述eSIM卡数据共享方法及相关设备、系统的实施例中,所包括的各个单元只是按照功能逻辑进行划分的,但并不局限于上述的划分,只要能够实现相应的功能即可;另外,各功能单元的具体名称也只是为了便于相互区分,并不用于限制本发明的保护范围。It should be noted that, in the foregoing eSIM card data sharing method and the related device and system embodiment, each unit included is only divided according to functional logic, but is not limited to the above division, as long as the corresponding function can be implemented. In addition, the specific names of the respective functional units are only for convenience of distinguishing from each other, and are not intended to limit the scope of protection of the present invention.
在上述实施例中,对各个实施例的描述都各有侧重,某个实施例中没有详述的部分,可以参见其他实施例的相关描述。In the above embodiments, the descriptions of the various embodiments are different, and the details that are not detailed in a certain embodiment can be referred to the related descriptions of other embodiments.
另外,本领域普通技术人员可以理解实现上述各方法实施例中的全部或部分步骤是可以通过程序来指令相关的硬件完成,相应的程序可以存储于一种计算机可读存储介质中,上述提到的存储介质可以是闪存盘、只读存储器(Read-Only Memory,ROM)、随机存取器(Random Access Memory,RAM)、磁盘或光盘等各种可以存储程序代码的介质。In addition, those skilled in the art can understand that all or part of the steps in implementing the foregoing method embodiments may be performed by a program to instruct related hardware, and the corresponding program may be stored in a computer readable storage medium. The storage medium may be a flash memory disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like, which can store program code.
以上仅为本发明较佳的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明实施例揭露的技术范围内,可轻易想到的变化或替换,都应涵盖在本发明的保护范围之内。因此,本发明的保护范围应该以权利要求的保护范围为准。 The above is only a preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily think of changes or replacements within the technical scope disclosed by the embodiments of the present invention. All should be covered by the scope of the present invention. Therefore, the scope of protection of the present invention should be determined by the scope of the claims.

Claims (12)

  1. 一种eSIM卡数据共享方法,其特征在于,包括:An eSIM card data sharing method, comprising:
    服务器接收来自第二移动终端的认证请求,所述认证请求中包含嵌入式客户识别模块卡eSIM的标识信息以及认证信息;The server receives an authentication request from the second mobile terminal, where the authentication request includes the identification information of the embedded customer identification module card eSIM and the authentication information;
    所述服务器确定所述认证请求请求认证的安全等级,若对所述认证信息认证通过,则获取目标eSIM数据,所述目标eSIM数据包含与所述安全等级匹配的eSIM数据;Determining, by the server, the security level of the authentication request requesting authentication, and if the authentication information is authenticated, acquiring target eSIM data, where the target eSIM data includes eSIM data that matches the security level;
    所述服务器向所述第二移动终端发送所述目标eSIM数据。The server transmits the target eSIM data to the second mobile terminal.
  2. 根据权利要求1所述方法,其特征在于,所述目标eSIM数据由第一移动终端所共享;The method of claim 1 wherein said target eSIM data is shared by a first mobile terminal;
    所述服务器接收来自第二移动终端的认证请求之前,所述方法还包括:Before the server receives the authentication request from the second mobile terminal, the method further includes:
    所述服务器接收第一移动终端发送的eSIM卡激活请求;Receiving, by the server, an eSIM card activation request sent by the first mobile terminal;
    所述服务器响应所述eSIM卡激活请求,获取与所述eSIM卡激活请求对应的eSIM数据,并向所述第一移动终端发送所述eSIM数据。The server, in response to the eSIM card activation request, acquires eSIM data corresponding to the eSIM card activation request, and sends the eSIM data to the first mobile terminal.
  3. 根据权利要求2所述方法,其特征在于,所述向所述第一移动终端发送所述eSIM数据之后,所述方法还包括:The method according to claim 2, wherein after the sending the eSIM data to the first mobile terminal, the method further comprises:
    所述服务器接收所述第一移动终端发送的所述eSIM数据中各项服务的安全等级以及密钥信息,并用所述密钥信息对所述eSIM数据进行加密。The server receives the security level and key information of each service in the eSIM data sent by the first mobile terminal, and encrypts the eSIM data by using the key information.
  4. 根据权利要求3所述方法,其特征在于,所述服务器确定所述认证请求请求认证的安全等级之前,所述方法还包括:The method according to claim 3, wherein the method further comprises: before the server determines the security level of the authentication request for authentication, the method further comprises:
    所述服务器将所述认证信息与所述密钥信息进行匹配;The server matches the authentication information with the key information;
    所述对所述认证信息认证通过之后,所述方法还包括:After the authentication information is authenticated, the method further includes:
    所述服务器将所述eSIM数据中安全等级不大于所述认证请求请求认证的安全等级的服务作为目标eSIM数据。The server uses, as the target eSIM data, a service in the eSIM data whose security level is not greater than the security level of the authentication request request authentication.
  5. 一种eSIM卡数据共享方法,其特征在于,包括:An eSIM card data sharing method, comprising:
    第二移动终端向服务器发送认证请求,由所述服务器确定所述认证请求请求认证的安全等级并在对所述认证信息认证通过后获取目标eSIM数据,其中,所述认证请求中包含嵌入式客户识别模块卡eSIM的标识信息以及认证信息;The second mobile terminal sends an authentication request to the server, where the server determines that the authentication request requests the security level of the authentication, and obtains the target eSIM data after the authentication information is authenticated, wherein the authentication request includes the embedded client. Identifying the identification information of the module card eSIM and the authentication information;
    所述第二移动终端接收所述服务器发送的目标eSIM数据,其中,所述目 标eSIM数据包含与所述安全等级匹配的eSIM数据。Receiving, by the second mobile terminal, target eSIM data sent by the server, where the target The target eSIM data contains eSIM data that matches the security level.
  6. 一种服务器,其特征在于,包括:A server, comprising:
    第一接收单元,用于接收来自第二移动终端的认证请求,所述认证请求中包含嵌入式客户识别模块卡eSIM的标识信息以及认证信息;a first receiving unit, configured to receive an authentication request from the second mobile terminal, where the authentication request includes the identification information of the embedded customer identification module card eSIM and the authentication information;
    确定单元,用于确定所述认证请求请求认证的安全等级;a determining unit, configured to determine a security level of the authentication request requesting authentication;
    第一获取单元,用于在对所述认证信息认证通过时,获取目标eSIM数据,所述目标eSIM数据包含与所述安全等级匹配的eSIM数据;a first acquiring unit, configured to acquire target eSIM data when the authentication information is authenticated, where the target eSIM data includes eSIM data that matches the security level;
    第一发送单元,用于向所述第二移动终端发送所述目标eSIM数据。a first sending unit, configured to send the target eSIM data to the second mobile terminal.
  7. 根据权利要求6所述服务器,其特征在于,所述目标eSIM数据由第一移动终端所共享;The server according to claim 6, wherein said target eSIM data is shared by said first mobile terminal;
    所述服务器还包括:The server further includes:
    第二接收单元,用于接收第一移动终端发送的eSIM卡激活请求;a second receiving unit, configured to receive an eSIM card activation request sent by the first mobile terminal;
    第二获取单元,用于响应所述eSIM卡激活请求,获取与所述eSIM卡激活请求对应的eSIM数据;a second acquiring unit, configured to obtain eSIM data corresponding to the eSIM card activation request in response to the eSIM card activation request;
    第二发送单元,用于向所述第一移动终端发送所述eSIM数据。a second sending unit, configured to send the eSIM data to the first mobile terminal.
  8. 根据权利要求7所述服务器,其特征在于,所述服务器还包括:The server according to claim 7, wherein the server further comprises:
    第三接收单元,用于接收所述第一移动终端发送的所述eSIM数据中各项服务的安全等级以及密钥信息;a third receiving unit, configured to receive a security level and key information of each service in the eSIM data sent by the first mobile terminal;
    加密单元,用于用所述密钥信息对所述eSIM数据进行加密。And an encryption unit, configured to encrypt the eSIM data by using the key information.
  9. 根据权利要求8所述服务器,其特征在于,所述服务器还包括:The server according to claim 8, wherein the server further comprises:
    匹配单元,用于将所述认证信息与所述密钥信息进行匹配;a matching unit, configured to match the authentication information with the key information;
    目标数据生成单元,用于将所述eSIM数据中安全等级不大于所述认证请求请求认证的安全等级的服务作为目标eSIM数据。The target data generating unit is configured to use, as the target eSIM data, a service in the eSIM data whose security level is not greater than the security level of the authentication request request authentication.
  10. 一种移动终端,其特征在于,包括:A mobile terminal, comprising:
    第一发送单元,用于向服务器发送认证请求,由所述服务器确定所述认证请求请求认证的安全等级并在对所述认证信息认证通过后获取目标eSIM数据,其中,所述认证请求中包含嵌入式客户识别模块卡eSIM的标识信息以及认证信息;a first sending unit, configured to send an authentication request to the server, where the server determines that the authentication request requests a security level of the authentication, and obtains target eSIM data after the authentication information is authenticated, wherein the authentication request includes The embedded customer identification module card eSIM identification information and authentication information;
    接收单元,用于接收所述服务器发送的目标eSIM数据,其中,所述目标eSIM数据包含与所述安全等级匹配的eSIM数据。 And a receiving unit, configured to receive target eSIM data sent by the server, where the target eSIM data includes eSIM data that matches the security level.
  11. 一种eSIM卡数据共享系统,其特征在于,包括第一移动终端、第二移动终端以及服务器,其中:An eSIM card data sharing system, comprising: a first mobile terminal, a second mobile terminal, and a server, wherein:
    所述第一移动终端,用于向所述服务器发送eSIM卡激活请求;The first mobile terminal is configured to send an eSIM card activation request to the server;
    所述服务器,用于响应所述eSIM卡激活请求,获取与所述eSIM卡激活请求对应的eSIM数据,并向所述第一移动终端发送所述eSIM数据;The server is configured to obtain, according to the eSIM card activation request, eSIM data corresponding to the eSIM card activation request, and send the eSIM data to the first mobile terminal;
    所述第一移动终端,还用于向所述服务器发送所述eSIM数据中各项服务的安全等级以及密钥信息;The first mobile terminal is further configured to send, to the server, a security level and key information of each service in the eSIM data;
    所述第二移动终端,用于向所述服务器发送认证请求,所述认证请求中包含嵌入式客户识别模块卡eSIM的标识信息以及认证信息;The second mobile terminal is configured to send an authentication request to the server, where the authentication request includes identifier information of the embedded client identification module card eSIM and authentication information;
    所述服务器,还用于确定所述认证请求请求认证的安全等级,若对所述认证信息认证通过,则获取目标eSIM数据,所述目标eSIM数据包含与所述安全等级匹配的eSIM数据;The server is further configured to determine a security level of the authentication request request authentication, and if the authentication information is authenticated, acquire target eSIM data, where the target eSIM data includes eSIM data that matches the security level;
    所述服务器,还用于向所述第二移动终端发送所述目标eSIM数据。The server is further configured to send the target eSIM data to the second mobile terminal.
  12. 根据权利要求11所述系统,其特征在于,The system of claim 11 wherein:
    所述服务器,还用于用所述密钥信息对所述eSIM数据进行加密;The server is further configured to encrypt the eSIM data by using the key information;
    所述服务器,还用于将所述认证信息与所述密钥信息进行匹配;The server is further configured to match the authentication information with the key information;
    所述服务器,还用于将所述eSIM数据中安全等级不大于所述认证请求请求认证的安全等级的服务作为目标eSIM数据。 The server is further configured to use, as the target eSIM data, a service in the eSIM data whose security level is not greater than the security level of the authentication request request authentication.
PCT/CN2016/097461 2016-04-29 2016-08-31 Esim card data sharing method, and related device and system WO2017185577A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610289356.0A CN105790957A (en) 2016-04-29 2016-04-29 eSIM card data sharing method and related equipment and system thereof
CN201610289356.0 2016-04-29

Publications (1)

Publication Number Publication Date
WO2017185577A1 true WO2017185577A1 (en) 2017-11-02

Family

ID=56400553

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/097461 WO2017185577A1 (en) 2016-04-29 2016-08-31 Esim card data sharing method, and related device and system

Country Status (2)

Country Link
CN (1) CN105790957A (en)
WO (1) WO2017185577A1 (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105790957A (en) * 2016-04-29 2016-07-20 宇龙计算机通信科技(深圳)有限公司 eSIM card data sharing method and related equipment and system thereof
CN106793115B (en) * 2016-12-14 2020-09-11 北京小米移动软件有限公司 Bandwidth allocation method and device
CN108156128A (en) * 2017-01-03 2018-06-12 中兴通讯股份有限公司 A kind of sharing method, apparatus and system
CN108040044B (en) * 2017-12-07 2019-06-07 恒宝股份有限公司 A kind of management method and system for realizing eSIM card security authentication
US10917790B2 (en) * 2018-06-01 2021-02-09 Apple Inc. Server trust evaluation based authentication
CN111148088B (en) * 2018-11-02 2022-12-06 中国移动通信集团终端有限公司 Method, device, equipment and storage medium for managing mobile terminal and system
CN109788470B (en) * 2019-01-17 2022-03-11 维沃移动通信有限公司 Method, device and terminal for identifying eSIM card
KR20210004809A (en) * 2019-07-03 2021-01-13 삼성전자주식회사 Method for transferring subscription and electronic device for supporting the same
CN113498124B (en) * 2020-03-20 2023-02-28 华为技术有限公司 SIM card and eSIM card switching method and electronic equipment
CN115701018A (en) * 2021-07-14 2023-02-07 华为技术有限公司 Method for safely calling service, method and device for safely registering service
CN115915104A (en) * 2022-11-28 2023-04-04 四川酷赛科技有限公司 ESIM data switching method and switching system based on near field

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101309143A (en) * 2008-06-24 2008-11-19 宇龙计算机通信科技(深圳)有限公司 Method and system for interactive sharing data between mobile terminals
CN101938295A (en) * 2009-06-30 2011-01-05 中兴通讯股份有限公司 Method and device for transmitting channel measurement pilot frequency
CN103703741A (en) * 2012-11-22 2014-04-02 华为技术有限公司 Method for disseminating application distribution, terminal and server
CN104137587A (en) * 2014-01-09 2014-11-05 华为技术有限公司 Method and terminal sending and receiving user data
CN104955022A (en) * 2015-06-30 2015-09-30 宇龙计算机通信科技(深圳)有限公司 Method and system for sharing virtual SIM (subscriber identity module)
CN105050075A (en) * 2015-08-31 2015-11-11 宇龙计算机通信科技(深圳)有限公司 Virtual subscriber identity module (SIM) card based call processing method and device, and wearable device
CN105790957A (en) * 2016-04-29 2016-07-20 宇龙计算机通信科技(深圳)有限公司 eSIM card data sharing method and related equipment and system thereof

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101257681B (en) * 2008-03-26 2011-05-18 宇龙计算机通信科技(深圳)有限公司 Private data protecting equipment, mobile terminal, private data memory and read method
CN101286981A (en) * 2008-05-29 2008-10-15 宇龙计算机通信科技(深圳)有限公司 Data transmission system, mobile terminal and server
US9282086B2 (en) * 2013-04-26 2016-03-08 Broadcom Corporation Methods and systems for secured authentication of applications on a network
CN104392166B (en) * 2014-10-23 2019-01-22 努比亚技术有限公司 The method and terminal of data access
CN104536818B (en) * 2014-12-24 2019-02-01 宇龙计算机通信科技(深圳)有限公司 A kind of method and apparatus that system is shared
CN105430596B (en) * 2015-10-27 2019-02-01 宇龙计算机通信科技(深圳)有限公司 Communication means and communication device based on virtual SIM card
CN105933890A (en) * 2016-03-31 2016-09-07 宇龙计算机通信科技(深圳)有限公司 Embedded SIM card realizing method and system, user terminal and server

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101309143A (en) * 2008-06-24 2008-11-19 宇龙计算机通信科技(深圳)有限公司 Method and system for interactive sharing data between mobile terminals
CN101938295A (en) * 2009-06-30 2011-01-05 中兴通讯股份有限公司 Method and device for transmitting channel measurement pilot frequency
CN103703741A (en) * 2012-11-22 2014-04-02 华为技术有限公司 Method for disseminating application distribution, terminal and server
CN104137587A (en) * 2014-01-09 2014-11-05 华为技术有限公司 Method and terminal sending and receiving user data
CN104955022A (en) * 2015-06-30 2015-09-30 宇龙计算机通信科技(深圳)有限公司 Method and system for sharing virtual SIM (subscriber identity module)
CN105050075A (en) * 2015-08-31 2015-11-11 宇龙计算机通信科技(深圳)有限公司 Virtual subscriber identity module (SIM) card based call processing method and device, and wearable device
CN105790957A (en) * 2016-04-29 2016-07-20 宇龙计算机通信科技(深圳)有限公司 eSIM card data sharing method and related equipment and system thereof

Also Published As

Publication number Publication date
CN105790957A (en) 2016-07-20

Similar Documents

Publication Publication Date Title
WO2017185577A1 (en) Esim card data sharing method, and related device and system
US10361857B2 (en) Electronic stamp system for security intensification, control method thereof, and non-transitory computer readable storage medium having computer program recorded thereon
US10412061B2 (en) Method and system for encrypted communications
US11329965B2 (en) Method for dynamic encryption and signing, terminal, and server
US10050952B2 (en) Smart phone login using QR code
KR102242218B1 (en) User authentication method and apparatus, and wearable device registration method and apparatus
US10362613B2 (en) Pairing management method, recording medium, and terminal apparatus
US9727715B2 (en) Authentication method and system using password as the authentication key
CN113711211A (en) First-factor contactless card authentication system and method
US9860738B2 (en) Method for processing multiple pieces of SIM information and electronic device thereof
RU2684584C1 (en) Device for storing information and operation method thereof
US9680841B2 (en) Network authentication method for secure user identity verification using user positioning information
CN106572427B (en) Method and device for establishing near field communication
US20190037393A1 (en) Method of establishing communications
US20200196143A1 (en) Public key-based service authentication method and system
US20220014353A1 (en) Method by which device shares digital key
US9622075B2 (en) System and method for adaptive multifactor authentication
US10841795B2 (en) Method and system for protected communication between a mobile unit coupled to a smartphone and a server
KR20160046655A (en) Apparatus and method for user authentication using subscriber identification module
KR20210011577A (en) Apparatus and Method for Personal authentication using Sim Toolkit and Applet
KR20130041033A (en) Method and apparatus for generating and managing of encryption key portable terminal
KR101733318B1 (en) Otp authentication system and method
KR102534032B1 (en) Electronic stamp system for security intensification using fingerprint recognition, control method thereof and computer readable medium having computer program recorded thereon
KR20160099358A (en) Certification method for cloud document centralized system
KR20170122929A (en) Electronic stamp system for security intensification, control method thereof and computer readable medium having computer program recorded thereon

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16900086

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 16900086

Country of ref document: EP

Kind code of ref document: A1