WO2018095018A1 - Terminal abnormal process protection method and apparatus, and computer storage medium - Google Patents

Terminal abnormal process protection method and apparatus, and computer storage medium Download PDF

Info

Publication number
WO2018095018A1
WO2018095018A1 PCT/CN2017/088306 CN2017088306W WO2018095018A1 WO 2018095018 A1 WO2018095018 A1 WO 2018095018A1 CN 2017088306 W CN2017088306 W CN 2017088306W WO 2018095018 A1 WO2018095018 A1 WO 2018095018A1
Authority
WO
WIPO (PCT)
Prior art keywords
security mode
timer
message
network side
mode command
Prior art date
Application number
PCT/CN2017/088306
Other languages
French (fr)
Chinese (zh)
Inventor
柯何杨
Original Assignee
深圳市中兴微电子技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市中兴微电子技术有限公司 filed Critical 深圳市中兴微电子技术有限公司
Publication of WO2018095018A1 publication Critical patent/WO2018095018A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/037Protecting confidentiality, e.g. by encryption of the control plane, e.g. signalling traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W24/00Supervisory, monitoring or testing arrangements
    • H04W24/04Arrangements for maintaining operational condition

Definitions

  • the present invention relates to security protection technologies in the field of mobile communications, and in particular, to a terminal abnormal process protection method and apparatus, and a computer storage medium.
  • the Evolved Universal Terrestrial Radio Access Network (E-UTRAN) on the network side of the Long Term Evolution (LTE) system is mainly composed of an evolved base station (eNB, Evolved NodeB) and The Mobility Management Entity (MME) of the core network device is configured, and the user equipment (UE, User Equipment) performs data and signaling interaction with the eNB and the MME through the wireless air interface, and provides data and signaling for the interaction. Integrity and encryption.
  • eNB evolved base station
  • MME Mobility Management Entity
  • UE User Equipment
  • the protocol layer is divided into a non-access stratum (NAS, Non Access Stratum) and an access stratum (AS, Access Stratum). Accordingly, the security protection mechanism in the LTE system is also divided into NAS security and AS. Safety.
  • the AS security process is based on the NAS security process.
  • the eNB on the E-UTRAN side sends a security mode command message to the UE through the air interface, where the security mode command message carries parameters such as a local preset AS security algorithm. And the security algorithm includes complete a security protection algorithm and an encryption algorithm; after receiving the security mode command message, the UE side requests the underlying Packet Data Convergence Protocol (PDCP) to perform integrity protection verification on the security mode command message. If the verification succeeds, the UE The eNB sends a Security Mode Complete message, and performs integrity protection on the security mode complete message, and performs integrity protection and encryption on subsequent messages and data interacting with the eNB, indicating that the AS security mode is activated. If the verification fails, the UE sends a Security Mode Failure message to the eNB, and does not use encryption and integrity protection for subsequent messages and data interacting with the eNB, indicating that the AS's security activation process fails.
  • PDCP Packet Data Convergence Protocol
  • the network side may immediately send a downlink message to the UE when the security mode command message is sent, as long as the security mode failure message of the UE is not received, the downlink of the subsequent transmission is required.
  • Messages are integrity protected and encrypted.
  • the terminal may send a security mode failure message to the network side when the security is not successfully started, and the network side is also preparing to send the encrypted downlink message to the terminal. In this case, since the terminal does not start security, there is no need to perform integrity protection check and decryption on the downlink message. Therefore, the error of integrity protection failure does not occur, but the message obtained after decoding is garbled, so that the terminal cannot recognize the terminal. .
  • the downlink message that cannot be decrypted and identified is directly discarded by the terminal, and the discarding of the network side command may affect the entire service processing flow; in particular, after the network side sends the command to release the connection, it is known that the UE successfully receives the release message, The air interface resource is released accordingly, but the UE does not know that the air interface resource has been released, and the UE needs to continue to wait for other messages on the network side after the release message sent by the network side is directly discarded because it cannot be resolved. At this time, unless the end user or the service directly intervenes, the network side will not send any more messages, causing the terminal process to hang.
  • the embodiment of the present invention is to provide a terminal abnormal process protection method, device, and computer storage medium, which can effectively solve the problem that occurs in the prior art in the case of a fail-safe failure.
  • the embodiment of the present invention provides a method for protecting an abnormality of a terminal, which is preset with a timer and a duration of the timer.
  • the method further includes:
  • the terminal is triggered to initiate a connection release request.
  • the method further includes: if the security mode is successfully started within a duration of the timer, turning off the timer, and sending a security mode complete message to the network side.
  • the terminal when waiting for the network side to send the security mode command message, the terminal further receives at least one downlink message sent by the network side.
  • the terminal when the downlink message is an encrypted message, the terminal directly discards the downlink message, and continues to wait for the network side to send the security mode command message until the timer expires.
  • the terminal when the downlink message is an unencrypted message, the terminal processes the downlink message according to a preset process, and after processing the downlink message, does not close the timer, and continues to wait.
  • the network side sends the security mode command message until the timer expires.
  • the timer has a duration of 12 s.
  • the embodiment of the present invention further provides a terminal abnormal flow protection device, where the device includes: a preset module, a check module, a waiting module, and an execution module;
  • the preset module is configured to preset a timer and a duration of the timer
  • the verification module is configured to receive a security mode command message sent by the network side, enter a security startup process based on the security mode command message, and start the timer, and perform integrity protection on the security mode command message.
  • the waiting module is configured to determine, according to the verification result obtained by the verification module, that the security mode is not successfully started, and then wait for the network side to send the security mode command message;
  • the execution module is configured to trigger the terminal to initiate a connection release request if the timer expires during the waiting process.
  • the execution module is further configured to: within the duration of the timer, if the security mode is successfully initiated, the timer is turned off, and a security mode complete message is sent to the network side.
  • the terminal when waiting for the network side to send the security mode command message, the terminal further receives at least one downlink message sent by the network side.
  • the executing module when the downlink message is an encrypted message, is configured to directly discard the downlink message;
  • the waiting module is configured to wait for the network to send the security mode command message after the execution module discards the downlink message until the timer expires.
  • the executing module when the downlink message is an unencrypted message, is configured to process the downlink message according to a preset process, and after processing the downlink message, does not close the timer. ;
  • the waiting module is further configured to continue to wait for the network side to send the security mode command message until the timer expires.
  • the timer has a duration of 12 s.
  • the embodiment of the invention further provides a computer storage medium, wherein the computer storage medium stores computer executable instructions, and the computer executable instructions are used to execute the terminal abnormal flow protection method according to the embodiment of the invention.
  • the terminal abnormal flow protection method and device and the computer storage medium pre-set a timer and a duration of the timer; receive a security mode command message sent by the network side, and enter a secure start based on the security mode command message. a process, and starting the timer, and performing an integrity protection check on the security mode command message; determining, according to the verification result, that the security mode is not successfully started, continuing to wait for the network side to send the security mode command message; If the timer expires during the process, the terminal is triggered to initiate a connection release request.
  • FIG. 1 is a schematic flowchart of an implementation process of a terminal abnormal process protection method according to an embodiment of the present invention
  • FIG. 2 is a schematic diagram of a security startup process with timer protection according to an embodiment of the present invention
  • FIG. 3 is a schematic structural diagram of a device for abnormality protection of a terminal according to an embodiment of the present invention.
  • the terminal may include, but is not limited to, a mobile device such as a smart phone, a tablet, a palmtop computer, or the like that can access the LTE network.
  • a mobile device such as a smart phone, a tablet, a palmtop computer, or the like that can access the LTE network.
  • an implementation process of a terminal abnormal process protection method in the embodiment of the present invention includes the following steps:
  • Step 101 Set a timer and a duration of the timer in advance.
  • the terminal may be in a suspended state for a long time; if the duration of the timer is set too short, the terminal may be advanced. The connection is ended, so the duration of the timer cannot be set too long and cannot be set too short.
  • an experience value may be determined according to an actual application scenario, for example, the duration of the timer is set to 12 s. Within the 12s, it can be ensured that most of the services can be automatically re-initiated. Even if the service cannot be re-initiated within the time limit, the terminal can ensure that the terminal can release the connection autonomously after 12s. Therefore, compared to the terminal process has been in a suspended state, setting the duration of the timer to 12s is also acceptable to the user. Of course, the duration of the timer is not limited to 12s.
  • Step 102 Receive a security mode command message sent by the network, enter a secure startup process based on the security mode command message, and start the timer, and perform integrity protection check on the security mode command message.
  • Step 103 Determine, according to the verification result, that the security mode is not successfully started, and continue to wait for the network side to send the security mode command message.
  • the terminal does not have to wait for the network side to continue to send the security mode command message, but can directly close the timer and send a security mode complete message to the network side.
  • the terminal sends a message that the security mode fails to the network side, and after sending the message that the security mode fails, continues to wait for the network side to send the security mode command message until the timer expires.
  • Step 104 The timer expires during the waiting process, and the terminal is triggered to initiate a connection release request.
  • the terminal after receiving the message that the security mode failed by the terminal is received, the terminal continues to wait for the network side to send the security mode command message, and hopes to start the security mode again.
  • the timer is closed, and the security mode completion message is sent to the network side; After receiving the security mode command message, the security mode cannot be successfully initiated.
  • the terminal After returning the security mode failure message to the network side, the terminal continues to wait for the network side to resend the security mode command message, and so on, until the timer expires.
  • the terminal when waiting for the network side to send the security mode command message, the terminal further receives another at least one downlink message sent by the network side, where the downlink message is, for example, a normal radio resource control (RRC) connection. Reconfigure the message.
  • RRC radio resource control
  • the terminal cannot decrypt and identify the downlink message because the security mode is not successfully started. Therefore, the terminal directly discards the downlink message and continues to wait for the network side to send.
  • the security mode command message until the timer expires;
  • the terminal processes the downlink message according to a preset process, and after the downlink message is normally processed, does not close the timer, but continues to wait for the network side to send the security. Mode command message until the timer expires.
  • the network side may send a release command without encryption to terminate the connection; the terminal may also initiate the service under the control of the service or the user. Connect the released command.
  • the effect of the terminal connection release can be achieved, and the timer can be directly turned off without waiting for the timer to time out.
  • the timer is used to monitor whether the security is successfully started. If the terminal fails to start the security successfully, the terminal itself cannot successfully start the security.
  • the instruction to initiate the connection release prevents the terminal process from being in an idle waiting state to protect the abnormal process of the terminal.
  • FIG. 2 is a schematic diagram of a safe boot process with timer protection according to an embodiment of the present invention. As shown in FIG. 2, the method includes the following steps:
  • Step 201 Receive a network side message.
  • the terminal is initially in a connected state, and the network side message is an encrypted message; the duration of the timer and the timer is set in advance, wherein the duration of the timer is an empirical value obtained according to the actual application scenario, where The duration of the timer is set to 12s.
  • Step 202 Determine whether the received network side message is a security mode command message, and if yes, go to step 203, otherwise, go to step 208.
  • Step 203 Start a timer and request the NAS layer to calculate a new security key.
  • Step 204 Perform an integrity protection check on the security mode command message. If the check passes, go to step 205. Otherwise, go to step 207.
  • the integrity protection check is performed on the security mode command message according to the new security key calculated in step 203 and the locally preset AS security algorithm carried in the security mode command message sent by the network side.
  • the AS security algorithm includes an integrity protection algorithm and an encryption algorithm. How to perform integrity protection verification on the security mode command message belongs to the prior art, and details are not described herein again.
  • Step 205 The terminal starts and applies AS security.
  • the terminal After the terminal successfully starts security, it also needs to send a security mode complete message to the network side to indicate that the AS security mode is activated at this time.
  • Step 206 If the timer is running, the timer is turned off, and the current processing flow is ended.
  • Step 207 Enter the state of the waiting instruction until the timer expires, and end the current processing flow. If, in the waiting process, if the terminal can continue to receive the network side message, the process jumps to step 201, if the terminal high-level command is received. Then, go to step 210.
  • the command of the upper layer of the terminal may include any one of an instruction to release a connection, a shutdown indication, or an uplink data transmission, and the embodiment of the present invention is not specifically limited herein.
  • Step 208 Determine whether the received network side message can be identified. If it cannot be identified, go to step 209. Otherwise, go to step 211.
  • the encrypted network side message needs to be decrypted. Only after successful decryption can the network side message be correctly identified. Since the terminal does not start security, the encrypted network side message may be garbled after decryption. Identification. For the network side message that can be identified, the terminal processes the network side message according to the normal process, and does not turn off the timer after the network side message is normally processed.
  • Step 209 Discard the network side message directly, and jump to step 207.
  • Step 210 Receive an instruction from the upper layer of the terminal, and jump to step 211.
  • Step 211 Determine whether the connection can be released, and if yes, go to step 212, otherwise, go to step 207.
  • the network side may send a release command without encryption to terminate the connection; or the terminal actively initiates a connection release request under the control of the service or the user.
  • Step 212 Close the timer and end the current processing flow.
  • the timer is used to monitor whether the security is successfully started. If the terminal fails to start the security successfully, the terminal itself cannot successfully start the security.
  • the instruction to initiate the connection release prevents the terminal process from being in an idle waiting state to protect the abnormal process of the terminal.
  • the embodiment of the present invention further provides a terminal abnormal process protection device.
  • the device includes a preset module 301, a check module 302, a wait module 303, and an execution module 304.
  • the preset module 301 is configured to preset a timer and a duration of the timer
  • the verification module 302 is configured to receive a security mode command message sent by the network, enter a secure startup process based on the security mode command message, and start the timer, and perform integrity protection on the security mode command message. check;
  • the waiting module 303 is configured to determine, according to the verification result obtained by the verification module 302, that the security mode is not successfully started, and then wait for the network side to send the security mode command message;
  • the executing module 304 is configured to trigger the terminal to initiate a connection release request if the timer expires during the waiting for the waiting module 303.
  • the duration of the timer may be 12s, of course, not limited to 12s.
  • the execution module 304 is further configured to: within the duration of the timer, if the security mode is successfully initiated, the timer is turned off, and a security mode complete message is sent to the network side.
  • the terminal when waiting for the network side to send the security mode command message, the terminal further receives at least one downlink message sent by the network side.
  • the execution module 304 is configured to directly discard the downlink message, and the waiting module 303 is configured to wait for the execution module 304 to discard the downlink message and wait for the downlink message to be discarded. Sending, by the network side, the security mode command message until the timer expires;
  • the executing module 304 is configured to process the downlink message according to a preset process, and after the downlink message is processed, does not close the timer;
  • the waiting module 303 is further configured to continue to wait for the network side to send the security mode command message until the timer expires.
  • the row module 304 can be composed of a central processing unit (CPU), a microprocessor (MPU, a Micro Processor Unit), a digital signal processor (DSP), or a field programmable gate located on the terminal.
  • CPU central processing unit
  • MPU microprocessor
  • DSP digital signal processor
  • FPGA Field Programmable Gate Array
  • the embodiment of the present invention sets a timer and a duration of the timer in advance; receives a security mode command message sent by the network side, enters a secure boot process based on the security mode command message, and starts the timer, and The security mode command message performs an integrity protection check; if it is determined that the security mode is not successfully started according to the verification result, the network side continues to wait for the network side to send the security mode command message; if the timer expires during the waiting process, the terminal is triggered to initiate The connection is released.
  • the embodiment of the invention further provides a computer storage medium, wherein the computer storage medium stores computer executable instructions, and the computer executable instructions are used to execute the terminal abnormal flow protection method according to the embodiment of the invention.
  • the computer executable instruction When executed by the processor, executing: receiving a security mode command message sent by the network side, entering a secure boot process based on the security mode command message, and starting the timer, and starting the security mode
  • the command message performs an integrity protection check; if it is determined that the security mode is not successfully started according to the check result, the system continues to wait for the network side to send the security mode command message; if the timer expires during the waiting process, the terminal is triggered to initiate the connection release. Request.
  • the computer executable instruction when executed by the processor, executing: within the duration of the timer, if the security mode is successfully started, the timer is turned off, and the security mode is sent to the network side. Complete the message.
  • the computer executable instructions when executed by the processor, execute: when When the downlink message is an encrypted message, the downlink message is directly discarded, and the network side continues to wait for the network side to send the security mode command message until the timer expires.
  • the downlink message when the computer executable instruction is executed by the processor, when the downlink message is an unencrypted message, the downlink message is processed according to a preset process, and after the downlink message is processed, The timer is not turned off, and the network side continues to wait for the security mode command message to be sent until the timer expires.
  • embodiments of the invention may be provided as a method, apparatus, or computer program product. Accordingly, the present invention can take the form of a hardware embodiment, a software embodiment, or a combination of software and hardware. Moreover, the invention can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage and optical storage, etc.) including computer usable program code.
  • the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
  • the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
  • the technical solution of the embodiment of the present invention not only improves the user's long-term suspension of the terminal process when the security startup fails, but also takes the time protection measures for the security startup process without affecting the actual service process.
  • the experience also meets the needs of wireless access.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Disclosed in the embodiments of the present invention is a terminal abnormal process protection method, comprising: pre-setting a timer and a timer duration; receiving a secure mode command message sent by a network side and, on the basis of the secure mode command message, entering a secure start-up process and starting the timer, and performing integrity protection verification of the secure mode command message; on the basis of the verification results, determining that the secure mode did not successfully start, and then continuing to wait for the network side to send a secure mode command message; and, if the timer expires during the waiting process, then triggering the terminal to actively initiate a connection release request. Also disclosed in the embodiments of the present invention are a terminal abnormal process protection apparatus, and a computer storage medium.

Description

一种终端异常流程保护方法、装置和计算机存储介质Terminal abnormal flow protection method, device and computer storage medium
相关申请的交叉引用Cross-reference to related applications
本申请基于申请号为201611031649.5、申请日为2016年11月22日的中国专利申请提出,并要求该中国专利申请的优先权,该中国专利申请的全部内容在此引入本申请作为参考。The present application is filed on the basis of the Chinese Patent Application No. PCT Application No. No. No. No. No. No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No
技术领域Technical field
本发明涉及移动通信领域中的安全保护技术,尤其涉及一种终端异常流程保护方法、装置和计算机存储介质。The present invention relates to security protection technologies in the field of mobile communications, and in particular, to a terminal abnormal process protection method and apparatus, and a computer storage medium.
背景技术Background technique
在移动通信系统中,长期演进(LTE,Long Term Evolution)系统网络侧的演进通用陆地无线接入网络(E-UTRAN,Evolved Universal Terrestrial Radio Access Network)主要由演进基站(eNB,Evolved NodeB)和作为核心网设备的移动管理实体(MME,Mobility Management Entity)构成,用户设备(UE,User Equipment)通过无线空中接口与eNB及MME进行数据和信令的交互,并为这些交互的数据和信令提供完整性功能和加密功能。In the mobile communication system, the Evolved Universal Terrestrial Radio Access Network (E-UTRAN) on the network side of the Long Term Evolution (LTE) system is mainly composed of an evolved base station (eNB, Evolved NodeB) and The Mobility Management Entity (MME) of the core network device is configured, and the user equipment (UE, User Equipment) performs data and signaling interaction with the eNB and the MME through the wireless air interface, and provides data and signaling for the interaction. Integrity and encryption.
在LTE系统架构中,协议层被分为非接入层(NAS,Non Access Stratum)和接入层(AS,Access Stratum),相应地,LTE系统中的安全保护机制也分为NAS安全和AS安全。通常,将AS安全过程建立在NAS安全过程的基础上。In the LTE system architecture, the protocol layer is divided into a non-access stratum (NAS, Non Access Stratum) and an access stratum (AS, Access Stratum). Accordingly, the security protection mechanism in the LTE system is also divided into NAS security and AS. Safety. Typically, the AS security process is based on the NAS security process.
在AS初始安全模式命令(Security Mode Command)过程中,E-UTRAN侧的eNB通过空中接口向UE发送安全模式命令消息,其中,安全模式命令消息中携带有本地预设的AS安全算法等参数,且该安全算法中包括完整 性保护算法和加密算法;UE侧收到安全模式命令消息后,请求底层分组数据汇聚协议(PDCP,Packet Data Convergence Protocol)对该安全模式命令消息进行完整性保护验证,如果验证通过,则UE向eNB发送安全模式完成(Security Mode Complete)消息,并对该安全模式完成消息进行完整性保护,且对后续与eNB交互的消息和数据进行完整性保护和加密,此时表明AS的安全模式已激活;如果验证不通过,则UE向eNB发送安全模式失败(Security Mode Failure)消息,且对后续与eNB交互的消息和数据不使用加密和完整性保护,此时表明AS的安全激活过程失败。In the AS initial security mode command, the eNB on the E-UTRAN side sends a security mode command message to the UE through the air interface, where the security mode command message carries parameters such as a local preset AS security algorithm. And the security algorithm includes complete a security protection algorithm and an encryption algorithm; after receiving the security mode command message, the UE side requests the underlying Packet Data Convergence Protocol (PDCP) to perform integrity protection verification on the security mode command message. If the verification succeeds, the UE The eNB sends a Security Mode Complete message, and performs integrity protection on the security mode complete message, and performs integrity protection and encryption on subsequent messages and data interacting with the eNB, indicating that the AS security mode is activated. If the verification fails, the UE sends a Security Mode Failure message to the eNB, and does not use encryption and integrity protection for subsequent messages and data interacting with the eNB, indicating that the AS's security activation process fails.
在上述AS初始安全模式命令过程中,网络侧在发送安全模式命令消息时,可立即向UE发送下行消息,只要在未收到UE的安全模式失败消息的情况下,都需对后续发送的下行消息进行完整性保护和加密。另外,考虑到终端有可能在没有成功启动安全时,需向网络侧发送安全模式失败消息,而此时网络侧也正准备向终端发送加密的下行消息。在这种情况下,由于终端没有启动安全,无需对下行消息进行完整性保护检查和解密,因此,不会出现完整性保护失败的错误,但解码后得到的消息却是乱码,使终端无法识别。此时,无法解密和识别的下行消息会被终端直接丢弃,而丢弃网络侧命令可能会影响整个业务处理流程;特别是网络侧发送释放连接的命令后,得知UE成功收到释放消息,就相应释放空口资源,但对于UE来说,并不知道空口资源已经被释放,且在网络侧发送的释放消息因无法解析而被直接丢弃后,UE需继续等待网络侧的其他消息。此时,除非终端用户或业务直接干预,否则网络侧不会再发送任何消息了,导致终端流程出现挂起的现象。During the foregoing AS initial security mode command, the network side may immediately send a downlink message to the UE when the security mode command message is sent, as long as the security mode failure message of the UE is not received, the downlink of the subsequent transmission is required. Messages are integrity protected and encrypted. In addition, it is considered that the terminal may send a security mode failure message to the network side when the security is not successfully started, and the network side is also preparing to send the encrypted downlink message to the terminal. In this case, since the terminal does not start security, there is no need to perform integrity protection check and decryption on the downlink message. Therefore, the error of integrity protection failure does not occur, but the message obtained after decoding is garbled, so that the terminal cannot recognize the terminal. . At this time, the downlink message that cannot be decrypted and identified is directly discarded by the terminal, and the discarding of the network side command may affect the entire service processing flow; in particular, after the network side sends the command to release the connection, it is known that the UE successfully receives the release message, The air interface resource is released accordingly, but the UE does not know that the air interface resource has been released, and the UE needs to continue to wait for other messages on the network side after the release message sent by the network side is directly discarded because it cannot be resolved. At this time, unless the end user or the service directly intervenes, the network side will not send any more messages, causing the terminal process to hang.
发明内容Summary of the invention
有鉴于此,本发明实施例期望提供一种终端异常流程保护方法、装置和计算机存储介质,能够有效解决现有技术中安全启动失败情况下出现的 终端流程挂起的现象。In view of this, the embodiment of the present invention is to provide a terminal abnormal process protection method, device, and computer storage medium, which can effectively solve the problem that occurs in the prior art in the case of a fail-safe failure. The phenomenon that the terminal process hangs.
为达到上述目的,本发明实施例的技术方案是这样实现的:To achieve the above objective, the technical solution of the embodiment of the present invention is implemented as follows:
本发明实施例提供了一种终端异常流程保护方法,预先设置定时器及所述定时器的时长;所述方法还包括:The embodiment of the present invention provides a method for protecting an abnormality of a terminal, which is preset with a timer and a duration of the timer. The method further includes:
接收网络侧发送的安全模式命令消息,基于所述安全模式命令消息进入安全启动过程,以及启动所述定时器,并对所述安全模式命令消息进行完整性保护校验;Receiving a security mode command message sent by the network side, entering a secure boot process based on the security mode command message, and starting the timer, and performing integrity protection check on the security mode command message;
根据校验结果确定安全模式未启动成功,则继续等待网络侧发送所述安全模式命令消息;If it is determined that the security mode is not successfully started according to the verification result, continue to wait for the network side to send the security mode command message;
若等待过程中所述定时器超时,则触发终端主动发起连接释放的请求。If the timer expires during the waiting process, the terminal is triggered to initiate a connection release request.
在一实施例中,所述方法还包括:在所述定时器的时长范围内,若所述安全模式启动成功,则关闭所述定时器,向网络侧发送安全模式完成消息。In an embodiment, the method further includes: if the security mode is successfully started within a duration of the timer, turning off the timer, and sending a security mode complete message to the network side.
在一实施例中,在等待网络侧发送所述安全模式命令消息时,所述终端还接收网络侧发送的至少一种下行消息。In an embodiment, when waiting for the network side to send the security mode command message, the terminal further receives at least one downlink message sent by the network side.
在一实施例中,当所述下行消息为已加密的消息时,则所述终端直接丢弃所述下行消息,继续等待网络侧发送所述安全模式命令消息,直至所述定时器超时。In an embodiment, when the downlink message is an encrypted message, the terminal directly discards the downlink message, and continues to wait for the network side to send the security mode command message until the timer expires.
在一实施例中,当所述下行消息为未加密的消息时,则所述终端按照预设流程处理所述下行消息,并在处理所述下行消息后,不关闭所述定时器,继续等待网络侧发送所述安全模式命令消息,直至所述定时器超时。In an embodiment, when the downlink message is an unencrypted message, the terminal processes the downlink message according to a preset process, and after processing the downlink message, does not close the timer, and continues to wait. The network side sends the security mode command message until the timer expires.
在一实施例中,所述定时器的时长为12s。In an embodiment, the timer has a duration of 12 s.
本发明实施例还提供了一种终端异常流程保护装置,所述装置包括:预设模块、校验模块、等待模块和执行模块;其中,The embodiment of the present invention further provides a terminal abnormal flow protection device, where the device includes: a preset module, a check module, a waiting module, and an execution module;
所述预设模块,配置为预先设置定时器及所述定时器的时长; The preset module is configured to preset a timer and a duration of the timer;
所述校验模块,配置为接收网络侧发送的安全模式命令消息,基于所述安全模式命令消息进入安全启动过程,以及启动所述定时器,并对所述安全模式命令消息进行完整性保护校验;The verification module is configured to receive a security mode command message sent by the network side, enter a security startup process based on the security mode command message, and start the timer, and perform integrity protection on the security mode command message. Test
所述等待模块,配置为根据所述校验模块获得的检验结果确定安全模式未启动成功,则继续等待网络侧发送所述安全模式命令消息;The waiting module is configured to determine, according to the verification result obtained by the verification module, that the security mode is not successfully started, and then wait for the network side to send the security mode command message;
所述执行模块,配置为若所述等待模块在等待过程中所述定时器超时,则触发终端主动发起连接释放的请求。The execution module is configured to trigger the terminal to initiate a connection release request if the timer expires during the waiting process.
在一实施例中,所述执行模块,还配置为在所述定时器的时长范围内,若所述安全模式启动成功,则关闭所述定时器,向网络侧发送安全模式完成消息。In an embodiment, the execution module is further configured to: within the duration of the timer, if the security mode is successfully initiated, the timer is turned off, and a security mode complete message is sent to the network side.
在一实施例中,在等待网络侧发送所述安全模式命令消息时,所述终端还接收网络侧发送的至少一种下行消息。In an embodiment, when waiting for the network side to send the security mode command message, the terminal further receives at least one downlink message sent by the network side.
在一实施例中,当所述下行消息为已加密的消息时,所述执行模块,配置为直接丢弃所述下行消息;In an embodiment, when the downlink message is an encrypted message, the executing module is configured to directly discard the downlink message;
所述等待模块,配置为所述执行模块丢弃所述下行消息后继续等待网络侧发送所述安全模式命令消息,直至所述定时器超时。The waiting module is configured to wait for the network to send the security mode command message after the execution module discards the downlink message until the timer expires.
在一实施例中,当所述下行消息为未加密的消息时,所述执行模块,配置为按照预设流程处理所述下行消息,并在处理所述下行消息后,不关闭所述定时器;In an embodiment, when the downlink message is an unencrypted message, the executing module is configured to process the downlink message according to a preset process, and after processing the downlink message, does not close the timer. ;
所述等待模块,还配置为继续等待网络侧发送所述安全模式命令消息,直至所述定时器超时。The waiting module is further configured to continue to wait for the network side to send the security mode command message until the timer expires.
在一实施例中,所述定时器的时长为12s。In an embodiment, the timer has a duration of 12 s.
本发明实施例还提供了一种计算机存储介质,所述计算机存储介质中存储有计算机可执行指令,所述计算机可执行指令用于执行本发明实施例所述的终端异常流程保护方法。 The embodiment of the invention further provides a computer storage medium, wherein the computer storage medium stores computer executable instructions, and the computer executable instructions are used to execute the terminal abnormal flow protection method according to the embodiment of the invention.
本发明实施例提供的终端异常流程保护方法、装置和计算机存储介质,预先设置定时器及所述定时器的时长;接收网络侧发送的安全模式命令消息,基于所述安全模式命令消息进入安全启动过程,以及启动所述定时器,并对所述安全模式命令消息进行完整性保护校验;根据校验结果确定安全模式未启动成功,则继续等待网络侧发送所述安全模式命令消息;若等待过程中所述定时器超时,则触发终端主动发起连接释放的请求。采用本发明实施例的技术方案,通过对安全启动过程采取时间保护措施,在不影响实际业务流程的前提下,有效的避免了安全启动失败情况下出现的终端流程长期挂起的现象,不仅提高了用户体验,还满足了无线接入的需求。The terminal abnormal flow protection method and device and the computer storage medium provided by the embodiment of the present invention pre-set a timer and a duration of the timer; receive a security mode command message sent by the network side, and enter a secure start based on the security mode command message. a process, and starting the timer, and performing an integrity protection check on the security mode command message; determining, according to the verification result, that the security mode is not successfully started, continuing to wait for the network side to send the security mode command message; If the timer expires during the process, the terminal is triggered to initiate a connection release request. By adopting the technical solution of the embodiment of the present invention, by adopting time protection measures for the security startup process, the phenomenon of long-term suspension of the terminal process occurring under the failure of the security startup failure is effectively avoided without affecting the actual business process, and the problem is not improved. The user experience also meets the needs of wireless access.
附图说明DRAWINGS
图1为本发明实施例终端异常流程保护方法的一种实现流程示意图;1 is a schematic flowchart of an implementation process of a terminal abnormal process protection method according to an embodiment of the present invention;
图2为本发明实施例带有定时器保护的安全启动流程示意图;2 is a schematic diagram of a security startup process with timer protection according to an embodiment of the present invention;
图3为本发明实施例终端异常流程保护装置的组成结构示意图。FIG. 3 is a schematic structural diagram of a device for abnormality protection of a terminal according to an embodiment of the present invention.
具体实施方式detailed description
为了能够更加详尽地了解本发明实施例的特点与技术内容,下面结合附图对本发明实施例的实现进行详细阐述,所附附图仅供参考说明之用,并非用来限定本发明。The embodiments of the present invention are described in detail with reference to the accompanying drawings.
在本发明实施例中,所述终端可以包括但不限于能够接入LTE网络的智能手机、平板、掌上电脑等移动设备。In the embodiment of the present invention, the terminal may include, but is not limited to, a mobile device such as a smart phone, a tablet, a palmtop computer, or the like that can access the LTE network.
如图1所示,本发明实施例中终端异常流程保护方法的一种实现流程,包括以下步骤:As shown in FIG. 1 , an implementation process of a terminal abnormal process protection method in the embodiment of the present invention includes the following steps:
步骤101:预先设置定时器及所述定时器的时长。Step 101: Set a timer and a duration of the timer in advance.
本实施例中,若将定时器的时长设置太长,有可能会引起终端处于挂起状态的时间较长;若将定时器的时长设置太短,有可能会导致终端提前 结束了连接,因此,所述定时器的时长不能设置的过于太长,也不能设置的过于太短。In this embodiment, if the duration of the timer is set to be too long, the terminal may be in a suspended state for a long time; if the duration of the timer is set too short, the terminal may be advanced. The connection is ended, so the duration of the timer cannot be set too long and cannot be set too short.
在实际应用中,可以根据实际应用场景确定出一个经验值,例如,将所述定时器的时长设置为12s。在该12s内,可以保证大部分的业务能够自动重新发起,即使在该时长范围内不能重新发起业务,也能保证终端在12s之后能够实现自主释放连接的操作。因此,相比于终端流程一直处于挂起的状态,将所述定时器的时长设置为12s,也是用户可以接受的。当然,定时器的时长不限定设置为12s。In an actual application, an experience value may be determined according to an actual application scenario, for example, the duration of the timer is set to 12 s. Within the 12s, it can be ensured that most of the services can be automatically re-initiated. Even if the service cannot be re-initiated within the time limit, the terminal can ensure that the terminal can release the connection autonomously after 12s. Therefore, compared to the terminal process has been in a suspended state, setting the duration of the timer to 12s is also acceptable to the user. Of course, the duration of the timer is not limited to 12s.
步骤102:接收网络侧发送的安全模式命令消息,基于所述安全模式命令消息进入安全启动过程,以及启动所述定时器,并对所述安全模式命令消息进行完整性保护校验。Step 102: Receive a security mode command message sent by the network, enter a secure startup process based on the security mode command message, and start the timer, and perform integrity protection check on the security mode command message.
这里,如何对所述安全模式命令消息进行完整性保护检验属于现有技术,在此不再详细赘述。Here, how to perform integrity protection check on the security mode command message belongs to the prior art, and details are not described herein again.
步骤103:根据校验结果确定安全模式未启动成功,则继续等待网络侧发送所述安全模式命令消息。Step 103: Determine, according to the verification result, that the security mode is not successfully started, and continue to wait for the network side to send the security mode command message.
这里,在所述定时器的时长范围内,如果终端对所述安全模式命令消息的完整性保护校验通过,则表明AS的安全模式已激活,即可确定出当前的AS安全模式已启动成功,此时终端就不必等待网络侧继续发送所述安全模式命令消息了,而是可以直接关闭所述定时器,并向网络侧发送安全模式完成消息。Here, in the range of the duration of the timer, if the integrity check of the security mode command message is passed, the security mode of the AS is activated, and the current AS security mode is successfully started. At this time, the terminal does not have to wait for the network side to continue to send the security mode command message, but can directly close the timer and send a security mode complete message to the network side.
在所述定时器的时长范围内,如果终端对所述安全模式命令消息的完整性保护校验未通过,则表明AS的安全模式激活失败,即可确定出当前的AS安全模式未启动成功,相应地,终端向网络侧发送安全模式失败的消息,并在发送安全模式失败的消息后,继续等待网络侧发送安全模式命令消息,直至定时器超时。 If the integrity protection check of the security mode command message fails, the AS security mode activation fails, and the current AS security mode is not successfully started. Correspondingly, the terminal sends a message that the security mode fails to the network side, and after sending the message that the security mode fails, continues to wait for the network side to send the security mode command message until the timer expires.
步骤104:等待过程中所述定时器超时,则触发终端主动发起连接释放的请求。Step 104: The timer expires during the waiting process, and the terminal is triggered to initiate a connection release request.
具体地,一般情况下,在网络侧收到终端发送的安全模式失败的消息后,终端会继续等待网络侧发送安全模式命令消息,希望能够再次尝试启动安全模式。其中,在等待网络侧发送安全模式命令消息的过程中,若终端再次收到安全模式命令消息后,能够成功启动安全模式,则关闭定时器,并向网络侧发送安全模式完成消息;若终端再次收到安全模式命令消息后,还是不能成功启动安全模式,则终端在向网络侧返回安全模式失败的消息后,继续等待网络侧重新发送安全模式命令消息,如此反复,直至定时器超时。Specifically, in general, after receiving the message that the security mode failed by the terminal is received, the terminal continues to wait for the network side to send the security mode command message, and hopes to start the security mode again. In the process of waiting for the network side to send the security mode command message, if the terminal can successfully start the security mode after receiving the security mode command message again, the timer is closed, and the security mode completion message is sent to the network side; After receiving the security mode command message, the security mode cannot be successfully initiated. After returning the security mode failure message to the network side, the terminal continues to wait for the network side to resend the security mode command message, and so on, until the timer expires.
这里,在等待网络侧发送所述安全模式命令消息时,所述终端还接收网络侧发送的其他至少一种下行消息,所述下行消息例如:普通的无线资源控制(RRC,Radio Resource Control)连接重配置消息。Here, when waiting for the network side to send the security mode command message, the terminal further receives another at least one downlink message sent by the network side, where the downlink message is, for example, a normal radio resource control (RRC) connection. Reconfigure the message.
其中,若所述下行消息为已加密的消息,由于此时安全模式未启动成功,使终端无法对该下行消息进行解密和识别,因此,终端会直接丢弃所述下行消息,继续等待网络侧发送所述安全模式命令消息,直至所述定时器超时;If the downlink message is an encrypted message, the terminal cannot decrypt and identify the downlink message because the security mode is not successfully started. Therefore, the terminal directly discards the downlink message and continues to wait for the network side to send. The security mode command message until the timer expires;
若所述下行消息为未加密的消息,则终端按照预设流程处理所述下行消息,并在正常处理所述下行消息后,不关闭所述定时器,而是继续等待网络侧发送所述安全模式命令消息,直至所述定时器超时。If the downlink message is an unencrypted message, the terminal processes the downlink message according to a preset process, and after the downlink message is normally processed, does not close the timer, but continues to wait for the network side to send the security. Mode command message until the timer expires.
这里需要说明的是,在终端等待网络侧发送所述安全模式命令消息的过程中,网络侧可以发送没有加密的释放命令,使终端终止连接;终端在业务或者用户的控制下,也可以主动发起连接释放的指令。在上述两种情况下,都可以实现终端连接释放的效果,且不需等待定时器超时,而是可以直接关闭定时器。 It should be noted that, in the process that the terminal waits for the network side to send the security mode command message, the network side may send a release command without encryption to terminate the connection; the terminal may also initiate the service under the control of the service or the user. Connect the released command. In both cases, the effect of the terminal connection release can be achieved, and the timer can be directly turned off without waiting for the timer to time out.
本发明实施例在不改变原有协议规定流程的基础上,当发生安全启动失败时,使用定时器监控安全是否成功启动,如果超过定时器的时长,终端仍然无法成功启动安全,则由终端自身发起连接释放的指令,防止终端流程一直处于空闲等待的状态,以实现对终端异常流程的保护。In the embodiment of the present invention, when the security startup fails, the timer is used to monitor whether the security is successfully started. If the terminal fails to start the security successfully, the terminal itself cannot successfully start the security. The instruction to initiate the connection release prevents the terminal process from being in an idle waiting state to protect the abnormal process of the terminal.
下面对本发明实施例终端异常流程保护方法的具体实现过程做进一步地详细说明。The specific implementation process of the terminal abnormal process protection method in the embodiment of the present invention is further described in detail below.
图2给出了本发明实施例带有定时器保护的安全启动流程示意图,如图2所示,包括以下步骤:FIG. 2 is a schematic diagram of a safe boot process with timer protection according to an embodiment of the present invention. As shown in FIG. 2, the method includes the following steps:
步骤201:接收网络侧消息。Step 201: Receive a network side message.
这里,终端起初处于连接状态,且网络侧消息为已加密的消息;预先设置定时器及定时器的时长,其中,所述定时器的时长是根据实际应用场景得到的经验值,这里,可将定时器的时长设置为12s。Here, the terminal is initially in a connected state, and the network side message is an encrypted message; the duration of the timer and the timer is set in advance, wherein the duration of the timer is an empirical value obtained according to the actual application scenario, where The duration of the timer is set to 12s.
步骤202:判断接收到的网络侧消息是否为安全模式命令消息,若是,则跳转到步骤203,否则,跳转到步骤208。Step 202: Determine whether the received network side message is a security mode command message, and if yes, go to step 203, otherwise, go to step 208.
步骤203:启动定时器,并请求NAS层计算新的安全密钥。Step 203: Start a timer and request the NAS layer to calculate a new security key.
步骤204:对安全模式命令消息进行完整性保护校验,如果校验通过,则跳转到步骤205,否则,跳转到步骤207。Step 204: Perform an integrity protection check on the security mode command message. If the check passes, go to step 205. Otherwise, go to step 207.
这里,根据步骤203计算出的新的安全密钥和网络侧发送的安全模式命令消息中携带的本地预设的AS安全算法,对安全模式命令消息进行完整性保护校验。其中,所述AS安全算法中包括完整性保护算法和加密算法;如何对安全模式命令消息进行完整性保护校验属于现有技术,在此不再详细赘述。Here, the integrity protection check is performed on the security mode command message according to the new security key calculated in step 203 and the locally preset AS security algorithm carried in the security mode command message sent by the network side. The AS security algorithm includes an integrity protection algorithm and an encryption algorithm. How to perform integrity protection verification on the security mode command message belongs to the prior art, and details are not described herein again.
步骤205:终端启动并应用AS安全。Step 205: The terminal starts and applies AS security.
这里,终端成功启动安全后,还需向网络侧发送安全模式完成消息,以表明此时的AS安全模式已激活。 Here, after the terminal successfully starts security, it also needs to send a security mode complete message to the network side to indicate that the AS security mode is activated at this time.
步骤206:如果定时器正在运行,则关闭定时器,结束当前处理流程。Step 206: If the timer is running, the timer is turned off, and the current processing flow is ended.
步骤207:进入等待指令的状态,直至定时器超时,结束当前处理流程,其中,在等待过程中,如果终端能够继续收到网络侧消息,则跳转到步骤201,如果收到终端高层的指令,则跳转到步骤210。Step 207: Enter the state of the waiting instruction until the timer expires, and end the current processing flow. If, in the waiting process, if the terminal can continue to receive the network side message, the process jumps to step 201, if the terminal high-level command is received. Then, go to step 210.
这里,所述终端高层的指令可以包括:释放连接的命令、关机指示或上行数据直传等指令中的任意一种,本发明实施例在此不做具体限定。Here, the command of the upper layer of the terminal may include any one of an instruction to release a connection, a shutdown indication, or an uplink data transmission, and the embodiment of the present invention is not specifically limited herein.
步骤208:判断接收到的网络侧消息是否能被识别,若不能被识别,则跳转到步骤209,否则,跳转到步骤211。Step 208: Determine whether the received network side message can be identified. If it cannot be identified, go to step 209. Otherwise, go to step 211.
通常,需对加密的网络侧消息进行解密,只有成功解密之后才能正确识别网络侧消息,由于终端没有启动安全,因此,对于加密的网络侧消息,在解密之后得到的有可能是乱码,不能被识别。而对于能够被识别的网络侧消息,则终端按照正常流程处理网络侧消息,并在正常处理网络侧消息后,不关闭定时器。Generally, the encrypted network side message needs to be decrypted. Only after successful decryption can the network side message be correctly identified. Since the terminal does not start security, the encrypted network side message may be garbled after decryption. Identification. For the network side message that can be identified, the terminal processes the network side message according to the normal process, and does not turn off the timer after the network side message is normally processed.
步骤209:直接将网络侧消息丢弃,并跳转到步骤207。Step 209: Discard the network side message directly, and jump to step 207.
步骤210:收到终端高层的指令,并跳转到步骤211。Step 210: Receive an instruction from the upper layer of the terminal, and jump to step 211.
步骤211:判断是否能够释放连接,若是,则跳转到步骤212,否则,跳转到步骤207。Step 211: Determine whether the connection can be released, and if yes, go to step 212, otherwise, go to step 207.
这里,网络侧可以发送没有加密的释放命令,使终端终止连接;或者终端在业务或用户的控制下,主动发起连接释放的请求。Here, the network side may send a release command without encryption to terminate the connection; or the terminal actively initiates a connection release request under the control of the service or the user.
步骤212:关闭定时器,结束当前处理流程。Step 212: Close the timer and end the current processing flow.
本发明实施例在不改变原有协议规定流程的基础上,当发生安全启动失败时,使用定时器监控安全是否成功启动,如果超过定时器的时长,终端仍然无法成功启动安全,则由终端自身发起连接释放的指令,防止终端流程一直处于空闲等待的状态,以实现对终端异常流程的保护。In the embodiment of the present invention, when the security startup fails, the timer is used to monitor whether the security is successfully started. If the terminal fails to start the security successfully, the terminal itself cannot successfully start the security. The instruction to initiate the connection release prevents the terminal process from being in an idle waiting state to protect the abnormal process of the terminal.
为实现上述方法,本发明实施例还提供了一种终端异常流程保护装置, 如图3所示,该装置包括预设模块301、校验模块302、等待模块303和执行模块304;其中,In order to implement the foregoing method, the embodiment of the present invention further provides a terminal abnormal process protection device. As shown in FIG. 3, the device includes a preset module 301, a check module 302, a wait module 303, and an execution module 304.
所述预设模块301,配置为预先设置定时器及所述定时器的时长;The preset module 301 is configured to preset a timer and a duration of the timer;
所述校验模块302,配置为接收网络侧发送的安全模式命令消息,基于所述安全模式命令消息进入安全启动过程,以及启动所述定时器,并对所述安全模式命令消息进行完整性保护校验;The verification module 302 is configured to receive a security mode command message sent by the network, enter a secure startup process based on the security mode command message, and start the timer, and perform integrity protection on the security mode command message. check;
所述等待模块303,配置为根据所述校验模块302获得的检验结果确定安全模式未启动成功,则继续等待网络侧发送所述安全模式命令消息;The waiting module 303 is configured to determine, according to the verification result obtained by the verification module 302, that the security mode is not successfully started, and then wait for the network side to send the security mode command message;
所述执行模块304,配置为若所述等待模块303等待过程中所述定时器超时,则触发终端主动发起连接释放的请求。The executing module 304 is configured to trigger the terminal to initiate a connection release request if the timer expires during the waiting for the waiting module 303.
作为一种实施方式,所述定时器的时长可以为12s,当然不限于12s。As an implementation manner, the duration of the timer may be 12s, of course, not limited to 12s.
这里,所述执行模块304,还配置为在所述定时器的时长范围内,若所述安全模式启动成功,则关闭所述定时器,向网络侧发送安全模式完成消息。Here, the execution module 304 is further configured to: within the duration of the timer, if the security mode is successfully initiated, the timer is turned off, and a security mode complete message is sent to the network side.
这里,在等待网络侧发送所述安全模式命令消息时,所述终端还接收网络侧发送的至少一种下行消息。Here, when waiting for the network side to send the security mode command message, the terminal further receives at least one downlink message sent by the network side.
其中,当所述下行消息为已加密的消息时,所述执行模块304,配置为直接丢弃所述下行消息;所述等待模块303,配置为所述执行模块304丢弃所述下行消息后继续等待网络侧发送所述安全模式命令消息,直至所述定时器超时;The execution module 304 is configured to directly discard the downlink message, and the waiting module 303 is configured to wait for the execution module 304 to discard the downlink message and wait for the downlink message to be discarded. Sending, by the network side, the security mode command message until the timer expires;
当所述下行消息为未加密的消息时,所述执行模块304,配置为按照预设流程处理所述下行消息,并在处理所述下行消息后,不关闭所述定时器;When the downlink message is an unencrypted message, the executing module 304 is configured to process the downlink message according to a preset process, and after the downlink message is processed, does not close the timer;
所述等待模块303,还配置为继续等待网络侧发送所述安全模式命令消息,直至所述定时器超时。The waiting module 303 is further configured to continue to wait for the network side to send the security mode command message until the timer expires.
在实际应用中,所述预设模块301、校验模块302、等待模块303和执 行模块304均可由位于所述终端上的中央处理器(CPU,Central Processing Unit)、微处理器(MPU,Micro Processor Unit)、数字信号处理器(DSP,Digital Signal Processor)、或现场可编程门阵列(FPGA,Field Programmable Gate Array)等实现。In an actual application, the preset module 301, the verification module 302, the waiting module 303, and the implementation The row module 304 can be composed of a central processing unit (CPU), a microprocessor (MPU, a Micro Processor Unit), a digital signal processor (DSP), or a field programmable gate located on the terminal. Array (FPGA, Field Programmable Gate Array) and other implementations.
本发明实施例通过预先设置定时器及所述定时器的时长;接收网络侧发送的安全模式命令消息,基于所述安全模式命令消息进入安全启动过程,以及启动所述定时器,并对所述安全模式命令消息进行完整性保护校验;根据校验结果确定安全模式未启动成功,则继续等待网络侧发送所述安全模式命令消息;若等待过程中所述定时器超时,则触发终端主动发起连接释放的请求。如此,通过对安全启动过程采取时间保护措施,在不影响实际业务流程的前提下,有效的避免了安全启动失败情况下出现的终端流程长期挂起的现象,不仅提升了用户体验,还能满足无线接入的需求。The embodiment of the present invention sets a timer and a duration of the timer in advance; receives a security mode command message sent by the network side, enters a secure boot process based on the security mode command message, and starts the timer, and The security mode command message performs an integrity protection check; if it is determined that the security mode is not successfully started according to the verification result, the network side continues to wait for the network side to send the security mode command message; if the timer expires during the waiting process, the terminal is triggered to initiate The connection is released. In this way, by taking time protection measures for the security startup process, the phenomenon that the terminal process hangs in the case of the security startup failure is effectively avoided without affecting the actual business process, which not only improves the user experience, but also satisfies The need for wireless access.
本发明实施例还提供了一种计算机存储介质,所述计算机存储介质中存储有计算机可执行指令,所述计算机可执行指令用于执行本发明实施例所述的终端异常流程保护方法。The embodiment of the invention further provides a computer storage medium, wherein the computer storage medium stores computer executable instructions, and the computer executable instructions are used to execute the terminal abnormal flow protection method according to the embodiment of the invention.
其中,该计算机可执行指令被处理器运行时,执行:接收网络侧发送的安全模式命令消息,基于所述安全模式命令消息进入安全启动过程,以及启动所述定时器,并对所述安全模式命令消息进行完整性保护校验;根据校验结果确定安全模式未启动成功,则继续等待网络侧发送所述安全模式命令消息;若等待过程中所述定时器超时,则触发终端主动发起连接释放的请求。When the computer executable instruction is executed by the processor, executing: receiving a security mode command message sent by the network side, entering a secure boot process based on the security mode command message, and starting the timer, and starting the security mode The command message performs an integrity protection check; if it is determined that the security mode is not successfully started according to the check result, the system continues to wait for the network side to send the security mode command message; if the timer expires during the waiting process, the terminal is triggered to initiate the connection release. Request.
作为一种实施方式,该计算机可执行指令被处理器运行时,执行:在所述定时器的时长范围内,若所述安全模式启动成功,则关闭所述定时器,向网络侧发送安全模式完成消息。As an embodiment, when the computer executable instruction is executed by the processor, executing: within the duration of the timer, if the security mode is successfully started, the timer is turned off, and the security mode is sent to the network side. Complete the message.
作为一种实施方式,该计算机可执行指令被处理器运行时,执行:当 所述下行消息为已加密的消息时,则直接丢弃所述下行消息,继续等待网络侧发送所述安全模式命令消息,直至所述定时器超时。As an embodiment, when the computer executable instructions are executed by the processor, execute: when When the downlink message is an encrypted message, the downlink message is directly discarded, and the network side continues to wait for the network side to send the security mode command message until the timer expires.
作为一种实施方式,该计算机可执行指令被处理器运行时,执行:当所述下行消息为未加密的消息时,按照预设流程处理所述下行消息,并在处理所述下行消息后,不关闭所述定时器,继续等待网络侧发送所述安全模式命令消息,直至所述定时器超时。As an embodiment, when the computer executable instruction is executed by the processor, when the downlink message is an unencrypted message, the downlink message is processed according to a preset process, and after the downlink message is processed, The timer is not turned off, and the network side continues to wait for the security mode command message to be sent until the timer expires.
本领域内的技术人员应明白,本发明的实施例可提供为方法、装置、或计算机程序产品。因此,本发明可采用硬件实施例、软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器和光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art will appreciate that embodiments of the invention may be provided as a method, apparatus, or computer program product. Accordingly, the present invention can take the form of a hardware embodiment, a software embodiment, or a combination of software and hardware. Moreover, the invention can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage and optical storage, etc.) including computer usable program code.
本发明是参照根据本发明实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention has been described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (system), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or FIG. These computer program instructions can be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing device to produce a machine for the execution of instructions for execution by a processor of a computer or other programmable data processing device. Means for implementing the functions specified in one or more of the flow or in a block or blocks of the flow chart.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。The computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device. The apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机 实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on the computer or other programmable device to produce the computer The implemented processing, such as instructions executed on a computer or other programmable device, provides steps for implementing the functions specified in one or more blocks of the flowchart or in a block or blocks of the flowchart.
以上所述,仅为本发明的较佳实施例而已,并非用于限定本发明的保护范围,凡在本发明的精神和原则之内所作的任何修改、等同替换和改进等,均应包含在本发明的保护范围之内。The above is only the preferred embodiment of the present invention, and is not intended to limit the scope of the present invention. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in Within the scope of protection of the present invention.
工业实用性Industrial applicability
本发明实施例的技术方案通过对安全启动过程采取时间保护措施,在不影响实际业务流程的前提下,有效的避免了安全启动失败情况下出现的终端流程长期挂起的现象,不仅提升了用户体验,还满足了无线接入的需求。 The technical solution of the embodiment of the present invention not only improves the user's long-term suspension of the terminal process when the security startup fails, but also takes the time protection measures for the security startup process without affecting the actual service process. The experience also meets the needs of wireless access.

Claims (13)

  1. 一种终端异常流程保护方法,预先设置定时器及所述定时器的时长;所述方法还包括:A terminal abnormal process protection method, which presets a timer and a duration of the timer; the method further includes:
    接收网络侧发送的安全模式命令消息,基于所述安全模式命令消息进入安全启动过程,以及启动所述定时器,并对所述安全模式命令消息进行完整性保护校验;Receiving a security mode command message sent by the network side, entering a secure boot process based on the security mode command message, and starting the timer, and performing integrity protection check on the security mode command message;
    根据校验结果确定安全模式未启动成功,则继续等待网络侧发送所述安全模式命令消息;If it is determined that the security mode is not successfully started according to the verification result, continue to wait for the network side to send the security mode command message;
    若等待过程中所述定时器超时,则触发终端主动发起连接释放的请求。If the timer expires during the waiting process, the terminal is triggered to initiate a connection release request.
  2. 根据权利要求1所述的方法,其中,所述方法还包括:在所述定时器的时长范围内,若所述安全模式启动成功,则关闭所述定时器,向网络侧发送安全模式完成消息。The method according to claim 1, wherein the method further comprises: closing the timer and transmitting a security mode complete message to the network side if the security mode is successfully initiated within a duration of the timer .
  3. 根据权利要求1所述的方法,其中,在等待网络侧发送所述安全模式命令消息时,所述终端还接收网络侧发送的至少一种下行消息。The method according to claim 1, wherein the terminal further receives at least one downlink message sent by the network side while waiting for the network side to send the security mode command message.
  4. 根据权利要求3所述的方法,其中,当所述下行消息为已加密的消息时,则所述终端直接丢弃所述下行消息,继续等待网络侧发送所述安全模式命令消息,直至所述定时器超时。The method according to claim 3, wherein when the downlink message is an encrypted message, the terminal directly discards the downlink message, and continues to wait for the network side to send the security mode command message until the timing Timed out.
  5. 根据权利要求3所述的方法,其中,当所述下行消息为未加密的消息时,则所述终端按照预设流程处理所述下行消息,并在处理所述下行消息后,不关闭所述定时器,继续等待网络侧发送所述安全模式命令消息,直至所述定时器超时。The method according to claim 3, wherein, when the downlink message is an unencrypted message, the terminal processes the downlink message according to a preset process, and after processing the downlink message, does not close the The timer continues to wait for the network side to send the security mode command message until the timer expires.
  6. 根据权利要求1至5任一项所述的方法,其中,所述定时器的时长为12s。The method according to any one of claims 1 to 5, wherein the timer has a duration of 12 s.
  7. 一种终端异常流程保护装置,所述装置包括:预设模块、校验模块、等待模块和执行模块;其中, A terminal abnormal flow protection device, the device comprising: a preset module, a check module, a waiting module and an execution module; wherein
    所述预设模块,配置为预先设置定时器及所述定时器的时长;The preset module is configured to preset a timer and a duration of the timer;
    所述校验模块,配置为接收网络侧发送的安全模式命令消息,基于所述安全模式命令消息进入安全启动过程,以及启动所述定时器,并对所述安全模式命令消息进行完整性保护校验;The verification module is configured to receive a security mode command message sent by the network side, enter a security startup process based on the security mode command message, and start the timer, and perform integrity protection on the security mode command message. Test
    所述等待模块,配置为根据所述校验模块获得的检验结果确定安全模式未启动成功,则继续等待网络侧发送所述安全模式命令消息;The waiting module is configured to determine, according to the verification result obtained by the verification module, that the security mode is not successfully started, and then wait for the network side to send the security mode command message;
    所述执行模块,配置为若所述等待模块在等待过程中所述定时器超时,则触发终端主动发起连接释放的请求。The execution module is configured to trigger the terminal to initiate a connection release request if the timer expires during the waiting process.
  8. 根据权利要求7所述的装置,其中,所述执行模块,还配置为在所述定时器的时长范围内,若所述安全模式启动成功,则关闭所述定时器,向网络侧发送安全模式完成消息。The apparatus according to claim 7, wherein the execution module is further configured to: within the duration of the timer, if the security mode is successfully initiated, the timer is turned off, and the security mode is sent to the network side. Complete the message.
  9. 根据权利要求7所述的装置,其中,在等待网络侧发送所述安全模式命令消息时,所述终端还接收网络侧发送的至少一种下行消息。The apparatus according to claim 7, wherein the terminal further receives at least one downlink message sent by the network side while waiting for the network side to send the security mode command message.
  10. 根据权利要求9所述的装置,其中,当所述下行消息为已加密的消息时,所述执行模块,配置为直接丢弃所述下行消息;The apparatus according to claim 9, wherein the execution module is configured to directly discard the downlink message when the downlink message is an encrypted message;
    所述等待模块,配置为所述执行模块丢弃所述下行消息后继续等待网络侧发送所述安全模式命令消息,直至所述定时器超时。The waiting module is configured to wait for the network to send the security mode command message after the execution module discards the downlink message until the timer expires.
  11. 根据权利要求9所述的装置,其中,当所述下行消息为未加密的消息时,所述执行模块,配置为按照预设流程处理所述下行消息,并在处理所述下行消息后,不关闭所述定时器;The device according to claim 9, wherein, when the downlink message is an unencrypted message, the executing module is configured to process the downlink message according to a preset process, and after processing the downlink message, Turn off the timer;
    所述等待模块,还配置为继续等待网络侧发送所述安全模式命令消息,直至所述定时器超时。The waiting module is further configured to continue to wait for the network side to send the security mode command message until the timer expires.
  12. 根据权利要求7至11任一项所述的装置,其中,所述定时器的时长为12s。The apparatus according to any one of claims 7 to 11, wherein the timer has a duration of 12 s.
  13. 一种计算机存储介质,所述计算机存储介质中存储有计算机可执 行指令,所述计算机可执行指令用于执行权利要求1至6任一项所述的终端异常流程保护方法。 A computer storage medium storing computer executable in the computer storage medium And a computer executable instruction for performing the terminal abnormal flow protection method according to any one of claims 1 to 6.
PCT/CN2017/088306 2016-11-22 2017-06-14 Terminal abnormal process protection method and apparatus, and computer storage medium WO2018095018A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201611031649.5A CN108377494B (en) 2016-11-22 2016-11-22 Terminal abnormal flow protection method and device
CN201611031649.5 2016-11-22

Publications (1)

Publication Number Publication Date
WO2018095018A1 true WO2018095018A1 (en) 2018-05-31

Family

ID=62194726

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/088306 WO2018095018A1 (en) 2016-11-22 2017-06-14 Terminal abnormal process protection method and apparatus, and computer storage medium

Country Status (2)

Country Link
CN (1) CN108377494B (en)
WO (1) WO2018095018A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113519147A (en) * 2019-03-08 2021-10-19 联想(新加坡)私人有限公司 Secure mode integrity verification

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020056880A1 (en) * 2018-09-17 2020-03-26 Oppo广东移动通信有限公司 Connection release method, data processing method, device, and storage medium
CN112672339A (en) * 2019-10-15 2021-04-16 中国移动通信有限公司研究院 Terminal capability information notification method, terminal and base station
CN115707358A (en) * 2021-06-02 2023-02-17 华为技术有限公司 Recovery method and device after security activation failure

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1816196A (en) * 2005-02-03 2006-08-09 华为技术有限公司 Method for user terminal to operate safety mode
CN101651949A (en) * 2009-08-17 2010-02-17 中兴通讯股份有限公司 Method for establishing safety mode and radio network controller
WO2010078684A1 (en) * 2008-12-30 2010-07-15 中兴通讯股份有限公司 Initial security activation processing method and terminal thereof
US20150079948A1 (en) * 2013-09-13 2015-03-19 Nvidia Corporation Call establishment

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101483516A (en) * 2008-01-07 2009-07-15 华为技术有限公司 Security control method and system thereof
CN101686463B (en) * 2008-09-28 2013-10-09 华为技术有限公司 Method for protecting ability of user terminal, device and system
KR101622219B1 (en) * 2008-11-03 2016-05-18 엘지전자 주식회사 Method and apparatus for RRC connection reestablishment in wireless communication system
CN101483865A (en) * 2009-01-19 2009-07-15 中兴通讯股份有限公司 Cipher key replacing method, system and device
CN102300335B (en) * 2010-06-22 2016-12-21 中兴通讯股份有限公司 A kind of method and device processing wireless link error
WO2012134218A2 (en) * 2011-03-31 2012-10-04 엘지전자 주식회사 Method for user equipment setting security with network in wireless communication system and apparatus for same
CN104469745B (en) * 2014-11-26 2018-05-01 大唐移动通信设备有限公司 The application process and device of a kind of integrity protection parameter

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1816196A (en) * 2005-02-03 2006-08-09 华为技术有限公司 Method for user terminal to operate safety mode
WO2010078684A1 (en) * 2008-12-30 2010-07-15 中兴通讯股份有限公司 Initial security activation processing method and terminal thereof
CN101651949A (en) * 2009-08-17 2010-02-17 中兴通讯股份有限公司 Method for establishing safety mode and radio network controller
US20150079948A1 (en) * 2013-09-13 2015-03-19 Nvidia Corporation Call establishment

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3GPP System Architecture Evolution (SAE); Security Architecture (Release 14)", 3GPP TS 33.401 V14.0.0, 30 September 2016 (2016-09-30), pages 1 - 158, XP055488585 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113519147A (en) * 2019-03-08 2021-10-19 联想(新加坡)私人有限公司 Secure mode integrity verification
CN113519147B (en) * 2019-03-08 2024-05-28 联想(新加坡)私人有限公司 Secure mode integrity verification

Also Published As

Publication number Publication date
CN108377494B (en) 2020-10-27
CN108377494A (en) 2018-08-07

Similar Documents

Publication Publication Date Title
US10404677B2 (en) Secure method for MTC device triggering
WO2018095018A1 (en) Terminal abnormal process protection method and apparatus, and computer storage medium
CN110312296B (en) Method for executing user equipment, method for executing base station, user equipment and base station
CN109802809B (en) Network access method, terminal equipment and network equipment
EP3531731B1 (en) Computer readable medium and apparatus for authentication
KR101514579B1 (en) Methods and apparatuses facilitating synchronization of security configurations
CN108924829B (en) Method and device for sending and processing uplink data and authenticating
TWI651007B (en) Device and method of handling radio resource control connection resume procedure
WO2018229657A1 (en) Apparatuses and methods for handling of data radio bearer integrity protection failure in new radio (nr) network
RU2742715C1 (en) Restoring radio link for user device
CN111886885B (en) Secure authentication when recovering an RRC connection
US20190335329A1 (en) Mtc key management for sending key from network to ue
US8995664B2 (en) Security in wireless communication system and device
JP5576559B2 (en) Access layer security algorithm protection method and access layer security algorithm protection system
WO2019137250A1 (en) Method and device for management of integrity protection key
CN113396637B (en) Communication method, device and system
CN108540401B (en) Data sharing method and system of communication protocol
CN116783986A (en) Method and device for data transmission processing
CN108243144B (en) Method for optimizing AS security mode process in L TE system
WO2022135517A1 (en) Method executed by user equipment and user equipment
EP3804374B9 (en) Method and apparatus for security algorithm negotiation
CN110445589B (en) Method and device for processing service data packet

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17874799

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17874799

Country of ref document: EP

Kind code of ref document: A1