WO2020057360A1 - Procédé et appareil pour améliorer la sécurité d'un terminal et support d'informations lisible par ordinateur - Google Patents

Procédé et appareil pour améliorer la sécurité d'un terminal et support d'informations lisible par ordinateur Download PDF

Info

Publication number
WO2020057360A1
WO2020057360A1 PCT/CN2019/103956 CN2019103956W WO2020057360A1 WO 2020057360 A1 WO2020057360 A1 WO 2020057360A1 CN 2019103956 W CN2019103956 W CN 2019103956W WO 2020057360 A1 WO2020057360 A1 WO 2020057360A1
Authority
WO
WIPO (PCT)
Prior art keywords
communication
application
message
protocol message
initiation protocol
Prior art date
Application number
PCT/CN2019/103956
Other languages
English (en)
Chinese (zh)
Inventor
杨海城
郭海林
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2020057360A1 publication Critical patent/WO2020057360A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • H04L65/1069Session establishment or de-establishment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • H04L65/1101Session protocols
    • H04L65/1104Session initiation protocol [SIP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/161Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
    • H04L69/162Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields involving adaptations of sockets based mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload

Definitions

  • the present disclosure relates to, but is not limited to, a method and device for improving terminal security, and a computer-readable storage medium.
  • SIP Session Initiation Protocol
  • IP Internet Protocol
  • At least one embodiment of the present disclosure provides a method and device for improving terminal security, a computer-readable storage medium, and improving terminal security.
  • At least one embodiment of the present disclosure provides a method for improving terminal security, including:
  • the session initiation protocol message sent by the terminal is monitored, and when the session initiation protocol message is a message for establishing communication and the termination communication condition is currently met, the establishment of communication is stopped.
  • At least one embodiment of the present disclosure provides a device for improving terminal security, which includes a memory and a processor.
  • the memory stores a program.
  • the program When the program is read and executed by the processor, the program implements any one of the embodiments. Ways to improve terminal security.
  • At least one embodiment of the present disclosure provides a computer-readable storage medium, where the computer-readable storage medium stores one or more programs, and the one or more programs can be executed by one or more processors to implement any A method for improving terminal security according to an embodiment.
  • a session initiation protocol message sent by a terminal is monitored, and when the session initiation protocol message is a message for establishing a communication and a termination communication condition is currently met, the establishment of communication is stopped.
  • the solution provided by this embodiment can timely detect illegal communication operations, cut off communication, prevent users from being monitored, and passively dial toll calls, etc., thereby improving the user experience.
  • FIG. 1 is a schematic diagram of a SIP architecture in related technologies
  • FIG. 2 is a flowchart of a method for improving terminal security according to an embodiment of the present disclosure
  • FIG. 3 is a flowchart of a method for improving terminal security according to another embodiment of the present disclosure.
  • FIG. 4 is a flowchart of a method for improving terminal security provided by another embodiment of the present disclosure.
  • FIG. 5 is a flowchart of a method for improving terminal security provided by another embodiment of the present disclosure.
  • FIG. 6 is a flowchart of a method for improving terminal security according to another embodiment of the present disclosure.
  • FIG. 7 is a block diagram of a device for improving terminal security provided by an embodiment of the present disclosure.
  • FIG. 8 is a block diagram of a computer-readable storage medium according to an embodiment of the present disclosure.
  • FIG. 9 is a block diagram of a device for improving terminal security according to another embodiment of the present disclosure.
  • FIG. 1 it is a schematic diagram of a SIP architecture in the related art, including a terminal 101, a proxy call session control function (P-CSCF) 102, and a SIP server 103.
  • the terminal 101 sends a call request to the P-CSCF 102, and establishes a call with the peer through the SIP server 103.
  • the terminal 101 may be a smart terminal, a PAD (tablet), a computer, or the like.
  • an embodiment of the present disclosure provides a method for improving terminal security, including:
  • Step 201 Monitor a SIP message sent by the terminal
  • the SIP message sent may be a SIP message to be sent, or may be a SIP message already sent.
  • Step 202 When the SIP packet is a message for establishing communication and the termination condition for communication is currently met, stop establishing communication.
  • the communication establishment message is, for example, a message for establishing a call, or another type of communication message (for example, establishing a short message communication, etc.).
  • illegal communication can be monitored in a timely manner, and communication can be terminated in a timely manner, which solves the problem that malicious applications attack users through the VoLTE security vulnerability of the Android operating system, causing huge losses to users, and greatly improving the user experience.
  • the termination communication conditions may be set according to requirements.
  • the currently satisfying termination communication conditions include at least one of the following:
  • the application sending the SIP message is an unauthorized application
  • the application sending the SIP message is currently a background application. Since the application that initiates the communication is generally a foreground application, to interact with the user, in this embodiment, the communication initiated by the application running only in the background (without interacting with the user) is determined to be illegal communication and needs to be terminated.
  • the unauthorized applications include at least one of the following: applications that do not have communication permissions (such as Android.Permission.CALL_PHONE permission) are not recorded in the first list that is set to record applications that allow communication Applications that are recorded in a second list that is set to record applications that are prohibited from communicating.
  • the applications in the first list and the second list may be pre-configured or configured by a user. For example, you can directly obtain the permissions of the application and check whether the application has the Android.Permission.CALL_PHONE permission. If it does not, the application is an unauthorized application. For example, check whether the application is recorded in the first list.
  • Authorized applications for example, check whether the applications are recorded in the second list, and if they are, they are unauthorized applications.
  • the first list and the second list can be viewed according to the application identification (application index number) or the application name. Only the first list and the second list may exist, or they may both exist.
  • the SIP message sent by the monitoring terminal includes: a SIP message sent by the monitoring terminal to the P-CSCF. Because the SIP message is usually sent to the SIP server, and the message sent to the SIP server needs to pass through the P-CSCF, the message sent to the P-CSCF can be monitored. It should be noted that it is also possible to directly monitor the message sent by the terminal and determine whether it is a SIP message according to the message format. For example, if two terminals establish communication directly (not through a SIP server), at this time, directly monitor SIP packets sent by the terminals.
  • the message that the SIP message is to establish communication includes that the SIP message is an INVITE message. Since VoLTE uses INVITE messages to establish a call between two or more parties, it is possible to determine whether a SIP message is a message to establish communication by determining whether the message is an INVITE message. It should be noted that if the message for establishing a call changes, correspondingly, it is determined whether the SIP message is a message for establishing a call by judging whether the SIP message is a changed message.
  • the application that sends the SIP packet is determined according to the following manner:
  • the system stores the correspondence between the socket connection and the application, and the application corresponding to the socket connection can be obtained by querying this information.
  • the destination address information includes a destination address and a port number
  • the source address information includes a source address and a port number.
  • the destination address information is, for example, the P-CSCF address information
  • the source address information is the terminal's own address information.
  • the application that sends the SIP packet is determined according to the following manner:
  • This application is the application that sends SIP packets.
  • the method before obtaining the destination address information and the source address information of the SIP message, the method further includes: decrypting the SIP message.
  • IPSec IP Security
  • the IPSec algorithm encrypts SIP packets through ESP (Encapsulating Security Payload, Encapsulating Security Payload). Therefore, the SIP packets need to be decrypted to obtain the information carried in them. After the SIP packet is decrypted, the destination address information and source address information of the SIP packet can be obtained.
  • the step of stopping establishing communication in step 102 is, for example, sending a BYE message to the SIP server to end the current VoLTE session. If the SIP message has not been sent, the step of stopping establishing communication in step 102 is, for example, not sending the SIP message.
  • the SIP packet when the SIP packet is a message for establishing communication and currently meets the conditions for terminating communication, it further includes at least one of the following:
  • the prompt information is, for example, that your terminal is being attacked by a malicious application and has undergone xxx (for example, uninstallation) processing. This is only an example, and the prompt information can be set as required.
  • FIG. 3 is a flowchart of a method for improving terminal security according to another embodiment of the present disclosure. As shown in FIG. 3, the method includes:
  • Step 301 Monitor the SIP message sent by the terminal.
  • Step 302 When the SIP message is a message for establishing communication and the termination of communication conditions is currently met, prompt the user whether to stop establishing communication; for example, a prompt interface pops up and provides the function options of continuing to establish communication and stopping establishing communication, so as to facilitate User's selection for subsequent operations.
  • Step 303 After receiving the user's instruction to stop establishing communication, stop establishing communication.
  • the establishment of communication is stopped. In another embodiment, if the user selects the option to continue establishing communication, the communication continues to be established.
  • FIG. 4 is a flowchart of a method for improving terminal security according to another embodiment of the present disclosure. As shown in FIG. 4, the method includes:
  • Step 401 Monitor a SIP message sent by a terminal
  • Step 402 when the SIP message is a message for establishing communication, obtain an application for sending the SIP message;
  • An application for obtaining and sending the SIP message is: obtaining destination address information and source address information of the SIP message, and obtaining a corresponding socket according to the destination address information and source address information of the SIP message.
  • Word (socket) connection the application that creates the socket connection is the application that sends the SIP message.
  • Step 403 When the application sending the SIP message is an unauthorized application or a background application, stop establishing communication.
  • FIG. 5 is a flowchart of a method for improving terminal security according to another embodiment of the present disclosure. As shown in FIG. 4, the method includes:
  • Step 501 Listen for a SIP message sent by a terminal
  • Step 502 When the SIP message is a message for establishing communication and the termination condition for communication is currently met, stop establishing communication.
  • Step 503 Perform at least one of the following:
  • a message is displayed.
  • step 503 is only an example, and other processing may be performed as needed.
  • an embodiment of the present disclosure provides a method for improving VoLTE security, including:
  • Step 601 It is monitored that the terminal sends a SIP message to the SIP server;
  • Any SIP message sent from the VoLTE terminal to the SIP server must pass through the P-CSCF network element. Therefore, what is actually monitored is that the terminal sends a SIP message to the P-CSCF network element.
  • the terminal obtains the IP address of the P-CSCF network element from the network side.
  • Step 602 Decrypt the SIP message.
  • IPSec encryption algorithms For security reasons, many mobile network operators use IPSec encryption algorithms to protect SIP packets.
  • the IPSec algorithm encrypts SIP packets through the ESP protocol. Therefore, the SIP message needs to be decrypted to obtain the information in the SIP message.
  • the key (Ck, Ik) and cryptographic algorithm are obtained from the ESP, and the SIP message is decrypted.
  • the SIP packet displayed in plain text, and the source port and destination port of the SIP packet are obtained.
  • Step 603 Identify the decrypted SIP message, determine whether the SIP message is an INVITE message, and if yes, proceed to step 604; otherwise, end.
  • the decrypted SIP message has been clearly displayed.
  • One method to determine whether the SIP message is an INVITE message is to check whether the header of the SIP message is "INVITE" and contains the calling and called numbers. If so, the SIP The message is an INVITE message.
  • Step 604 Obtain an application that sends the SIP message.
  • the corresponding socket connection is obtained through the destination address and port number (SIP server), source address, and port number of the SIP packet, and then the application information for creating the socket connection is found.
  • the PID (Program ID) and Program Name (Application Name) of the application can be obtained. Call the send SIP interface
  • Step 605 Determine whether the application is an unauthorized application, and if yes, proceed to step 606; if not, end.
  • the judgment is made according to the application name. If it is not the dialing application com.android.dialer of the Android system or the application in the first list (also known as the white list), it is determined as an unauthorized application.
  • Step 606 Stop establishing a call.
  • step 606 at least one of the following may be performed:
  • a malicious application when using SIP technology to implement a call, a malicious application can start communication without obtaining the corresponding communication permission. At this time, the communication will not be displayed on the screen.
  • This security vulnerability is extremely harmful and may cause users Huge losses: 1) Malicious applications allow the terminal to constantly make calls to the specified number, resulting in users not receiving incoming calls normally. 2) Malicious applications allow terminals to make expensive video calls or pay calls, causing users to suffer financial losses. 3) The user is illegally monitored.
  • the solution provided by this embodiment can detect an illegal call in time and terminate the illegal call, avoiding the terminal in a state of continuously making calls, avoiding economic losses caused by dialing toll calls, and preventing users from being monitored.
  • an embodiment of the present disclosure provides a device 70 for improving terminal security, which includes a memory 710 and a processor 720.
  • the memory 710 stores a program, and the program is read by the processor 720.
  • the method for improving terminal security is implemented. Specifically, in an embodiment, when the program is read and executed by the processor 720, the following steps are implemented:
  • the session initiation protocol message sent by the terminal is monitored, and when the session initiation protocol message is a message for establishing communication and the termination communication condition is currently met, the establishment of communication is stopped.
  • the currently satisfied termination communication conditions include at least one of the following:
  • the application sending the session initiation protocol message is an unauthorized application
  • the application that sends the session initiation protocol message is currently a background application.
  • the unauthorized application includes at least one of the following: an application that does not have communication permission, an application that is not recorded in the first list for recording applications permitted to communicate, and an application that is recorded for recording prohibited communication Apps in the second list of apps.
  • the session initiation protocol message sent by the monitoring terminal includes: a session initiation protocol message sent by the monitoring terminal to the proxy call session control function.
  • the stopping establishing communication includes:
  • the program when the program is read and executed by the processor 720, it further implements the following steps: determining an application for sending the session initiation protocol message according to the following method: obtaining the session initiation protocol message Destination address information and source address information. The corresponding socket connection is obtained according to the destination address information and source address information of the session initiation protocol message. The application that creates the socket connection is the one that sends the session initiation protocol message. application.
  • the method before obtaining the destination address information and the source address information of the session initiation protocol message, the method further includes: decrypting the session initiation protocol message.
  • the session initiation protocol message is a communication establishment message and currently does not meet the communication establishment conditions, at least one of the following is performed:
  • a message is displayed.
  • An embodiment of the present disclosure further provides a terminal including the device 70 for improving terminal security.
  • an embodiment of the present disclosure provides a computer-readable storage medium 80.
  • the computer-readable storage medium 80 stores one or more programs 81.
  • the one or more programs 81 may be stored in one or more programs 81.
  • a plurality of processors execute to implement the method for improving terminal security according to any embodiment.
  • an embodiment of the present disclosure provides a device for improving terminal security, including a monitoring module 901, an analysis module 902, a decision module 903, and an execution module 904, where:
  • the monitoring module 901 is configured to notify the parsing module 902 when monitoring the SIP packet sent by the terminal;
  • the parsing module 902 is configured to, after receiving the notification from the monitoring module 901, determine whether the SIP message is a message for establishing communication, and notify the judgment module when the SIP message is a message for establishing communication. 903;
  • the judging module 903 is configured to notify the execution module 904 when receiving the notification of the parsing module 902 and determining that the communication termination condition is currently met;
  • the execution module 904 is configured to stop establishing communication after receiving the notification from the decision module 903.
  • the currently satisfied termination communication conditions include at least one of the following:
  • the application sending the SIP message is an unauthorized application
  • the application sending the SIP message is currently a background application.
  • the unauthorized applications include at least one of the following: applications that do not have communication rights, applications that are not recorded in the first list for recording applications that are allowed to communicate, and applications that are not recorded in the first list for applications that are not allowed to communicate. Applications in the second list.
  • the interception module 901 monitors the terminal to send a SIP message as follows: the interception module 901 is configured to monitor the terminal to send a SIP message to the P-CSCF.
  • the execution module 904 stopping establishing communication includes: the executing module 904 prompts the user whether to stop establishing communication, and stops receiving communication after receiving an instruction to stop establishing communication.
  • the execution module 904 is further configured to execute at least one of the following:
  • a message is displayed.
  • the parsing module 902 includes a decoding unit 9021 and a parsing unit 9022, where:
  • the decoding unit 9021 is configured to, after receiving the notification from the monitoring module 301, decrypt the SIP message to obtain a decrypted SIP message;
  • the parsing unit 9022 is configured to determine, according to the decrypted SIP message, whether the SIP message is a message for establishing communication, and when the SIP message is a message for establishing communication, notify the judgment module 903.
  • the determination module 903 includes an application information acquisition unit 9031 and a determination unit 9032, where:
  • the application information obtaining unit 9031 is configured to, after receiving the notification from the parsing module 902, obtain an application that sends the SIP packet;
  • the judging unit 9032 is configured to determine whether the communication termination conditions are currently met, and notify the execution module 904 when it is determined that the communication termination conditions are currently met.
  • the application information obtaining unit 9031 obtains an application that sends the SIP packet includes:
  • VoLTE Voice Over WiFi, Voice over Wi-Fi
  • RCS Radio Communications Suite
  • Vo5G Voice Overover New Radio, 5G voice solutions
  • other VoIMS Voice over IMS, voice solutions based on IP multimedia subsystem
  • computer storage medium includes volatile and non-volatile implemented in any method or technology used to store information such as computer-readable instructions, data structures, program modules or other data.
  • Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technologies, CD-ROM, digital versatile disk (DVD) or other optical disk storage, magnetic cartridges, magnetic tape, disk storage or other magnetic storage devices, or may Any other medium used to store desired information and which can be accessed by a computer.
  • a communication medium typically contains computer-readable instructions, data structures, program modules, or other data in a modulated data signal such as a carrier wave or other transmission mechanism, and may include any information delivery medium .
  • a session initiation protocol message sent by a terminal is monitored, and when the session initiation protocol message is a message for establishing a communication and a condition for terminating communication is currently met, the establishment of communication is stopped.
  • the solution provided by this embodiment can timely detect illegal communication operations, cut off communication, prevent users from being monitored, and passively dial toll calls, which improves the user experience.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Multimedia (AREA)
  • Computer Security & Cryptography (AREA)
  • Telephonic Communication Services (AREA)
  • Telephone Function (AREA)

Abstract

La présente invention concerne un procédé et un appareil servant à améliorer la sécurité d'un terminal et un support d'informations lisible par ordinateur. Le procédé permettant d'améliorer la sécurité d'un terminal comprend les étapes suivantes : surveiller un message de protocole d'initiation de session envoyé par un terminal, et lorsque le message de protocole d'initiation de session est un message pour établir une communication et qu'il satisfait actuellement une condition de fin de communication, arrêter l'établissement de la communication.
PCT/CN2019/103956 2018-09-19 2019-09-02 Procédé et appareil pour améliorer la sécurité d'un terminal et support d'informations lisible par ordinateur WO2020057360A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201811092924.3A CN110933013A (zh) 2018-09-19 2018-09-19 一种提高终端安全性的方法及装置、计算机可读存储介质
CN201811092924.3 2018-09-19

Publications (1)

Publication Number Publication Date
WO2020057360A1 true WO2020057360A1 (fr) 2020-03-26

Family

ID=69855168

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/103956 WO2020057360A1 (fr) 2018-09-19 2019-09-02 Procédé et appareil pour améliorer la sécurité d'un terminal et support d'informations lisible par ordinateur

Country Status (2)

Country Link
CN (1) CN110933013A (fr)
WO (1) WO2020057360A1 (fr)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113992632A (zh) * 2020-07-09 2022-01-28 华为技术有限公司 管理应用的方法和装置

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080109853A1 (en) * 2006-11-07 2008-05-08 Telefonaktiebolaget Lm Ericsson (Publ) Media channel management
CN101902371A (zh) * 2010-07-26 2010-12-01 华为技术有限公司 安全监控方法、签名密钥发送方法、终端、服务器及系统
CN102244858A (zh) * 2011-08-01 2011-11-16 王冬梅 移动终端可自行锁定和解锁通信功能的方法及该移动终端
CN104767709A (zh) * 2014-01-02 2015-07-08 中国移动通信集团北京有限公司 一种封堵ims业务异常呼叫的方法及装置

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100413376C (zh) * 2005-08-15 2008-08-20 华为技术有限公司 一种提高下一代网络终端通信安全性的方法及终端
CN101784054A (zh) * 2009-01-20 2010-07-21 华为终端有限公司 一种防止手机流氓软件的方法、终端、服务器及系统
CN102355519A (zh) * 2011-06-30 2012-02-15 北京邮电大学 移动智能终端的恶意电话拨打防范方法及其系统
CN102857613B (zh) * 2012-07-18 2017-01-25 宇龙计算机通信科技(深圳)有限公司 防止恶意拨号的方法及其通信终端
GB2515326A (en) * 2013-06-20 2014-12-24 F Secure Corp Detecting malware via outgoing radio messages
CN104268470B (zh) * 2014-09-26 2018-02-13 酷派软件技术(深圳)有限公司 安全控制方法和安全控制装置
CN106453799B (zh) * 2016-10-25 2019-06-04 郭铮铮 伪装通信识别方法和系统

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080109853A1 (en) * 2006-11-07 2008-05-08 Telefonaktiebolaget Lm Ericsson (Publ) Media channel management
CN101902371A (zh) * 2010-07-26 2010-12-01 华为技术有限公司 安全监控方法、签名密钥发送方法、终端、服务器及系统
CN102244858A (zh) * 2011-08-01 2011-11-16 王冬梅 移动终端可自行锁定和解锁通信功能的方法及该移动终端
CN104767709A (zh) * 2014-01-02 2015-07-08 中国移动通信集团北京有限公司 一种封堵ims业务异常呼叫的方法及装置

Also Published As

Publication number Publication date
CN110933013A (zh) 2020-03-27

Similar Documents

Publication Publication Date Title
US10516540B2 (en) Management of profiles in an embedded universal integrated circuit card (eUICC)
US11533160B2 (en) Embedded universal integrated circuit card (eUICC) profile content management
US10902110B2 (en) Use of AKA methods and procedures for authentication of subscribers without access to SIM credentials
US8798610B2 (en) Method and apparatus for bearer and server independent parental control on smartphone, managed by the smartphone
US9674219B2 (en) Authenticating public land mobile networks to mobile stations
US10057760B2 (en) Apparatus and methods for Electronic Subscriber Identity Module (ESIM) installation notification
US11063990B2 (en) Originating caller verification via insertion of an attestation parameter
KR20210116508A (ko) 스테이션에 대한 고유 식별자 처리 개선
US9154946B2 (en) Secure coupling of hardware components
CN112492580A (zh) 信息处理方法及装置、通信设备及存储介质
US20230354013A1 (en) Secure communication method and device
US10893414B1 (en) Selective attestation of wireless communications
US10721621B2 (en) Updating policy for a video flow during transitions
US10785195B2 (en) Mobile communications over secure enterprise networks
US11288357B2 (en) Apparatus and method for authenticating caller in communication system
Beekman et al. Breaking Cell Phone Authentication: Vulnerabilities in {AKA},{IMS}, and Android
WO2020057360A1 (fr) Procédé et appareil pour améliorer la sécurité d'un terminal et support d'informations lisible par ordinateur
WO2017197968A1 (fr) Procédé et dispositif de transmission de données
US10028141B2 (en) Method and system for determining that a SIM and a SIP client are co-located in the same mobile equipment
US11617086B2 (en) Loading security information with restricted access
CN105577631B (zh) 一种数据传输的方法及终端
EP3119053B1 (fr) Procédé d'établissement d'une communication de données entre une entité mobile et internet
CN114630320A (zh) 一种加密通话呼叫方法、终端和网络设备

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19861945

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205 DATED 06/08/2021)

122 Ep: pct application non-entry in european phase

Ref document number: 19861945

Country of ref document: EP

Kind code of ref document: A1