Network locking method and apparatus for terminal
First Claim
1. A network locking method for a terminal, comprising:
- registering a subscriber identity module (SIM) card of the terminal with a network based on an international mobile subscriber identity (IMSI) number carried on the SIM card, obtaining a public land mobile network (PLMN) number of the network;
forming a valid PLMN number segment according to a first set digits of an IMSI number of at least one SIM card allowed to be used by the terminal, and storing the valid PLMN number segment on the terminal through codes;
obtaining the valid PLMN number segment pre-stored on the terminal by using the plurality of first digits of the IMSI number;
comparing the PLMN number of the network with the valid PLMN number segment pre-stored on the terminal and allowing or limiting, according to a comparison result, use of the SIM card by the terminal; and
performing security verification on the terminal after upgrading the terminal, wherein the security verification comprises;
calculating one Hash value according to multiple image files loaded on the board and forming a digital certificate according to the Hash value;
signing the digital certificate by using a private key of a preset pair of public and private keys and putting the signed digital certificate into a boot image file of the board; and
performing integrity verification on the digital certificate by using a public key of the preset pair of public and private keys, obtaining the Hash value in the digital certificate and comparing the Hash value with a pre-stored valid Hash value, wherein if the two are not consistent, it is determined that the board is insecure;
otherwise, it is determined that the board is secure.
3 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the present disclosure provide a network locking method and apparatus for a terminal. The method mainly includes: utilizing an IMSI number carried on a SIM card of the terminal to register the SIM card with a network, and obtaining a PLMN number of the network; comparing a PLMN number segment of the network with a valid PLMN number segment pre-stored on the terminal, and allowing or limiting, according to a comparison result, use of the SIM card by the terminal. According to the embodiments of the present disclosure, the SIM card is registered with the network by utilizing the IMSI number carried on the SIM card and a data card is verified in the terminal and network combined verification manner, which may ensure security of network locking for the terminal.
-
Citations
7 Claims
-
1. A network locking method for a terminal, comprising:
-
registering a subscriber identity module (SIM) card of the terminal with a network based on an international mobile subscriber identity (IMSI) number carried on the SIM card, obtaining a public land mobile network (PLMN) number of the network; forming a valid PLMN number segment according to a first set digits of an IMSI number of at least one SIM card allowed to be used by the terminal, and storing the valid PLMN number segment on the terminal through codes; obtaining the valid PLMN number segment pre-stored on the terminal by using the plurality of first digits of the IMSI number; comparing the PLMN number of the network with the valid PLMN number segment pre-stored on the terminal and allowing or limiting, according to a comparison result, use of the SIM card by the terminal; and performing security verification on the terminal after upgrading the terminal, wherein the security verification comprises;
calculating one Hash value according to multiple image files loaded on the board and forming a digital certificate according to the Hash value;
signing the digital certificate by using a private key of a preset pair of public and private keys and putting the signed digital certificate into a boot image file of the board; and
performing integrity verification on the digital certificate by using a public key of the preset pair of public and private keys, obtaining the Hash value in the digital certificate and comparing the Hash value with a pre-stored valid Hash value, wherein if the two are not consistent, it is determined that the board is insecure;
otherwise, it is determined that the board is secure. - View Dependent Claims (2, 3, 4)
-
-
5. A network locking apparatus for a terminal, comprising:
-
a registration network public land mobile network (PLMN) number obtaining module implemented by a processor, configured to register a subscriber identity module (SIM) card of the terminal with a network based on an international mobile subscriber identity (IMSI) number carried on the SIM card, obtain a PLMN number of the network, and obtain a valid PLMN number segment pre-stored on the terminal by using the IMSI number; and a SIM card verification processing module implemented by the processor, configured to compare a PLMN number segment of the network with the valid PLMN number segment pre-stored on the terminal, and allow or limit, according to a comparison result, use of the SIM card by the terminal; a valid PLMN number segment storing module, configured to form the valid PLMN number segment according to first set digits of an IMSI number of at least one SIM cards allowed to be used by the terminal, and store the valid PLMN number segment on a board inside the terminal through codes; and a board verifying module, configured to perform security verification on the board after upgrading of the board is completed, wherein the security verification comprises;
calculating one Hash value according to multiple image files loaded on the board and forming a digital certificate according to the Hash value;
signing the digital certificate by using a private key of a preset pair of public and private keys and putting the signed digital certificate into a boot image file of the board; and
performing integrity verification on the digital certificate by using a public key of the preset pair of public and private keys, obtaining the Hash value in the digital certificate and comparing the Hash value with a pre-stored valid Hash value, wherein if the two are not consistent, it is determined that the board is insecure;
otherwise, it is determined that the board is secure. - View Dependent Claims (6, 7)
-
Specification