CN100514999C - Method, terminal device and communication system for realizing virtual terminal communication - Google Patents
Method, terminal device and communication system for realizing virtual terminal communication Download PDFInfo
- Publication number
- CN100514999C CN100514999C CNB2005100735916A CN200510073591A CN100514999C CN 100514999 C CN100514999 C CN 100514999C CN B2005100735916 A CNB2005100735916 A CN B2005100735916A CN 200510073591 A CN200510073591 A CN 200510073591A CN 100514999 C CN100514999 C CN 100514999C
- Authority
- CN
- China
- Prior art keywords
- virtual terminal
- terminal
- virtual
- information
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The invention discloses a virtual terminal communication realizing method, terminal equipment and communication system in the fixing communicating technological domain, which comprises the following steps: setting at least one virtual terminal on the terminal equipment of communication network; corresponding virtual terminal to personal number information; interacting virtual terminal with information of communication network according to personal number information. The terminal equipment contains disposer mode, memory mode in connection with the disposal mode, input mode, network interface and management mode of virtual terminal to connect the disposer mode or in the disposer mode. The communication system contains terminal equipment and network side equipment to set virtual terminal and personal number identifying equipment to connect network side equipment.
Description
Technical field
The present invention relates to the communication technology, particularly the fixed communication technology discloses a kind of method, terminal equipment and communication system that realizes virtual terminal communication.
Background technology
Along with the progress of telecommunication technology and the development of telecommunication service, personal number just progressively is used widely.In the personal number application process, people wish, communicate charging according to personal number, like this, the user has under the situation of personal number, just can use various terminals to communicate contact, and under the situation for many people common terminal, charge and just can carry out at personal number simply.
Equally; people also wish; under the situation of the shared landline telephone of many people; under the situation such as the shared phone of four-hole people of one family; receive one when going into to call out; people wish and can make the incoming call can only be by the called reception of current calling according to called personal number, and other called subscriber can't receive this incoming call, can farthest protect called subscriber's privacy like this.
Because this class business is just risen, also do not consider the problems referred to above in the practice at present, so still there is not the solution of this problem at present.
Summary of the invention
The present invention discloses a kind of method, terminal equipment and communication system that realizes virtual terminal communication, and communication terminal can not provide the problem of independent communication separately simultaneously for many people in the prior art to solve.
A kind of method that adopts virtual terminal communication comprises the steps:
A, at least one virtual terminal is set on the terminal equipment of communication network, the corresponding corresponding personal number information of described virtual terminal;
B, finish information interaction with described communication network by described virtual terminal according to personal number information, when terminal equipment receives out call operation, judge that this goes out calling and whether initiates by virtual terminal, if, then when making a call according to called number, to send to network side to personal number information that should virtual terminal, if not, then make a call according to called number according to normal flow, described terminal equipment inserts when calling out, go into to call out the information of carrying from this and to isolate called personal number information, described terminal equipment searches out the corresponding virtual terminal according to described called personal number information, and with call proceeding to this virtual terminal.
Described method also comprises: described virtual terminal further comprises an operator password, when the user operates virtual terminal, judges whether current operator is validated user.
Further, before the information interaction of being finished according to personal number information by described virtual terminal with described communication network, described method also comprises the authentication of communication network side to virtual terminal.
Described virtual terminal further comprises a KI, and at the described KI of network side to should virtual terminal preserving; Described authentication comprises the steps: that network side generates a random number and is handed down to this virtual terminal when this virtual terminal request registration; This virtual terminal generates Authentication Response according to the described random number of preserving described KI and receive, and this Authentication Response is sent to network side; Whether described KI and the described Authentication Response of random number verification that network side is preserved according to correspondence be correct, if then return the message that authentication is passed through; Then return the message of failed authentication if not.
Described method also comprises: after authentication was passed through, communication network side and virtual terminal utilized corresponding described KI and random number to generate encryption key respectively, and described encryption key is in order to the communication data of encryption and decryption about this virtual terminal and network side.
Described method further comprises: after authentication was passed through, communication network side and virtual terminal utilized corresponding described KI and random number to generate Integrity Key respectively, and described Integrity Key is in order to verify the integrality of described communication data.
In the described method, described network side is specially when this virtual terminal request registration: virtual terminal is promptly initiated register requirement to network side after finishing relative set on the terminal equipment; Virtual terminal is initiated register requirement when each request is carried out information interaction with communication network; Terminal equipment is when each access network, and all virtual terminals that start on this terminal equipment are initiated register requirement; Terminal equipment regularly or all virtual terminals on this terminal of random start initiate to re-register request.
Described KI is kept in the movable storage medium or on the terminal equipment in the special security module that is provided with or on the terminal equipment in original memory module.
Described encryption key and/or Integrity Key are kept in the described security module or in the described memory module.
Described virtual terminal comprises one of following attribute information at least: be arranged on the coding in the terminal equipment, the title of the self-defining virtual terminal of virtual terminal user at the different virtual terminal;
Virtual terminal carries out the operation mark of corresponding operating on terminal equipment, it is one of following that described operation mark comprises at least: the prompt text sign of prompting light, incoming call or the short message of the prompt tone of incoming call or short message and prompting image identification, incoming call or the short message of volume sign, incoming call or short message; And/or
Described virtual terminal comprises one of communication information of following storage at least: sending and receiving and the short message that prestores, call record, telephone directory.
Described virtual terminal further comprises the number and/or the address information of related handset.
A kind of terminal equipment of realizing virtual terminal communication, described terminal equipment comprises: processor module, the memory module that is connected with this processor module, input module and network interface, it is characterized in that, described terminal equipment also comprises: the administration module of described virtual terminal, connect described processor module or be arranged in this processor module, be used at least one virtual terminal being set by described input module, and according to the personal number information and executing of this virtual terminal correspondence and manage the information interaction that this virtual terminal is undertaken by described network interface and communication network, when terminal equipment receives out call operation, judge that this goes out calling and whether initiates by virtual terminal, if, then when making a call according to called number, to send to network side to personal number information that should virtual terminal, if not, then make a call according to called number according to normal flow, described terminal equipment inserts when calling out, go into to call out the information of carrying from this and to isolate called personal number information, described terminal equipment searches out the corresponding virtual terminal according to described called personal number information, and this virtual terminal is arrived in call proceeding.
Described terminal equipment also comprises: the safe processor module that connects described administration module, be used to preserve KI and/or the encryption key and/or the Integrity Key of described virtual terminal, and/or be used for generating the encryption key and/or the Integrity Key of described virtual terminal according to KI, and/or carry out and utilize the encryption key encryption and decryption data, utilize the operation of the integrality of Integrity Key checking communication data.
A kind of communication system that realizes virtual terminal communication, comprise terminal equipment and network equipment that described virtual terminal is set, it is characterized in that, described communication system also comprises: the personal number authentication device that connects described network equipment, be used for this personal number corresponding virtual terminal of authentication, and notify described virtual terminal authenticating result;
Processor module, the memory module, input module, the network interface that are connected with this processor module and be connected described processor module or are arranged on the administration module of the described virtual terminal in this processor module, this administration module is used for by described input module at least one virtual terminal being set, and according to the personal number information and executing of this virtual terminal and manage the information interaction that this virtual terminal is undertaken by described network interface and communication network.
Beneficial effect of the present invention is as follows:
Owing to have the virtual terminal management function in the terminal equipment of the present invention, realized that the public terminal of many people utilizes personal number independently to communicate, and realized the operation of personalization;
Owing to also have the security module that cooperates the virtual terminal management function in the terminal equipment of the present invention, be used to preserve the association key that each virtual terminal communication is used, the right of privacy when having protected virtual terminal communication;
Owing to be provided with personal number AUC in the communication system of the present invention, provide network support for realizing that virtual terminal independently communicates by personal number;
After the terminal equipment that is provided with virtual terminal inserts above-mentioned communication system, utilize method provided by the invention, realized that each virtual terminal utilizes the systems exchange equipment that passes through of the independent safety of a communication equipment to communicate.
Description of drawings
Fig. 1 is the structured flowchart that the terminal equipment of virtual terminal is set of the present invention;
Fig. 2 is for realizing the system group network structure chart of virtual terminal communication;
Fig. 3 for virtual terminal when network side is registered, network side carries out the flow chart of authentication to virtual terminal;
Fig. 4 handles the flow chart that goes out to call out that a virtual terminal is initiated for terminal equipment;
Fig. 5 handles the flow chart of going into to call out that a virtual terminal inserts for terminal equipment.
Embodiment
Embodiment one: a kind of terminal equipment that virtual terminal is set
For realizing that a plurality of personal number users can use a terminal equipment to communicate jointly, at first need a kind of terminal equipment that can manage the personal number user, on a terminal equipment, set up a plurality of virtual terminal equipments, be respectively each personal number user personalized service is provided, this terminal equipment is realized by following structure:
As shown in Figure 1, terminal equipment comprises realizes the needed basic structure of communication: the processor module of control terminal, the network interface that connects memory module this processor module, that be used to store the various communication informations, the display module that is used for input information input module, display message and connect the communication network side apparatus, input module is generally keyboard.
Still consult shown in Figure 1, present embodiment is on the basic structure of above-mentioned terminal equipment, increased following functional module: the administration module of managing virtual terminal, administration module can be arranged in the processor module, bear required function by the part available resources in the processor module, a virtual terminal administration module perhaps is set separately on terminal equipment, and is connected to memory module, input module, display module and network interface, such as, connection can be to be undertaken by processor module.
Like this, by input module and display module, at least one virtual terminal can be set in this administration module, each virtual terminal comprises the personal number information as the virtual terminal address, in administration module, virtual terminal is distinguished management, and make virtual terminal carry out information interaction by network interface and communication network by personal number information.
Virtual terminal will be implemented in the communication in the network, need comprise following information, being kept in the memory module of these information correspondences:
One, the attribute information that on terminal equipment, is provided with by virtual terminal:
1, virtual terminal sign, be on the terminal equipment in order to identify the coding of a virtual terminal, for example, can set 10 virtual terminals on the terminal, terminal equipment for its respectively code identification be 1,2......10;
2, virtual terminal title is the user-defined name information by each virtual terminal, can be user's true name or the title that is similar to user name etc.;
Above-mentioned two information are as the identity index of different virtual terminal, the user can own selection only uses one of them or two to use, the effect of identity index is set a plurality of users on terminal equipment of convenient identification, in the practical operation, the user can be by keyboard operation, by administration module above-mentioned information is shown to the active user by display module, selects the virtual terminal of oneself to operate for the user.
3, virtual terminal individual operation configuration comprises audio call incoming call prompting sound, volume, short message incoming call prompting sound, volume etc., and these information are selected to set in default project to get final product by the user, in order to discern the communication information of different virtual terminals.
4, virtual terminal personal number information, this personal number is the identify label of virtual terminal in whole communication network, communication network is discerned each virtual terminal by it, virtual terminal with the mutual information of communication network in all carry this personal number relevant information, the personal number relevant information can the time virtual terminal sign, also can be personal number information.Personal number information can be the personal number of virtual terminal, also can be the short codes corresponding with personal number.In the middle of the reality, the short codes of personal number correspondence can be identified as virtual terminal.
Personal number is that one number link you provider distributes to this contracted user, can in the personal number server, set a plurality of termination numbers that personal number is bound in advance, for example user's Work Telephone, home phone number, phone number etc., the virtual terminal operated by rotary motion is on the number pairing fixed terminal equipment of having bound with personal number, like this, when the user of one number link you of having contracted sets up virtual terminal on terminal equipment, the personal number relevant information is input in the terminal equipment in order to create a virtual terminal.Also can not preestablish personal number and bind which termination number, but when virtual terminal was registered, network side was tied to personal number on the termination number of virtual terminal correspondence after virtual terminal succeeds in registration accordingly.The termination number of virtual terminal correspondence also is the termination number of virtual terminal place terminal equipment, also, when the subscribers feeder assignment of terminal equipment place during a termination number, the termination number of terminal equipment is the termination number of place subscribers feeder.
The personal number server can be set to an equipment separately, also can be integrated in the switch device.
In the middle of the reality, the common virtual terminal that is provided with is limited on the terminal, such as, the situation of 4 people's common terminals, four virtual terminals can be set, at this moment, because personal number is longer, in the mutual communication information, carry very long personal number and can take certain message resource, also reduce simultaneously system handles efficient, in view of this, system can distribute a corresponding short codes for each personal number that is bundled on the same terminal equipment, and utilizes this short codes to communicate, and network side can directly be distributed and be registered in to concrete distribution method when the user is signatory, perhaps when virtual terminal is registered, distribute and be registered in network side, as shown in table 1 below, number is that the virtual terminal of the setting on 82339088 the terminal equipment has distributed 01 respectively, two short codes of 02; When distributing short codes, can further defer to user's wish, adopt the corresponding personal number of short codes of user oneself suggestion, as shown in table 1 is the correspondence table of personal number and short codes, is called for short personal number cornet code table.
Table 1: personal number cornet code table
| Termination number | Short codes | Personal number |
| 82339088 | 01 | 15512345678 |
| 82339088 | 02 | 15522233366 |
| 66006688 | 01 | 15522234527 |
| … | … | … |
If distribute when short codes is signatory, when the user is provided with virtual terminal on terminal equipment, can be only with short codes as the personal number information setting of virtual terminal in terminal, the virtual terminal administration module of terminal equipment is according to the different virtual terminal of short codes identification, and network side exchange device can obtain corresponding personal number according to the termination number of short codes and virtual terminal correspondence from table 1.
If distribute by network side when short codes is the virtual terminal registration, when then the user is provided with virtual terminal on terminal equipment, still need to import personal number, carry personal number in the login request message, network side exchange device is after virtual terminal passes through authentication, short codes of corresponding distribution is given this virtual terminal, the short codes of carrying distribution in the corresponding message that succeeds in registration of registering the back and returning of network side sends to virtual terminal, terminal equipment therefrom extracts the personal number information of short codes as virtual terminal, then, virtual terminal device network top-cross exchange device just can utilize short codes interactive communication information.Certainly, short codes also can be to be distributed by user or virtual terminal administration module in virtual terminal when registration, and together sends network side to together with personal number preserve when registration.
If distribute when short codes is signatory, personal number cornet code table operated by rotary motion is in the personal number server; Divide timing by network side when short codes is the virtual terminal registration, personal number cornet code table operated by rotary motion is in the switch of the terminal equipment correspondence at virtual terminal equipment place.
In addition, termination number also can be the subscribers feeder sign, and network equipment can obtain termination number by the subscribers feeder sign, in this case, and termination number of general assignment of a subscribers feeder.
5, handset relevant information, can comprise handset number or handset address, be used to distinguish a plurality of handsets that are equipped with on the terminal equipment as machine tool, this attribute description the information of the corresponding handset of virtual terminal, each virtual terminal user can be imported the relevant information of the own handset that is equipped with.
When concrete enforcement is of the present invention, except that the personal number of virtual terminal, can select the part in above-mentioned other information as required for use, or increase other relevant informations, only illustrate here, not in order to limit protection scope of the present invention.
Two, related communications:
After virtual terminal set, generally speaking, the virtual terminal administration module was the following communication information of preservation of each virtual terminal correspondence in memory module.
1, short message is set up the preservation of short message mailbox and is comprised short message information such as sending and receiving, rough draft;
2, call record comprises that the going out call number, go into call number of virtual terminal, missed call number and message etc. make things convenient for user inquiring;
3, telephone directory is used to preserve number information commonly used, and for the number that writes down in the telephone directory, can only show during demonstration that the user name of this number is used with convenient;
In like manner, when concrete enforcement is of the present invention, can selects the part in the above-mentioned information as required, or increase other relevant informations, only illustrate here, not in order to limit protection scope of the present invention.
Three, the associated encryption information of virtual terminal:
Virtual terminal is the communication means of the public terminal equipment of many people, the requirement that is absolutely necessary of network authentication and the security performance of communicating by letter, and these demands can realize by following enciphered message.
1, the KI of virtual terminal, distribute by one number link you provider, and when the user contracts one number link you, offer the user, be used for the authentication of network for virtual terminal, such as KI can being left in the card, and offer the user in the mode of a card; The user is configured to corresponding virtual terminal with this KI that obtains when creating a virtual terminal.
2, the encryption key of virtual terminal and Integrity Key be respectively applied for the encryption and decryption of communication data, the integrity verification of communication data, and the two is when authentication, is calculated by terminal, this value generally is not shown to the user;
3, virtual terminal operator password is provided with in virtual terminal by user oneself, and the administration module of virtual terminal is in order to judge the authorities such as operation and maintenance to virtual terminal.
In like manner, implement when of the present invention, can select a part in the above-mentioned information according to concrete encryption method, or increase other associated encryption information, only illustrate here, not in order to limit protection scope of the present invention concrete.
For guaranteeing the safety of these enciphered messages, in terminal equipment, a security module can be set separately, be used to preserve KI, generate encryption key and Integrity Key.Security module can further be finished according to function or the operation of KI response to network to the virtual terminal authentication, and the function or the operation that generate encryption key and Integrity Key according to KI; Security module can also further be finished according to encryption key communication data is carried out the function or the operation of encryption and decryption, and function or the operation of verifying the integrality of communication data according to Integrity Key.Security module selects controlled read-write chip to realize, such as existing IC-card technology, with further raising fail safe.Also can be by forbidding the fail safe that guarantees KI that reads out of KI.Certainly, security module also can be forbidden the read-write operation to encryption key and Integrity Key.Only carry out to receive a random number such as, security module, and the operation that produces and preserve encryption key and Integrity Key according to this random number, and the data of importing into are expressly carried out cryptographic operation and the message ciphertext of importing into is decrypted operation.At least to pass through the checking of the operator password of respective virtual terminal to the operation of the KI of a virtual terminal correspondence in the security module.Certainly, in the middle of the reality, security module can be set to: the operator password by a virtual terminal conducts interviews to the encryption key and the Integrity Key of this virtual terminal.
Certainly, the KI of virtual terminal can leave in the terminal equipment, also can leave in the movable storage medium, such as, leave in an IC-card or the magnetic card, or in other movable storage medium.In the time of in leaving movable storage medium in, terminal equipment further comprises corresponding movable storage medium ground recognizing apparatus, reads corresponding KI by this recognizing apparatus from movable storage medium.
The system of embodiment two, realization virtual terminal communication
As shown in Figure 2, Fig. 2 comprises for realizing the system group network structure chart of virtual terminal communication:
Switching equipment is provided with following registration virtual terminal description list for realizing the communication of virtual terminal at switch, is called for short the virtual terminal description list.The virtual terminal description list comprises following information: personal number, the termination number of virtual terminal place terminal correspondence, information such as encryption key.As shown in table 2 below:
Table 2: virtual terminal description list
| Personal number | Termination number | Encryption key |
| 15512345678 | 50991626 | kjsfkjg9485sojhfhs |
| … | … | … |
When subscribers feeder that terminal equipment connects only was assigned a termination number, the termination number in the registration virtual terminal description list can be the subscribers feeder sign.
When the personal number information of virtual terminal is short codes or virtual terminal sign, may further include short codes territory or virtual terminal identification field in the last table, as shown in the table:
Table 2: the virtual terminal description list of having expanded
| Personal number | Termination number | Short codes or virtual terminal sign | Encryption key |
| 15512345678 | 50991626 | 01 | kjsfkjg9485sojhfhs |
| … | … | … | … |
Like this, switch can directly obtain termination number according to subscribers feeder, obtains corresponding encryption key by termination number and short codes again.
When switch has one to go into to call out arrival in opposite end office, from last table, obtain corresponding encryption key according to personal number information in the call information and background termination number information, when data are sent to the terminal equipment corresponding with described termination number, data are sent to this terminal equipment with described encryption keys, and this terminal equipment is sought the corresponding virtual terminal according to the personal number information of carrying in the call information and is received information and deciphering.
Can further include Integrity Key in the table 2.
In the table 2, the situation of the corresponding a plurality of records of people's number one by one can appear.Such as, Zhang San at home and in the terminal equipment of office all the personal number of basis oneself be provided with the situation of virtual terminal.
Need to prove, the module of depositing registration virtual terminal description list in the switching equipment can shift out switching equipment separately and be called a separate equipment, like this, connect a plurality of switching equipment, thereby realize this autonomous device sharing between a plurality of switching equipment by separate equipment.
During virtual terminal communication, when the personal number that carries virtual terminal in the communication information that caller is sent is short codes, can obtain termination number information according to subscribers feeder, according to short codes and termination number, the corresponding personal number that finds this caller virtual terminal from table 1 is searched corresponding encryption key decrypt communication data according to caller personal number and termination number information then in table 2.
Personal number AUC equipment, communicate to connect the switching equipment of network, virtual terminal is carried out authentication, comprise personal number KI admin table in AUC's equipment at network side, personal number key management table comprises following information at least: personal number, KI.AUC's equipment can further include a randomizer, in order to produce the random number that authentication needs.
Be provided with the terminal equipment of virtual terminal in addition, in the communication of user side realization virtual terminal, described virtual terminal correspondence is provided with KI.
The flow process of AUC's device authentication virtual terminal comprises the steps:
S11, network side AUC generate a random number and are handed down to this virtual terminal when this virtual terminal request registration;
S12, this virtual terminal utilize the KI of this random number and preservation to generate Authentication Response, and this Authentication Response are sent to network side after receiving described random number;
Whether S13, network side legal according to the described KI and the described Authentication Response of random number verification of this virtual terminal correspondence of preserving, return authentication by or the results messages of failure give this virtual terminal;
Personal number is not tied to for the personal number contracted user under the situation of termination number of this virtual terminal correspondence, network side AUC can further indicate the personal number server to preserve the termination number of this virtual terminal correspondence after the virtual terminal authentication is passed through.So that have at this personal number go into to call out the time, the personal number server can judge that this go into to call out the switching equipment that can be connected to, with the indication network processing that continues accordingly.Certainly, if when not carrying out the termination number step of in the personal number server, preserving this virtual terminal correspondence, can this personal number server be set by alternate manner, make this personal number in the personal number server, can correspond to the termination number of this virtual terminal correspondence.Carry out such as Service Phone by business hall and one number link you provider.
S14, virtual terminal judge whether authentication is passed through after receiving the authenticating result message that network returns, if can point out the authentication success or not do any prompting by execution in step S15, enter normal condition but finish authorizing procedure.Otherwise execution in step S16 prompting subscription authentication failure.
Equally, can further include virtual terminal and network side is carried out authentication according to KI.
Among the above-mentioned steps S13, network side is after judgement is passed through for the virtual terminal authentication, generate encryption key and Integrity Key according to corresponding described KI of preserving and random number, and sending encryption key and the Integrity Key that generates to corresponding switch, switch is saved in it in above-mentioned registration virtual terminal description list after receiving encryption key and Integrity Key.
Among the above-mentioned steps S15, virtual terminal can further generate encryption key and Integrity Key according to KI of preserving and random number after receiving the message that authentication that network side returns passes through.
When virtual terminal and switching equipment communicate, use the mutual communication data of this encryption key encryption and decryption, and use the integrality of integrality cipher key pair communication data to verify.Such as, the virtual terminal and the network switch for communicating pair, when sending data, by encryption key the data that will send are expressly encrypted and to obtain the data ciphertext, and, described data ciphertext and described summary info are sent to the other side together according to the summary of Integrity Key calculated data ciphertext; When receiving data, the data ciphertext that receives is calculated second summary, and whether second summary that relatively calculates is consistent with the summary info that receives, if consistent, thinks that then the data ciphertext is complete, is not distorted according to Integrity Key.Then, according to encryption key the data ciphertext is decrypted and obtains data expressly.
In terminal equipment a security module can be set separately, virtual terminal is kept at KI, encryption key and Integrity Key in this security module.Security module can further be finished according to function or the operation of KI response to network to the virtual terminal authentication, and the function or the operation that generate encryption key and Integrity Key according to KI; Security module can also further be finished according to encryption key communication data is carried out the function or the operation of encryption and decryption, and function or the operation of verifying the integrality of communication data according to Integrity Key.Security module selects controlled read-write chip to realize, such as existing IC-card technology, with further raising fail safe.Security module can be set to forbid reading of KI, further guarantees the fail safe of KI.For there being security module to carry out the encryption and decryption operating function, can ciphered data expressly send security module to, encrypt the return data ciphertext by security module; Correspondingly,, send the data ciphertext to security module, expressly by the security module return data for deciphering.The corresponding enciphering and deciphering algorithm of security module intrinsic call is carried out data is carried out the encryption and decryption operation, and the encryption and decryption result returns to application program or processor.
Security module also can not preserved information such as encryption key and Integrity Key, but when each virtual terminal is registered, encryption key that will calculate according to KI and Integrity Key directly are kept in the main processor modules in the dynamic memory module, in the relevant variable that is saved in end application, like this, can directly finish for encryption and decryption and integrity verification work by main processor modules to the communication information.Such as, when terminal powered at every turn, terminal can be initiated process to the network registry virtual terminal one by one according to the virtual terminal of own preservation, and will register execution result and dynamically be kept in the main processor modules.
To information such as KI, encryption key and Integrity Key, virtual terminal can be set to and can not check.For KI, virtual terminal can be set to and can write, but cannot read.Thereby guarantee the safety of subscriber authentication key.
Above-mentioned authorizing procedure starts when initiating registration by virtual terminal, and network carries out authentication to virtual terminal can be in one of following several situations:
1, virtual terminal promptly sends register requirement to network side after finishing relative set on the terminal equipment, finishes authorizing procedure and by after the authentication, is preserving encryption key and Integrity Key in security module;
2, virtual terminal is at every turn when network is initiated service request, such as making a call, and waits that send SMS message, the network execution is for the authentication operations of this virtual terminal.This authentication can produce encryption key and Integrity Key, also can not produce, and is to use the encryption key and the Integrity Key that produce when registering to communicate.If this authentication has produced encryption key and Integrity Key, then this communication back deletion KI and encryption key can be finished;
3, terminal equipment is when each access network, and all virtual terminals that start on this terminal equipment are initiated register requirement, after each virtual terminal is finished authorizing procedure, and corresponding encryption key and the Integrity Key that generates of preserving in security module;
4, terminal equipment regularly or all virtual terminals on this terminal equipment of random start initiate register requirement, thereby, the encryption key and the Integrity Key of renewal virtual terminal that can be regular.
Above-mentioned virtual terminal carries out in the registration process, in virtual terminal and the network side top-cross mutual information, should comprise personal number information, so that network side can carry out described virtual terminal corresponding authentication cipher key retrieval according to personal number information, and when producing encryption key and Integrity Key and returning to switch, switch can judge the key of generation is at which virtual terminal.Accordingly, terminal equipment can be judged into calling and should be continued by which virtual terminal according to personal number information.Certainly, at a lane terminal, because the virtual terminal sign can be mapped with personal number information, therefore, after the virtual terminal sign produces and sends the opposing party of information interaction to, also can use virtual terminal to identify and replace personal number information to be included in the interactive information of above-mentioned virtual terminal and network side.Also can further comprise the virtual terminal identification information in the virtual terminal description list in the switch.The virtual terminal identification information can be produced by terminal equipment and send switch to, also can produce and send to virtual terminal when virtual terminal is registered by switch.
In the above-mentioned login request message, if if the personal number information personal number itself that comprises, network side could directly obtain corresponding KI according to personal number; If a short codes, network side will obtain corresponding personal number according to the termination number and the short codes of virtual terminal correspondence from personal number cornet code table.
Embodiment three: the following flow process that goes out to call out and go into to call out with terminal equipment processing virtual terminal respectively is an example, is described in detail in the method that realizes virtual terminal communication in the embodiment two described systems:
As shown in Figure 4, handle the flow chart that goes out to call out that a virtual terminal is initiated, comprise the steps: for terminal equipment
The processor module of S21, terminal equipment receives Client-initiated and goes out call operation;
Whether S22, prompting user select virtual terminal;
Be specially: terminal equipment the user dial finish after, be controlled on the display device literal or whether the graphical cues user selects virtual terminal to go out calling by processor module, affirmation is abandoned please by " 2 " key please by " 1 " key.Perhaps utilize the corresponding button of voice suggestion user to select.
Above-mentioned two steps also can realize like this: when terminal equipment picks up a receiver the user, be controlled on the display device by processor module and point out, perhaps utilize voice to point out.
S23, judge whether the user selects to initiate out calling by virtual terminal; If the user selects to initiate out calling by virtual terminal, continue coding or title or the personal number and the execution in step S24 of the virtual terminal that on display device literal or graphical cues user input will select by the control of virtual terminal administration module; Otherwise, execution in step S27.
S24, virtual terminal administration module prompting user input operation password carry out authority and confirm;
The user can input the operation of password, execution in step S25 after input is finished according to the literal of display device or graphical cues or voice suggestion.
S25, virtual terminal administration module judge according to the password that stores whether the password of user's input is correct, if execution in step S26, to send to the network exchange machine equipment to personal number information and called number that should virtual terminal by network interface, this switch device called number replay call, and send the personal number information of caller to called switch; Otherwise execution in step S28.
Change step S28 again over to when input was still wrong after step S24~S25 can carry out 2~3 times repeatedly, improve the hommization of operation.
S26, will send to the network exchange machine equipment to personal number information and called number that should virtual terminal by network interface, this switch device called number replay call, and send the personal number information of caller to called switch.
S27, by processor module control with this go out to call out as common go out to call out handle, promptly called number is issued network equipment and calls out by network interface.
S28, end.
Said method also can be to accept the user again to make a call after the user has selected virtual terminal.
Two, the replay call virtual terminal go into call flow as shown in Figure 5, comprise the steps:
The processor module of S31, terminal equipment receives one from network interface and goes into to call out;
S32, from go into call information, isolate this time by processor module and go into the called personal number information of carrying in the call information;
S33, judge whether isolated called personal number information is the personal number information of effective virtual terminal, if then change virtual terminal administration module execution in step S34 over to; Otherwise execution in step S38 finishes.
The information that S34, virtual terminal administration module set in advance according to the user judges whether isolated personal number information is to have mated the virtual terminal that is provided with on this terminal equipment, promptly, whether consistent with the personal number information of certain virtual terminal on this terminal equipment, if execution in step S35 then; Otherwise execution in step S38 finishes.
S35, startup respective virtual terminal, and the operation mark of the correspondence that is provided with according to this virtual terminal is carried out corresponding operating, or terminal equipment is carried out corresponding operating according to the operation mark startup virtual terminal of the correspondence of this virtual terminal setting, receive calls such as carrying out incoming call ring operation indicating user, when the user was provided with the virtual terminal operator password, the prompting listening user was imported the operator password of this virtual terminal simultaneously.
S36, judge according to the operator password of user input whether the user has the right to operate this virtual terminal, execution in step S37 connects this calling for this user as if having then; Otherwise execution in step S38 finishes.
S37,, the user go into to call out for connecting this.。
S38, end.
After above-mentioned prompting input password and the step of confirming the password correctness can be carried out 2~3 times repeatedly, import and change step S28 again over to when still wrong, improve the hommization of operating.
Go out to call out and when going into call flow, following situation can occur above-mentioned:
When being parallel with more than one terminal equipment on the subscribers feeder, can realize only being provided with the extension set response calling of respective virtual terminal according to personal number;
Such as,, the situation of two extension sets in parallel on the subscribers feeder, the virtual terminal correspondence that extension set A creates personal number 15512345678, the virtual terminal correspondence that extension set B creates personal number 15522233366, like this, when one go into to call out arrived at 15512345678, the virtual terminal of classification A can respond, the prompting user receives calls, and classification B is because of not having corresponding virtual terminal to fit into the personal number information of calling and not responding.
In addition, the situation of corresponding extension set in parallel, terminal extension equipment can also increase the situation whether a detection has extension set in parallel on terminal equipment, promptly, terminal extension equipment is by sending a probe command, and responds this by the other terminal equipment that is connected to this subscribers feeder and order and realize.When having extension set to exist by judgement, terminal extension equipment go into to be called out when not mating any virtual terminal at one, can not do any response, so that other extension set is handled.When terminal extension equipment is judged when not having extension set, this calling that can still continue just will be called out as common to go into calling and handle, or a Guest virtual terminal can be set on terminal equipment, and use this calling that continues of described Guest virtual terminal.
Described Guest virtual terminal can not be provided with the personal number attribute information, also KI and corresponding operator password can be set.This virtual terminal does not need to register to network side.When sending calling, can not carry caller personal number information by Guest.For go into calling out, if do not carry any personal number information in calling out, then this terminal equipment uses this calling that continues of Guest virtual terminal.The personal number information of perhaps carrying is not mated the corresponding virtual terminal, then this terminal equipment also can use this calling that continues of Guest virtual terminal, but because the Guest virtual terminal does not possess decipher function, therefore, if call information is encrypted, then the information that receives by Guest of user is with invalid.In like manner, the called switch of network side is when going into to call out arrival for one, if can't obtain called personal number, perhaps can't obtain the corresponding link key according to called personal number, then, called switch can not carry out the encryption and decryption operation to the information interaction of carrying out with terminal called equipment, so that terminal called equipment is by this calling that continues of Guest virtual terminal.
When described terminal equipment has been machine tool and related corresponding handset, also comprise the relevant information of corresponding handset in the described virtual terminal, such as address information or the handset number or the sign of handset; When described machine tool handling relevant handset on this terminal equipment go out to call out the time, determine virtual terminal according to handset number or sign or address information, and make a call by virtual terminal; When described machine tool processing carried personal number information go into to call out the time, the virtual terminal of determining according to this personal number, the corresponding handset information of preserving according to virtual terminal then is such as handset address or number, determine corresponding handset, and this is gone into call proceeding to handset.
Like this, terminal equipment is if machine tool is equipped with the situation of a plurality of handsets, because handset is when connecting machine tool, carried out pairing and handled (Pairing), then, when sending calling by handset, machine tool can be according to the virtual terminal of handset association, obtain corresponding caller personal number information, this caller personal number information and called number are sent to switch, thus replay call.Equally, when having one to call out arrival, machine tool can utilize the corresponding virtual terminal of personal number information matches that carries in the calling, if having set up with oneself with the handset of handset association, this virtual terminal discovery is connected, then directly with this call proceeding on this handset, and other handset does not receive this calling.
Obviously, those skilled in the art can carry out various changes and modification to the present invention and not break away from the spirit and scope of the present invention.Like this, if of the present invention these are revised and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification interior.
Claims (15)
1, a kind of method that adopts virtual terminal communication comprises the steps:
A, at least one virtual terminal is set on the terminal equipment of communication network, the corresponding corresponding personal number information of described virtual terminal;
B, finish information interaction with described communication network by described virtual terminal according to personal number information, when terminal equipment receives out call operation, judge that this goes out calling and whether initiates by virtual terminal, if, then when making a call according to called number, to send to network side to personal number information that should virtual terminal, if not, then make a call according to called number according to normal flow, described terminal equipment inserts when calling out, go into to call out the information of carrying from this and to isolate called personal number information, described terminal equipment searches out the corresponding virtual terminal according to described called personal number information, and with call proceeding to this virtual terminal.
2, the method for claim 1 is characterized in that, described method also comprises: described virtual terminal further comprises an operator password, when the user operates virtual terminal, judges whether current operator is validated user.
3, the method for claim 1 is characterized in that, before the information interaction of being finished according to personal number information by described virtual terminal with described communication network, described method also comprises the authentication of communication network side to virtual terminal.
4, method as claimed in claim 3 is characterized in that, described virtual terminal further comprises a KI, and at the described KI of network side to should virtual terminal preserving; Described authentication comprises the steps:
Network side generates a random number and is handed down to this virtual terminal when this virtual terminal request registration;
This virtual terminal generates Authentication Response according to the described random number of preserving described KI and receive, and this Authentication Response is sent to network side;
Whether described KI and the described Authentication Response of random number verification that network side is preserved according to correspondence be correct, if then return the message that authentication is passed through; Then return the message of failed authentication if not.
5, the method for stating as claim 3 or 4 is characterized in that, described method also comprises:
After authentication was passed through, communication network side and virtual terminal utilized corresponding described KI and random number to generate encryption key respectively, and described encryption key is in order to the communication data of encryption and decryption about this virtual terminal and network side.
6, method as claimed in claim 5 is characterized in that, described method further comprises:
After authentication was passed through, communication network side and virtual terminal utilized corresponding described KI and random number to generate Integrity Key respectively, and described Integrity Key is in order to verify the integrality of described communication data.
7, method as claimed in claim 6 is characterized in that, described network side is specially when this virtual terminal request registration:
Virtual terminal is promptly initiated register requirement to network side after finishing relative set on the terminal equipment;
Virtual terminal is initiated register requirement when each request is carried out information interaction with communication network;
Terminal equipment is when each access network, and all virtual terminals that start on this terminal equipment are initiated register requirement;
Terminal equipment regularly or all virtual terminals on this terminal of random start initiate to re-register request.
8, method as claimed in claim 6 is characterized in that, described KI is kept in the movable storage medium or on the terminal equipment in the special security module that is provided with or on the terminal equipment in original memory module.
9, method as claimed in claim 8 is characterized in that, described encryption key and/or Integrity Key are kept in the described security module or in the described memory module.
10, the method for claim 1 is characterized in that,
Described virtual terminal comprises one of following attribute information at least: be arranged on the coding in the terminal equipment, the title of the self-defining virtual terminal of virtual terminal user at the different virtual terminal; And/or
Virtual terminal carries out the operation mark of corresponding operating on terminal equipment, it is one of following that described operation mark comprises at least: the prompt text sign of prompting light, incoming call or the short message of the prompt tone of incoming call or short message and prompting image identification, incoming call or the short message of volume sign, incoming call or short message; And/or
Described virtual terminal comprises one of communication information of following storage at least: sending and receiving and the short message that prestores, call record, telephone directory.
11, the method for claim 1 is characterized in that, described virtual terminal further comprises the number and/or the address information of related handset.
12, a kind of terminal equipment of realizing virtual terminal communication, described terminal equipment comprises: processor module, the memory module that is connected with this processor module, input module and network interface, it is characterized in that, described terminal equipment also comprises: the administration module of described virtual terminal, connect described processor module or be arranged in this processor module, be used at least one virtual terminal being set by described input module, and according to the personal number information and executing of this virtual terminal correspondence and manage the information interaction that this virtual terminal is undertaken by described network interface and communication network, when terminal equipment receives out call operation, judge that this goes out calling and whether initiates by virtual terminal, if, then when making a call according to called number, to send to network side to personal number information that should virtual terminal, if not, then make a call according to called number according to normal flow, described terminal equipment inserts when calling out, go into to call out the information of carrying from this and to isolate called personal number information, described terminal equipment searches out the corresponding virtual terminal according to described called personal number information, and this virtual terminal is arrived in call proceeding.
13, equipment as claimed in claim 12, it is characterized in that, described terminal equipment also comprises: the safe processor module that connects described administration module, be used to preserve KI and/or the encryption key and/or the Integrity Key of described virtual terminal, and/or be used for generating the encryption key and/or the Integrity Key of described virtual terminal according to KI, and/or carry out and utilize the encryption key encryption and decryption data, utilize the operation of the integrality of Integrity Key checking communication data.
14, a kind of communication system that realizes virtual terminal communication, comprise terminal equipment and network equipment that described virtual terminal is set, it is characterized in that, described communication system also comprises: the personal number authentication device that connects described network equipment, be used for this personal number corresponding virtual terminal of authentication, and notify described virtual terminal authenticating result;
Processor module, the memory module, input module, the network interface that are connected with this processor module and be connected described processor module or are arranged on the administration module of the described virtual terminal in this processor module, this administration module is used for by described input module at least one virtual terminal being set, and according to the personal number information and executing of this virtual terminal and manage the information interaction that this virtual terminal is undertaken by described network interface and communication network.
15, system as claimed in claim 14 is characterized in that, described terminal equipment also comprises:
The safe processor module that connects described administration module, be used to preserve KI and/or the encryption key and/or the Integrity Key of described virtual terminal, and/or be used for generating the encryption key and/or the Integrity Key of described virtual terminal according to KI, and/or carry out and utilize the encryption key encryption and decryption data, utilize the operation of the integrality of Integrity Key checking communication data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2005100735916A CN100514999C (en) | 2005-06-06 | 2005-06-06 | Method, terminal device and communication system for realizing virtual terminal communication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2005100735916A CN100514999C (en) | 2005-06-06 | 2005-06-06 | Method, terminal device and communication system for realizing virtual terminal communication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1878198A CN1878198A (en) | 2006-12-13 |
| CN100514999C true CN100514999C (en) | 2009-07-15 |
Family
ID=37510485
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2005100735916A Active CN100514999C (en) | 2005-06-06 | 2005-06-06 | Method, terminal device and communication system for realizing virtual terminal communication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100514999C (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8989802B2 (en) * | 2009-01-27 | 2015-03-24 | Symbol Technologies, Inc. | Methods and apparatus for a mobile unit with device virtualization |
| CN104735651B (en) * | 2015-01-22 | 2018-07-06 | 庞己人 | A kind of method, system and device of securely communicating data |
| CN104768133B (en) * | 2015-04-27 | 2018-06-12 | 哈尔滨海能达科技有限公司 | The method, apparatus and gateway device of individual calling are realized between a kind of group system |
| CN106162522B (en) * | 2016-03-04 | 2017-11-24 | 悠游宝(天津)网络科技有限公司 | Communication control unit and central controller for general configurable authentication device |
| CN108234410B (en) * | 2016-12-15 | 2019-02-22 | 视联动力信息技术股份有限公司 | A kind of virtual terminal distribution method and device |
| CN108881133B (en) * | 2017-08-14 | 2019-07-26 | 视联动力信息技术股份有限公司 | A kind of communication means and device of media data |
| CN110611645B (en) * | 2018-06-15 | 2022-02-22 | 视联动力信息技术股份有限公司 | Communication method and system of video telephone |
-
2005
- 2005-06-06 CN CNB2005100735916A patent/CN100514999C/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN1878198A (en) | 2006-12-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US5689563A (en) | Method and apparatus for efficient real-time authentication and encryption in a communication system | |
| CN100514999C (en) | Method, terminal device and communication system for realizing virtual terminal communication | |
| JP3052244B2 (en) | Method for registering mobile device and method for registering IC card in mobile communication system | |
| JPH08195741A (en) | Identifier ciphering method in radio communication | |
| JPH10112883A (en) | Radio communication exchange system, exchange, public key management device, mobile terminal and mobile terminal recognizing method | |
| RU2495532C2 (en) | Method and apparatus for end-to-end encrypted communication | |
| KR20040065466A (en) | Security communication system and method for mobile communication terminal equipment having local communication module | |
| CN101794365A (en) | Method for safely inputting information on mobile terminal and mobile terminal | |
| CN103401949A (en) | Personal data safety sharing system and method for mobile phone | |
| CN101765101B (en) | Method and system for aerially writing personalized card | |
| JP6397046B2 (en) | Address book protection method, apparatus and communication system | |
| US20100177899A1 (en) | Encrypted communication system | |
| CN112468287B (en) | Key distribution method, system, mobile terminal and wearable device | |
| CN1783777B (en) | Enciphering method and system for fixing communication safety and data and fixing terminal weight discriminating method | |
| CN102098391B (en) | Communication terminal and communication information processing method thereof | |
| CA2327919C (en) | Internal line control system | |
| CN115378592A (en) | Password service calling method and system | |
| JP2007525123A (en) | Apparatus and method for authenticating a user accessing content stored in encrypted form on a storage medium | |
| CN104935687B (en) | A kind of terminal and phone system | |
| CN100369504C (en) | Method for preventing machine and card separated PHS handset from being combined with other handset and illegally used | |
| CN204539267U (en) | A kind of switching device, adapting system and phone system | |
| CN204539170U (en) | A kind of switching device, adapting system and phone system | |
| JP2001148741A (en) | System and method for position information service and storage medium stored with position information service program | |
| CN116707856A (en) | Encryption machine data processing method and device | |
| JPH06202864A (en) | Authentication method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |