CN113242543B - USIM-based application control method, USIM, terminal and medium - Google Patents

USIM-based application control method, USIM, terminal and medium Download PDF

Info

Publication number
CN113242543B
CN113242543B CN202110527425.8A CN202110527425A CN113242543B CN 113242543 B CN113242543 B CN 113242543B CN 202110527425 A CN202110527425 A CN 202110527425A CN 113242543 B CN113242543 B CN 113242543B
Authority
CN
China
Prior art keywords
application
terminal
usim
application operation
control command
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110527425.8A
Other languages
Chinese (zh)
Other versions
CN113242543A (en
Inventor
刘煜
翟京卿
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN202110527425.8A priority Critical patent/CN113242543B/en
Publication of CN113242543A publication Critical patent/CN113242543A/en
Application granted granted Critical
Publication of CN113242543B publication Critical patent/CN113242543B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/183Processing at user equipment or user record carrier
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/20Transfer of user or subscriber data
    • H04W8/205Transfer to or from user equipment or user record carrier

Landscapes

  • Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephone Function (AREA)

Abstract

The present disclosure provides a USIM-based application control method, a USIM, a terminal, and a computer-readable storage medium, the method comprising: acquiring a request application control command sent by a terminal, wherein the request application control command comprises a message that the designated application has triggered an application operation; analyzing the request application control command to obtain a message that the designated application has triggered application operation; judging whether the terminal is allowed to execute the application operation or not based on a preset rule; if the application operation is allowed, a first response message is sent to the terminal, wherein the first response message carries a first control result allowing the terminal to execute the application operation, so that the terminal starts to execute the application operation based on the first control result.

Description

基于USIM的应用控制方法、USIM、终端及介质USIM-based application control method, USIM, terminal and medium

技术领域technical field

本公开涉及通信技术领域,尤其涉及一种基于USIM的应用控制方法、一种USIM、一种终端设备以及一种计算机可读存储介质。The present disclosure relates to the field of communication technologies, and in particular to a USIM-based application control method, a USIM, a terminal device, and a computer-readable storage medium.

背景技术Background technique

随着终端侧业务的不断发展,终端应用与USIM(Universal Subscriber IdentityModule,通用用户识别模块)应用相互关联的场景越来越多,二者在管理和控制方面加强相互参与的需求也逐渐出现。With the continuous development of terminal-side services, there are more and more scenarios where terminal applications and USIM (Universal Subscriber Identity Module, Universal Subscriber Identity Module) applications are related to each other, and the need to strengthen mutual participation in management and control is also gradually emerging.

对于终端和USIM双方均参与的业务形态而言,终端应用和USIM应用是密切关联的,尤其是对于USIM承担安全能力的场景,例如终端应用启动和使用需要满足安全要求,USIM对终端应用具有明显的影响,终端应用在启动过程中应通过USIM对其安全要求进行检查,满足USIM上的安全要求应为终端应用正常启动的前提,以更好地避免应用风险,实现应用的安全使用。然而在当前技术中,由于终端应用的启动仍保持其独立性,USIM未能参与到其启动过程中,USIM可参与的终端业务主要是各类基础业务,如语音呼叫、短消息、数据连接等,对于终端应用相关的控制管理,尤其是USIM针对特定应用启动进行控制管理的需求无法实现。For the business forms in which both the terminal and the USIM participate, the terminal application and the USIM application are closely related, especially for scenarios where the USIM undertakes security capabilities, such as the startup and use of terminal applications that need to meet security requirements, and the USIM has obvious impact on terminal applications. During the startup process, the terminal application should check its security requirements through the USIM. Satisfying the security requirements on the USIM should be the prerequisite for the normal startup of the terminal application, so as to better avoid application risks and realize the safe use of applications. However, in the current technology, because the startup of terminal applications still maintains its independence, USIM cannot participate in the startup process. The terminal services that USIM can participate in are mainly various basic services, such as voice calls, short messages, data connections, etc. , for the control management related to the terminal application, especially the requirement that the USIM controls and manages the startup of a specific application cannot be realized.

发明内容Contents of the invention

本公开提供了一种基于USIM的应用控制方法、USIM、终端及计算机可读存储介质,以至少解决上述问题。The present disclosure provides a USIM-based application control method, a USIM, a terminal, and a computer-readable storage medium, so as to at least solve the above problems.

根据本公开实施例的第一方面,提供一种基于USIM的应用控制方法,应用于USIM,包括:According to the first aspect of the embodiments of the present disclosure, there is provided a USIM-based application control method applied to the USIM, including:

获取终端发送的请求应用控制命令,所述请求应用控制命令是所述终端在检测到指定应用触发了应用操作后向所述USIM发送的,所述请求应用控制命令中包括所述指定应用已触发应用操作的消息;Obtaining a request application control command sent by the terminal, the request application control command is sent to the USIM after the terminal detects that the specified application triggers an application operation, and the request application control command includes that the specified application has triggered Messages for application operations;

解析所述请求应用控制命令,得到所述指定应用已触发应用操作的消息;以及,parsing the requesting application control command to obtain a message that the specified application has triggered an application operation; and,

基于预设规则判断是否允许所述终端执行所述应用操作;judging whether to allow the terminal to execute the application operation based on preset rules;

若允许,则向所述终端发送第一响应消息,所述第一响应消息中携带允许所述终端执行所述应用操作的第一控制结果,以使所述终端基于所述第一控制结果开始执行所述应用操作。If allowed, send a first response message to the terminal, where the first response message carries a first control result that allows the terminal to execute the application operation, so that the terminal starts based on the first control result Execute the application operation.

在一种实施方式中,在获取终端发送的请求应用控制命令之前,还包括:In an implementation manner, before obtaining the request application control command sent by the terminal, it further includes:

在产生对指定应用的应用操作进行控制的需求后,基于所述需求生成应用控制命令,所述应用控制命令包括所述指定应用的应用标识和应用操作类型范围;以及,After generating a requirement for controlling the application operation of the specified application, an application control command is generated based on the requirement, where the application control command includes an application identifier and an application operation type range of the specified application; and,

向终端发送应用控制命令,以使所述终端获取并解析所述应用控制命令,得到所述应用标识及应用操作类型范围,并在检测到所述应用标识对应的指定应用触发了应用操作后,判断所述指定应用的应用操作类型是否在所述操作类型范围内,若是,则向所述USIM发送请求应用控制命令。sending an application control command to the terminal, so that the terminal obtains and parses the application control command, obtains the application identifier and the scope of the application operation type, and after detecting that the specified application corresponding to the application identifier triggers the application operation, Judging whether the application operation type of the specified application is within the range of the operation type, and if so, sending a request application control command to the USIM.

在一种实施方式中,在基于预设规则判断是否允许所述终端执行所述应用操作之后,还包括:In one embodiment, after judging whether to allow the terminal to execute the application operation based on the preset rules, it further includes:

若不允许,则向所述终端发送第二响应消息,所述第二响应消息中携带不允许所述终端执行所述应用操作的第二控制结果,以使所述终端基于所述第二控制结果终止执行所述应用操作。If not, send a second response message to the terminal, where the second response message carries a second control result that the terminal is not allowed to execute the application operation, so that the terminal can execute the application based on the second control result. As a result, execution of the application operation is terminated.

在一种实施方式中,在基于预设规则判断是否允许所述终端执行所述应用操作之后,还包括:In one embodiment, after judging whether to allow the terminal to execute the application operation based on the preset rules, it further includes:

若不允许,则向所述终端发送第三响应消息,所述第三响应消息中携带不允许所述终端执行所述应用操作的第三控制结果和提示请求信息,以使所述终端基于所述第三控制结果终止执行所述应用操作,并基于所述提示请求信息显示所述应用操作的终止执行结果。If not allowed, send a third response message to the terminal, the third response message carrying a third control result and prompt request information that the terminal is not allowed to execute the application operation, so that the terminal is based on the The third control result terminates execution of the application operation, and displays the execution termination result of the application operation based on the prompt request information.

根据本公开实施例的另一方面,提供一种基于USIM的应用控制方法,应用于终端,所述方法包括:According to another aspect of the embodiments of the present disclosure, a USIM-based application control method is provided, which is applied to a terminal, and the method includes:

在检测到指定应用触发了应用操作后,向USIM发送请求应用控制命令,所述请求应用控制命令中包括所述指定应用已触发应用操作的消息,以使所述USIM获取并解析所述请求应用控制命令,得到所述终端指定应用已触发应用操作的消息,并基于预设规则判断是否允许所述终端执行所述应用操作,若允许,则向所述终端发送第一响应消息,所述第一响应消息中携带允许所述终端执行所述应用操作的第一控制结果;After detecting that the specified application triggers the application operation, send a request application control command to the USIM, the request application control command includes a message that the specified application has triggered the application operation, so that the USIM acquires and parses the request application control command, obtain the message that the specified application of the terminal has triggered the application operation, and judge whether to allow the terminal to execute the application operation based on preset rules, and if allowed, send a first response message to the terminal, and the second A response message carries a first control result allowing the terminal to execute the application operation;

获取并解析所述第一响应消息,得到所述第一控制结果;以及,Acquiring and parsing the first response message to obtain the first control result; and,

基于所述第一控制结果开始执行所述应用操作。Start executing the application operation based on the first control result.

在一种实施方式中,在向USIM发送请求应用控制命令之前,还包括:In an implementation manner, before sending the request application control command to the USIM, it further includes:

接收USIM发送的应用控制命令,所述应用控制命令是所述USIM在产生对指定应用的应用操作进行控制的需求后,基于所述需求生成的,其中所述应用控制命令包括所述指定应用的应用标识和应用操作类型范围;以及,receiving an application control command sent by the USIM, where the application control command is generated by the USIM based on the demand for controlling the application operation of the specified application after the USIM generates the demand, wherein the application control command includes the application identification and application operation type scope; and,

获取并解析所述应用控制命令,得到所述应用标识及应用操作类型范围;Acquiring and parsing the application control command to obtain the application identification and application operation type range;

在检测到所述应用标识对应的指定应用触发了应用操作后,判断所述指定应用的应用操作类型是否在所述操作类型范围内;After detecting that the specified application corresponding to the application identifier triggers an application operation, determine whether the application operation type of the specified application is within the range of the operation type;

若在所述操作类型范围内,则执行向USIM发送请求应用控制命令的步骤。If it is within the range of the operation type, then execute the step of sending a request application control command to the USIM.

在一种实施方式中,在检测到指定应用触发了应用操作后,向USIM发送请求应用控制命令之后,还包括:In one embodiment, after detecting that the specified application triggers the application operation, after sending the request application control command to the USIM, further include:

接收USIM发送的第二响应消息,其中所述第二响应消息是所述USIM判定为不允许所述终端执行所述应用操作时向所述终端发送的,所述第二响应消息中携带不允许所述终端执行所述应用操作的第二控制结果;以及,receiving a second response message sent by the USIM, where the second response message is sent to the terminal when the USIM determines that the terminal is not allowed to execute the application operation, and the second response message carries a disallowed The terminal executes a second control result of the application operation; and,

基于所述第二控制结果终止执行所述应用操作。Terminating execution of the application operation based on the second control result.

在一种实施方式中,在检测到指定应用触发了应用操作后,向USIM发送请求应用控制命令之后,还包括:In one embodiment, after detecting that the specified application triggers the application operation, after sending the request application control command to the USIM, further include:

接收USIM发送的第三响应消息,其中所述第三响应消息是所述USIM判定为不允许所述终端执行所述应用操作时向所述终端发送的,所述第三响应消息中携带不允许所述终端执行所述应用操作的第三控制结果和提示请求信息;以及,receiving a third response message sent by the USIM, where the third response message is sent to the terminal when the USIM determines that the terminal is not allowed to execute the application operation, and the third response message carries a disallowed The terminal executes the third control result of the application operation and prompt request information; and,

基于所述第三控制结果终止执行所述应用操作,并基于所述提示请求信息显示所述应用操作的终止执行结果。Terminating the execution of the application operation based on the third control result, and displaying the execution termination result of the application operation based on the prompt request information.

根据本公开实施例第三方面,提供一种USIM,包括存储器和处理器,所述存储器中存储有计算机程序,当所述处理器运行所述存储器存储的计算机程序时,所述处理器执行所述的基于USIM的应用控制方法。According to a third aspect of an embodiment of the present disclosure, there is provided a USIM, including a memory and a processor, the memory stores a computer program, and when the processor runs the computer program stored in the memory, the processor executes the The above USIM-based application control method.

根据本公开实施例的第四方面,提供一种终端,包括存储器和处理器,所述存储器中存储有计算机程序,当所述处理器运行所述存储器存储的计算机程序时,所述处理器执行所述的另一种基于USIM的应用控制方法。According to a fourth aspect of the embodiments of the present disclosure, there is provided a terminal, including a memory and a processor, the memory stores a computer program, and when the processor runs the computer program stored in the memory, the processor executes Another USIM-based application control method described above.

根据本公开实施例的第五方面,提供一种计算机可读存储介质,其上存储有计算机程序,其特征在于,所述计算机程序被处理器执行时,所述处理器执行所述的基于USIM的应用控制方法,或者所述的另一种基于USIM的应用控制方法。According to a fifth aspect of the embodiments of the present disclosure, there is provided a computer-readable storage medium on which a computer program is stored, wherein when the computer program is executed by a processor, the processor executes the USIM-based The application control method, or another USIM-based application control method.

本公开的实施例提供的技术方案可以包括以下有益效果:The technical solutions provided by the embodiments of the present disclosure may include the following beneficial effects:

本公开实施例提供的基于USIM的应用控制方法,通过获取终端发送的请求应用控制命令,所述请求应用控制命令是所述终端在检测到指定应用触发了应用操作后向所述USIM发送的,所述请求应用控制命令中包括所述指定应用已触发应用操作的消息;解析所述请求应用控制命令,得到所述指定应用已触发应用操作的消息;以及,基于预设规则判断是否允许所述终端执行所述应用操作,若允许,则向所述终端发送第一响应消息,所述第一响应消息中携带允许所述终端执行所述应用操作的第一控制结果,以使所述终端基于所述第一控制结果开始执行所述应用操作。本公开实施基于现有的USAT机制,加强了USIM对终端应用的管理控制功能,其至少可以满足USIM针对特定应用操作进行控制管理的需求。In the USIM-based application control method provided by the embodiments of the present disclosure, by obtaining the request application control command sent by the terminal, the request application control command is sent to the USIM after the terminal detects that a specified application triggers an application operation, The requesting application control command includes a message that the specified application has triggered an application operation; parsing the requesting application control command to obtain a message that the specified application has triggered an application operation; and judging whether to allow the specified application based on a preset rule. The terminal executes the application operation, and if allowed, sends a first response message to the terminal, where the first response message carries a first control result allowing the terminal to execute the application operation, so that the terminal is based on The first control result starts to execute the application operation. The implementation of the present disclosure is based on the existing USAT mechanism, and strengthens the management and control function of the USIM on terminal applications, which can at least meet the requirements of the USIM for controlling and managing specific application operations.

本公开的其它特征和优点将在随后的说明书中阐述,并且,部分地从说明书中变得显而易见,或者通过实施本公开而了解。本公开的目的和其他优点可通过在说明书、权利要求书以及附图中所特别指出的结构来实现和获得。Additional features and advantages of the disclosure will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the disclosure. The objectives and other advantages of the disclosure will be realized and attained by the structure particularly pointed out in the written description, claims hereof as well as the appended drawings.

附图说明Description of drawings

附图用来提供对本公开技术方案的进一步理解,并且构成说明书的一部分,与本公开的实施例一起用于解释本公开的技术方案,并不构成对本公开技术方案的限制。The accompanying drawings are used to provide a further understanding of the technical solutions of the present disclosure, and constitute a part of the specification, and are used together with the embodiments of the present disclosure to explain the technical solutions of the present disclosure, and do not constitute limitations to the technical solutions of the present disclosure.

图1为本公开实施例提供的一种基于USIM的应用控制方法的流程示意图;FIG. 1 is a schematic flowchart of a USIM-based application control method provided by an embodiment of the present disclosure;

图2为本公开另一实施例提供的一种基于USIM的应用控制方法的流程示意图;FIG. 2 is a schematic flowchart of a USIM-based application control method provided by another embodiment of the present disclosure;

图3为本公开又一实施例提供的一种基于USIM的应用控制方法的流程示意图;FIG. 3 is a schematic flowchart of a USIM-based application control method provided by another embodiment of the present disclosure;

图4为本公开再一实施例提供的一种基于USIM的应用控制方法的流程示意图;FIG. 4 is a schematic flowchart of a USIM-based application control method provided by yet another embodiment of the present disclosure;

图5为本公开实施例提供的一种USIM的结构示意图;FIG. 5 is a schematic structural diagram of a USIM provided by an embodiment of the present disclosure;

图6为本公开实施例提供的一种终端的结构示意图。FIG. 6 is a schematic structural diagram of a terminal provided by an embodiment of the present disclosure.

具体实施方式Detailed ways

为使本公开实施例的目的、技术方案和优点更加清楚,以下结合附图对本公开的具体实施方式进行详细说明。应当理解的是,此处所描述的具体实施方式仅用于说明和解释本公开,并不用于限制本公开。In order to make the purpose, technical solutions and advantages of the embodiments of the present disclosure clearer, the specific implementation manners of the present disclosure will be described in detail below in conjunction with the accompanying drawings. It should be understood that the specific embodiments described here are only used to illustrate and explain the present disclosure, and are not intended to limit the present disclosure.

需要说明的是,本公开的说明书和权利要求书及上述附图中的术语“第一”、“第二”等是用于区别类似的对象,而不必用于描述特定的顺序或先后次序;并且,在不冲突的情况下,本公开中的实施例及实施例中的特征可以相互任意组合。It should be noted that the terms "first" and "second" in the specification and claims of the present disclosure and the above-mentioned drawings are used to distinguish similar objects, and not necessarily used to describe a specific order or sequence; Moreover, the embodiments and the features in the embodiments in the present disclosure can be combined with each other arbitrarily if there is no conflict.

在后续的描述中,使用用于表示元件的诸如“模块”、“部件”或“单元”的后缀仅为了有利于本公开的说明,其本身没有特定的意义。因此,“模块”、“部件”或“单元”可以混合地使用。In the following description, use of suffixes such as 'module', 'part' or 'unit' for denoting elements is only for facilitating description of the present disclosure and has no specific meaning by itself. Therefore, 'module', 'part' or 'unit' may be used in combination.

通用用户识别模块USIM卡(Universal Subscriber Identity Module)是UMTS(Universal Mobile Telecommunications System,通用移动通信系统)网络中使用的SIM(Subscriber Identity Module,用户识别模块)卡的延续与进步,用于存储用户身份信息和个人数据,保障接入移动网络服务的安全,可以利用必要的功能和数据,在用户访问移动网络服务时进行用户识别和用户授权,实现3G(3th-Generation,第三代通信技术)网络能够表示和识别用户应用的要求。相对于SIM卡来说,USIM卡不再是建立于单一的电信应用平台上,而是将成为通用集成电路卡UICC(Universal Integrated Circuit Card)上驻留的多种应用之一。UICC是一个通用智能卡平台,为其上层应用提供统一的底层支撑,除USIM之外,UICC上还可以驻留银行、票务等其它智能卡应用,真正实现了承载平台和应用的分离。Universal Subscriber Identity Module USIM card (Universal Subscriber Identity Module) is the continuation and progress of the SIM (Subscriber Identity Module, Subscriber Identity Module) card used in the UMTS (Universal Mobile Telecommunications System, Universal Mobile Communications System) network, used to store user identities Information and personal data to ensure the security of access to mobile network services. Necessary functions and data can be used to perform user identification and user authorization when users access mobile network services, and realize 3G (3th-Generation, third-generation communication technology) network Ability to represent and identify user application requirements. Compared with the SIM card, the USIM card is no longer built on a single telecommunication application platform, but will become one of the multiple applications residing on the Universal Integrated Circuit Card (UICC). UICC is a general-purpose smart card platform that provides unified underlying support for its upper-layer applications. In addition to USIM, other smart card applications such as banking and ticketing can also reside on UICC, truly realizing the separation of bearer platforms and applications.

UICC与终端间的关系有一个发展的过程,在最初的定位中,UICC处于完全被动的地位,终端发送命令到UICC,UICC执行命令后返回响应到终端,终端和UICC间以命令/响应对的方式交互,且都是终端发起命令UICC响应的方式,这种机制不允许UICC主动向终端发送命令,终端始终是占据主导地位的,UICC只可以处于从终端接受命令、执行命令、回送响应的受控制受支配的状态,这样就限制了基于卡片的应用的开发与使用。随着UICC业务需求的发展,为了解决此类问题,在Cu接口(终端和UICC的接口)的协议栈中引入STK/USAT协议层,STK/USAT层在传输层提供的服务基础之上提供了一种服务机制,允许UICC应用与支持这种机制的终端进行交互和操作,使得UICC可以主动要求终端执行某个操作,STK/USAT指令集是电信智能卡通过终端实现业务的基础和主要方式。The relationship between the UICC and the terminal has a development process. In the initial positioning, the UICC is in a completely passive position. The terminal sends a command to the UICC, and the UICC returns a response to the terminal after executing the command. The command/response pair between the terminal and the UICC It is a way for the terminal to initiate a command UICC response. This mechanism does not allow the UICC to actively send commands to the terminal. The terminal always occupies a dominant position. The UICC can only accept commands from the terminal, execute commands, and send back responses. Controlling the governed state limits the development and use of card-based applications. With the development of UICC business requirements, in order to solve such problems, the STK/USAT protocol layer is introduced into the protocol stack of the Cu interface (the interface between the terminal and the UICC). The STK/USAT layer provides services based on the services provided by the transport layer. A service mechanism that allows UICC applications to interact and operate with terminals that support this mechanism, so that UICC can actively request terminals to perform certain operations. The STK/USAT instruction set is the basis and main way for telecom smart cards to implement services through terminals.

USIM可以通过STK/USAT机制实现USIM应用,而且随着业务需求的发展,单一的USIM应用无法满足更多的需求,往往需要和终端应用相互协同和配合,以实现更全面的业务能力和更完善的用户体验。通常在这种情况下,终端应用与USIM应用根据各自的特点承担不同的功能,相互结合后共同实现业务的整体能力。如USIM应用可以利用自身作为安全实体的优势,承担安全处理、认证鉴权等方面的功能,而终端由于具备良好的用户界面,承担用户交互、业务管理等方面的功能。USIM can implement USIM applications through the STK/USAT mechanism, and with the development of business requirements, a single USIM application cannot meet more needs, and often needs to cooperate with terminal applications to achieve more comprehensive business capabilities and better user experience. Usually in this case, the terminal application and the USIM application undertake different functions according to their respective characteristics, and realize the overall service capability after being combined with each other. For example, the USIM application can take advantage of its own advantages as a security entity to undertake functions such as security processing and authentication, while the terminal has functions such as user interaction and service management due to its good user interface.

针对上述USIM对于终端应用相关的控制管理,尤其是USIM根据自身要求提出对终端应用启动进行控制管理的需求无法实现等问题,本公开实施例在现有USAT机制的基础上,提出USIM对终端应用的启动/关闭等基本管理操作进行控制管理的方法,使得在终端应用和USIM应用密切管理的应用场景中,USIM可以根据安全策略、管理策略等需求,参与到终端应用启动过程,保障应用的启动和使用是满足以上必备要求的。该方案扩大了USAT业务控制的应用范围、充实了机卡双方应用管理的能力,满足更多复杂场景的需求,对于业务安全性、管理可行性等方面要求的支撑程度都得到了提升。In view of the USIM’s control and management of terminal applications, especially the USIM’s requirement to control and manage terminal application startup based on its own requirements cannot be realized, this embodiment of the present disclosure proposes that the USIM control and manage terminal applications based on the existing USAT mechanism. The method of controlling and managing basic management operations such as startup/shutdown, so that in the application scenario where the terminal application and the USIM application are closely managed, the USIM can participate in the startup process of the terminal application according to the requirements of security policies and management policies to ensure the startup of the application And use is to meet the above necessary requirements. This solution expands the application range of USAT business control, enriches the application management capabilities of both the machine and the card, meets the needs of more complex scenarios, and improves the support for business security and management feasibility.

请参照图1,图1为本公开实施例提供的一种基于USIM的应用控制方法的流程示意图,应用于USIM,包括步骤S101-S104。Please refer to FIG. 1 . FIG. 1 is a schematic flowchart of a USIM-based application control method provided by an embodiment of the present disclosure, which is applied to the USIM and includes steps S101-S104.

在步骤S101中,获取终端发送的请求应用控制命令,所述请求应用控制命令是所述终端在检测到指定应用触发了应用操作后向所述USIM发送的,所述请求应用控制命令中包括所述指定应用已触发应用操作的消息。In step S101, the request application control command sent by the terminal is obtained, the request application control command is sent to the USIM after the terminal detects that a specified application triggers an application operation, and the request application control command includes the A message stating that the specified app has triggered an app action.

其中,指定应用可以为预先设定的需要USIM进行控制的应用,或者USIM产生需要对其进行应用操作控制的应用,并可以包括USIM对该指定应用进行控制的应用操作类型范围。Wherein, the specified application may be a preset application that needs to be controlled by the USIM, or an application generated by the USIM that needs to be controlled by the application operation, and may include a range of application operation types for which the USIM controls the specified application.

相较于相关技术中,终端指定应用在触发了应用操作之后,通过终端直接对应用进行相关的控制管理,例如独立判断终端应用的启动及控制执行等,本实施例终端应用在触发了应用操作之后,基于现有的USAT机制的机卡交互,生成请求应用控制命令Envelope-CallControl-Application Control并发送给USIM,由USIM对终端应用的启动或关闭等基本管理操作进行控制管理。Compared with related technologies, after the application operation is triggered by the designated application of the terminal, the relevant control and management of the application is directly carried out through the terminal, such as independently determining the startup and control execution of the terminal application. In this embodiment, the terminal application triggers the application operation After that, based on the machine-card interaction of the existing USAT mechanism, a request application control command Envelope-CallControl-Application Control is generated and sent to the USIM, and the USIM controls and manages basic management operations such as startup or shutdown of terminal applications.

可以理解的是,所述请求应用控制命令中终端指定应用触发的所述应用操作,包括所述应用操作类型及应用数据等信息,该命令消息的结构如下所示:It can be understood that the application operation triggered by the terminal-specified application in the request application control command includes information such as the application operation type and application data, and the structure of the command message is as follows:

Figure BDA0003066550060000071
Figure BDA0003066550060000071

Figure BDA0003066550060000081
Figure BDA0003066550060000081

其中应用操作类型定义如上,需要注意的是,应用操作类型数据域中各比特位中有且仅有一位取值为1。The application operation type is defined as above, and it should be noted that only one of the bits in the application operation type data field takes a value of 1.

在步骤S102中,解析所述请求应用控制命令,得到所述指定应用已触发应用操作的消息。In step S102, the request application control command is parsed to obtain a message that the specified application has triggered an application operation.

在步骤S103中,基于预设规则判断是否允许所述终端执行所述应用操作,若允许,则执行步骤S104,否则,执行步骤S105。In step S103, it is judged based on preset rules whether the terminal is allowed to execute the application operation, and if it is allowed, then step S104 is executed; otherwise, step S105 is executed.

需要说明的是,本领域技术人员可以结合指定应用的预置策略及当前实际情况对预设规则进行适应性设定,USIM根据指定应用的预置策略和当前终端的实际情况判断是否允许终端执行该应用操作,如指定USIM应用当前是否符合要求,其中预置策略可以为对终端所提供的操作的执行条件和要求进行判断,或者,指定应用的某些特殊启动或关闭场景,在一些实施例中,也可以为其它关于应用控制的其它策略,此处并不对此进行限定。It should be noted that those skilled in the art can adaptively set the preset rules in combination with the preset policy of the specified application and the current actual situation. The USIM judges whether to allow the terminal to execute the The application operation, such as specifying whether the USIM application currently meets the requirements, wherein the preset policy can be to judge the execution conditions and requirements of the operation provided by the terminal, or to specify some special startup or shutdown scenarios of the application, in some embodiments In , there may also be other strategies related to application control, which are not limited here.

在步骤S104中,向所述终端发送第一响应消息,所述第一响应消息中携带允许所述终端执行所述应用操作的第一控制结果,以使所述终端基于所述第一控制结果开始执行所述应用操作。In step S104, a first response message is sent to the terminal, the first response message carries a first control result allowing the terminal to execute the application operation, so that the terminal Execution of the application operation is started.

在一些实施例中,USIM在判定允许终端执行应用操作后,还可以进一步限定该应用操作范围,同时在该第一响应消息中携带该应用操作范围,终端进而根据该应用操作范围执行操作,进一步提高终端与USIM之间的机卡交互性能。In some embodiments, after the USIM determines that the terminal is allowed to execute the application operation, it can further limit the application operation range, and at the same time carry the application operation range in the first response message, and the terminal performs operations according to the application operation range, further Improve the machine-card interaction performance between the terminal and USIM.

在步骤S105中,向所述终端发送第二响应消息,所述第二响应消息中携带不允许所述终端执行所述应用操作的第二控制结果,以使所述终端基于所述第二控制结果终止执行所述应用操作。In step S105, a second response message is sent to the terminal, the second response message carries a second control result that does not allow the terminal to execute the application operation, so that the terminal As a result, execution of the application operation is terminated.

在一些实施例中,若不允许,则向所述终端发送第三响应消息,所述第三响应消息中携带不允许执行所述应用操作的控制结果和提示请求信息,以使所述终端基于所述不允许执行所述应用操作的控制结果终止执行所述应用操作,并基于所述提示请求信息显示所述应用操作的终止执行结果。In some embodiments, if it is not allowed, then send a third response message to the terminal, the third response message carries the control result and prompt request information that the application operation is not allowed to be executed, so that the terminal based on The control result of not allowing execution of the application operation terminates the execution of the application operation, and displays the execution termination result of the application operation based on the prompt request information.

其中,第一响应消息、第二响应消息及第三响应消息结构如下所示:Among them, the structures of the first response message, the second response message and the third response message are as follows:

Figure BDA0003066550060000091
Figure BDA0003066550060000091

其中字符标识是可选参数,在USIM需要给用户提示信息时(通常为控制结果为不允许)提出。The character identifier is an optional parameter, which is proposed when the USIM needs to prompt the user (usually the control result is not allowed).

相关技术中,USIM根据自身要求提出对终端应用启动进行控制管理的需求无法实现,为此,本公开另一实施例提供一种基于USIM的应用控制方法,如图2所示,与上一实施例不同的是,本实施例在获取终端发送的请求应用控制命令之前,USIM基于应用控制需求生成应用控制的主动命令,确定进行应用控制的指定应用及应用操作类型范围,本实施例中,USIM可以根据自身需求对终端应用进行控制,扩大了USAT业务控制的范围,提升机卡交互能力,具体地,除了上述步骤S101-S105之外,在步骤S101之前,还包括步骤S201和步骤S202。In related technologies, the requirement of USIM to control and manage terminal application start-up according to its own requirements cannot be realized. Therefore, another embodiment of the present disclosure provides a USIM-based application control method, as shown in FIG. 2 , which is similar to the previous implementation The difference is that in this embodiment, before obtaining the request application control command sent by the terminal, the USIM generates an active command for application control based on the application control requirements, and determines the specified application and application operation type range for application control. In this embodiment, the USIM You can control the terminal application according to your own needs, expand the scope of USAT business control, and improve the machine-card interaction capability. Specifically, in addition to the above steps S101-S105, steps S201 and S202 are also included before step S101.

在步骤S201中,在产生对指定应用的应用操作进行控制的需求后,基于所述需求生成应用控制命令,所述应用控制命令包括所述指定应用的应用标识和应用操作类型范围;以及,In step S201, after a demand for controlling the application operation of a specified application is generated, an application control command is generated based on the demand, and the application control command includes an application identifier and an application operation type range of the specified application; and,

在步骤S202中,向终端发送应用控制命令,以使所述终端获取并解析所述应用控制命令,得到所述应用标识及应用操作类型范围,并在检测到所述应用标识对应的指定应用触发了应用操作后,判断所述指定应用的应用操作类型是否在所述操作类型范围内,若是,则向所述USIM发送请求应用控制命令。In step S202, an application control command is sent to the terminal, so that the terminal obtains and parses the application control command, obtains the application identifier and the scope of the application operation type, and triggers the application when the specified application corresponding to the application identifier is detected. After the application operation is determined, it is judged whether the application operation type of the specified application is within the range of the operation type, and if so, a request application control command is sent to the USIM.

本实施例中,遵守终端应用与USIM交互的基本机制,为使USIM在对终端应用的管理操作进行控制的需求产生时可以将其提供给终端,首先需要增加USIM主动式指令,USIM可以通过向终端发送该指令表示需要对特定终端应用的特定操作进行控制,其中特定应用和特定操作范围在主动式指令中定义。该新增命令不妨命名为SetUp TerminalApplication Control,以下是该命令的消息结构:In this embodiment, the basic mechanism of interaction between the terminal application and the USIM is complied with. In order for the USIM to provide it to the terminal when the demand for controlling the management operation of the terminal application arises, it is first necessary to add a USIM active command. The instruction sent by the terminal indicates that it needs to control the specific operation of the specific terminal application, where the specific application and the specific operation range are defined in the proactive instruction. The new command may be named SetUp TerminalApplication Control, the following is the message structure of the command:

Figure BDA0003066550060000101
Figure BDA0003066550060000101

Figure BDA0003066550060000111
Figure BDA0003066550060000111

其中应用操作类型为扩展数据对象,表示USIM需要控制的应用操作的范围,每个比特位表示一类操作(含义如上表所示),取值为1时表示该类操作需进行控制,取值为0时表示该类操作不需进行控制。各比特位中应至少有一位取值为1。The application operation type is an extended data object, indicating the range of application operations that the USIM needs to control. Each bit indicates a type of operation (as shown in the above table), and a value of 1 indicates that this type of operation needs to be controlled. When it is 0, it means that this type of operation does not need to be controlled. At least one of the bits shall have a value of 1.

终端在收到上述USIM进行应用控制的需求命令后,需要在指定的应用即将进行指定范围的操作时先将操作的类型和信息提供到USIM,由USIM根据关联应用的预置策略判断是否允许该操作的执行并通过响应消息发送判断结果,USIM根据判断结果确定后续动作,即执行操作或终止操作。After the terminal receives the above USIM request command for application control, it needs to provide the type and information of the operation to the USIM when the specified application is about to perform a specified range of operations. The execution of the operation sends the judgment result through the response message, and the USIM determines the follow-up action according to the judgment result, that is, executes the operation or terminates the operation.

基于相同的技术构思,本公开又一实施例相应的一种基于USIM的应用控制方法,如图3所示,所述方法应用于终端,包括步骤S301-S303。Based on the same technical idea, another embodiment of the present disclosure provides a corresponding USIM-based application control method. As shown in FIG. 3 , the method is applied to a terminal, including steps S301-S303.

在步骤S301中,在检测到指定应用触发了应用操作后,向USIM发送请求应用控制命令,所述请求应用控制命令中包括所述指定应用已触发应用操作的消息,以使所述USIM获取并解析所述请求应用控制命令,得到所述终端指定应用已触发应用操作的消息,并基于预设规则判断是否允许所述终端执行所述应用操作,若允许,则向所述终端发送第一响应消息,所述第一响应消息中携带允许所述终端执行所述应用操作的第一控制结果;In step S301, after detecting that the specified application triggers an application operation, a request application control command is sent to the USIM, and the request application control command includes a message that the specified application has triggered an application operation, so that the USIM acquires and Analyzing the request application control command, obtaining a message that the application specified by the terminal has triggered an application operation, and judging whether the terminal is allowed to execute the application operation based on preset rules, and if so, sending a first response to the terminal message, where the first response message carries a first control result that allows the terminal to execute the application operation;

在步骤S302中,获取并解析所述第一响应消息,得到所述第一控制结果;以及,In step S302, acquire and parse the first response message to obtain the first control result; and,

在步骤S303中,基于所述第一控制结果开始执行所述应用操作。In step S303, start to execute the application operation based on the first control result.

在一种实施方式中,在向USIM发送请求应用控制命令之前,还包括:In an implementation manner, before sending the request application control command to the USIM, it further includes:

接收USIM发送的应用控制命令,所述应用控制命令是所述USIM在产生对指定应用的应用操作进行控制的需求后,基于所述需求生成的,其中所述应用控制命令包括所述指定应用的应用标识和应用操作类型范围;以及,receiving an application control command sent by the USIM, where the application control command is generated by the USIM based on the demand for controlling the application operation of the specified application after the USIM generates the demand, wherein the application control command includes the application identification and application operation type scope; and,

获取并解析所述应用控制命令,得到所述应用标识及应用操作类型范围;Acquiring and parsing the application control command to obtain the application identification and application operation type range;

在检测到所述应用标识对应的指定应用触发了应用操作后,判断所述指定应用的应用操作类型是否在所述操作类型范围内;After detecting that the specified application corresponding to the application identifier triggers an application operation, determine whether the application operation type of the specified application is within the range of the operation type;

若在所述操作类型范围内,则执行向USIM发送请求应用控制命令的步骤。If it is within the range of the operation type, then execute the step of sending a request application control command to the USIM.

在一种实施方式中,在检测到指定应用触发了应用操作后,向USIM发送请求应用控制命令之后,还包括:In one embodiment, after detecting that the specified application triggers the application operation, after sending the request application control command to the USIM, further include:

接收USIM发送的第二响应消息,其中所述第二响应消息是所述USIM判定为不允许所述终端执行所述应用操作时向所述终端发送的,所述第二响应消息中携带不允许所述终端执行所述应用操作的第二控制结果;以及,receiving a second response message sent by the USIM, where the second response message is sent to the terminal when the USIM determines that the terminal is not allowed to execute the application operation, and the second response message carries a disallowed The terminal executes a second control result of the application operation; and,

基于所述第二控制结果终止执行所述应用操作。Terminating execution of the application operation based on the second control result.

在一种实施方式中,在检测到指定应用触发了应用操作后,向USIM发送请求应用控制命令之后,还包括:In one embodiment, after detecting that the specified application triggers the application operation, after sending the request application control command to the USIM, further include:

接收USIM发送的第三响应消息,其中所述第三响应消息是所述USIM判定为不允许所述终端执行所述应用操作时向所述终端发送的,所述第三响应消息中携带不允许所述终端执行所述应用操作的第三控制结果和提示请求信息;以及,receiving a third response message sent by the USIM, where the third response message is sent to the terminal when the USIM determines that the terminal is not allowed to execute the application operation, and the third response message carries a disallowed The terminal executes the third control result of the application operation and prompt request information; and,

基于所述第三控制结果终止执行所述应用操作,并基于所述提示请求信息显示所述应用操作的终止执行结果。Terminating the execution of the application operation based on the third control result, and displaying the execution termination result of the application operation based on the prompt request information.

需要说明的是,本公开实施例的基于USIM的应用控制方法是上一实施例的对端方案,其实现原理可参照上述实施例,此处不再多作赘述。It should be noted that the USIM-based application control method in the embodiment of the present disclosure is the peer-to-peer solution in the previous embodiment, and its implementation principle may refer to the above-mentioned embodiment, which will not be repeated here.

基于相同的技术构思,本公开再一实施例相应还提供一种基于USIM的应用控制方法,包括步骤S401-S415。Based on the same technical idea, another embodiment of the present disclosure also provides a USIM-based application control method, including steps S401-S415.

S401、USIM根据安全要求、管理策略等方面的要求产生对某特定应用的特定管理操作进行控制的需求;S401. The USIM generates a requirement to control a specific management operation of a specific application according to requirements such as security requirements and management policies;

S402、USIM根据需求的特定应用数据和需要进行控制的管理操作类型范围等生成设置终端应用控制的主动式命令SetUp Terminal Application Control命令并发送到终端,命令结构如前所述;S402. The USIM generates an active command SetUp Terminal Application Control command for setting terminal application control according to the specific application data required and the range of management operation types that need to be controlled, and sends it to the terminal. The command structure is as described above;

S403、终端收到命令后进行解析和处理,获取需要进行控制的特定终端应用和特定管理操作类型范围等,明确设置命令的要求,设置生效;S403. The terminal parses and processes the command after receiving the command, obtains the specific terminal application that needs to be controlled and the scope of the specific management operation type, etc., specifies the requirements for setting the command, and makes the setting take effect;

S404、设置生效后,特定应用的某类操作被触发,终端收到要求执行该操作的请求;S404. After the setting takes effect, a certain type of operation of a specific application is triggered, and the terminal receives a request to perform the operation;

S405、终端判断当前请求的操作类型是否在前述命令要求需要进行控制的管理操作类型范围内,如果是则进行步骤S406,如果否则转到步骤S415);S405. The terminal judges whether the currently requested operation type is within the scope of the management operation type required to be controlled by the aforementioned command, if yes, proceed to step S406, and if not, proceed to step S415);

S406、终端暂停响应操作要求,发送请求对当前操作进行控制的命令Envelope-CallControl-Application Control到USIM,内含要求执行当前操作的终端应用及操作类型,具体命令结构如前所述;S406. The terminal suspends responding to the operation request, and sends the command Envelope-CallControl-Application Control requesting to control the current operation to the USIM, which contains the terminal application and operation type required to perform the current operation, and the specific command structure is as described above;

S407、USIM收到命令后进行解析和处理,获取要求执行的当前操作的终端应用及操作类型,根据预置规则和当前情况等(如关联USIM应用当前是否符合要求)对终端所提供的操作的执行条件和要求进行判断;S407. The USIM performs parsing and processing after receiving the command, obtains the terminal application and operation type of the current operation required to be performed, and performs operations provided by the terminal according to preset rules and current conditions (such as whether the associated USIM application currently meets the requirements). Execution conditions and requirements for judgment;

S408、USIM得到判断结果,是否允许当前操作执行,如果否则进行后续步骤,如果是则转到步骤S413);S408, the USIM obtains the judgment result, whether the current operation is allowed to be executed, if not, proceed to the subsequent steps, if yes, go to step S413);

S409、USIM发送响应消息到终端,内含是否允许操作执行的控制结果,响应消息结构如前所述;S409. The USIM sends a response message to the terminal, including a control result of whether the operation is allowed to be executed, and the structure of the response message is as described above;

S410、终端收到响应消息进行解析和处理,获得对当前操作的控制结果,应用操作终止执行;S410, the terminal receives the response message to analyze and process it, obtains the control result of the current operation, and terminates the execution of the application operation;

S411、终端确定响应消息中是否要求为用户提供提示信息,如果是则继续后续步骤,如果否则流程结束;S411. The terminal determines whether the response message requires the user to be provided with prompt information, and if so, proceeds to subsequent steps, otherwise, the process ends;

S412、终端向用户提供提示信息,如操作未能执行的结果、原因等,流程结束。S412. The terminal provides prompt information to the user, such as the result and reason of the failed operation, and the process ends.

S413、USIM发送响应消息到终端,内含允许操作执行的控制结果,响应消息结构如前所述;S413. The USIM sends a response message to the terminal, including a control result that allows operation execution, and the structure of the response message is as described above;

S414、终端收到响应消息进行解析和处理,获得对当前操作的控制结果,应用操作正常执行,流程结束。S414. The terminal receives the response message for parsing and processing, and obtains a control result of the current operation, and the application operation is normally executed, and the process ends.

S415、终端应用操作直接执行,流程结束。S415, the terminal application operation is directly executed, and the process ends.

基于相同的技术构思,本公开实施例相应还提供一种USIM,如图5所示,所述USIM包括存储器51和处理器52,所述存储器51中存储有计算机程序,当所述处理器52运行所述存储器51存储的计算机程序时,所述处理器执行所述的基于USIM的应用控制方法。Based on the same technical idea, the embodiment of the present disclosure also provides a corresponding USIM. As shown in FIG. When running the computer program stored in the memory 51, the processor executes the USIM-based application control method.

基于相同的技术构思。本公开实施例相应还提供一种基于USIM的应用控制系统,包括USIM,所述USIM包括:Based on the same technical idea. Correspondingly, the embodiments of the present disclosure provide a USIM-based application control system, including a USIM, and the USIM includes:

第一获取模块,其设置为获取终端发送的请求应用控制命令,所述请求应用控制命令是所述终端在检测到指定应用触发了应用操作后向所述USIM发送的,所述请求应用控制命令中包括所述指定应用已触发应用操作的消息;The first acquisition module is configured to acquire a request application control command sent by a terminal, the request application control command is sent to the USIM after the terminal detects that a specified application triggers an application operation, and the request application control command includes a message that the specified application has triggered an application operation;

解析模块,其设置为解析所述请求应用控制命令,得到所述指定应用已触发应用操作的消息;以及,A parsing module configured to parse the requesting application control command to obtain a message that the specified application has triggered an application operation; and,

第一判断模块,其设置为基于预设规则判断是否允许所述终端执行所述应用操作;A first judging module, configured to judge whether to allow the terminal to execute the application operation based on preset rules;

第一发送模块,其设置为在所述第一判断模块判断为允许时,向所述终端发送第一响应消息,所述第一响应消息中携带允许所述终端执行所述应用操作的第一控制结果,以使所述终端基于所述第一控制结果开始执行所述应用操作。The first sending module is configured to send a first response message to the terminal when the first judging module judges that it is allowed, and the first response message carries a first message that allows the terminal to execute the application operation. controlling the result, so that the terminal starts to execute the application operation based on the first control result.

在一种实施方式中,所述系统还包括:In one embodiment, the system also includes:

第一生成模块,其设置为在第一获取模块获取终端发送的请求应用控制命令之前,若产生对指定应用的应用操作进行控制的需求,基于所述需求生成应用控制命令,所述应用控制命令包括所述指定应用的应用标识和应用操作类型范围;以及,The first generation module is configured to generate an application control command based on the demand if a demand for controlling the application operation of the specified application is generated before the first acquisition module acquires the request application control command sent by the terminal, and the application control command including the application identification and application operation type scope of the specified application; and,

第二发送模块,其设置为向终端发送应用控制命令,以使所述终端获取并解析所述应用控制命令,得到所述应用标识及应用操作类型范围,并在检测到所述应用标识对应的指定应用触发了应用操作后,判断所述指定应用的应用操作类型是否在所述操作类型范围内,若是,则向所述USIM发送请求应用控制命令。The second sending module is configured to send an application control command to the terminal, so that the terminal acquires and parses the application control command, obtains the application identifier and the scope of the application operation type, and detects that the application identifier corresponds to After the specified application triggers the application operation, it is judged whether the application operation type of the specified application is within the range of the operation type, and if so, a request application control command is sent to the USIM.

在一种实施方式中,还包括:In one embodiment, it also includes:

第三发送模块,其设置为在所述第一判断模块判断为不允许时,向所述终端发送第二响应消息,所述第二响应消息中携带不允许所述终端执行所述应用操作的第二控制结果,以使所述终端基于所述第二控制结果终止执行所述应用操作。A third sending module, configured to send a second response message to the terminal when the first judging module judges that it is not allowed, and the second response message carries a message that the terminal is not allowed to execute the application operation A second control result, so that the terminal terminates execution of the application operation based on the second control result.

在一种实施方式中,在基于预设规则判断是否允许所述终端执行所述应用操作之后,还包括:In one embodiment, after judging whether to allow the terminal to execute the application operation based on the preset rules, it further includes:

第四发送模块,其设置为在所述第一判断模块判断为不允许时,向所述终端发送第三响应消息,所述第三响应消息中携带不允许所述终端执行所述应用操作的第三控制结果和提示请求信息,以使所述终端基于所述第三控制结果终止执行所述应用操作,并基于所述提示请求信息显示所述应用操作的终止执行结果。A fourth sending module, configured to send a third response message to the terminal when the first judging module judges that it is not allowed, and the third response message carries a message that the terminal is not allowed to execute the application operation The third control result and prompt request information, so that the terminal terminates execution of the application operation based on the third control result, and displays the execution termination result of the application operation based on the prompt request information.

基于相同的技术构思,本公开实施例相应还提供另一种基于USIM的应用控制系统,包括终端,所述终端包括:Based on the same technical concept, embodiments of the present disclosure provide another USIM-based application control system, including a terminal, and the terminal includes:

第五发送模块,其设置为在检测到指定应用触发了应用操作后,向USIM发送请求应用控制命令,所述请求应用控制命令中包括所述指定应用已触发应用操作的消息,以使所述USIM获取并解析所述请求应用控制命令,得到所述终端指定应用已触发应用操作的消息,并基于预设规则判断是否允许所述终端执行所述应用操作,若允许,则向所述终端发送第一响应消息,所述第一响应消息中携带允许所述终端执行所述应用操作的第一控制结果;The fifth sending module is configured to send a request application control command to the USIM after detecting that the specified application has triggered an application operation, and the request application control command includes a message that the specified application has triggered an application operation, so that the The USIM obtains and parses the request application control command, obtains a message that the application operation specified by the terminal has been triggered, and judges based on preset rules whether the terminal is allowed to perform the application operation, and if allowed, sends the message to the terminal a first response message, where the first response message carries a first control result allowing the terminal to execute the application operation;

获取解析模块,其设置为获取并解析所述第一响应消息,得到所述第一控制结果;以及,Obtaining and parsing module, which is configured to obtain and parse the first response message to obtain the first control result; and,

执行模块,其设置为基于所述第一控制结果开始执行所述应用操作。An execution module configured to start executing the application operation based on the first control result.

在一种实施方式中,还包括:In one embodiment, it also includes:

第一接收模块,其设置为在所述第五发送模块向USIM发送请求应用控制命令之前,接收USIM发送的应用控制命令,所述应用控制命令是所述USIM在产生对指定应用的应用操作进行控制的需求后,基于所述需求生成的,其中所述应用控制命令包括所述指定应用的应用标识和应用操作类型范围;以及,The first receiving module is configured to receive the application control command sent by the USIM before the fifth sending module sends the request application control command to the USIM, and the application control command is performed by the USIM when generating an application operation for a specified application. After controlling the requirements, the application control command is generated based on the requirements, wherein the application control command includes the application identification and application operation type range of the specified application; and,

所述获取解析模块还设置为,获取并解析所述应用控制命令,得到所述应用标识及应用操作类型范围;The obtaining and parsing module is further configured to obtain and parse the application control command to obtain the application identifier and the scope of the application operation type;

第二判断模块,其设置为在检测到所述应用标识对应的指定应用触发了应用操作后,判断所述指定应用的应用操作类型是否在所述操作类型范围内;The second judging module is configured to judge whether the application operation type of the designated application is within the range of the operation type after detecting that the designated application corresponding to the application identifier triggers an application operation;

所述第五发送模块还设置为,在所述第二判断模块判断为在所述操作类型范围内时,向USIM发送请求应用控制命令。The fifth sending module is further configured to send a request application control command to the USIM when the second judging module judges that the operation type is within the range of the operation type.

在一种实施方式中,还包括:In one embodiment, it also includes:

第二接收模块,其设置为在第五发送模块检测到指定应用触发了应用操作后,向USIM发送请求应用控制命令之后,接收USIM发送的第二响应消息,其中所述第二响应消息是所述USIM判定为不允许所述终端执行所述应用操作时向所述终端发送的,所述第二响应消息中携带不允许所述终端执行所述应用操作的第二控制结果;以及,The second receiving module is configured to receive the second response message sent by the USIM after the fifth sending module detects that the specified application triggers the application operation and sends the request application control command to the USIM, wherein the second response message is the When the USIM determines that the terminal is not allowed to execute the application operation, the second response message carries a second control result that the terminal is not allowed to execute the application operation; and,

所述执行模块还设置为,基于所述第二控制结果终止执行所述应用操作。The execution module is further configured to terminate execution of the application operation based on the second control result.

在一种实施方式中,还包括:In one embodiment, it also includes:

第三接收模块,其设置为在第五发送模块检测到指定应用触发了应用操作后,向USIM发送请求应用控制命令之后,接收USIM发送的第三响应消息,其中所述第三响应消息是所述USIM判定为不允许所述终端执行所述应用操作时向所述终端发送的,所述第三响应消息中携带不允许所述终端执行所述应用操作的第三控制结果和提示请求信息;以及,The third receiving module is configured to receive the third response message sent by the USIM after the fifth sending module detects that the specified application triggers the application operation and sends the request application control command to the USIM, wherein the third response message is the When the USIM determines that the terminal is not allowed to execute the application operation, the third response message carries a third control result and prompt request information that the terminal is not allowed to execute the application operation; as well as,

所述执行模块还设置为基于所述第三控制结果终止执行所述应用操作,并基于所述提示请求信息显示所述应用操作的终止执行结果。The execution module is further configured to terminate the execution of the application operation based on the third control result, and display the execution termination result of the application operation based on the prompt request information.

基于相同的技术构思,本公开实施例相应还提供一种终端,如图6所示,所述终端包括存储器61和处理器62,所述存储器61中存储有计算机程序,当所述处理器62运行所述存储器61存储的计算机程序时,所述处理器执行所述的另一种基于USIM的应用控制方法。Based on the same technical concept, the embodiment of the present disclosure also provides a terminal correspondingly. As shown in FIG. When running the computer program stored in the memory 61, the processor executes the other USIM-based application control method.

基于相同的技术构思,提供一种计算机可读存储介质,其上存储有计算机程序,其特征在于,所述计算机程序被处理器执行时,所述处理器执行所述的基于USIM的应用控制方法,或者所述的另一种基于USIM的应用控制方法。Based on the same technical concept, a computer-readable storage medium is provided, on which a computer program is stored, wherein when the computer program is executed by a processor, the processor executes the USIM-based application control method , or another USIM-based application control method described above.

本领域普通技术人员可以理解,上文中所公开方法中的全部或某些步骤、系统、装置中的功能模块/单元可以被实施为软件、固件、硬件及其适当的组合。在硬件实施方式中,在以上描述中提及的功能模块/单元之间的划分不一定对应于物理组件的划分;例如,一个物理组件可以具有多个功能,或者一个功能或步骤可以由若干物理组件合作执行。某些物理组件或所有物理组件可以被实施为由处理器,如中央处理器、数字信号处理器或微处理器执行的软件,或者被实施为硬件,或者被实施为集成电路,如专用集成电路。这样的软件可以分布在计算机可读介质上,计算机可读介质可以包括计算机存储介质(或非暂时性介质)和通信介质(或暂时性介质)。如本领域普通技术人员公知的,术语计算机存储介质包括在用于存储信息(诸如计算机可读指令、数据结构、程序模块或其他数据)的任何方法或技术中实施的易失性和非易失性、可移除和不可移除介质。计算机存储介质包括但不限于RAM、ROM、EEPROM、闪存或其他存储器技术、CD-ROM、数字多功能盘(DVD)或其他光盘存储、磁盒、磁带、磁盘存储或其他磁存储装置、或者可以用于存储期望的信息并且可以被计算机访问的任何其他的介质。此外,本领域普通技术人员公知的是,通信介质通常包含计算机可读指令、数据结构、程序模块或者诸如载波或其他传输机制之类的调制数据信号中的其他数据,并且可包括任何信息递送介质。Those of ordinary skill in the art can understand that all or some of the steps in the methods disclosed above, the functional modules/units in the system, and the device can be implemented as software, firmware, hardware, and an appropriate combination thereof. In a hardware implementation, the division between functional modules/units mentioned in the above description does not necessarily correspond to the division of physical components; for example, one physical component may have multiple functions, or one function or step may be composed of several physical components. Components cooperate to execute. Some or all of the physical components may be implemented as software executed by a processor, such as a central processing unit, digital signal processor, or microprocessor, or as hardware, or as an integrated circuit, such as an application-specific integrated circuit . Such software may be distributed on computer readable media, which may include computer storage media (or non-transitory media) and communication media (or transitory media). As known to those of ordinary skill in the art, the term computer storage media includes both volatile and nonvolatile media implemented in any method or technology for storage of information, such as computer readable instructions, data structures, program modules, or other data. permanent, removable and non-removable media. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disk (DVD) or other optical disk storage, magnetic cartridges, tape, magnetic disk storage or other magnetic storage devices, or can Any other medium used to store desired information and which can be accessed by a computer. In addition, as is well known to those of ordinary skill in the art, communication media typically embodies computer readable instructions, data structures, program modules, or other data in a modulated data signal such as a carrier wave or other transport mechanism, and may include any information delivery media .

最后应说明的是:以上各实施例仅用以说明本公开的技术方案,而非对其限制;尽管参照前述各实施例对本公开进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分或者全部技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本公开各实施例技术方案的范围。Finally, it should be noted that: the above embodiments are only used to illustrate the technical solutions of the present disclosure, not to limit them; although the present disclosure has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand that: It is still possible to modify the technical solutions described in the foregoing embodiments, or perform equivalent replacements for some or all of the technical features; and these modifications or replacements do not make the essence of the corresponding technical solutions deviate from the technical solutions of the various embodiments of the present disclosure. scope.

Claims (9)

1.一种基于USIM的应用控制方法,其特征在于,应用于USIM,所述方法包括:1. A USIM-based application control method, characterized in that being applied to the USIM, the method comprises: 在产生对指定应用的应用操作进行控制的需求后,基于所述需求生成应用控制命令,所述应用控制命令包括所述指定应用的应用标识和应用操作类型范围;After a demand for controlling the application operation of the specified application is generated, an application control command is generated based on the demand, where the application control command includes an application identifier and an application operation type range of the specified application; 向终端发送应用控制命令,以使所述终端获取并解析所述应用控制命令,得到所述应用标识及应用操作类型范围,并在检测到所述应用标识对应的指定应用触发了应用操作后,判断所述指定应用的应用操作类型是否在所述操作类型范围内,若是,则向所述USIM发送请求应用控制命令;sending an application control command to the terminal, so that the terminal obtains and parses the application control command, obtains the application identifier and the scope of the application operation type, and after detecting that the specified application corresponding to the application identifier triggers the application operation, Judging whether the application operation type of the specified application is within the range of the operation type, and if so, sending a request application control command to the USIM; 获取终端发送的请求应用控制命令,所述请求应用控制命令是所述终端在检测到指定应用触发了应用操作后向所述USIM发送的,其中所述指定应用为预先设定的需要USIM进行控制的应用,或者USIM产生需要对其进行应用操作控制的应用,所述应用操作的类型包括应用开启和应用关闭,所述请求应用控制命令中包括所述指定应用已触发应用操作的消息;Obtaining a request application control command sent by the terminal, the request application control command is sent to the USIM after the terminal detects that a specified application triggers an application operation, wherein the specified application is a preset that requires the USIM to be controlled application, or the USIM generates an application that requires application operation control, the type of application operation includes application opening and application closing, and the request application control command includes a message that the specified application has triggered the application operation; 解析所述请求应用控制命令,得到所述指定应用已触发应用操作的消息;以及,parsing the requesting application control command to obtain a message that the specified application has triggered an application operation; and, 基于预设规则判断是否允许所述终端执行所述应用操作;judging whether to allow the terminal to execute the application operation based on preset rules; 若允许,则向所述终端发送第一响应消息,所述第一响应消息中携带允许所述终端执行所述应用操作的第一控制结果,以使所述终端基于所述第一控制结果开始执行所述应用操作。If allowed, send a first response message to the terminal, where the first response message carries a first control result that allows the terminal to execute the application operation, so that the terminal starts based on the first control result Execute the application operation. 2.根据权利要求1所述的方法,其特征在于,在基于预设规则判断是否允许所述终端执行所述应用操作之后,还包括:2. The method according to claim 1, further comprising: after judging whether to allow the terminal to execute the application operation based on preset rules: 若不允许,则向所述终端发送第二响应消息,所述第二响应消息中携带不允许所述终端执行所述应用操作的第二控制结果,以使所述终端基于所述第二控制结果终止执行所述应用操作。If not, send a second response message to the terminal, where the second response message carries a second control result that the terminal is not allowed to execute the application operation, so that the terminal can execute the application based on the second control result. As a result, execution of the application operation is terminated. 3.根据权利要求1所述的方法,其特征在于,在基于预设规则判断是否允许所述终端执行所述应用操作之后,还包括:3. The method according to claim 1, further comprising: after judging whether to allow the terminal to execute the application operation based on preset rules: 若不允许,则向所述终端发送第三响应消息,所述第三响应消息中携带不允许所述终端执行所述应用操作的第三控制结果和提示请求信息,以使所述终端基于所述第三控制结果终止执行所述应用操作,并基于所述提示请求信息显示所述应用操作的终止执行结果。If not allowed, send a third response message to the terminal, the third response message carrying a third control result and prompt request information that the terminal is not allowed to execute the application operation, so that the terminal is based on the The third control result terminates execution of the application operation, and displays the execution termination result of the application operation based on the prompt request information. 4.一种基于USIM的应用控制方法,其特征在于,应用于终端,所述方法包括:4. A USIM-based application control method, characterized in that it is applied to a terminal, and the method comprises: 接收USIM发送的应用控制命令,所述应用控制命令是所述USIM在产生对指定应用的应用操作进行控制的需求后,基于所述需求生成的,其中所述应用控制命令包括所述指定应用的应用标识和应用操作类型范围;以及,receiving an application control command sent by the USIM, where the application control command is generated by the USIM based on the demand for controlling the application operation of the specified application after the USIM generates the demand, wherein the application control command includes the application identification and application operation type scope; and, 获取并解析所述应用控制命令,得到所述应用标识及应用操作类型范围;Acquiring and parsing the application control command to obtain the application identification and application operation type range; 在检测到所述应用标识对应的指定应用触发了应用操作后,判断所述指定应用的应用操作类型是否在所述操作类型范围内;After detecting that the specified application corresponding to the application identifier triggers an application operation, determine whether the application operation type of the specified application is within the range of the operation type; 若在所述操作类型范围内,向USIM发送请求应用控制命令,所述请求应用控制命令中包括所述指定应用已触发应用操作的消息,其中所述指定应用为预先设定的需要USIM进行控制的应用,或者USIM产生需要对其进行应用操作控制的应用,所述应用操作的类型包括应用开启和应用关闭,以使所述USIM获取并解析所述请求应用控制命令,得到所述终端指定应用已触发应用操作的消息,并基于预设规则判断是否允许所述终端执行所述应用操作,若允许,则向所述终端发送第一响应消息,所述第一响应消息中携带允许所述终端执行所述应用操作的第一控制结果;If within the scope of the operation type, send a request application control command to the USIM, the request application control command includes a message that the specified application has triggered an application operation, wherein the specified application needs to be controlled by the USIM in advance application, or the USIM generates an application that requires application operation control, the type of application operation includes application opening and application closing, so that the USIM obtains and parses the request application control command, and obtains the specified application of the terminal The message of the application operation has been triggered, and judge whether to allow the terminal to execute the application operation based on preset rules, and if it is allowed, send a first response message to the terminal, and the first response message carries the permission of the terminal executing a first control result of the application operation; 获取并解析所述第一响应消息,得到所述第一控制结果;以及,Acquiring and parsing the first response message to obtain the first control result; and, 基于所述第一控制结果开始执行所述应用操作。Start executing the application operation based on the first control result. 5.根据权利要求4所述的方法,其特征在于,在检测到指定应用触发了应用操作后,向USIM发送请求应用控制命令之后,还包括:5. The method according to claim 4, characterized in that, after detecting that the specified application triggers the application operation, after sending the request application control command to the USIM, further comprising: 接收USIM发送的第二响应消息,其中所述第二响应消息是所述USIM判定为不允许所述终端执行所述应用操作时向所述终端发送的,所述第二响应消息中携带不允许所述终端执行所述应用操作的第二控制结果;以及,receiving a second response message sent by the USIM, where the second response message is sent to the terminal when the USIM determines that the terminal is not allowed to execute the application operation, and the second response message carries a disallowed The terminal executes a second control result of the application operation; and, 基于所述第二控制结果终止执行所述应用操作。Terminating execution of the application operation based on the second control result. 6.根据权利要求4所述的方法,其特征在于,在检测到指定应用触发了应用操作后,向USIM发送请求应用控制命令之后,还包括:6. The method according to claim 4, characterized in that, after detecting that the specified application triggers the application operation, after sending the request application control command to the USIM, further comprising: 接收USIM发送的第三响应消息,其中所述第三响应消息是所述USIM判定为不允许所述终端执行所述应用操作时向所述终端发送的,所述第三响应消息中携带不允许所述终端执行所述应用操作的第三控制结果和提示请求信息;以及,receiving a third response message sent by the USIM, where the third response message is sent to the terminal when the USIM determines that the terminal is not allowed to execute the application operation, and the third response message carries a disallowed The terminal executes the third control result of the application operation and prompt request information; and, 基于所述第三控制结果终止执行所述应用操作,并基于所述提示请求信息显示所述应用操作的终止执行结果。Terminating the execution of the application operation based on the third control result, and displaying the execution termination result of the application operation based on the prompt request information. 7.一种USIM,其特征在于,包括存储器和处理器,所述存储器中存储有计算机程序,当所述处理器运行所述存储器存储的计算机程序时,所述处理器执行根据权利要求1至3中任一项所述的基于USIM的应用控制方法。7. A USIM, characterized in that it includes a memory and a processor, wherein a computer program is stored in the memory, and when the processor runs the computer program stored in the memory, the processor executes the computer program according to claims 1 to 1. The USIM-based application control method described in any one of 3. 8.一种终端,其特征在于,包括存储器和处理器,所述存储器中存储有计算机程序,当所述处理器运行所述存储器存储的计算机程序时,所述处理器执行根据权利要求4至6中任一项所述的基于USIM的应用控制方法。8. A terminal, characterized by comprising a memory and a processor, wherein a computer program is stored in the memory, and when the processor runs the computer program stored in the memory, the processor executes the computer program according to claims 4 to 8. The USIM-based application control method described in any one of 6. 9.一种计算机可读存储介质,其上存储有计算机程序,其特征在于,所述计算机程序被处理器执行时,所述处理器执行根据权利要求1至3中任一项所述的基于USIM的应用控制方法,或者根据权利要求4至6中任一项所述的基于USIM的应用控制方法。9. A computer-readable storage medium on which a computer program is stored, wherein when the computer program is executed by a processor, the processor executes the method based on any one of claims 1 to 3 A USIM application control method, or a USIM-based application control method according to any one of claims 4 to 6.
CN202110527425.8A 2021-05-14 2021-05-14 USIM-based application control method, USIM, terminal and medium Active CN113242543B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110527425.8A CN113242543B (en) 2021-05-14 2021-05-14 USIM-based application control method, USIM, terminal and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110527425.8A CN113242543B (en) 2021-05-14 2021-05-14 USIM-based application control method, USIM, terminal and medium

Publications (2)

Publication Number Publication Date
CN113242543A CN113242543A (en) 2021-08-10
CN113242543B true CN113242543B (en) 2023-06-23

Family

ID=77134343

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110527425.8A Active CN113242543B (en) 2021-05-14 2021-05-14 USIM-based application control method, USIM, terminal and medium

Country Status (1)

Country Link
CN (1) CN113242543B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113840276B (en) * 2021-09-18 2023-05-02 中国联合网络通信集团有限公司 5G identification hiding compatible configuration method, user identification module and terminal

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110336946A (en) * 2019-07-11 2019-10-15 中国联合网络通信集团有限公司 A method and device for invoking terminal image input equipment based on USIM
CN111399946A (en) * 2020-03-25 2020-07-10 中国联合网络通信集团有限公司 Terminal application startup change control method, device, terminal and USIM
CN112188475A (en) * 2020-10-21 2021-01-05 中国联合网络通信集团有限公司 Method, USIM, computer device and medium for dynamically managing service control

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016108096A1 (en) * 2014-12-30 2016-07-07 Stmicroelectronics S.R.L. Methods for providing a response to a scp80 command requesting the execution of a proactive command, related universal integrated circuit card, mobile device, server and computer program product
CN108875396B (en) * 2018-06-28 2022-02-15 中国联合网络通信集团有限公司 File operation method, USIM card, terminal and readable storage medium
CN109195157B (en) * 2018-09-04 2021-09-07 中国联合网络通信集团有限公司 Application management method, device and terminal

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110336946A (en) * 2019-07-11 2019-10-15 中国联合网络通信集团有限公司 A method and device for invoking terminal image input equipment based on USIM
CN111399946A (en) * 2020-03-25 2020-07-10 中国联合网络通信集团有限公司 Terminal application startup change control method, device, terminal and USIM
CN112188475A (en) * 2020-10-21 2021-01-05 中国联合网络通信集团有限公司 Method, USIM, computer device and medium for dynamically managing service control

Also Published As

Publication number Publication date
CN113242543A (en) 2021-08-10

Similar Documents

Publication Publication Date Title
US12401976B2 (en) IMEI binding and dynamic IMEI provisioning for wireless devices
US10021561B2 (en) Method and apparatus for setting up communication connection
US9603189B2 (en) Method and apparatus for multisim devices with embedded SIM functionality
US9198026B2 (en) SIM lock for multi-SIM environment
CN111787521B (en) Terminal application permission obtaining method, terminal equipment and USIM
EP3793225B1 (en) Methods for sharing a virtual sim card
CN111399946B (en) Terminal application starting change control method and device, terminal and USIM
CN111355844B (en) Method, device, terminal, USIM and storage medium for terminal application startup management
CN104469982A (en) USIM card-based data connection control method and USIM card
CN112738781B (en) Method, device, terminal, USIM and medium for initiating short-range service
CN113242543B (en) USIM-based application control method, USIM, terminal and medium
CN112188475B (en) Method, USIM, computer device and medium for dynamically managing service control
CN112752247B (en) Short-distance service management method, device, terminal, USIM and medium
CN113840275B (en) Terminal session connection confirmation method, USIM, terminal, equipment and medium
CN112367661B (en) USAT application matching implementation method, USIM, terminal, device and medium
CN111741462A (en) Terminal application permission change acquisition method, terminal and USIM
CN113950035B (en) Method, terminal and UICC for dynamically updating NFC capability
CN113840276B (en) 5G identification hiding compatible configuration method, user identification module and terminal
CN114339720B (en) A cloud card authentication method, device, terminal and storage medium
CN111901792B (en) UICC application setting information management method, system and terminal
KR102819719B1 (en) How to create a session and associated devices
CN110336946B (en) A method and device for calling terminal image input device based on USIM
CN113542350B (en) Browsing state event downloading method, USIM, terminal and storage medium
CN113556714B (en) Implementation method and device for UICC to require terminal to search for NFC device
CN113556713B (en) Management method, terminal and UICC for UICC to close NFC connection

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant