CN101127634B - A method and system for secure update and upgrade of mobile station - Google Patents
A method and system for secure update and upgrade of mobile station Download PDFInfo
- Publication number
- CN101127634B CN101127634B CN2006101152793A CN200610115279A CN101127634B CN 101127634 B CN101127634 B CN 101127634B CN 2006101152793 A CN2006101152793 A CN 2006101152793A CN 200610115279 A CN200610115279 A CN 200610115279A CN 101127634 B CN101127634 B CN 101127634B
- Authority
- CN
- China
- Prior art keywords
- security
- travelling carriage
- information
- tsm
- related information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The utility model discloses a safe renewing and upgrading method for the traveling carriage, which is characterized in that: in the wireless network, the safe server at the wireless network side confirms the safe update information of the traveling carriage according to the safety-related information report sent by the traveling carriage, and send the relevant information to the traveling carriage; the information related to the operating system or/and the application software in the safe update information is sent to the operating system or/and the application software by the security agent SCA of the traveling carriage, and then the operating system or/and the application software make according updates or/and upgrades according to the information. By adopting the method, the problems in the prior art are solved: the information exchange between the security agent SCA of the traveling carriage and the operating system and the application software is only one-way, and the safe update information concerning the operating system and the application software can not be acquired from the security agent SCA, therefore the corresponding update or/and upgrade can not be carried out by the traveling carriage on time and thus the traveling carriage is open to attack by the Internet threat when the traveling carriage get access to the external grouped data nets. The utility model also provides a traveling carriage and an associated response system.
Description
Technical field
The present invention relates to mobile communication system, particularly a kind of method and system thereof of safety updating of mobile station upgrading.
Background technology
Along with Packet data service replaces the traditional circuit voice gradually, the mobile operator network is tending towards IPization.In the internet system based on the ICP/IP protocol stack, each network node, every main frame, each user are equality, exist the danger of penetration at a single point, the whole network paralysis.
Along with applied business is greatly abundant, third party application service provider ASP increases gradually, value-added service of professional trend and fine management.The mobile subscriber is when obtaining more diversified service, and the security risk of bringing for self and network also increases greatly.For example: because user identity is stolen, enterprise might make the internal resource of oneself be exposed to unauthorized user; Application system may be destroyed or be abused; Application service quality descends even not available.
Along with developing rapidly of virus technology, when viral large-scale outbreak, the mass data flow that transmits in the network is the junk data that produced by virus and detection, attack traffic, not only cause the wasting of resources, the network efficiency and the safety of operator have been had a strong impact on, also to user terminal and professional adverse influence and the security threat of producing.
For controlling easily from the security threat of carrier network inside, its safety ensures easily.Comparatively speaking, portable terminal is easier is invaded by virus, and distribution is more extensive.Therefore the portable terminal that function is small and weak can't guarantee that client all is equipped with antivirus software or fire compartment wall because resource-constrained causes protective capacities lower.Even the Secure Application software client all is installed, because unified control, the user can not in time carry out security update probably, causes the potential safety hazard such as expired of system vulnerability or virus base.
The security mechanism of traditional standard 3GPP, WLAN, WiMAX etc., access authentification of user, professional transmission security have been ensured, but because the opening and the security breaches of application service provider and IP network itself, still be not enough to deal with security threats such as the virus that emerges in an endless stream, worm from application.
In traditional cable network field, the trustable network interconnect architecture TNC standard that the TCG tissue proposes based on the internet network, proposed the integrality notion of network insertion terminal, had only by the network side checking, the terminal that meets the service network security strategy could access network.For the problems such as unreliability that the mobility among the mobile network, roaming, little terminal, terminal are easily lost, radio open connects, it is not considered targetedly but simultaneously.At mobile data service security feature end to end, mobile network register user's distinctive service characteristic needs also to rethink that for example UE poisons or misoperation, often causes problems such as unreasonable charge, decreased performance.In addition, the separation between machine and card of mobile network's mobile phone terminal, WAP (wireless access protocol) or the like problem independently also all remain to be considered.
Existing security attack is divided into two classes: the network attack of layer Network Based and attack based on the service of application layer, the former carried out before network connects establishment stage and application service, the latter then after network connect to be set up, the attack of in the process of application service is provided, initiating.Often network attack is carrier with the service, and the purpose of attacking is harm network system and service system.Usually, security threat is divided into following several:
Terminal use: usurp number of the account, steal other privacy informations; Abuse user paid service, service quality descends;
Terminal system: the destruction system causes decreased performance or unavailable; For example user's prevention awareness is poor, the terminal security configuration is limited, all may cause portable terminal to become the springboard of virus attack easily;
Mobile network system: virus or worm propagation cause network resources waste and are abused, and attack specific network element or transmission system;
Application service system: poisoning, assault, order the leakage of user profile, the availability of application service.
In order to protect the mobile network, prior art adopts associated response system, and (Correlative ReactingSystem, CRS) prevention is from the security threat of dangerous terminal.Consult shown in Figure 1ly, the CRS system comprises the TSM Security Agent (SCA) of mobile station side, the security server (SCS) of network side, the control final controlling element of network side.The control final controlling element can be that network access controller (NAC) is or/and application service controller (ASC).
TSM Security Agent SCA and security server SCS communicate by the Ic interface, simultaneously, security server SCS is by other net element communication in Ics interface and the Public Land Mobile Nerwork (PLMN), and by the communication between them and mutual, the CRS system provides the security control to travelling carriage.
TSM Security Agent SCA be responsible for collecting travelling carriage security related information (Security CorrelativeInformation, SCI), to its handle the back generate the security related information report and and security server SCS communicate.The safe condition of travelling carriage is assessed and judged to the security related information report that security server SCS sends by analysis TSM Security Agent SCA, and whether the safe condition of travelling carriage is allowed to accesses network and the various application services of application.
After security server SCS receives the security related information report that TSM Security Agent SCA sends, the assessment of being correlated with, if security server SCS is according to thinking that travelling carriage safety inadequately, security server SCS can issue corresponding safety control strategy indication NAC or ASC does suitable control to the access to netwoks and the application service visit of travelling carriage.Security server SCS also can send to TSM Security Agent SCA in the travelling carriage to the security evaluation result of travelling carriage and determined safety control strategy.
Security server SCS is for mobile subscriber's access to netwoks control and application service access control, be to realize by the control to the employed travelling carriage of user, its Back ground Information source is the various services that security related information is reported and the mobile subscriber has applied in mobile data network or customized that TSM Security Agent SCA sends to security server SCS.For the travelling carriage that TSM Security Agent SCA is installed, when travelling carriage was connected to data network, the function of TSM Security Agent SCA started simultaneously.If network side has upgrading that suitable travelling carriage carries out security update or/and lastest imformation, security server SCS can notify TSM Security Agent SCA to assist travelling carriage to upgrade accordingly or/and upgrade.
In existing associated response system, TSM Security Agent SCA in the travelling carriage can only collect from travelling carriage operating system and Secure Application software, the security association information of arrangement travelling carriage, and in the security update information that security server SCS can not sent with travelling carriage operating system or/and the relevant information of Secure Application software sends to described operating system or/and Secure Application software, therefore, when network side has suitable travelling carriage to upgrade or/and during the security update information of upgrading, the operating system of travelling carriage self is upgraded or/and Secure Application software can't in time upgrade, and it is difficult to safely be protected when visit external packet data net to make travelling carriage.
Summary of the invention
The invention provides the method and the system thereof of the upgrading of safety updating of mobile station in a kind of wireless network, in order to solve in the security update information that the TSM Security Agent SCA that exists in the existing associated response system in the travelling carriage can not send security server SCS with travelling carriage operating system or/and the relevant information of application software sends to described operating system or/and the problem of application software.
A kind of method that in wireless network, realizes the safety updating of mobile station upgrading, be applied to associated response system CRS, associated response system comprises travelling carriage and security server, travelling carriage comprises TSM Security Agent, communicate by escape way between TSM Security Agent and the security server, described method comprises step:
The security server of wireless network side is determined the security update information of this travelling carriage according to the security related information report of the TSM Security Agent transmission of travelling carriage, and described security update information is sent to the TSM Security Agent of described travelling carriage, the TSM Security Agent that described security related information is reported as in the described travelling carriage passes through the security related information that the Ica interface is collected travelling carriage, and organizes described security related information to generate according to the safety message strategy;
TSM Security Agent SCA in the described travelling carriage analyzes the security update information of receiving, according to the analysis result of security update information by described Ica interface with in the security update information with operating system or/and the relevant information of Secure Application software sends to described operating system or/and Secure Application software, by described operating system or/and Secure Application software upgrade accordingly or/and upgrade according to this information.
According to said method:
When comprising the information relevant with TSM Security Agent in the described security update information, TSM Security Agent SCA upgrades or/and upgrade according to this information automatically.
Carry in the described security update information and upgrade or/and the uniform resource locator URL address at upgrading resource place, travelling carriage operating system and Secure Application software carry out online upgrading or security update according to this URL address.
Travelling carriage upgrades or/and upgrading is further pointed out the user after finishing.
Whether described travelling carriage points out the user to select to upgrade after receiving security update information; If the user agrees to upgrade, then return acknowledge message to security server; Otherwise the prompting user does not carry out that travelling carriage upgrades or/and the result that upgrading may cause, and returns failed message to security server.
Initiatively send the security related information report by travelling carriage to described security server; Perhaps, described security server initiatively sends security related information report request to travelling carriage after obtaining security update information, and travelling carriage sends the security related information report according to this request message to security server.
The back through consultation security information transmission channel of setting up transmits information between described security server and the travelling carriage.
Travelling carriage is presented to the user according to the querying command of user's input with the local security report of this travelling carriage of reflection current safe state.
A kind of travelling carriage is applied to associated response system CRS, and this system comprises travelling carriage and security server, and travelling carriage comprises TSM Security Agent, communicates by escape way between TSM Security Agent and the security server, and described TSM Security Agent comprises:
The unit that is used for storage security reporting strategy, security related information and security update information;
Be used for sending the unit that the security update information that security server issues was reported and received to security related information to security server;
Be used for organizing the security related information of travelling carriage and generating security related information report according to the safety message strategy, and the unit of analyzing the security update information that security server issues;
Be used for collecting the security related information of travelling carriage by the Ica interface, and according to the analysis result of security update information unit by the described Ica interface information that Secure Application software is relevant or/and Secure Application software transmits in the security update information with operating system to described travelling carriage operating system, make described operating system or/and Secure Application software upgrade accordingly or/and upgrade according to this information.Described travelling carriage also comprises:
Be used for unit to mobile subscriber's output information and reception user's input command.
Be used for querying command, extract the unit of the local security report of this travelling carriage of reflection current safe state according to user's input.
A kind of associated response system, this system comprises travelling carriage and security server, travelling carriage comprises TSM Security Agent, communicates by escape way between TSM Security Agent and the security server, comprising:
TSM Security Agent in the travelling carriage: be used for the security related information by the collection of Ica interface, arrangement travelling carriage, the generation security related information is reported and is reported to the security server transmission security related information of network side; Receive and analyze the security update information that security server issues, according to the analysis result of described security update information by described Ica interface with in the security update information with operating system or/and the relevant information of Secure Application software sends to travelling carriage operating system or/and Secure Application software, by described operating system or/and Secure Application software upgrade accordingly according to this information or/and upgrade;
Security server: be used for security related information report that the TSM Security Agent of receiving mobile sends and this security related information report is analyzed, determine the security update information that described travelling carriage is relevant and be handed down to the TSM Security Agent of travelling carriage according to analysis result.
Beneficial effect of the present invention is as follows:
The present invention by security server according to the security related information of travelling carriage report determine the security update information of travelling carriage and issue, the TSM Security Agent SCA in the travelling carriage with in the security update information with operating system or/and the relevant information of application software sends to described operating system or/and application software.Like this, the operating system of travelling carriage self and application software can be upgraded timely or/and upgrade, and when travelling carriage visit wireless network, threaten for diverse network and can play better protective action.In addition, travelling carriage is after security update finishes or receives the various safety commands or strategy that security server issues, generate the local security report of reflection travelling carriage current safe state, be convenient to the safe condition that the user inquires about travelling carriage at any time, and travelling carriage institute canned data can not lost after travelling carriage shutdown or power down.
Fig. 1 is associated response system architecture and an environment under the prior art.
Description of drawings
Fig. 2 is associated response system architecture and an environment in the embodiment of the invention.
Fig. 3 is a TSM Security Agent SCA functional structure chart in the embodiment of the invention.
Fig. 4 A is that the TSM Security Agent that security server triggers in the embodiment of the invention upgrades flow chart.
Fig. 4 B upgrades flow chart for the TSM Security Agent that travelling carriage in the existing associated response system triggers.
Fig. 5 A is that security server triggers in the embodiment of the invention travelling carriage operating system is or/and Secure Application software upgrading upgrading flow chart.
Fig. 5 B is that travelling carriage triggers in the embodiment of the invention travelling carriage operating system is or/and Secure Application software upgrading upgrading flow chart.
Fig. 5 C is that travelling carriage upgrades or/and the flow chart of upgrading in the embodiment of the invention.
In wireless network, for the operating system and the application software that make travelling carriage self can in time be carried out security update, the present invention determines the security update information of travelling carriage by security server according to the security related information report of travelling carriage and issues, TSM Security Agent SCA in the travelling carriage with in the security update information with operating system or/and the relevant information of application software sends to described operating system or/and application software, finish renewal, upgrading by it according to this information.Described application software comprises Secure Application software and other application software.
Embodiment
Consult shown in Figure 2ly, the associated response system in the embodiment of the invention comprises travelling carriage 20 and security server 21.Communicate connection by the Ic interface between security server 21 and the travelling carriage 20.Described travelling carriage 20 possesses the wireless network access function, is used to be connected to network, application server or other travelling carriages and carries out data communication; Further comprise TSM Security Agent 200 in the travelling carriage 20, be used for collecting, the security related information of arrangement travelling carriage 20, generate the security related information report and this report is sent to security server 21, and the reception safety clothes security update information of device 21 transmissions, described travelling carriage 20 is all finished by TSM Security Agent 200 with communicating by letter of security server 21, communication between TSM Security Agent 200 and the security server 21 should be based on certain specific escape way, can send escape way by any one party and set up message and select whether to set up escape way before beginning communication, the foundation of described escape way can be by WTLS, TLS, IPsec, AKA consults to wait to realize.Described security server 21 is used to receive, analyze security related information report that travelling carriage 20 sends, determine the security update information that travelling carriage 20 is relevant, and this information is sent to TSM Security Agent 200.
In the embodiment of the invention, travelling carriage TSM Security Agent 200 comprises OS Type, version, the patch information of travelling carriage 20 in the security related information report that security server 21 sends, type, version, database date, the log information of travelling carriage Secure Application software, travelling carriage hardware configuration, hardware change, communication port of travelling carriage opening and closing of fault or the like.
Security server 21 is after the security related information report that receives TSM Security Agent 200 transmissions, described security related information report is analyzed, and judge whether that according to analysis result suitable travelling carriage 20 carries out the patch of self operating system update, the lastest imformation of assembly or Secure Application software, if have, security server 21 can send corresponding security update information to TSM Security Agent 200 and upgrade accordingly or/and upgrade to assist travelling carriage 20, the patch that comprises the travelling carriage operating system update in the described security update information, AKU information and resource address, Secure Application software upgrading upgrade information and resource address, the version information of TSM Security Agent software and download address etc.And security server 21 also will be issued security server with corresponding strategy.
These patches, AKU or more new resources all at travelling carriage operating system update server (MobileStation Operating System Updating Server, MSOS-US) and Secure Application software server (Security Application Software Server, SAS-S) on, and provide online upgrading, update service by these servers.
Consult shown in Figure 3ly, TSM Security Agent 200 comprises communication unit 30, information process unit 31, information exchange unit 32, memory cell 33 and interface management unit 34 in the embodiment of the invention.Described communication unit 30 is used for consulting and setting up the information transfer channel of safety between TSM Security Agent 200 and security server 21, send the security related information report or determine information to security server 21, and receive the security update information that security server 21 sends; Described information process unit 31 is used for according to the security related information of safety message strategy arrangement travelling carriage 20 and analyzes the security update information that security server 21 sends, and generates the local security report of user prompt information and reflection travelling carriage current safety situation; Described information exchange unit 32 is used for collecting the security related information of travelling carriage 20 and sending this information to information process unit 31 by the Ica interface, perhaps will send travelling carriage operating system or Secure Application software to by the Ica interface through the security update information that information process unit 31 is analyzed; Memory cell 33 is used for the security related information of storing mobile station 20, security update information, safety message strategy and the travelling carriage daily record that security server 21 sends, after travelling carriage 20 shutdown or power down, the various information that TSM Security Agent 200 obtains can not lost like this; Interface management unit 34 is used to realize the information interaction between mobile subscriber and the TSM Security Agent 200, for the user shows output information and accepts the order of user's input.
Consult shown in Fig. 4 A, when network side safety server 21 was known the redaction issue that travelling carriage TSM Security Agent 200 is arranged, security server 21 sent security related information report request to TSM Security Agent 200; TSM Security Agent 200 sends the security related information report to security server 21, comprises the version information of TSM Security Agent 200 in the described report; After security server 21 is analyzed described security related information report, determine to be fit to TSM Security Agent 200 according to analysis result and carry out the security update information of edition upgrading and this information is sent to TSM Security Agent 200; TSM Security Agent 200 is analyzed described security update information, filters out the information relevant with TSM Security Agent 200 upgradings and returns confirmation to security server 21; TSM Security Agent 200 carries out corresponding online according to the information that receives to be upgraded or/and upgrade.
Consult shown in Fig. 4 B, above-mentioned TSM Security Agent 200 automatic renewal processes also can initiatively send security related information report by TSM Security Agent 200 and trigger.
Consult shown in Fig. 5 A, when network side safety server 21 was known the information issue that travelling carriage operating system is arranged upgrades or/and Secure Application software upgrades, security server 21 sent security related informations report request to TSM Security Agent 200; TSM Security Agent 200 sends the security related informations report to security server 21, comprise travelling carriage operating system in the described report or/and the version information of Secure Application software, patch information or/and database date; After the described security related information of security server 21 analyses was reported, the security update information of upgrading also sent to TSM Security Agent 200 with this information or/and Secure Application software is correlated with renewal to determine suitable travelling carriage operating system according to analysis result; 200 pairs of described security update information of TSM Security Agent are analyzed, are screened, will be with travelling carriage operating system or/and the relevant information of Secure Application software sends to described operating system Secure Application software and send confirmations to security server 21; Upgrade or/and upgrading by corresponding online or/and Secure Application software carries out according to the information that receives for described operating system.
Consult shown in Fig. 5 B, above-mentioned travelling carriage operating system is or/and Secure Application automatic software updating process also can initiatively send security related information report by TSM Security Agent 200 triggers.
Consult shown in Fig. 5 C, in the associated response system, the detailed process of travelling carriage 20 security update upgrading is as follows:
Step 500: when network side had new security update information, security server 21 sent security related information report request to TSM Security Agent 200.
Step 501: TSM Security Agent 200 generates the security related information report and this security related information report is sent to security server 21 by the security related information of the collection of Ica interface, arrangement travelling carriage 20.
Step 502: security server 21 receives and analyzes described security related information report, determine to be fit to the security update information of travelling carriage 20 and this information is sent to TSM Security Agent 200 according to analysis result, the patch, AKU information and the resource address that comprise the travelling carriage operating system update in the described security update information, Secure Application software upgrading upgrade information and resource address.
Step 503: 200 pairs of described security update information of TSM Security Agent are analyzed, are screened, and will upgrade or/and the resource at upgrade resource information and this information place is unified the URL address of locator sending to travelling carriage operating system and Secure Application software accordingly by the Ica interface.
Step 504: whether TSM Security Agent 200 points out users to select to upgrade or/and upgrade, if then carry out step 505, otherwise carry out step 508.
Step 505: TSM Security Agent 200 sends confirmation to security server 21.
Step 506: travelling carriage operating system and Secure Application software carry out online security update according to the corresponding security update server of the message reference of described reception.
Step 507: TSM Security Agent 200 prompting user security upgrade and finish, and generate the local security report according to travelling carriage 20 current safe conditions.
Step 508: TSM Security Agent 200 sends failure information to security server 21, the reason of notice security server 21 safety updating of mobile station failure.
In the foregoing description, security server 21 also should issue corresponding strategy when issuing security update information, is used to instruct TSM Security Agent 200 how to carry out security update information.
Travelling carriage upgrades or/and during upgrading when the user selects not carry out, TSM Security Agent 200 does not carry out the consequence that security update may cause to user prompt, and inquire repeatedly whether the user selects to carry out the travelling carriage renewal or/and upgrade, and when refusing at every turn, the user all point out the user not carry out the consequence that security update may cause.In the process of repeatedly inquiry, if the user agrees to carry out the travelling carriage renewal or/and upgrade, then TSM Security Agent 200 sends confirmation to security server 21, assists travelling carriage 20 to carry out corresponding security update; The user still refuses to carry out the travelling carriage renewal or/and upgrade if the inquiry number of times reaches preset threshold, and then TSM Security Agent 200 sends failure informations to security server 21, the reason that 21 security update this time of notice security server are failed.
In addition, the opportunity that the local security report generates is unfixing, for example, when the access to netwoks of 21 pairs of travelling carriages 20 of security server limits and will control advisory travelling carriage 20 or security server 21 assessment result of safe condition is sent to travelling carriage 20, all can trigger the generation of local security report.After described local security report generated, travelling carriage 20 deposited this report in memory cell 33 for user inquiring.
When the current safe condition of user's active inquiry travelling carriage 20, the user is by the 34 input inquiry orders of interface management unit, interface management unit 34 is transmitted to information process unit 31 with this querying command, information process unit 31 obtains the local security report of reflection travelling carriage 20 current safe state in memory cell 33 according to described querying command, and this report returned to interface management unit 34, the user is presented to described safety message again in interface management unit 34.
Obviously, those skilled in the art can carry out various changes and modification to the present invention and not break away from the spirit and scope of the present invention.Like this, if of the present invention these are revised and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification interior.
Claims (13)
1. in wireless network, realize the method that safety updating of mobile station is upgraded for one kind, it is characterized in that, be applied to associated response system CRS, associated response system comprises travelling carriage and security server, travelling carriage comprises TSM Security Agent, communicate by escape way between TSM Security Agent and the security server, described method comprises step:
The security server of wireless network side is determined the security update information of this travelling carriage according to the security related information report of the TSM Security Agent transmission of travelling carriage, and described security update information is sent to the TSM Security Agent of described travelling carriage, the TSM Security Agent that described security related information is reported as in the described travelling carriage passes through the security related information that the Ica interface is collected travelling carriage, and organizes described security related information to generate according to the safety message strategy;
TSM Security Agent SCA in the described travelling carriage analyzes the security update information of receiving, according to the analysis result of security update information by described Ica interface with in the security update information with operating system or/and the relevant information of Secure Application software sends to described operating system or/and Secure Application software, by described operating system or/and Secure Application software upgrade accordingly or/and upgrade according to this information.
2. the method for claim 1 is characterized in that, when comprising the information relevant with TSM Security Agent in the described security update information, TSM Security Agent SCA upgrades or/and upgrade according to this information automatically.
3. the method for claim 1, it is characterized in that, carry in the described security update information and upgrade or/and the uniform resource locator URL address at upgrading resource place, travelling carriage operating system and Secure Application software carry out online upgrading or security update according to this URL address.
4. as each described method of claim 1-3, it is characterized in that, initiatively send the security related information report to described security server by travelling carriage; Perhaps, described security server initiatively sends security related information report request to travelling carriage after obtaining security update information, and travelling carriage sends the security related information report according to this request message to security server.
5. method as claimed in claim 4 is characterized in that, whether described travelling carriage points out the user to select to upgrade after receiving security update information; If the user agrees to upgrade, then return acknowledge message to security server; Otherwise the prompting user does not carry out that travelling carriage upgrades or/and the result that upgrading may cause, and returns failed message to security server.
6. method as claimed in claim 5 is characterized in that, travelling carriage upgrades or/and upgrading is further pointed out the user after finishing.
7. the method for claim 1 is characterized in that, the back through consultation security information transmission channel of setting up transmits information between described security server and the travelling carriage.
8. the method for claim 1 is characterized in that, also comprises step:
TSM Security Agent SCA generates the local security report and presents to the user according to the travelling carriage current safe state.
9. a travelling carriage is characterized in that, is applied to associated response system CRS, and this system comprises travelling carriage and security server, and travelling carriage comprises TSM Security Agent, communicates by escape way between TSM Security Agent and the security server, and described TSM Security Agent comprises:
The unit that is used for storage security reporting strategy, security related information and security update information;
Be used for sending the unit that the security update information that security server issues was reported and received to security related information to security server;
Be used for organizing the security related information of travelling carriage and generating security related information report according to the safety message strategy, and the unit of analyzing the security update information that security server issues;
Be used for collecting the security related information of travelling carriage by the Ica interface, and according to the analysis result of security update information unit by the described Ica interface information that Secure Application software is relevant or/and Secure Application software transmits in the security update information with operating system to described travelling carriage operating system, make described operating system or/and Secure Application software upgrade accordingly or/and upgrade according to this information.
10. travelling carriage as claimed in claim 9 is characterized in that, also comprises:
Be used for unit to mobile subscriber's output information and reception user's input command.
11. travelling carriage as claimed in claim 9 also comprises:
Be used for querying command, extract the unit of the local security report of this travelling carriage of reflection current safe state according to user's input.
12. an associated response system is characterized in that this system comprises travelling carriage and security server, travelling carriage comprises TSM Security Agent, communicates by escape way between TSM Security Agent and the security server, comprising:
TSM Security Agent in the travelling carriage: be used for the security related information by the collection of Ica interface, arrangement travelling carriage, the generation security related information is reported and is reported to the security server transmission security related information of network side; Receive and analyze the security update information that security server issues, according to the analysis result of described security update information by described Ica interface with in the security update information with operating system or/and the relevant information of Secure Application software sends to travelling carriage operating system or/and Secure Application software, by described operating system or/and Secure Application software upgrade accordingly according to this information or/and upgrade; Security server: be used for security related information report that the TSM Security Agent of receiving mobile sends and this security related information report is analyzed, determine the security update information that described travelling carriage is relevant and be handed down to the TSM Security Agent of travelling carriage according to analysis result.
13. system as claimed in claim 12 is characterized in that, the TSM Security Agent in the described travelling carriage comprises:
The unit that is used for storage security reporting strategy, security related information and security update information;
Be used for sending the unit that the security update information that security server issues was reported and received to security related information to security server;
Be used for organizing the security related information of travelling carriage and generating security related information report according to the safety message strategy, and the unit of analyzing the security update information that security server issues;
Be used for collecting the security related information of travelling carriage by the Ica interface, and according to the analysis result of security update information unit by the described Ica interface information that Secure Application software is relevant or/and Secure Application software transmits in the security update information with operating system to described travelling carriage operating system, make described operating system or/and Secure Application software upgrade accordingly or/and upgrade according to this information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2006101152793A CN101127634B (en) | 2006-08-15 | 2006-08-15 | A method and system for secure update and upgrade of mobile station |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2006101152793A CN101127634B (en) | 2006-08-15 | 2006-08-15 | A method and system for secure update and upgrade of mobile station |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101127634A CN101127634A (en) | 2008-02-20 |
| CN101127634B true CN101127634B (en) | 2010-10-20 |
Family
ID=39095566
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2006101152793A Active CN101127634B (en) | 2006-08-15 | 2006-08-15 | A method and system for secure update and upgrade of mobile station |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101127634B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA2829104C (en) * | 2011-03-09 | 2019-01-15 | Irdeto B.V. | Method and system for dynamic platform security in a device operating system |
| CN103186396B (en) * | 2011-12-30 | 2018-01-12 | 上海博泰悦臻电子设备制造有限公司 | System, adaptive device and startup method are realized in vehicle-mounted end, vehicle-mounted end upgrading |
| CN103617074A (en) * | 2013-11-29 | 2014-03-05 | 中国航空无线电电子研究所 | Software communication system structure logic device system and monitoring, inquiring and controlling method |
| CN105302425B (en) * | 2014-05-30 | 2019-03-08 | 联想(北京)有限公司 | A kind of processing method and electronic equipment of application |
| CN105590061B (en) * | 2014-12-17 | 2018-09-21 | 中国银联股份有限公司 | Secure operating system update method for credible performing environment |
| US10003600B2 (en) * | 2015-01-26 | 2018-06-19 | Mobile Iron, Inc. | Identity proxy to provide access control and single sign on |
| CN109299124B (en) * | 2018-09-30 | 2021-01-08 | 北京字节跳动网络技术有限公司 | Method and apparatus for updating a model |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030177389A1 (en) * | 2002-03-06 | 2003-09-18 | Zone Labs, Inc. | System and methodology for security policy arbitration |
| CN1763713A (en) * | 2004-10-22 | 2006-04-26 | 华为技术有限公司 | Mobile terminal software edition updating method |
-
2006
- 2006-08-15 CN CN2006101152793A patent/CN101127634B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030177389A1 (en) * | 2002-03-06 | 2003-09-18 | Zone Labs, Inc. | System and methodology for security policy arbitration |
| CN1763713A (en) * | 2004-10-22 | 2006-04-26 | 华为技术有限公司 | Mobile terminal software edition updating method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101127634A (en) | 2008-02-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100571157C (en) | A kind of method and system thereof that realizes the travelling carriage security control | |
| CN101127634B (en) | A method and system for secure update and upgrade of mobile station | |
| US8331904B2 (en) | Apparatus and a security node for use in determining security attacks | |
| CN101291249B (en) | Method for configuring and displaying name of household base station, and name of internal customer group | |
| CN104270467B (en) | A kind of virtual machine management-control method for mixed cloud | |
| US20200259791A1 (en) | Method and system for controlling internet browsing user security | |
| CN102082802A (en) | Behavior-based mobile terminal security protection system and method | |
| CN101257678A (en) | Method, terminal and system for realizing mobile terminal software safe detection | |
| CN101232509A (en) | Equipment, system and method for supporting insulation mode network access control | |
| CN101185355A (en) | Apparatus and methods for determining network access performance of a wireless device | |
| CN101223800A (en) | Apparatus and methods for protecting data on a wireless device | |
| CN110213215A (en) | A kind of resource access method, device, terminal and storage medium | |
| CN102209326A (en) | Malicious behavior detection method and system based on smartphone radio interface layer | |
| CN109347806A (en) | A kind of the digging mine malware detection system and method for Intrusion Detection based on host monitoring technology | |
| CN104244281A (en) | Base station detection method and base station detection device | |
| CN101378312B (en) | Safety payment control system and method based on broadband network | |
| CN107094298A (en) | Take precautions against module, wireless network access device and the method for illegal wireless network insertion | |
| CN109246769A (en) | A kind of PDU session establishing method and device | |
| CN108737421B (en) | Method, system, device and storage medium for discovering potential threats in network | |
| CN100591010C (en) | Method and system for real time monitoring radio terminal based on biological information | |
| CN106203067B (en) | A kind of method for cleaning and device of application program | |
| CN100512531C (en) | Method and system for policy control in associated response system | |
| CN111372245A (en) | LTE network interception method and system | |
| KR100748340B1 (en) | Apparatus and method of integral management for wireless internet service | |
| CN100536386C (en) | Method for updating security related information in associated response system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |