CN114615057A - Gateway equipment for distributing access data based on alternative user identity module - Google Patents

Gateway equipment for distributing access data based on alternative user identity module Download PDF

Info

Publication number
CN114615057A
CN114615057A CN202210240471.4A CN202210240471A CN114615057A CN 114615057 A CN114615057 A CN 114615057A CN 202210240471 A CN202210240471 A CN 202210240471A CN 114615057 A CN114615057 A CN 114615057A
Authority
CN
China
Prior art keywords
module
management
alternative
pool
user identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210240471.4A
Other languages
Chinese (zh)
Other versions
CN114615057B (en
Inventor
邹俊伟
周鹏
朱旭东
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Chinarainbow Technology Co ltd
Original Assignee
Beijing Chinarainbow Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Chinarainbow Technology Co ltd filed Critical Beijing Chinarainbow Technology Co ltd
Priority to CN202210240471.4A priority Critical patent/CN114615057B/en
Publication of CN114615057A publication Critical patent/CN114615057A/en
Application granted granted Critical
Publication of CN114615057B publication Critical patent/CN114615057B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/66Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/42User authentication using separate channels for security data
    • G06F21/43User authentication using separate channels for security data wireless channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/16Gateway arrangements

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the invention relates to a gateway device for distributing access data based on an alternative user identity module, which comprises: the system comprises a main control unit, an access equipment interface unit, an alternative module pool management unit, a database interface unit and a management equipment interface unit. When the device receives the access data of the remote access device, the device selects a target module from the standby user identity module pool and distributes the access data to the target module, and sends back the return information of the target module to the remote access device; in addition, the device also uses a distribution record database to store the information of each access data distribution process, and provides a distribution record query function for the distribution record management device to call. The device can help a tester to save test management cost.

Description

Gateway equipment for distributing access data based on alternative user identity module
Technical Field
The invention relates to the technical field of data processing, in particular to gateway equipment for distributing access data based on an alternative user identity module.
Background
A Subscriber Identity Module (SIM) is provided on a mobile phone or an internet of things device, and the SIM is also called a SIM card. The instruction set of the user identity module comprises two parts: the system comprises a network-resident instruction set related to the networking processing of the telecommunication network and a non-network-resident instruction set related to the application of the telecommunication or the Internet of things. The network-resident instruction set is relatively fixed, and the non-network-resident instruction set is frequently changed. The user identity module needs to be tested once the non-network-resident instruction set changes. The conventional operation mode is to insert the user identity module with the updated instruction set into a card slot of the mobile phone or the internet of things device to perform real network testing, and write a real network number into each user identity module to be tested (SIM card to be tested), that is, the more mobile phones or internet of things devices to be tested, the greater the corresponding real network number requirement for testing, and thus the tester needs to store and maintain a large number of real network numbers for testing.
To solve this problem, we propose a new solution for sharing test numbers, which is composed of a front-end remote access device for the subscriber identity module, a back-end gateway device, and a pool of alternative subscriber identity modules (i.e. a pool of alternative SIM cards), etc., where a certain number of alternative subscriber identity modules (i.e. alternative SIM cards) with real network numbers are provided in the pool of alternative subscriber identity modules for test number sharing. The user identity identification module remote access equipment identifies a command sent to the user identity identification module to be tested by the mobile phone or the Internet of things equipment; if the current instruction belongs to a network-resident instruction set, namely a solidified network-logging instruction set, forwarding the current instruction as access data to the gateway equipment at the background, and finishing the network-logging operation by the gateway equipment by using a shared test number; and if the current instruction belongs to a non-network-resident instruction set, namely an instruction set to be tested related to the application of the telecommunication or the Internet of things, sending the instruction set to the user identity identification module to be tested for testing. After receiving the access data, the background gateway device selects an idle alternative user identity module from the alternative user identity module pool as a destination module, distributes an instruction analyzed from the access data to the destination module, and sends back instruction return data sent back by the destination module to the user identity module remote access device sending the access data. Therefore, a test mechanism of the shared real network number is realized based on the scheme, the test of all the user identity modules to be tested can be completed on the premise of only a small number of the test real network numbers, a test real network number can not be applied for each mobile phone or Internet of things device, and a large number of test real network numbers do not need to be reserved and maintained.
In order to implement the above solution, besides the front-end remote access device for the subscriber identity module and the background pool for the alternative subscriber identity module, a gateway device capable of implementing the function of the background gateway device is also required.
Disclosure of Invention
The present invention aims to overcome the defects of the prior art, and provides a gateway device for distributing access data based on an alternative user identity module, which comprises: the system comprises a main control unit, an access equipment interface unit, an alternative module pool management unit, a database interface unit and a management equipment interface unit. The device is connected with external user identity identification module remote access equipment, an alternative user identity identification module pool, a distribution record database and distribution record management equipment, when receiving access data of the remote access equipment, a target module is selected from the alternative user identity identification module pool and is distributed to the access data, and return information of the target module is sent back to the remote access equipment; in addition, the device also uses a distribution record database to store the information of each access data distribution process, and also provides a distribution record query function for the distribution record management device to call. The device not only realizes the device function of the background gateway device mentioned in the solution, assists the tester to save the test management cost, but also provides the functions of storing and inquiring the history distribution record.
To achieve the above object, an embodiment of the present invention provides a gateway device for distributing access data based on an alternative user identity module, where the gateway device includes: the system comprises a main control unit, an access equipment interface unit, an alternative module pool management unit, a database interface unit and a management equipment interface unit;
the main control unit is connected with one or more external user identity identification module remote access devices through the access device interface unit, is also connected with one or more external alternative user identity identification module pools through the alternative module pool interface unit, is also connected with the alternative module pool management unit, is also connected with an external distribution record database through the database interface unit, and is also connected with an external distribution record management device through the management device interface unit;
the master control unit is used for processing the application operation of the alternative user identity module of any user identity module remote access equipment by combining the access equipment interface unit and the alternative module pool management unit to obtain a corresponding first target module; in combination with the alternative module pool interface unit, the access data of the current user identity module remote access equipment is subjected to data distribution processing based on the first destination module; and combining the database interface unit to record and track the access data distribution processing process of the current user identity module remote access equipment; processing the resource release operation of the first target module by combining the access equipment interface unit and the alternative module pool management unit;
the main control unit is further configured to process, in combination with the access device interface unit and the management device interface unit, a query instruction sent by the distribution record management device;
the alternative module pool management unit is connected with all external alternative user identity module pools through the alternative module pool interface unit and is also connected with external alternative user identity module pool management equipment; the alternative module pool management unit is used for storing a first management table reflecting the state information of all alternative user identity module pools; the first management table comprises one or more first management sub-tables, the first management sub-tables comprise a plurality of first management records, the first management records comprise a module identification field, a module status field and a module occupied equipment identification field, and the module status field comprises an idle state, an occupied state and an abnormal state; each first management sub-table corresponds to a module pool identifier of an external alternative user identity module pool, and each first management record corresponds to an alternative user identity module in the external alternative user identity module pool corresponding to the current first management sub-table.
Preferably, the main control unit is specifically configured to identify an instruction sent by any one of the user identity module remote access devices received by the access device interface unit when the corresponding first destination module is obtained by processing an alternative user identity module application operation of any one of the user identity module remote access devices; if the currently received instruction is a first alternative module application instruction, equipment verification processing is carried out according to a first access equipment identifier of the first alternative module application instruction; if the device is successfully verified, sending a first alternative module selection instruction carrying the first access device identifier to the alternative module pool management unit, receiving a first module pool identifier and a first module identifier sent back, and taking an alternative user identity module matched with the first module identifier in the alternative user identity module pool matched with the first module pool identifier as the first destination module; and sending first application return data carrying the first module pool identifier and the first module identifier to the current user identity module remote access equipment.
Further, the main control unit is specifically configured to, during the device authentication processing, query a preset legal access device list according to the first access device identifier, and if a legal access device record matching the access device identifier field and the first access device identifier exists in the list, the device authentication is successful; the legal access equipment list comprises a plurality of legal access equipment records, and the legal access equipment records comprise the access equipment identification fields.
Further, the alternative module pool management unit is further configured to select, when receiving the first alternative module selection instruction sent by the main control unit, one first management record in which the module status field is in an idle state in the first management table as a destination record; modifying the module state field of the target record into an occupied state, and modifying the module occupied equipment identification field of the target record into the first access equipment identification of the first alternative module selection instruction; extracting the module pool identification corresponding to the first management sub-table where the target record is located as the corresponding first module pool identification, and extracting the module identification field of the target record as the corresponding first module identification; and sending the first module pool identification and the first module identification back to the main control unit.
Preferably, the main control unit is specifically configured to receive first access data sent by the current user identity module remote access device when the first destination module performs data distribution processing on the access data of the current user identity module remote access device, and record data receiving time as first initiation starting time; sending a first network residence instruction of the first access data to the first destination module through the alternative module pool interface unit, and receiving first return data sent back; sending the first return data to the current user identity module remote access equipment through the access equipment interface unit, and recording data sending time as first distribution ending time; the first access data comprises a first access equipment identification and the first network residence instruction.
Preferably, the main control unit is specifically configured to, when performing record tracking processing on the access data distribution processing process of the current user identity module remote access device, store a first distribution record, which is composed of the first access device identifier, the first network residence instruction, the module pool identifier and the module identifier corresponding to the first destination module, the first return data, the first distribution start time, and the first distribution end time, in the distribution record database through the database interface unit.
Preferably, the main control unit is specifically configured to, when the processing is performed on the resource release operation of the first destination module, identify an instruction sent by the remote access device of the current subscriber identity module and received by the access device interface unit; if the currently received instruction is a first alternative module release instruction, extracting a first module pool identifier and a first module identifier from the first alternative module release instruction; and sending a first module release instruction carrying the first module pool identifier and the first module identifier to the alternative module pool management unit.
Further, the alternative module pool management unit is further configured to extract the first module pool identifier and the first module identifier from the first module release instruction when receiving the first module release instruction sent by the main control unit; recording the first management sub-table matched with the first module pool identification in the first management table as a current management sub-table; recording the first management record matched with the module identification field and the first module identification in the current management sub-table as a current management record; and modifying the module state field of the current management record into an idle state, and setting the module occupied equipment identification field of the current management record to be null.
Preferably, the alternative module pool management unit is further configured to lock the first management table stored locally and prohibit modification of the first management table when receiving a configuration instruction sent by the alternative user identity module pool management device; sending the first management table to the standby user identity module pool management device, and performing management table information reconstruction on the standby user identity module pool management device by the standby user identity module pool management device; receiving a second management table sent back by the alternative user identity module pool management equipment; and unlocking the first management table stored locally, and replacing the unlocked first management table by using the second management table.
Preferably, the alternative module pool management unit is further configured to periodically send a module pool state acquisition instruction to all the alternative user identity module pools through the alternative module pool interface unit according to a preset time interval; receiving a first module pool state report sent back by each alternative user identity module pool; marking a first module data group of which the first module state data in the first module pool state report is in an abnormal state as a first abnormal module data group; if the number of the first abnormal module data groups is not 0, extracting the first management sub-table matched with the first module pool identification data of the first module pool state report in the first management table as a corresponding first matching management sub-table; marking the first management record in the first matching management sub-table, in which the module identification field is matched with the first module identification data of each first abnormal module data group, as a first abnormal management record; modifying the module state fields of all the first abnormal management records into abnormal states, wherein the module occupied equipment identification fields are all set to be null; wherein the first module pool status report includes the first module pool identification data and the first module data group; the first module data set includes the first module identification data and the first module status data; the first module status data includes a normal status and an abnormal status.
The embodiment of the invention provides gateway equipment for distributing access data based on an alternative user identity module, which comprises: the system comprises a main control unit, an access equipment interface unit, an alternative module pool management unit, a database interface unit and a management equipment interface unit. The device is connected with external user identity module remote access equipment, an alternative user identity module pool, a distribution record database and distribution record management equipment. In one interaction with the remote access equipment of the user identity module, the equipment disclosed by the invention obtains the network-resident instruction data by identifying the access data of the remote access equipment, identifies the idle state of the alternative user identity module in the alternative user identity module pool to select the current target module, distributes the data of the network-resident instruction data to the target module, and sends the instruction execution result returned from the target module back to the remote access equipment to complete the interaction. In addition, the device of the invention also records the process information of the interaction and stores the process information into a distribution record database for query. In addition, the device also provides a query function for the distribution record database, and when a query instruction of the distribution record management device is received, a corresponding query result obtained from the distribution record database is returned to the distribution record management device. The device not only assists the tester to save the test management cost, but also provides the functions of storing and inquiring the historical distribution records.
Drawings
Fig. 1 is a block diagram of a gateway device for distributing access data based on an alternative subscriber identity module according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the present invention will be described in further detail with reference to the accompanying drawings, and it is apparent that the described embodiments are only a part of the embodiments of the present invention, not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 1, which is a block diagram of a gateway device for distributing access data based on an alternative user identity module according to an embodiment of the present invention, a gateway device 1 for distributing access data based on an alternative user identity module mainly includes: a main control unit 11, an access device interface unit 12, an alternative module pool interface unit 13, an alternative module pool management unit 14, a database interface unit 15, and a management device interface unit 16.
The main control unit 11 is connected to one or more external user id module remote access devices 2 through an access device interface unit 12, connected to one or more external alternative user id module pools 3 through an alternative module pool interface unit 13, connected to an alternative module pool management unit 14, connected to an external distribution record database 5 through a database interface unit 15, and connected to an external distribution record management device 6 through a management device interface unit 16. The alternative module pool management unit 14 is connected to all external alternative user id module pools 3 through the alternative module pool interface unit 13, and is further connected to the external alternative user id module pool management device 4.
Here, the user id module entity has multiple forms, and may be a user id module entity in various encapsulation forms and various communication frequency bands (2G/3G/4G/5G/6G) in the telecommunication field and the internet of things communication field, where the entity at least includes: SIM Card, Universal Subscriber Identity Module (USIM) Card, Universal Integrated Circuit Card (UICC), embedded Subscriber Identity Module (e-SIM), etc.;
the external user identity module remote access equipment 2 can confirm the current user identity module to be tested by loading the entity user identity module or simulating the entity user identity module by using a user identity module simulation program, can create a data transmission channel between the external mobile phone or internet of things equipment and the internal user identity module to be tested, and can identify the interactive information between the mobile phone or internet of things equipment and the user identity module to be tested through the data transmission channel; the user identity module remote access device 2 is connected with the gateway device 1 through an Internet mode, and the device interface unit 12 is specifically a Protocol parsing/packaging interface of a corresponding Transmission Control Protocol/Internet Protocol (TCP/IP);
the external alternative user identity module pool 3 is a multi-module processing device which can load a plurality of user identity modules with real network numbers and can respectively carry out operations of resetting, instruction sending, instruction return data receiving and the like on the plurality of user identity modules loaded therein; the alternative user identity module pool 3 may be connected to the gateway device 1 through a Universal Serial Bus (USB), a Serial port, or a network cable, and the alternative module pool interface unit 13 is specifically a protocol parsing/encapsulating interface of a corresponding USB protocol, a Serial port protocol, or a TCP/IP protocol;
the external alternative user identity module pool management equipment 4 provides a corresponding configuration management interface through a browser or a client mode, and is connected with the gateway equipment 1 through an internet mode;
the external distribution record database 5 is connected with the gateway device 1 through the internet, and the database interface unit 15 is specifically a corresponding database access interface based on the TCP/IP protocol;
the external distribution record management device 6 provides a corresponding distribution record query interface through a browser or a client mode, and is connected with the gateway device 1 through an internet mode, and the management device interface unit 16 is specifically a corresponding query application processing interface based on a TCP/IP protocol;
the gateway device 1 is a customized gateway device having a basic gateway communication function and having a main control unit 11, an access device interface unit 12, an alternative module pool interface unit 13, an alternative module pool management unit 14, a database interface unit 15, and a management device interface unit 16.
The alternative module pool management unit 14 is configured to store a first management table reflecting state information of all the alternative user identity module pools 3; the first management table comprises one or more first management sub-tables, the first management sub-tables comprise a plurality of first management records, the first management records comprise a module identification field, a module state field and a module occupied equipment identification field, and the module state field comprises an idle state, an occupied state and an abnormal state; each first management sub-table corresponds to a module pool identifier of an external alternative user identity module pool 3, and each first management record corresponds to an alternative user identity module in the external alternative user identity module pool 3 corresponding to the current first management sub-table.
The main control unit 11 is configured to, in combination with the access device interface unit 12 and the alternative module pool management unit 14, process an alternative user identity module application operation of any user identity module remote access device 2 to obtain a corresponding first destination module; in combination with the alternative module pool interface unit 13, the access data of the current user identity module remote access device 2 is subjected to data distribution processing based on the first destination module; and the data base interface unit 15 is combined to record and track the access data distribution processing process of the current user identity module remote access equipment 2; and in conjunction with the access device interface unit 12 and the alternative module pool management unit 14, handle the resource release operation for the first destination module. The main control unit 11 is further configured to process, in combination with the access device interface unit 12 and the management device interface unit 16, the query instruction sent by the distribution record management device 6.
Here, the gateway device 1 may be externally connected with one or more subscriber identity module remote access devices 2. Before performing recognition processing on mutual information between the mobile phone/internet of things device and the user identity module to be tested, the user identity module remote access device 2 needs to send a first alternative module application instruction to the gateway device 1 to apply for an alternative user identity module for sharing a test number from the alternative user identity module pool 3, that is, a first destination module, state information of all alternative user identity modules in all the alternative user identity module pools 3 is stored in a first management table, and the gateway device 1 can confirm the first destination module by querying the first management table. After the application of the alternative module is successful, the user identity module remote access device 2 identifies a current instruction sent by the mobile phone/internet of things device to the user identity module to be tested, if the current instruction is a network-resident instruction, the current instruction is packaged into access data and forwarded to the gateway device 1, the gateway device 1 extracts the network-resident instruction from the access data and sends the network-resident instruction to the first destination module for instruction execution, the instruction return data is sent back to the user identity module remote access device 2, and then the user identity module remote access device 2 sends the instruction return data to the mobile phone/internet of things device side, so that the purpose of assisting the mobile phone/internet of things device to successfully log in a network by using the first destination module with a real network number is achieved. When the user identity module remote access device 2 stops recognizing the interaction information between the mobile phone/internet of things device and the user identity module to be tested, a first alternative module release instruction needs to be sent to the gateway device 1 so that the gateway device 1 can timely release resources of a currently occupied shared module, namely a first destination module, and use the resources for other remote access devices. In addition, the gateway device 1 records the processing procedure information of the access data distributed based on the alternative user identity module each time, and stores the processing procedure information into the distribution record database 5 for real-time reproduction and historical information query of the process. The gateway apparatus 1 also provides a plurality of query types to the distribution record management apparatus 6 based on the distribution record database 5.
In a specific implementation of the embodiment of the present invention, the main control unit 11 is specifically configured to, when processing an alternative user identity module application operation of any user identity module remote access device 2 to obtain a corresponding first-destination module, identify an instruction sent by any user identity module remote access device 2 received by the access device interface unit 12; if the currently received instruction is a first alternative module application instruction, equipment verification processing is carried out according to a first access equipment identifier of the first alternative module application instruction; if the device verification is successful, a first alternative module selection instruction carrying a first access device identifier is sent to the alternative module pool management unit 14, the sent back first module pool identifier and the sent back first module identifier are received, and an alternative user identity module matched with the first module identifier in the alternative user identity module pool 3 matched with the first module pool identifier is used as a first destination module; and sends first application return data carrying the first module pool identifier and the first module identifier to the current user identity module remote access device 2.
Here, the detailed processing steps for processing the candidate subscriber identity module application operation of any subscriber identity module remote access device 2 to obtain the corresponding first destination module in the foregoing are described.
Further, in the above steps, the specific implementation of the main control unit 11 performing the device verification processing according to the first access device identifier of the first candidate module application instruction may be various. In another specific implementation of the embodiment of the present invention, the main control unit 11 is specifically configured to, during device verification processing, query a preset legal access device list according to the first access device identifier, and if a legal access device record exists in the list, where an access device identifier field matches the first access device identifier, the device verification is successful; the legal access equipment list comprises a plurality of legal access equipment records, and the legal access equipment records comprise access equipment identification fields.
Further, in the above steps, after the main control unit 11 sends the first candidate module selection instruction to the candidate module pool management unit 14, the corresponding processing flow on the module pool management unit 14 side may be activated. Correspondingly, the alternative module pool management unit 14 is further configured to select, when receiving a first alternative module selection instruction sent by the main control unit 11, a first management record with a module status field in an idle state in the first management table as a destination record; modifying the module state field of the target record into an occupied state, and modifying the module occupied equipment identification field of the target record into a first access equipment identification of the first alternative module selection instruction; extracting a module pool identifier corresponding to a first management sub-table where the target record is located as a corresponding first module pool identifier, and extracting a module identifier field of the target record as a corresponding first module identifier; and sends the first module pool identifier and the first module identifier back to the main control unit 11.
It should be noted that, the alternative module pool managing unit 14 has various implementations when selecting a first management record with an idle module status field from the first management table as the destination record. In another specific implementation of the embodiment of the present invention, the alternative module pool managing unit 14 is specifically configured to, when a first management record with an idle module status field is selected as a destination record in the first management table, extract all first management records with an idle module status field from the first management table to form a first management record set; and sequencing all the first management records in the first management record set according to the sequence of the flow package prices of the alternative user identity identification modules corresponding to the first management records from small to large, and taking the first management record with the top sequencing as a target record. In this way, the alternative user identity module corresponding to the destination record selected each time is the sharing module with the lowest flow consumption cost in the currently available sharing modules.
In another specific implementation of the embodiment of the present invention, the main control unit 11 is specifically configured to receive first access data sent by the current user identity module remote access device 2 when performing data distribution processing on access data of the current user identity module remote access device 2 based on the first destination module, and record data receiving time as first branch starting time; a first network residence instruction of first access data is sent to a first destination module through the alternative module pool interface unit 13, and first return data sent back is received; sending first return data to the current user identity module remote access device 2 through the access device interface unit 12, and recording data sending time as first distribution end time; the first access data comprises a first access equipment identification and a first network residence instruction.
Here, the detailed processing steps of performing data distribution processing on the access data of the current user identity module remote access device 2 based on the first destination module in the foregoing are explained.
It should be noted that, when the main control unit 11 sends the first network residence instruction of the first access data to the first destination module through the alternative module pool interface unit 13, the specific steps are as follows: the main control unit 11 encapsulates the first module identifier of the first destination module and the first network residence instruction into a corresponding first module execution instruction, and sends the first module execution instruction to the alternative user identity module pool 3 corresponding to the first module pool identifier of the first destination module through the alternative module pool interface unit 13. Correspondingly, at the side of the candidate user id module pool 3, the candidate user id module corresponding to the first module identifier in the first module execution instruction is selected to complete the instruction execution of the first network-hosting instruction in the first module execution instruction, and after the instruction execution is completed, the instruction return data returned by the corresponding candidate user id module is sent back to the main control unit 11 as the first return data.
In another specific implementation of the embodiment of the present invention, the main control unit 11 is specifically configured to, when performing record tracking processing on an access data distribution processing procedure of the current user identity module remote access device 2, store a first distribution record, which is composed of a first access device identifier, a first network residence instruction, a module pool identifier and a module identifier corresponding to a first destination module, first return data, a first distribution start time, and a first distribution end time, in the distribution record database 5 through the database interface unit 15.
Here, the detailed processing steps of the record tracking processing performed on the access data distribution processing procedure with the current subscriber identity module remote access device 2 in the foregoing are explained.
It should be noted that, the gateway device 1 may create a plurality of basic query modes based on the data type in the first distribution record stored in the distribution record database 5, including: inquiring according to access equipment, inquiring according to a network residence instruction, inquiring according to a module pool identifier, inquiring according to the module pool identifier plus the module identifier, inquiring according to time and the like; and the method can also be combined based on the multiple basic query modes to create a corresponding advanced query mode. In another specific implementation of the embodiment of the present invention, the main control unit 11 is specifically configured to, when processing the query instruction sent by the distribution record management device 6, extract the query type and the query keyword from the query instruction; when the query type is according to the query of the access device, the query keyword is used as the current query device identifier, and all the distribution records matched with the current query device identifier in the distribution record database 5 are collected to generate a corresponding first query report which is returned to the distribution record management device 6; when the query type is query according to the network residing instruction, the query keyword is used as the current network residing instruction, and all the distribution records matched with the network residing instruction in the distribution record database 5 are collected to generate a corresponding second query report which is returned to the distribution record management equipment 6; when the query type is query according to the module pool identifier, the query keyword is used as the current module pool identifier, and all the distribution records matched with the current module pool identifier in the distribution record database 5 are summarized to generate a corresponding third query report which is returned to the distribution record management equipment 6; when the query type is query according to the module pool identifier + the module identifier, extracting a current module pool identifier and a current module identifier from the query keyword, and summarizing all distribution records in the distribution record database 5, wherein the module pool identifier is matched with the current module pool identifier and the module identifier is matched with the current module identifier to generate a corresponding fourth query report and return the fourth query report to the distribution record management device 6; when the query type is a query by time, extracting a first time period composed of a current start time and a current end time from the query keyword, and summarizing all distribution records in the distribution record database 5, in which the distribution time period composed of the distribution start time and the distribution end time satisfies the first time period, to generate a corresponding fifth query report, and returning the fifth query report to the distribution record management device 6.
In another specific implementation of the embodiment of the present invention, the main control unit 11 is specifically configured to, when processing a resource release operation on the first destination module, identify an instruction, which is received by the access device interface unit 12 and sent by the current user identity module remote access device 2; if the currently received instruction is a first alternative module release instruction, extracting a first module pool identifier and a first module identifier from the first alternative module release instruction; and sends a first module release instruction carrying the first module pool identifier and the first module identifier to the alternative module pool management unit 14.
Here, the detailed processing steps for processing the resource release operation of the first destination module in the foregoing are explained.
Further, in the above steps, after the main control unit 11 sends the first module release instruction to the alternative module pool management unit 14, the corresponding processing flow on the module pool management unit 14 side is activated. Correspondingly, the alternative module pool managing unit 14 is further configured to extract the first module pool identifier and the first module identifier from the first module release instruction when receiving the first module release instruction sent by the main control unit 11; recording a first management sub-table matched with the first module pool identifier in the first management table as a current management sub-table; recording a first management record matched with the first module identifier in the current management sub-table as a current management record; and modifying the module state field of the current management record into an idle state, and setting the equipment identifier field occupied by the module of the current management record to be null.
The alternative module pool management unit 14 is further configured to lock the locally stored first management table and prohibit modification of the locally stored first management table when receiving the configuration instruction sent by the alternative user identity module pool management device 4; the first management table is sent to the alternative user identity module pool management device 4, and the alternative user identity module pool management device 4 carries out management table information reconstruction on the first management table; receiving a second management table sent back by the alternative user identity module pool management equipment 4; and unlocking the first management table stored locally, and replacing the unlocked first management table by using the second management table.
Here, the main function of the alternative module pool managing unit 14 is to configure and maintain a first management table; during configuration, the new table is received from the alternative user identity module pool management device 4 to replace the original table.
The alternative module pool management unit 14 is further configured to periodically send a module pool state acquisition instruction to all the alternative user identity module pools 3 through the alternative module pool interface unit 13 according to a preset time interval; receiving a first module pool state report sent back by each alternative user identity module pool 3; marking a first module data group of which the first module state data in the first module pool state report is in an abnormal state as a first abnormal module data group; if the number of the first abnormal module data groups is not 0, extracting a first management sub-table which is matched with the first module pool identification data of the first module pool state report from the first management table as a corresponding first matching management sub-table; marking a first management record in the first matching management sub-table, wherein the module identification field is matched with the first module identification data of each first abnormal module data group, as a first abnormal management record; modifying all module state fields of the first abnormal management record into abnormal states, and setting all module occupied equipment identification fields to be null; wherein the first module pool status report includes a first module pool identification data and a plurality of first module data sets; the first module data set comprises first module identification data and first module state data; the first module status data includes a normal status and an abnormal status.
Here, the ways in which the alternative module pool management unit 14 maintains the first management table mainly include two main types: 1) an active maintenance class, which periodically sends module pool state acquisition instructions to all the alternative user identity module pools 3 in a group mode to obtain replied first module pool state reports, and if module information of an abnormal state exists in the first module pool state reports, the state of a corresponding module in the first management table is also modified into the abnormal state; 2) and in the passive maintenance mode, the state of the relevant module is set to be an occupied state when a first candidate module selection instruction sent by the main control unit 11 is received, and the state of the relevant module is set to be an idle state when a first module release instruction sent by the main control unit 11 is received. The passive maintenance processing steps of the alternative module pool managing unit 14 have been described in the foregoing, and the above paragraphs mainly describe the active maintenance processing steps of the alternative module pool managing unit 14.
It should be noted that the division of each unit of the above device is only a division of a logical function, and the actual implementation may be wholly or partially integrated into one physical entity, or may be physically separated. And these units can be implemented entirely in software, invoked by a processing element; or may be implemented entirely in hardware; and part of the units can be realized in the form of calling software by the processing element, and part of the units can be realized in the form of hardware. For example, the main control unit may be a processing element that is set up separately, or may be implemented by being integrated in a chip of the above apparatus, or may be stored in a memory of the above apparatus in the form of program code, and a processing element of the above apparatus calls and executes the functions of the above determination unit. The other units are implemented similarly. In addition, all or part of the units can be integrated together or can be independently realized. The processing element described herein may be an integrated circuit having signal processing capabilities. In the implementation process, each processing step or each unit above of the device can be completed by a hardware integrated logic circuit in a processor element or instructions in the form of software.
For example, the above units may be one or more integrated circuits configured to implement the above device processing steps, such as: one or more Application Specific Integrated Circuits (ASICs), or one or more Digital Signal Processors (DSPs), or one or more Field Programmable Gate Arrays (FPGAs), etc. As another example, when some of the above units are implemented in the form of Processing element scheduler code, the Processing element may be a general purpose processor, such as a Central Processing Unit (CPU) or other processor that may invoke the program code. As another example, these units may be integrated together and implemented in the form of a System-on-a-chip (SOC).
In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the invention to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored on a computer readable storage medium or transmitted from one computer readable storage medium to another computer readable storage medium, for example, the computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center via wire (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, bluetooth, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that includes one or more of the available media. The usable medium may be a magnetic medium (e.g., a floppy disk, a hard disk, a magnetic tape), an optical medium (e.g., a DVD), or a semiconductor medium (e.g., a Solid State Disk (SSD)), etc.
The embodiment of the invention provides gateway equipment for distributing access data based on an alternative user identity module, which comprises: the system comprises a main control unit, an access equipment interface unit, an alternative module pool management unit, a database interface unit and a management equipment interface unit. The device is connected with external user identity module remote access equipment, an alternative user identity module pool, a distribution record database and distribution record management equipment. In one interaction with the remote access equipment of the user identity module, the equipment disclosed by the invention obtains the network-resident instruction data by identifying the access data of the remote access equipment, identifies the idle state of the alternative user identity module in the alternative user identity module pool to select the current target module, distributes the data of the network-resident instruction data to the target module, and sends the instruction execution result returned from the target module back to the remote access equipment to complete the interaction. In addition, the device of the invention also records the process information of the interaction and stores the process information into a distribution record database for query. In addition, the device also provides a query function for the distribution record database, and when a query instruction of the distribution record management device is received, a corresponding query result obtained from the distribution record database is returned to the distribution record management device. The device not only assists the tester to save the test management cost, but also provides the functions of storing and inquiring the historical distribution records.
Those of skill would further appreciate that the various illustrative components and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the technical solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied in hardware, a software module executed by a processor, or a combination of the two. A software module may reside in Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are merely exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims (10)

1. A gateway device for distributing access data based on an alternative subscriber identity module, the device comprising: the system comprises a main control unit, an access equipment interface unit, an alternative module pool management unit, a database interface unit and a management equipment interface unit;
the main control unit is connected with one or more external user identity identification module remote access devices through the access device interface unit, is also connected with one or more external alternative user identity identification module pools through the alternative module pool interface unit, is also connected with the alternative module pool management unit, is also connected with an external distribution record database through the database interface unit, and is also connected with an external distribution record management device through the management device interface unit;
the main control unit is used for processing the application operation of the alternative user identity module of the remote access equipment of any user identity module to obtain a corresponding first target module by combining the access equipment interface unit and the alternative module pool management unit; in combination with the alternative module pool interface unit, the access data of the current user identity module remote access equipment is subjected to data distribution processing based on the first destination module; and combining the database interface unit to record and track the access data distribution processing process of the current user identity module remote access equipment; processing the resource release operation of the first target module by combining the access equipment interface unit and the alternative module pool management unit;
the main control unit is further configured to process, in combination with the access device interface unit and the management device interface unit, a query instruction sent by the distribution record management device;
the alternative module pool management unit is connected with all external alternative user identity module pools through the alternative module pool interface unit and is also connected with external alternative user identity module pool management equipment; the alternative module pool management unit is used for storing a first management table reflecting the state information of all alternative user identity module pools; the first management table comprises one or more first management sub-tables, the first management sub-tables comprise a plurality of first management records, the first management records comprise a module identification field, a module status field and a module occupied equipment identification field, and the module status field comprises an idle state, an occupied state and an abnormal state; each first management sub-table corresponds to a module pool identifier of an external alternative user identity module pool, and each first management record corresponds to an alternative user identity module in the external alternative user identity module pool corresponding to the current first management sub-table.
2. The gateway device for distributing access data based on an alternative subscriber identity module according to claim 1,
the main control unit is specifically configured to identify an instruction sent by any one of the user identity module remote access devices received by the access device interface unit when the corresponding first destination module is obtained by processing an alternative user identity module application operation of any one of the user identity module remote access devices; if the currently received instruction is a first alternative module application instruction, equipment verification processing is carried out according to a first access equipment identifier of the first alternative module application instruction; if the device is successfully verified, sending a first alternative module selection instruction carrying the first access device identifier to the alternative module pool management unit, receiving a first module pool identifier and a first module identifier sent back, and taking an alternative user identity module matched with the first module identifier in the alternative user identity module pool matched with the first module pool identifier as the first destination module; and sending first application return data carrying the first module pool identifier and the first module identifier to the current user identity module remote access equipment.
3. The gateway device for distributing access data based on an alternative subscriber identity module according to claim 2,
the main control unit is specifically configured to, during the device verification process, query a preset legal access device list according to the first access device identifier, and if a legal access device record exists in the list, where an access device identifier field matches the first access device identifier, the device verification is successful; the legal access equipment list comprises a plurality of legal access equipment records, and the legal access equipment records comprise the access equipment identification fields.
4. The gateway device for distributing access data based on an alternative subscriber identity module according to claim 2,
the alternative module pool management unit is further configured to select, as a destination record, the first management record in which the module status field is in an idle state in the first management table when receiving the first alternative module selection instruction sent by the main control unit; modifying the module state field of the target record into an occupied state, and modifying the module occupied equipment identification field of the target record into the first access equipment identification of the first alternative module selection instruction; extracting the module pool identification corresponding to the first management sub-table where the target record is located as the corresponding first module pool identification, and extracting the module identification field of the target record as the corresponding first module identification; and sending the first module pool identification and the first module identification back to the main control unit.
5. The gateway device for distributing access data based on an alternative subscriber identity module according to claim 1,
the main control unit is specifically configured to receive first access data sent by a current user identity module remote access device when the first destination module performs data distribution processing on access data of the current user identity module remote access device, and record data receiving time as first dispatch starting time; sending a first network residence instruction of the first access data to the first destination module through the alternative module pool interface unit, and receiving first return data sent back; sending the first return data to the current user identity module remote access equipment through the access equipment interface unit, and recording data sending time as first distribution ending time; the first access data comprises a first access equipment identification and the first network residence instruction.
6. The gateway device for distributing access data based on an alternative subscriber identity module according to claim 5,
the main control unit is specifically configured to, when performing record tracking processing on the access data distribution processing process of the current user identity module remote access device, store a first distribution record, which is composed of the first access device identifier, the first network hosting instruction, the module pool identifier and the module identifier corresponding to the first destination module, the first return data, the first distribution start time, and the first distribution end time, in the distribution record database through the database interface unit.
7. The gateway device for distributing access data based on an alternative subscriber identity module according to claim 1,
the main control unit is specifically configured to identify, when the processing is performed on the resource release operation of the first destination module, an instruction sent by the current user identity module remote access device received by the access device interface unit; if the currently received instruction is a first alternative module release instruction, extracting a first module pool identifier and a first module identifier from the first alternative module release instruction; and sending a first module release instruction carrying the first module pool identifier and the first module identifier to the alternative module pool management unit.
8. The gateway device for distributing access data based on an alternative subscriber identity module according to claim 7,
the standby module pool management unit is further configured to extract the first module pool identifier and the first module identifier from the first module release instruction when receiving the first module release instruction sent by the main control unit; recording the first management sub-table matched with the first module pool identifier in the first management table as a current management sub-table; recording the first management record matched with the module identification field and the first module identification in the current management sub-table as a current management record; and modifying the module state field of the current management record into an idle state, and setting the module occupied equipment identification field of the current management record to be null.
9. The gateway device for distributing access data based on an alternative subscriber identity module according to claim 1,
the alternative module pool management unit is further configured to lock the locally stored first management table and prohibit modification of the locally stored first management table when receiving a configuration instruction sent by the alternative user identity module pool management device; sending the first management table to the standby user identity module pool management device, and performing management table information reconstruction on the standby user identity module pool management device by the standby user identity module pool management device; receiving a second management table sent back by the alternative user identity module pool management equipment; and unlocking the first management table stored locally, and replacing the unlocked first management table by using the second management table.
10. The gateway device for distributing access data based on an alternative subscriber identity module according to claim 1,
the alternative module pool management unit is also used for sending a module pool state acquisition instruction to all the alternative user identity module pools at regular intervals according to a preset time interval through the alternative module pool interface unit; receiving a first module pool state report sent back by each alternative user identity module pool; marking a first module data group of which the first module state data in the first module pool state report is in an abnormal state as a first abnormal module data group; if the number of the first abnormal module data groups is not 0, extracting the first management sub-table matched with the first module pool identification data of the first module pool state report in the first management table as a corresponding first matching management sub-table; marking the first management record in the first matching management sub-table, in which the module identification field is matched with the first module identification data of each first abnormal module data group, as a first abnormal management record; modifying the module state fields of all the first abnormal management records into abnormal states, wherein the module occupied equipment identification fields are all set to be null; wherein the first module pool status report includes the first module pool identification data and the first module data group; the first module data set includes the first module identification data and the first module status data; the first module status data includes a normal status and an abnormal status.
CN202210240471.4A 2022-03-10 2022-03-10 Gateway equipment for distributing access data based on alternative user identity module Active CN114615057B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210240471.4A CN114615057B (en) 2022-03-10 2022-03-10 Gateway equipment for distributing access data based on alternative user identity module

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210240471.4A CN114615057B (en) 2022-03-10 2022-03-10 Gateway equipment for distributing access data based on alternative user identity module

Publications (2)

Publication Number Publication Date
CN114615057A true CN114615057A (en) 2022-06-10
CN114615057B CN114615057B (en) 2024-04-09

Family

ID=81863168

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210240471.4A Active CN114615057B (en) 2022-03-10 2022-03-10 Gateway equipment for distributing access data based on alternative user identity module

Country Status (1)

Country Link
CN (1) CN114615057B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105356898A (en) * 2015-11-23 2016-02-24 小米科技有限责任公司 User identity identification card box
US20160249204A1 (en) * 2015-02-25 2016-08-25 Uros Technology S.À R.L. Mobile apparatus with multiple subscriber identity modules
CN106538042A (en) * 2014-07-19 2017-03-22 三星电子株式会社 Subscriber identification module management method and electronic device supporting the same
CN107105427A (en) * 2017-04-28 2017-08-29 天津泰岳小漫科技有限公司 Communication means and device based on passage SIM card
US20210319132A1 (en) * 2018-09-03 2021-10-14 VeChain Global Technology, S.AR.L Methods and Devices For Managing User Identity Authentication Data

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106538042A (en) * 2014-07-19 2017-03-22 三星电子株式会社 Subscriber identification module management method and electronic device supporting the same
US20160249204A1 (en) * 2015-02-25 2016-08-25 Uros Technology S.À R.L. Mobile apparatus with multiple subscriber identity modules
CN105356898A (en) * 2015-11-23 2016-02-24 小米科技有限责任公司 User identity identification card box
CN107105427A (en) * 2017-04-28 2017-08-29 天津泰岳小漫科技有限公司 Communication means and device based on passage SIM card
US20210319132A1 (en) * 2018-09-03 2021-10-14 VeChain Global Technology, S.AR.L Methods and Devices For Managing User Identity Authentication Data

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
周章慧;王同洋;吴俊军;张新访;: ""空中写卡的安全性分析及一种实现"", 《信息安全与通信保密》, no. 09 *
李丽: ""机会网络中数据传输策略研究"", 《中国博士学位论文全文数据库》, no. 01, pages 20 - 31 *

Also Published As

Publication number Publication date
CN114615057B (en) 2024-04-09

Similar Documents

Publication Publication Date Title
CN106339222B (en) A kind of service implementing method and device
CN101345751B (en) Identifying application user as source of database activity
CN103415014B (en) The method and apparatus authenticated is carried out for mobile terminal
CN109582655B (en) Method and device for positioning system log and computer readable storage medium
CN105993156A (en) Server access authentication method and device
CN106331060B (en) WIFI-based deployment and control method and system
CN112671878B (en) Block chain information subscription method, device, server and storage medium
CN112235124B (en) Method and device for configuring pico-cell, storage medium and electronic device
CN112888028B (en) Method and device for switching traffic service by switching life cycle state
CN114615057A (en) Gateway equipment for distributing access data based on alternative user identity module
US20100222022A1 (en) Communication method, communication system and access method to service provider base
CN110474891A (en) Business access control method and device based on multisystem smart machine
CN114170700A (en) Attendance checking method and device
CN109348053B (en) Telephone number mark processing method, server, terminal device and computer readable storage medium
CN114567902B (en) Real network test system of user identity module
CN109285036B (en) Internet of things service processing method and device and storage medium
CN109801029B (en) Cross-node service cooperation system and method
CN115208831B (en) Request processing method, device, equipment and storage medium
CN113067951B (en) Terminal communication management method and device, computer equipment and readable storage medium
CN114599024A (en) Equipment for processing multiple user identification modules
CN110196862B (en) Data scene construction method, device, server and system
CN115766532A (en) Link monitoring method and device, storage medium and electronic device
WO2021121175A1 (en) Sim card allocation method and apparatus, and server and computer-readable storage medium
CN115175190A (en) Receipt recognition system for network logistics
CN116346667A (en) System production verification method and device and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant