阅读说明：本技术 初始接入控制方法、装置、终端、智能卡及存储介质 (It is initially accessed control method, device, terminal, smart card and storage medium ) 是由 彭锦 谢振华 游世林 余万涛 林兆骥 于 2019-01-10 设计创作，主要内容包括：本发明实施例提供一种初始接入控制方法、装置、终端、智能卡及存储介质,在进行在初始接入完成之前,当从基站接收到消息时,如果判断接收到的消息为非初始接入注册流程的消息,则确定不对该消息进行处理,在某些实施过程中,可避免终端在初始接入完成之前处理伪基站发送的非初始接入注册流程的消息而被伪基站攻击的情况发生,从而提升终端初始接入过程的安全性。(The embodiment of the present invention provides a kind of initial access control method, device, terminal, smart card and storage medium, it is carrying out before being initially accessed completion, when receiving message from base station, if it is determined that the message received is the message of non-initial access registration process, then determination is not handled the message, in certain implementation processes, terminal be can avoid the case where the message for the non-initial access registration process that the preceding processing pseudo-base station for being initially accessed completion is sent is attacked by pseudo-base station, to promote the safety of terminal initial access procedure.)

1. a kind of initial access control method, comprising:

Before being initially accessed completion, message is received from base station；

When the message received is the message of non-initial access registration process, determination is not handled the message.

2. as described in claim 1 be initially accessed control method, which is characterized in that the determination not to the message at Before reason, further includes:

Obtain preset initial access safety control strategy；

It is the message for not receiving the non-initial access registration process that the base station is sent in the initial access safety control strategy When, determination is not handled the message.

3. as described in claim 1 be initially accessed control method, which is characterized in that the message received be it is non-initial When the message of access registration process, the method also includes at least one of:

Cipher key acquisition request is sent to core net；

The message is recorded, and the message of record is issued to the core net net of access after the initial access is completed Member.

4. being initially accessed control method as claimed in claim 3, which is characterized in that described to be asked to core net transmission key acquisition Before asking, further includes: determine that the message is a piece of news received in initial access process from the base station, or determine The current local key without cipher key acquisition request institute request.

5. initial access control method according to any one of claims 1-4, which is characterized in that the method also includes:

When the message received is to be initially accessed the message of register flow path, the message is handled.

6. such as the described in any item initial access control methods of claim 2-4, which is characterized in that preset the initial access peace Full control strategy includes at least one of:

Receive the initial access safety control strategy of write-in；

Network signal is carried out with the network element of homing core net to interact, and is obtained from the network signal and is initially accessed security control plan Slightly.

7. being initially accessed control method as claimed in claim 6, which is characterized in that preset the initial access security control plan When slightly including the initial access safety control strategy of reception write-in, the method also includes:

After the initial access safety control strategy for receiving write-in, the initial access safety control strategy is issued into ownership core Heart net.

8. such as the described in any item initial access control methods of claim 2-4, which is characterized in that the initial access is controlled safely System strategy includes the first safety control strategy and the second safety control strategy；

First safety control strategy is included in initial access process, does not receive the non-initial access registration stream of base station transmission The network list of the message of journey；

Second safety control strategy is included in initial access process, receives the non-initial access registration process of base station transmission Message network list.

9. a kind of initial access control device characterized by comprising

Message reception module, for receiving message from base station before being initially accessed completion；

Control module, the message for receiving in the message reception module are the message of non-initial access registration process When, determination is not handled the message.

10. being initially accessed control device as claimed in claim 9, which is characterized in that the control module is also used to determine not Before handling the message, preset initial access safety control strategy is obtained, in the initial access security control Strategy is just to determine at not to the message when not receiving the message for the non-initial access registration process that the base station is sent Reason.

11. a kind of terminal, which is characterized in that including first processor, first memory and the first communication bus；

First communication bus is for connecting the first processor with first memory；

The first processor is for executing the computer program stored in the first memory, to realize such as claim 1- The step of 8 described in any item initial access control methods.

12. a kind of smart card, which is characterized in that connect including second processor, second memory, the second communication bus and communication Mouthful；

For connecting the second processor with second memory, the communication interface is used for institute second communication bus Second memory is stated to connect with the first processor where the smart card in terminal；

The second processor or the first processor are used to execute the computer program stored in the second memory, with The step of realizing initial access control methods as described in any item such as claim 1-8.

13. a kind of computer readable storage medium, which is characterized in that the computer-readable recording medium storage have one or Multiple computer programs, one or more of computer programs can be executed by one or more processor, to realize such as The step of claim 1-8 described in any item initial access control methods.

Technical field

The present embodiments relate to but be not limited to the communications field, in particular to but be not limited to a kind of initial access and control Method, apparatus, terminal, smart card and storage medium processed.

Background technique

Third generation partner program (3rd Generation Partnership Project, 3GPP) has been formulated various The specification of mobile network, and the mobile network according to these specification deployment is also just by the attack of various pseudo-base stations.

At present for the prevention of the attack of pseudo-base station primarily directed to after mobile terminal core network access stage institute into Capable；Blank is then in the prevention control in the initial access process stage of mobile terminal core network access.In the related art, Mobile terminal be initially accessed core net complete before (namely in initial access process), do not have distinguish base station whether be The ability of pseudo-base station, and will receive message transmitted by base station in its initial access process, and base station is initial in mobile terminal It is also transmittable to be initially accessed register flow path other than it can send the related news for being initially accessed register flow path in access procedure Except the message such as other message, such as emergency notice.In the related art, either which kind of message base station sends, mobile whole End can all carry out reception processing.This is resulted in during mobile terminal is initially accessed core net, if pseudo-base station is whole to movement End has sent other message being initially accessed except register flow path, mobile terminal receive directly handled after the message and In the presence of the security risk attacked by pseudo-base station, cause the safety of the initial access process of mobile terminal low.

Summary of the invention

Initial access control method, device, terminal, smart card and storage medium provided in an embodiment of the present invention, it is main to solve Certainly the technical issues of, is: solve the relevant technologies for terminal before being initially accessed core net this stage without take precautions against pseudo-base station attack The measure hit causes terminal initial access procedure safety low.

In order to solve the above technical problems, the embodiment of the present invention provides a kind of initial access control method, comprising:

Before being initially accessed completion, message is received from base station；

When the message received is the message of non-initial access registration process, determine at not to the message Reason.

In order to solve the above technical problems, the embodiment of the present invention provides a kind of initial access control device, comprising:

Message reception module, for receiving message from base station before being initially accessed completion；

Control module, the message for receiving in the message reception module are non-initial access registration process When message, determination is not handled the message.

In order to solve the above technical problems, the embodiment of the present invention also provides a kind of terminal, including first processor, the first storage Device and the first communication bus；

First communication bus is for connecting the first processor with first memory；

The first processor is as described above to realize for executing the computer program stored in the first memory Initial access control method the step of.

In order to solve the above technical problems, the embodiment of the present invention also provides a kind of smart card, including second processor, second deposit Reservoir, the second communication bus and communication interface；

For connecting the second processor with second memory, the communication interface is used for second communication bus The second memory is connect with the first processor where the smart card in terminal；

The second processor or the first processor are for executing the computer journey stored in the second memory Sequence, to realize the step of being initially accessed control method as described above.

In order to solve the above technical problems, the embodiment of the present invention also provides a kind of computer readable storage medium, the calculating Machine readable storage medium storing program for executing is stored with one or more computer program, and one or more of computer programs can be by one Or multiple processors execute, to realize the step of being initially accessed control method as described above.

The beneficial effects of the present invention are:

Initial access control method, device, terminal, smart card and the storage medium provided according to embodiments of the present invention, In It carries out before being initially accessed completion, when receiving message from base station, if it is determined that the message received is non-initial access The message of register flow path, it is determined that the message is not handled, and then can avoid terminal in the preceding processing for being initially accessed completion The message for the non-initial access registration process that pseudo-base station is sent and the case where attacked by pseudo-base station, to promote terminal initial The safety of access procedure.

Other features of the invention and corresponding beneficial effect are described in the aft section of specification, and should be managed Solution, at least partly beneficial effect is apparent from from the record in description of the invention.

Detailed description of the invention

Fig. 1 is the initial access control method flow diagram that the embodiment of the present invention one provides；

Fig. 2 is that the determination that the embodiment of the present invention one provides offsets the flow diagram whether breath is handled；

Fig. 3 is initial access controling device structure diagram provided by Embodiment 2 of the present invention；

Fig. 4 is the terminal structure schematic diagram that the embodiment of the present invention three provides；

Fig. 5 is the smart card architecture schematic diagram that the embodiment of the present invention three provides；

Fig. 6 is the communication system architecture schematic diagram that the embodiment of the present invention three provides；

Fig. 7 is that the terminal security that the embodiment of the present invention three provides is initially accessed control flow schematic diagram.

Specific embodiment

In order to make the objectives, technical solutions, and advantages of the present invention clearer, below by specific embodiment knot Attached drawing is closed to be described in further detail the embodiment of the present invention.It should be appreciated that specific embodiment described herein is only used to It explains the present invention, is not intended to limit the present invention.