Method, apparatus, device, medium and product for processing device location information
By performing authorization authentication and information processing in the UICC of the terminal device, the security vulnerability of location information sharing of terminal devices is solved, and a secure and universal location information sharing is achieved.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- CHINA MOBILE COMM LTD RES INST
- Filing Date
- 2024-07-08
- Publication Date
- 2026-06-05
AI Technical Summary
In existing technologies, the sharing of location information by terminal devices has security vulnerabilities, which can easily lead to the leakage of privacy information, and lacks universality and security guarantees.
By implementing a location information processing method in the UICC of the terminal device, a request from the business platform is received, authorization authentication is performed based on the first identifier and the set authorization information, it is determined whether the requester has been authorized, and the location information is sent after authorization is obtained.
It enables secure sharing of location information from terminal devices, meets general needs, takes into account user privacy protection, and improves the security and reliability of location information sharing.
Smart Images

Figure CN118972830B_ABST
Abstract
Description
Technical Field
[0001] This application relates to the field of wireless communication, and more particularly to a method, apparatus, device, medium, and product for processing device location information. Background Technology
[0002] With the widespread application of smart terminals and the rise of the mobile Internet of Things, the location information of various terminal devices has become important privacy information, requiring a reasonable security control mechanism. In addition, in order to meet the universality of location information sharing, that is, to get rid of location sharing that relies on dedicated APP (application software) and simplify the preconditions for location information sharing, there is an urgent need for a universal mechanism for location information sharing based on hardware characteristics. Summary of the Invention
[0003] In view of this, embodiments of this application provide a method, apparatus, device, medium, and product for processing device location information, aiming to meet the needs of universality and security in sharing device location information.
[0004] The technical solution of this application embodiment is implemented as follows:
[0005] In a first aspect, embodiments of this application provide a method for processing device location information, applied to a Universal Integrated Circuit Card (UICC) of a terminal device, the method comprising:
[0006] A first request is received from the business platform. The first request is used to obtain the location information of the terminal device. The first request carries a first identifier indicating the requester.
[0007] Based on the first identifier and the set authorization information, determine whether the requester has been authorized;
[0008] If it is determined that the requesting party has been authorized, the location information of the terminal device is sent to the service platform.
[0009] In the above scheme, the set authorization information includes at least: authorized identity information indicating the authorized object; the step of determining whether the requester has been authorized based on the first identifier and the set authorization information includes:
[0010] Based on the first identifier and the authorized identity information, it is determined whether the first identifier falls within the authorized identity information. If yes, it is determined that the requesting party has obtained authorization; otherwise, it is determined that the requesting party has not obtained authorization.
[0011] In the above scheme, the set authorization information includes: authorized identity information indicating the authorized object and authorized attribute information indicating the access attributes of the authorized object. Determining whether the requester has been authorized based on the first identifier and the set authorization information includes:
[0012] Based on the first identifier and the authorized identity information, determine whether the first identifier falls within the authorized identity information. If yes, determine the access attribute of the requester based on the first identifier and the authorized attribute information, and obtain the authorization result of the requester based on the access attribute. If no, determine that the requester has not been authorized.
[0013] In the above scheme, obtaining the authorization result of the requester based on the access attribute includes:
[0014] If the access attribute is the first attribute that allows silent access, then it is determined that the requester has been authorized;
[0015] If the access attribute is a second attribute that does not allow silent access, then the terminal device is triggered to display the first request and receive the authorization result returned by the terminal device, and the requester is determined to have been authorized based on the authorization result.
[0016] The method in the above scheme further includes:
[0017] Receive a second request from the service platform, the second request being used to request the activation of location information sharing of the terminal device;
[0018] Based on the second request, a response indicating whether the sharing of the location information of the terminal device has been enabled is returned to the service platform, and a first activation identifier representing whether the sharing of the location information of the terminal device has been enabled is stored.
[0019] The method in the above scheme further includes:
[0020] Receive pending authorization information from the business platform;
[0021] The system generates the set authorization information based on the authorization information to be confirmed, and returns the set authorization information to the business platform.
[0022] The method in the above scheme further includes:
[0023] Receive a third request from the business platform or the terminal device;
[0024] Based on the third request, the sharing of the terminal device's location information is turned off, and the status of the first activation identifier is updated.
[0025] Secondly, embodiments of this application provide a method for processing device location information, applied to a business platform, the method comprising:
[0026] Receive a location query request from a requester, the location query request carrying a first identifier and a second identifier, the first identifier indicating the requester and the second identifier indicating the terminal device to be queried;
[0027] A first request for obtaining the location information of the terminal device is generated based on the location query request, and the first request carries the first identifier.
[0028] Send the first request to the UICC of the terminal device;
[0029] Receive the location information of the terminal device returned by the UICC.
[0030] The method in the above scheme further includes:
[0031] A second request is sent to the UICC of the terminal device, the second request being used to request the activation of location information sharing of the terminal device;
[0032] Receive a response from the UICC indicating whether to enable the sharing of the terminal device's location information;
[0033] The second activation identifier corresponding to the terminal device is updated based on the response, and the second activation identifier indicates whether the terminal device has enabled location information sharing.
[0034] In the above scheme, before sending the first request to the UICC of the terminal device, the method further includes:
[0035] Based on the second activation identifier corresponding to the terminal device, it is determined that the terminal device has activated the sharing of location information.
[0036] The method in the above scheme further includes:
[0037] Send pending authorization information to the UICC of the terminal device;
[0038] Receive the set authorization information returned by the UICC; wherein the set authorization information includes at least: authorized identity information indicating the authorized object;
[0039] Before sending the first request to the UICC of the terminal device, the method further includes:
[0040] Based on the first identifier and the authorized identity information, it is determined that the first identifier falls within the authorized identity information.
[0041] The method in the above scheme further includes:
[0042] A third request is sent to the UICC of the terminal device; the third request is used to instruct the terminal device to disable the sharing of location information.
[0043] Thirdly, embodiments of this application provide a device for processing device location information, applied to the UICC of a terminal device, the device comprising:
[0044] The first receiving module is configured to receive a first request from the business platform, the first request being used to obtain the location information of the terminal device, and the first request carrying a first identifier indicating the requester.
[0045] The authentication module is used to determine whether the requester has been authorized based on the first identifier and the set authorization information;
[0046] The first sending module is used to send the location information of the terminal device to the service platform if it is determined that the requester has been authorized.
[0047] Fourthly, embodiments of this application provide a device for processing device location information, applied to a business platform, the device comprising:
[0048] The second receiving module is used to receive a location query request from a requester. The location query request carries a first identifier and a second identifier, wherein the first identifier indicates the requester and the second identifier indicates the terminal device to be queried.
[0049] The generation module is configured to generate a first request for obtaining the location information of the terminal device based on the location query request, wherein the first request carries the first identifier;
[0050] The second sending module is used to send the first request to the UICC of the terminal device;
[0051] The third receiving module is used to receive the location information of the terminal device returned by the UICC.
[0052] Fifthly, embodiments of this application provide a Universal Integrated Circuit Card (UICC), including: a processor and a memory for storing a computer program capable of running on the processor, wherein, when the processor is used to run the computer program, it executes the steps of the method described in the first aspect of embodiments of this application.
[0053] In a sixth aspect, embodiments of this application provide a business platform, including: a processor and a memory for storing computer programs capable of running on the processor, wherein, when the processor is used to run the computer programs, it executes the steps of the method described in the second aspect of embodiments of this application.
[0054] In a seventh aspect, embodiments of this application provide a computer storage medium storing a computer program, which, when executed by a processor, implements the steps of the method described in any aspect of embodiments of this application.
[0055] Eighthly, embodiments of this application provide a computer program product, including a computer program that, when executed by a processor, implements the steps of the method described in any aspect of embodiments of this application.
[0056] The technical solution provided in this application embodiment involves a terminal device's UICC receiving a first request from a service platform. This first request is used to obtain the terminal device's location information and carries a first identifier indicating the requester. Based on the first identifier and predefined authorization information, it is determined whether the requester has been authorized. If authorization is confirmed, the terminal device's location information is sent to the service platform. This allows for location information sharing between the terminal device's UICC and the service platform, meeting the need for universality. Furthermore, by authenticating the requester and confirming authorization before sending the location information to the service platform, location information sharing can be achieved while protecting user privacy, meeting the needs for both universality and security in location information sharing. Attached Figure Description
[0057] Figure 1 This is a schematic diagram illustrating the process of a SIM card requesting location information from a terminal in related technologies.
[0058] Figure 2 This is a flowchart illustrating the method for processing device location information according to an embodiment of this application;
[0059] Figure 3 This is another flowchart illustrating the method for processing device location information according to an embodiment of this application;
[0060] Figure 4 This is a schematic diagram of the system architecture in an application embodiment of this application;
[0061] Figure 5 This is a schematic diagram illustrating the process of granting location information sharing authorization based on APP1 on terminal device 1 in an application embodiment of this application;
[0062] Figure 6 This is a schematic diagram illustrating the process of location information query based on APP2 on terminal device 2 in an application embodiment of this application;
[0063] Figure 7 This is a schematic diagram illustrating the process of a backend business system implementing location information sharing authorization based on a first mode, as an application embodiment of this application.
[0064] Figure 8 This is a schematic diagram illustrating the process of granting location information sharing authorization in the back-end business system based on the second mode, as an application embodiment of this application.
[0065] Figure 9 This is a schematic diagram illustrating the process of querying location information in the backend business system of an application embodiment of this application;
[0066] Figure 10 This is a schematic diagram of the structure of a device for processing device location information according to an embodiment of this application;
[0067] Figure 11 This is a schematic diagram of the structure of a device for displaying device location information according to another embodiment of this application;
[0068] Figure 12 This is a schematic diagram of the UICC structure according to an embodiment of this application;
[0069] Figure 13 This is a schematic diagram of the business platform structure in an embodiment of this application. Detailed Implementation
[0070] The present application will now be described in further detail with reference to the accompanying drawings and embodiments.
[0071] Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs. The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application.
[0072] In related technologies, terminal devices typically require a SIM (Subscriber Identity Module) card, also known as a UICC (Universal Integrated Circuit Card), which provides network services, stores user information, performs logical processing, and enables interactive control. Based on the CAT (Card Application Toolkit) mechanism, the SIM card can proactively request location information from the terminal device using commands. Figure 1 As shown, it can specifically include:
[0073] Step 101: The terminal device sends a command to the SIM card.
[0074] Here, the terminal device that supports CAT actively sends a setting command to start the CAT initialization process.
[0075] Step 102: The SIM card returns a response, which carries the status word 91XX.
[0076] Here, the response returned by the CAT-enabled SIM card carries the status word 91XX, where "XX" indicates the length of the status response data.
[0077] Step 103: The terminal device obtains status response data through the FETCH command.
[0078] Step 104: The SIM card requests location information via an active command.
[0079] Step 105, the terminal device responds OK.
[0080] Step 106: The terminal device sends location information to the SIM card via the ENVELOPE command.
[0081] Understandably, a SIM card can obtain the location information of a terminal device through proactive commands based on the CAT mechanism. However, the relevant technology only involves the interaction mechanism between the SIM card and the terminal device, enabling the SIM card to obtain the terminal device's location information. But this also creates a security vulnerability, namely, the easy leakage of the user's location information without their knowledge. For example, a malicious applet (card application) on the SIM card could obtain the terminal device's location information, leading to the risk of privacy information being leaked.
[0082] Based on this, in various embodiments of this application, a method for processing location information of a terminal device based on a SIM card is provided, which can realize the sharing of location information based on the SIM card, and take into account the business needs of user privacy protection and location information acquisition, thereby meeting the needs of universality and security of device location information sharing.
[0083] This application provides a method for processing device location information, applied to the UICC of a terminal device, such as... Figure 2 As shown, the method includes:
[0084] Step 201: Receive a first request from the service platform. The first request is used to obtain the location information of the terminal device. The first request carries a first identifier indicating the requester.
[0085] Here, the business platform can be understood as a back-end business system used to uniformly manage the location information of UICCs of various terminal devices. If the requesting party (third-party user or third-party server) needs to obtain the location information of the terminal device, it can send a location query request to the business platform. The business platform will then convert the location query request into a first request and send it to the UICC of the target terminal device (i.e., the terminal device whose location information is to be queried).
[0086] Step 202: Based on the first identifier and the set authorization information, determine whether the requester has been authorized.
[0087] Here, UICC can authenticate the requester based on the first identifier carried in the first request and the set authorization information to determine whether the requester has been authorized.
[0088] Step 203: If it is determined that the requester has been authorized, the location information of the terminal device is sent to the service platform.
[0089] Here, after UICC confirms that the requester has been authorized, it sends the location information of the terminal device to the business platform. The business platform can then send the location information back to the requester, thereby enabling the sharing of the terminal device's location information. UICC can obtain the terminal device's location information based on a SIM card interaction mechanism, which will not be elaborated upon here.
[0090] It should be noted that if UICC determines that the requester has not been authorized, it can refuse to share the location information of the terminal device, that is, terminate the current location query process.
[0091] It is understood that the embodiments of this application can realize the sharing of location information of terminal devices based on the interaction between the UICC of the terminal device and the business platform, thus meeting the requirements of universality. In addition, by authorizing and authenticating the requester, the UICC only sends the location information of the terminal device to the business platform after the requester has been authorized. Thus, the sharing of location information can be realized while taking into account the protection of user privacy, thereby meeting the requirements of universality and security of location information sharing of terminal devices.
[0092] For example, the set authorization information includes at least: authorized identity information indicating an authorized object; the step of determining whether the requester has been authorized based on the first identifier and the set authorization information includes:
[0093] Based on the first identifier and the authorized identity information, it is determined whether the first identifier falls within the authorized identity information. If yes, it is determined that the requesting party has obtained authorization; otherwise, it is determined that the requesting party has not obtained authorization.
[0094] In one application example, the authorization information set by UICC can be whitelist information, which includes the authorized identity information of objects that are allowed to obtain location information. If UICC determines that the first identifier of the requester falls into the authorized identity information, it determines that the requester is authorized and returns the location information to the business platform, which then forwards the location information to the requester.
[0095] For example, the set authorization information includes: authorized identity information indicating an authorized object and authorized attribute information indicating the access attributes of an authorized object. Determining whether the requester is authorized based on the first identifier and the set authorization information includes:
[0096] Based on the first identifier and the authorized identity information, determine whether the first identifier falls within the authorized identity information. If yes, determine the access attribute of the requester based on the first identifier and the authorized attribute information, and obtain the authorization result of the requester based on the access attribute. If no, determine that the requester has not been authorized.
[0097] In one application example, UICC's whitelist information also includes the authorization attribute information of authorized objects. After UICC determines that the requester's first identifier falls into the authorization identity information, it needs to further determine whether the requester has been authorized based on the authorization attribute information. In this way, the forms of authorization and authentication can be enriched to meet the personalized setting needs of location information sharing.
[0098] For example, obtaining the authorization result of the requester based on the access attribute includes:
[0099] If the access attribute is the first attribute that allows silent access, then it is determined that the requester has been authorized;
[0100] If the access attribute is a second attribute that does not allow silent access, then the terminal device is triggered to display the first request and receive the authorization result returned by the terminal device, and the requester is determined to have been authorized based on the authorization result.
[0101] Here, if the requester has silent access permission, UICC directly determines that the requester is authorized and returns the location information to the business platform, which then forwards the location information to the requester. If the requester does not have silent access permission, UICC needs to interact with the terminal device's SIM card, so that the terminal device displays the first request to the user and receives the authorization result entered by the user through the terminal device. For example, if the user agrees to share, UICC returns the location information to the business platform, which then forwards the location information to the requester. If the user refuses to share, UICC refuses to return the location information and terminates the location query process.
[0102] Exemplarily, the method further includes:
[0103] Receive a second request from the service platform, the second request being used to request the activation of location information sharing of the terminal device;
[0104] Based on the second request, a response indicating whether the sharing of the location information of the terminal device has been enabled is returned to the service platform, and a first activation identifier representing whether the sharing of the location information of the terminal device has been enabled is stored.
[0105] Here, the second request can be understood as a request to enable location information sharing. This request can be generated directly by the service platform and sent to the UICC, or it can be sent to the service platform by the terminal device's settings app (application), and then forwarded to the UICC by the service platform. The UICC can then interact with the terminal device's SIM card to allow the user to confirm whether to enable location information sharing. If the user agrees, the UICC returns a confirmation response to the service platform and sets the first activation flag, for example, setting the location information sharing activation flag (Flag) to 1.
[0106] It is understandable that the UICC of the terminal device needs to share the location information of the terminal device based on the first request from the business platform after the activation flag is set to 1.
[0107] It should be noted that location information sharing for terminal devices can be enabled by the user through their mobile app. The app sends an activation request (carrying the terminal device's identifier) to the service platform, which then forwards it to the terminal device's UICC for activation. Furthermore, in certain application scenarios, such as those requiring bulk SIM card activation for IoT devices, the service platform can directly send an activation request to the terminal device's UICC to enable location information sharing.
[0108] Exemplarily, the method further includes:
[0109] Receive pending authorization information from the business platform;
[0110] The system generates the set authorization information based on the authorization information to be confirmed, and returns the set authorization information to the business platform.
[0111] It is understood that the whitelist information on the UICC side can be set in batches by the business platform or by the user through the APP on the terminal device. This application embodiment does not limit this.
[0112] In one application example, a user on a terminal device sends authorization information to the business platform via an app. The business platform then forwards this information to the UICC on the terminal device. Upon receiving this authorization information, the UICC displays it on the terminal device and allows the user to confirm it. Based on the user's confirmation, the UICC generates the configured authorization information and returns it to the business platform. This return of the configured authorization information to the business platform enables authorization authentication on the business platform side. Furthermore, by implementing dual authentication based on the business platform and the UICC, the security of location information sharing can be further enhanced.
[0113] Here, the authorization information may include authorized identity information indicating the authorized object, such as the MSISDN (Mobile Subscriber Number) of the authorized third-party user and / or the server ID of the authorized third-party server. The authorization information may also include authorization attribute information indicating the access attributes of the authorized object. For example, in one application example, the access attribute can be represented by the "IsMute" field: IsMute = True indicates that silent access is allowed; IsMute = False indicates that silent access is not allowed. This application embodiment does not limit this.
[0114] Exemplarily, the method further includes:
[0115] Receive a third request from the business platform or the terminal device;
[0116] Based on the third request, the sharing of the terminal device's location information is turned off, and the status of the first activation identifier is updated.
[0117] Here, the third request can be understood as a request to disable location information sharing. Users can send this third request to the service platform via the terminal device's app, and the service platform will then forward it to the terminal device's UICC to disable location information sharing; alternatively, the service platform can directly send the third request to the terminal device's UICC to disable location information sharing; or the user can send the third request to the UICC based on the SIM card interaction between the terminal device and the UICC to disable location information sharing. This embodiment does not limit the specific implementation of this method. It is understood that after the UICC disables location information sharing on the terminal device, it can reset the first activation flag, for example, resetting the location information sharing activation flag (Flag) to 0, thus preventing the external transmission of location information and meeting user privacy protection requirements.
[0118] For example, this application provides a method for processing device location information, applied to a business platform, which is the aforementioned backend business system for unified management of location information of UICCs of various terminal devices. Figure 3 As shown, the method includes:
[0119] Step 301: Receive a location query request from the requester. The location query request carries a first identifier and a second identifier. The first identifier indicates the requester, and the second identifier indicates the terminal device to be queried.
[0120] Here, the requester can be a third-party user or a third-party server that needs to obtain location information. After the business platform receives the location query request sent by the requester, it executes step 302.
[0121] Step 302: Generate a first request for obtaining the location information of the terminal device based on the location query request, wherein the first request carries the first identifier.
[0122] Step 303: Send the first request to the UICC of the terminal device.
[0123] Step 304: Receive the location information of the terminal device returned by the UICC.
[0124] Here, based on the first request, UICC sends the location information of the terminal device to the business platform after confirming that the requester has been authorized. The business platform can then send the location information back to the requester, thereby enabling the sharing of the terminal device's location information.
[0125] It is understood that the embodiments of this application can realize the sharing of location information of terminal devices based on the interaction between the UICC of the terminal device and the business platform, thus meeting the requirements of universality. In addition, by authorizing and authenticating the requester, the UICC only sends the location information of the terminal device to the business platform after the requester has been authorized. Thus, the sharing of location information can be realized while taking into account the protection of user privacy, thereby meeting the requirements of universality and security of location information sharing of terminal devices.
[0126] Exemplarily, the method further includes:
[0127] A second request is sent to the UICC of the terminal device, the second request being used to request the activation of location information sharing of the terminal device;
[0128] Receive a response from the UICC indicating whether to enable the sharing of the terminal device's location information;
[0129] The second activation identifier corresponding to the terminal device is updated based on the response, and the second activation identifier indicates whether the terminal device has enabled location information sharing.
[0130] Here, the second request can be understood as a request to enable location information sharing. This request can be generated directly by the service platform and sent to the UICC, or it can be sent to the service platform by the terminal device's settings app (application), and then forwarded to the UICC by the service platform. The UICC can interact with the terminal device's SIM card to allow the user to confirm whether to enable location information sharing. If the user agrees, the UICC returns a confirmation response to the service platform. The service platform can then update the second activation flag based on this response, for example, by setting the location information sharing activation flag (Flag) of the terminal device to 1.
[0131] For example, before sending the first request to the UICC of the terminal device, the method further includes:
[0132] Based on the second activation identifier corresponding to the terminal device, it is determined that the terminal device has activated the sharing of location information.
[0133] Understandably, before sending the first request, the business platform can confirm whether the UICC of the terminal device has enabled location information sharing based on the second activation identifier of the terminal device. If it has not been enabled, the location query process can be terminated. If it has been enabled, the first request can be sent to the UICC of the terminal device. In this way, the interaction between the business platform and the UICC can be reduced while ensuring user privacy and meeting the business needs of location information sharing.
[0134] For example, the method further includes:
[0135] Send pending authorization information to the UICC of the terminal device;
[0136] Receive the set authorization information returned by the UICC; wherein the set authorization information includes at least: authorized identity information indicating the authorized object;
[0137] Before sending the first request to the UICC of the terminal device, the method further includes:
[0138] Based on the first identifier and the authorized identity information, it is determined that the first identifier falls within the authorized identity information.
[0139] Understandably, the business platform can send authorization information to UICC to implement the configuration management of the authorization information set on the UICC side. The business platform can also receive the authorization information returned by the UICC side and perform authorization authentication on the requester based on the authorization information set before sending the first request. In this way, dual authentication can be achieved based on the business platform and UICC, further improving the security of location information sharing.
[0140] Exemplarily, the method further includes:
[0141] A third request is sent to the UICC of the terminal device; the third request is used to instruct the terminal device to disable the sharing of location information.
[0142] Here, the third request can be understood as a request to disable location information sharing. Users can send this third request to the service platform via their terminal device's app, and the service platform will then forward it to the terminal device's UICC to disable location information sharing; alternatively, the service platform can directly send the third request to the terminal device's UICC to disable location information sharing. It's understandable that after the UICC disables location information sharing, it can reset the first enable flag, for example, resetting the location information sharing enable flag to 0, thus preventing the external transmission of location information and meeting user privacy protection requirements.
[0143] The present application will be further described in detail below with reference to application examples.
[0144] Figure 4 This illustration shows a system architecture diagram for location information sharing based on a business platform and a SIM card in a terminal device in this application embodiment. The backend business system is the aforementioned business platform. Terminal device 1 is a terminal device that provides location information sharing, and terminal device 2 is a terminal device that obtains location information sharing services. Terminal device 1 is equipped with SIM card 1 and APP 1, and terminal device 2 is equipped with SIM card 2 and APP 2.
[0145] The following provides an example illustration of the authorization process for location information sharing and the location information query process:
[0146] Figure 5 This diagram illustrates the process of granting location information sharing authorization based on APP1 on terminal device 1. The process specifically includes:
[0147] Step 501, Location Information Sharing Service Application.
[0148] Here, users submit an application to activate the location information sharing service on APP1.
[0149] Step 502: Send a location information sharing request.
[0150] Here, APP1 sends a location information sharing request SharePositionReq(MSISDN1) to the backend business system. This location information sharing request carries the identifier of terminal device 1, for example, MSISDN1.
[0151] Step 503: The back-end business system sends a location information sharing service confirmation request to SIM card 1.
[0152] Here, the location information sharing service confirmation request is the aforementioned second request, which can be, for example, PositionACK(MSISDN1).
[0153] Step 504 prompts the user.
[0154] Here, after receiving the location information sharing service confirmation request, SIM card 1 displays the location information sharing service activation request to the user. If the user refuses to activate, the process ends. If the user confirms activation, SIM card 1 locally saves the location information sharing service activation flag Flag=1.
[0155] Step 505: Confirm ACK (TRUE) to enable the location information sharing service.
[0156] Here, SIM card 1 returns a ConfirmACK(TRUE) response confirming the activation of the location information sharing service. TRUE means that the activation is agreed upon, and False means that the activation is rejected.
[0157] Step 506: The backend business system saves the user location information sharing service activation identifier.
[0158] Step 507: The user sets whitelist information on the mobile APP1.
[0159] Here, the whitelist information may include: authorized mobile phone number, whether silent acquisition of user location information is allowed, etc.
[0160] Step 508: Submit the whitelist information to the backend business system.
[0161] Here, APP1 submits the whitelist information to the backend business system. For example, the whitelist information can be WhiteList(MSISDN2-1,IsMute,...,MSISDN2-n,IsMute), where MSISDN2-n represents the authorized mobile phone number, IsMute=True means silent acquisition is allowed, and IsMute=False means authorization confirmation is required to obtain location information.
[0162] Step 509: The back-end business system sends a whitelist information confirmation request to SIM card 1.
[0163] Here, the backend business system sends WhiteListACK(MSISDN2-1,IsMute,...,MSISDN2-n,IsMute) to SIM card 1, requesting the user to confirm the whitelist information.
[0164] Step 510 prompts the user.
[0165] Here, after receiving the request, SIM card 1 displays a whitelist confirmation request to the user. If the user refuses to activate, the process ends. If the user confirms activation, SIM card 1 saves the whitelist information locally.
[0166] Step 511: Confirm the whitelist information.
[0167] Here, SIM card 1 returns a whitelist confirmation response ConfirmWLACK(TRUE), where TRUE means agreeing to the whitelist setting and False means rejecting the whitelist setting.
[0168] Step 512: The backend business system saves the whitelist information.
[0169] Figure 6 The diagram illustrates the process of location information querying using APP2 on terminal device 2. The process specifically includes:
[0170] Step 601: The user submits a location information query request on the mobile APP2.
[0171] Here, the user of terminal device 2 can send a location query request GetPositionReq(MSISDN1, MSISDN2) through APP2, which includes the applicant's mobile phone number MSISDN2 and the mobile phone number to be queried MSISDN1.
[0172] Step 602, whitelist verification.
[0173] Here, the back-end business system checks whether the applicant (MSISDN2) has the right to query based on the whitelist information of the mobile phone number to be queried. If the applicant does not have the right to query, the process ends.
[0174] Step 603: Send a location acquisition request.
[0175] Here, the backend business system sends a location information query request GetPositionACK(MSISDN2) to SIM card 1, which includes the applicant's mobile phone number information MSISDN2, i.e., sends the aforementioned first request.
[0176] Step 604, whitelist verification.
[0177] Here, after receiving the request, SIM card 1 checks the whitelist. If the applicant's mobile phone number MSISDN2 is not in the whitelist, the process ends. If the applicant's mobile phone number is in the whitelist, it further determines whether to prompt the user for confirmation (i.e., whether to allow silent query). If the applicant's mobile phone number has silent query permission, it directly returns the location information. If the applicant's mobile phone number does not have silent query permission, it further displays the location information sharing request to the user. If the user refuses to share, the process ends. If the user authorizes sharing, SIM card 1 returns the location information.
[0178] Step 605: SIM card 1 returns location information SharePosition(Position) to the backend business system.
[0179] Step 606: The backend business system returns the location information of SIM card 1, SharePosition(Position), to APP2.
[0180] In other embodiments, the authorization process for location information sharing can also be initiated by the back-end business system, which includes: a first mode of direct activation by the back-end and a second mode of activation after user authorization confirmation.
[0181] Figure 7 The diagram illustrates the process of a backend business system implementing location information sharing authorization based on the first mode. The process specifically includes:
[0182] Step 701: Set the user location information sharing service activation identifier.
[0183] Here, for certain scenarios, such as bulk SIM card issuance for the Internet of Things, the back-end business system can directly set the user location information sharing service activation flag.
[0184] Step 702: Send a request to activate the location information sharing service.
[0185] Here, the backend business system sends a location information sharing service activation request PositionACK(ServerID) to the SIM card (i.e., SIM card 1) that has the service activated, which is the aforementioned first request. This first request carries the backend business system identifier ServerID.
[0186] Step 703: Set the activation identifier.
[0187] After receiving the request, SIM card 1 sets the service activation identifier in the card.
[0188] Step 704: Confirm the activation of the location information sharing service.
[0189] Here, SIM card 1 returns the confirmation message ConfirmACK(TRUE), where TRUE means authorization is granted and FALSE means authorization is denied.
[0190] Step 705: Save the user location information sharing service activation identifier.
[0191] Here, the backend business system stores the user location information sharing service activation identifier.
[0192] Figure 8The diagram illustrates the process of a backend business system implementing location information sharing authorization based on the second mode. The process specifically includes:
[0193] Step 801: Set the user location information sharing service activation identifier.
[0194] Here, the backend business system sets the user location information sharing service activation status to pending confirmation.
[0195] Step 802: Send a request to activate the location information sharing service.
[0196] Here, the back-end business system sends a location information sharing service activation request PositionACK(ServerID) to the SIM card (i.e., SIM card 1) that plans to activate the service.
[0197] Step 803 prompts the user.
[0198] Here, after receiving the request, SIM card 1 displays the service activation request to the user. If the user refuses to activate, the process ends. If the user confirms activation, SIM card 1 sets the service activation identifier in the card.
[0199] Step 804: Confirm the activation of the location information sharing service.
[0200] Here, SIM card 1 returns the confirmation message ConfirmACK(TRUE), where TRUE indicates that the user confirms authorization and FALSE indicates that the user denies authorization.
[0201] Step 805: Save the user location information sharing service activation identifier.
[0202] Here, the backend business system stores the user location information sharing service activation identifier.
[0203] In other embodiments, the location information can also be queried by the backend business system, such as... Figure 9 As shown, the process for querying location information includes:
[0204] Step 901: Send a location information query request.
[0205] Here, the backend business system sends a location information query request GetPositionACK(ServerID) to SIM card 1.
[0206] Step 902: Check permissions.
[0207] Here, SIM card 1 checks if the backend business system has permission. If not, the process ends. If permission is granted, it further determines whether to prompt the user for confirmation (i.e., whether to allow silent query). If the backend business system has silent query permission, it directly returns the location information. If the backend business system does not have silent query permission, it further displays a location information sharing request to the user. If the user refuses to share, the process ends. If the user authorizes sharing, SIM card 1 returns the location information.
[0208] Step 903: Return location information.
[0209] Here, SIM card 1 returns the location information SharePosition(Position) to the backend business system.
[0210] In order to implement the method of the embodiments of this application, the embodiments of this application also provide a device for processing device location information applied to the UICC side. The device for processing device location information corresponds to the above-mentioned method for processing device location information on the UICC side. The steps in the embodiments of the above-mentioned method for processing device location information on the UICC side are also fully applicable to the embodiments of the device for processing device location information.
[0211] like Figure 10 As shown, the device location information processing apparatus includes: a first receiving module 1001, an authentication module 1002, and a first sending module 1003. The first receiving module 1001 receives a first request from a service platform, the first request being for obtaining the location information of the terminal device, and the first request carrying a first identifier indicating the requester. The authentication module 1002 determines whether the requester has been authorized based on the first identifier and predefined authorization information. The first sending module 1003, if it is determined that the requester has been authorized, sends the location information of the terminal device to the service platform.
[0212] For example, the authorization information set includes at least: authorized identity information indicating the authorized object, and the authentication module 1002 is specifically used for:
[0213] Based on the first identifier and the authorized identity information, it is determined whether the first identifier falls within the authorized identity information. If yes, it is determined that the requesting party has obtained authorization; otherwise, it is determined that the requesting party has not obtained authorization.
[0214] For example, the configured authorization information includes: authorized identity information indicating the authorized object and authorized attribute information indicating the access attributes of the authorized object. The authentication module 1002 is specifically used for:
[0215] Based on the first identifier and the authorized identity information, determine whether the first identifier falls within the authorized identity information. If yes, determine the access attribute of the requester based on the first identifier and the authorized attribute information, and obtain the authorization result of the requester based on the access attribute. If no, determine that the requester has not been authorized.
[0216] For example, the authentication module 1002 obtains the authorization result of the requester based on the access attributes, including:
[0217] If the access attribute is the first attribute that allows silent access, then it is determined that the requester has been authorized;
[0218] If the access attribute is a second attribute that does not allow silent access, then the terminal device is triggered to display the first request and receive the authorization result returned by the terminal device, and the requester is determined to have been authorized based on the authorization result.
[0219] For example, the device location information processing apparatus further includes: a processing module 1004, and the first receiving module 1001 is further configured to: receive a second request from the service platform, the second request being used to request the activation of location information sharing of the terminal device; the processing module 1004 is configured to return a response indicating whether location information sharing of the terminal device has been activated to the service platform based on the second request, and store a first activation identifier characterizing whether location information sharing of the terminal device has been activated.
[0220] For example, the first receiving module 1001 is further configured to receive authorization information to be confirmed from the business platform; the processing module 1004 is further configured to generate the set authorization information based on the authorization information to be confirmed, and return the set authorization information to the business platform.
[0221] For example, the first receiving module 1001 is further configured to receive a third request from the service platform or the terminal device; the processing module 1004 is further configured to disable the sharing of the location information of the terminal device based on the third request, and update the status of the first activation identifier.
[0222] In practical applications, the first receiving module 1001, authentication module 1002, first sending module 1003, and processing module 1004 can be implemented by the processor in the UICC. Of course, the processor needs to run the computer program in memory to implement its functions.
[0223] In order to implement the method of the embodiments of this application, the embodiments of this application also provide a device for processing device location information applied to the business platform side. The device for processing device location information corresponds to the above-mentioned method for processing device location information on the business platform side. The steps in the above-mentioned method for processing device location information on the business platform side are also fully applicable to the embodiments of the device for processing device location information.
[0224] like Figure 11 As shown, the device location information processing apparatus includes: a second receiving module 1101, a generating module 1102, a second sending module 1103, and a third receiving module 1104. The second receiving module 1101 receives a location query request from a requester, the location query request carrying a first identifier and a second identifier, the first identifier indicating the requester and the second identifier indicating the terminal device to be queried; the generating module 1102 generates a first request for obtaining the location information of the terminal device based on the location query request, the first request carrying the first identifier; the second sending module 1103 sends the first request to the UICC of the terminal device; and the third receiving module 1104 receives the location information of the terminal device returned by the UICC.
[0225] For example, the second sending module 1103 is further configured to send a second request to the UICC of the terminal device, the second request being used to request the activation of location information sharing of the terminal device;
[0226] The third receiving module 1104 is also used to receive the response returned by the UICC indicating whether to enable the sharing of the location information of the terminal device;
[0227] The device location information processing apparatus further includes a processing module 1105, used to update the second activation identifier corresponding to the terminal device based on the response, wherein the second activation identifier indicates whether the terminal device has enabled location information sharing.
[0228] For example, before the second sending module 1103 sends the first request to the UICC of the terminal device, it is further configured to determine that the terminal device has enabled the sharing of location information based on the second activation identifier corresponding to the terminal device.
[0229] For example, the second sending module 1103 is also used to send authorization information to be confirmed to the UICC of the terminal device;
[0230] The third receiving module 1104 is also used to receive the set authorization information returned by the UICC; wherein the set authorization information includes at least: authorized identity information indicating the authorized object;
[0231] Before the second sending module 1103 sends the first request to the UICC of the terminal device, it is further configured to determine, based on the first identifier and the authorized identity information, that the first identifier falls into the authorized identity information.
[0232] For example, the second sending module 1103 is further configured to send a third request to the UICC of the terminal device; the third request is used to indicate that the sharing of the location information of the terminal device be turned off.
[0233] In practical applications, the second receiving module 1101, the generating module 1102, the second transmitting module 1103, the third receiving module 1104, and the processing module 1105 can be implemented by the processor in the service platform. Of course, the processor needs to run the computer program in the memory to implement its functions.
[0234] It should be noted that the device location information processing apparatus provided in the above embodiments is only illustrated by the division of the above-described program modules. In practical applications, the processing can be assigned to different program modules as needed, that is, the internal structure of the apparatus can be divided into different program modules to complete all or part of the processing described above. Furthermore, the device location information processing apparatus and the device location information processing method embodiments provided in the above embodiments belong to the same concept, and their specific implementation process can be found in the method embodiments, which will not be repeated here.
[0235] Based on the hardware implementation of the above program modules, and in order to implement the method of the embodiments of this application, the embodiments of this application also provide a UICC. Figure 12 This is only an exemplary structure of the UICC, not the entire structure; it can be implemented as needed. Figure 12 The structure shown may be part or all of the structure.
[0236] like Figure 12 As shown, the UICC 1200 provided in this embodiment includes at least one processor 1201, a memory 1202, a user interface 1203, and at least one network interface 1204. The various components in the UICC 1200 are coupled together via a bus system 1205. It can be understood that the bus system 1205 is used to implement communication between these components. In addition to a data bus, the bus system 1205 also includes a power bus, a control bus, and a status signal bus. However, for clarity, in… Figure 12 The general labeled all buses as Bus System 1205.
[0237] The user interface 1203 may include a monitor, keyboard, mouse, trackball, click wheel, buttons, touchpad, or touch screen.
[0238] The memory 1202 in this embodiment is used to store various types of data to support the operation of the UICC. Examples of such data include any computer program used to operate on the UICC.
[0239] The device location information processing method disclosed in this application embodiment can be applied to, or implemented by, processor 1201. Processor 1201 may be an integrated circuit chip with signal processing capabilities. During implementation, each step of the device location information processing method can be completed by integrated logic circuits in the hardware of processor 1201 or by instructions in software form. The processor 1201 can be a general-purpose processor, a digital signal processor (DSP), or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. Processor 1201 can implement or execute the methods, steps, and logic block diagrams disclosed in the embodiments of this application. A general-purpose processor can be a microprocessor or any conventional processor. The steps of the method disclosed in the embodiments of this application can be directly manifested as execution by a hardware decoding processor, or execution by a combination of hardware and software modules in the decoding processor. The software modules can be located in a storage medium, specifically memory 1202. Processor 1201 reads information from memory 1202 and, in conjunction with its hardware, completes the steps of the device location information processing method provided in the embodiments of this application.
[0240] In an exemplary embodiment, the UICC may be implemented by one or more application-specific integrated circuits (ASICs), DSPs, programmable logic devices (PLDs), complex programmable logic devices (CPLDs), field-programmable gate arrays (FPGAs), general-purpose processors, controllers, microcontrollers (MCUs), microprocessors, or other electronic components to perform the aforementioned method.
[0241] Based on the hardware implementation of the above program modules, and in order to implement the method of the embodiments of this application, the embodiments of this application also provide a business platform. Figure 13 This is merely an exemplary structure of the business platform, not the entire structure; it can be implemented as needed. Figure 13 The structure shown may be part or all of the structure.
[0242] like Figure 13 As shown, the service platform 1300 provided in this embodiment includes at least one processor 1301, a memory 1302, a user interface 1303, and at least one network interface 1304. The various components in the service platform 1300 are coupled together via a bus system 1305. It can be understood that the bus system 1305 is used to implement communication between these components. In addition to a data bus, the bus system 1305 also includes a power bus, a control bus, and a status signal bus. However, for clarity, in… Figure 13 The general labeled all buses as Bus System 1305.
[0243] The user interface 1303 may include a monitor, keyboard, mouse, trackball, click wheel, buttons, touchpad, or touch screen.
[0244] The memory 1302 in this embodiment is used to store various types of data to support the operation of the business platform. Examples of such data include any computer programs used to operate on the business platform.
[0245] The device location information processing method disclosed in this application embodiment can be applied to or implemented by the processor 1301. The processor 1301 may be an integrated circuit chip with signal processing capabilities. During implementation, each step of the device location information processing method can be completed by the integrated logic circuitry in the hardware of the processor 1301 or by instructions in software form. The processor 1301 can be a general-purpose processor, a digital signal processor (DSP), or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. The processor 1301 can implement or execute the methods, steps, and logic block diagrams disclosed in the embodiments of this application. The general-purpose processor can be a microprocessor or any conventional processor, etc. The steps of the method disclosed in the embodiments of this application can be directly manifested as execution by a hardware decoding processor, or execution by a combination of hardware and software modules in the decoding processor. The software modules can be located in a storage medium, which is located in the memory 1302. The processor 1301 reads the information in the memory 1302 and, in conjunction with its hardware, completes the steps of the device location information processing method provided in the embodiments of this application.
[0246] In an exemplary embodiment, the service platform 1300 may be implemented by one or more ASICs, DSPs, PLDs, CPLDs, FPGAs, general-purpose processors, controllers, MCUs, microprocessors, or other electronic components to perform the aforementioned methods.
[0247] It is understood that memories 1202 and 1302 can be volatile or non-volatile memories, or both. Non-volatile memories can be read-only memories (ROM), programmable read-only memories (PROM), erasable programmable read-only memories (EPROM), electrically erasable programmable read-only memories (EEPROM), ferromagnetic random access memories (FRAM), flash memory, magnetic surface memory, optical discs, or compact disc read-only memories (CD-ROM); magnetic surface memory can be disk storage or magnetic tape storage. Volatile memories can be random access memories (RAM), used as external caches. By way of example, but not limitation, many forms of RAM are available, such as Static Random Access Memory (SRAM), Synchronous Static Random Access Memory (SSRAM), Dynamic Random Access Memory (DRAM), Synchronous Dynamic Random Access Memory (SDRAM), Double Data Rate Synchronous Dynamic Random Access Memory (DDRSDRAM), Enhanced Synchronous Dynamic Random Access Memory (ESDRAM), Sync Link Dynamic Random Access Memory (SLDRAM), and Direct Rambus Random Access Memory (DRRAM).The memories described in the embodiments of this application are intended to include, but are not limited to, these and any other suitable types of memories.
[0248] In an exemplary embodiment, this application also provides a computer storage medium, specifically a computer-readable storage medium, such as a memory 1202 storing a computer program, which can be executed by the processor 1201 of the UICC to complete the steps described in the method of this application embodiment; or, for example, a memory 1302 storing a computer program, which can be executed by the processor 1301 of the service platform to complete the steps described in the method of this application embodiment. The computer-readable storage medium can be a ROM, PROM, EPROM, EEPROM, Flash Memory, magnetic surface memory, optical disc, or CD-ROM, etc.
[0249] In an exemplary embodiment, this application also provides a computer program product, including a computer program that can be executed by the processor 1201 of the UICC or by the processor 1301 of the business platform to complete the steps described in the method of this application embodiment.
[0250] It should be noted that terms such as "first" and "second" are used to distinguish similar objects, and are not necessarily used to describe a specific order or sequence.
[0251] Furthermore, the technical solutions described in the embodiments of this application can be combined arbitrarily without conflict.
[0252] The above description is merely a specific embodiment of this application, but the scope of protection of this application is not limited thereto. Any variations or substitutions that can be easily conceived by those skilled in the art within the scope of the technology disclosed in this application should be included within the scope of protection of this application. Therefore, the scope of protection of this application should be determined by the scope of the claims.
Claims
1. A method for processing device location information, characterized in that, The method for using a Universal Integrated Circuit Card (UICC) in terminal devices includes: A first request is received from the service platform. The first request is used to obtain the location information of the terminal device. The first request carries a first identifier indicating the requester. The first request is sent to the UICC when the service platform determines that the UICC has enabled location information sharing. Based on the first identifier and the set authorization information, determine whether the requester has been authorized; If it is determined that the requesting party has been authorized, the location information of the terminal device is sent to the service platform; The established authorization information includes: authorized identity information indicating the authorized object and authorized attribute information indicating the access attributes of the authorized object. Determining whether the requester has been authorized based on the first identifier and the established authorization information includes: Based on the first identifier and the authorized identity information, it is determined whether the first identifier falls within the authorized identity information. If so, the access attribute of the requester is determined based on the first identifier and the authorized attribute information, and the authorization result of the requester is obtained based on the access attribute. If not, it is determined that the requester has not been authorized. The access attribute includes a first attribute that allows silent access and a second attribute that does not allow silent access. The first attribute indicates that the user does not need to confirm whether to authorize, and the second attribute indicates that the user needs to confirm whether to authorize.
2. The method according to claim 1, characterized in that, The method further includes: If the access attribute is the first attribute that allows silent access, then it is determined that the requester has been authorized; If the access attribute is a second attribute that does not allow silent access, then the terminal device is triggered to display the first request and receive the authorization result returned by the terminal device, and the requester is determined to have been authorized based on the authorization result.
3. The method according to claim 1, characterized in that, The method further includes: Receive a second request from the service platform, the second request being used to request the activation of location information sharing of the terminal device; Based on the second request, a response indicating whether the sharing of the location information of the terminal device has been enabled is returned to the service platform, and a first activation identifier representing whether the sharing of the location information of the terminal device has been enabled is stored.
4. The method according to claim 1, characterized in that, The method further includes: Receive pending authorization information from the business platform; The system generates the set authorization information based on the authorization information to be confirmed, and returns the set authorization information to the business platform.
5. The method according to claim 3, characterized in that, The method further includes: Receive a third request from the business platform or the terminal device; Based on the third request, the sharing of the terminal device's location information is turned off, and the status of the first activation identifier is updated.
6. A method for processing device location information, characterized in that, Applied to a business platform, the method includes: Receive a location query request from a requester, the location query request carrying a first identifier and a second identifier, the first identifier indicating the requester and the second identifier indicating the terminal device to be queried; A first request for obtaining the location information of the terminal device is generated based on the location query request, and the first request carries the first identifier. When the Universal Integrated Circuit Card (UICC) of the terminal device is enabled for location information sharing, the first request is sent to the UICC. Receive the location information of the terminal device returned by the UICC; The method further includes: Send pending authorization information to the UICC of the terminal device; The system receives the set authorization information returned by the UICC; wherein the set authorization information includes authorization identity information indicating an authorized object and authorization attribute information indicating the access attributes of the authorized object; the authorization identity information is used by the UICC to determine whether the first identifier falls within the authorization identity information; if so, the UICC determines the access attributes of the requester based on the first identifier and the authorization attribute information, and obtains the authorization result of the requester based on the access attributes; if not, it determines that the requester has not been authorized; wherein the access attributes include a first attribute that allows silent access and a second attribute that does not allow silent access, the first attribute indicating that user confirmation of authorization is not required, and the second attribute indicating that user confirmation of authorization is required.
7. The method according to claim 6, characterized in that, The method further includes: A second request is sent to the UICC of the terminal device, the second request being used to request the activation of location information sharing of the terminal device; Receive a response from the UICC indicating whether to enable the sharing of the terminal device's location information; The second activation identifier corresponding to the terminal device is updated based on the response, and the second activation identifier indicates whether the terminal device has enabled location information sharing.
8. The method according to claim 7, characterized in that, Before sending the first request to the UICC of the terminal device, the method further includes: Based on the second activation identifier corresponding to the terminal device, it is determined that the terminal device has activated the sharing of location information.
9. The method according to claim 6, characterized in that, The method further includes: A third request is sent to the UICC of the terminal device; the third request is used to instruct the terminal device to disable the sharing of location information.
10. A device for processing equipment location information, characterized in that, The device comprises: a Universal Integrated Circuit Card (UICC) for use in terminal devices. The first receiving module is configured to receive a first request from the service platform. The first request is used to obtain the location information of the terminal device. The first request carries a first identifier indicating the requester. The first request is sent to the UICC when the service platform determines that the UICC has enabled location information sharing. The authentication module is used to determine whether the requester has been authorized based on the first identifier and the set authorization information; The first sending module is used to send the location information of the terminal device to the service platform if it is determined that the requester has been authorized; The established authorization information includes: authorization identity information indicating an authorized object and authorization attribute information indicating the access attributes of an authorized object; the authentication module is further configured to determine whether the first identifier falls within the authorization identity information based on the first identifier and the authorization identity information; if so, determine the access attributes of the requester based on the first identifier and the authorization attribute information, and obtain the authorization result of the requester based on the access attributes; if not, determine that the requester has not been authorized; wherein, the access attributes include a first attribute that allows silent access and a second attribute that does not allow silent access, the first attribute indicating that user confirmation is not required, and the second attribute indicating that user confirmation is required.
11. A device for processing equipment location information, characterized in that, The device, applied to a business platform, includes: The second receiving module is used to receive a location query request from a requester. The location query request carries a first identifier and a second identifier, wherein the first identifier indicates the requester and the second identifier indicates the terminal device to be queried. The generation module is configured to generate a first request for obtaining the location information of the terminal device based on the location query request, wherein the first request carries the first identifier; The second sending module is used to send the first request to the UICC when the Universal Integrated Circuit Card (UICC) of the terminal device is enabled for location information sharing; The third receiving module is used to receive the location information of the terminal device returned by the UICC; The second sending module is also used to send authorization information to be confirmed to the UICC of the terminal device; The third receiving module is further configured to receive the set authorization information returned by the UICC; wherein the set authorization information includes authorization identity information indicating an authorized object and authorization attribute information indicating the access attributes of an authorized object; the authorization identity information is used by the UICC to determine whether the first identifier falls within the authorization identity information, and if so, to determine the access attributes of the requester based on the first identifier and the authorization attribute information, and to obtain the authorization result of the requester based on the access attributes; if not, it is determined that the requester has not been authorized; wherein the access attributes include a first attribute that allows silent access and a second attribute that does not allow silent access, the first attribute indicating that user confirmation of authorization is not required, and the second attribute indicating that user confirmation of authorization is required.
12. A general-purpose integrated circuit card (UICC), characterized in that, include: A processor and memory for storing computer programs that can run on the processor, wherein, The processor, when running a computer program, performs the steps of the method according to any one of claims 1 to 5.
13. A business platform, characterized in that, include: A processor and memory for storing computer programs that can run on the processor, wherein, The processor, when running a computer program, performs the steps of the method according to any one of claims 6 to 9.
14. A computer storage medium storing a computer program, characterized in that, When the computer program is executed by a processor, it implements the steps of the method according to any one of claims 1 to 5 or 6 to 9.
15. A computer program product, comprising a computer program, characterized in that, When the computer program is executed by a processor, it implements the steps of the method according to any one of claims 1 to 5 or 6 to 9.