CN100544254C - A kind of method that realizes network access authentication - Google Patents
A kind of method that realizes network access authentication Download PDFInfo
- Publication number
- CN100544254C CN100544254C CNB2005100593864A CN200510059386A CN100544254C CN 100544254 C CN100544254 C CN 100544254C CN B2005100593864 A CNB2005100593864 A CN B2005100593864A CN 200510059386 A CN200510059386 A CN 200510059386A CN 100544254 C CN100544254 C CN 100544254C
- Authority
- CN
- China
- Prior art keywords
- access device
- information
- anonymous credentials
- network
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a kind of method that realizes network access authentication, its key is, at access device in the access request that network access authentication equipment sends, comprise the information after the encrypted public key of using the certificate revocation entity is encrypted together to the identify label of anonymous credentials and access device, and prove the zero-knowledge proof information that anonymous credentials is legal; Network access authentication equipment confirms that according to the information that receives the applied anonymous credentials of access device is not cancelled, and after verifying that zero-knowledge proof is correct, thinks that promptly access device is legal, allows the access device access network.Use the present invention, network access authentication equipment can be confirmed the legitimacy of access device under the situation of not knowing the access device true identity, and like this, the equipment that had both guaranteed access network is safe, has hidden the identity of access device again.Thereby make access device be anonymous and can not connect, satisfied user's user demand.
Description
Technical field
The present invention relates to the network access authentication technical field, be meant a kind of method that realizes network access authentication especially.
Background technology
At present, network access authentication equipment is treated the authentication processing that the equipment of access network carries out and is mainly realized based on following technical protocol:
(1) password authentication protocol;
(2) based on shared key and challenge response agreement;
(3) based on a dynamic password protocol;
(4) based on the authentication protocol of public key system.
The thinking of above-mentioned all authentication processing all is: network access authentication equipment, as fire compartment wall, router, certificate server etc., by judging whether equipment to be accessed has the password of authentication protocol needs and/or key confirms whether to allow this access device to insert.Use the method for above-mentioned access authentication, when realizing access authentication, access device has also leaked the identity of oneself, and promptly network access authentication equipment knows it is the access request which equipment is initiated.
And along with Development of E-business, ecommerce has incorporated people's life more and more, in ecommerce, as in activities such as electronics auction, electronic voting, when the user uses the access device access network, usually do not want the to stick one's chin out identity of applied access device, as seen, existing network access verifying method can't satisfy this demand at all.
Summary of the invention
In view of this, the object of the present invention is to provide a kind of method that realizes network access authentication, the authentication to the identity legitimacy of access device can be provided, can also hide the identity of access device.
For achieving the above object, technical scheme of the present invention is achieved in that
A kind of method that realizes network access authentication exists access device, network access authentication equipment and certificate revocation entity in network, this method may further comprise the steps:
A, access device obtain and preserve anonymous credentials;
B, access device send the request of access to network access authentication equipment, comprise the information after the encrypted public key of using the certificate revocation entity is encrypted together to the identify label of anonymous credentials and access device in this request, and prove the zero-knowledge proof information that anonymous credentials is legal;
C, network access authentication equipment send anonymous credentials checking request to the certificate revocation entity, comprise the information after the encrypted public key of using the certificate revocation entity is encrypted together to the identify label of anonymous credentials and access device in this request;
After d, certificate revocation entity receive this request, the encryption key of using self is to receiving decrypts information, obtain the identify label of access device, and judge in the access device identity data storehouse of cancelling legal qualification of self preserving in advance whether this identify label is arranged, if have then return the reversed response message of this anonymity credentials for network access authentication equipment, otherwise, return the unrepealed response message of this anonymity credentials for network access authentication equipment;
E, network access authentication equipment confirm that according to the response message that the certificate revocation entity returns described anonymous credentials is not cancelled, and after verifying that zero-knowledge proof is correct, allow the access device access network.
Preferably, have the certificate authority entity that is used to issue certificate in network, the method that the described access device of step a obtains anonymous credentials is:
Access device sends the anonymous credentials request of obtaining for the certificate authority entity, include the public signature key that self generates in advance in this request, and the information of the signature private key of this public signature key correspondence of zero-knowledge proof self, after this public signature key of certificate authority object authentication is legal, using the signature private key of self signs to the public signature key of this access device, and the result that will sign returns to access device, access device with this signature result who receives as anonymous credentials.
Preferably, have the certificate authority entity that is used to issue certificate in network, the method that the described access device of step a obtains anonymous credentials is:
The certificate authority entity is that access device generates the public and private key of signature, the signature private key of using self is to signing from the public signature key that generates as access device, the result of signature and the public and private key of signature that generates for access device are sent to access device, and the signature result that access device will receive is as anonymous credentials.
Preferably, the legal zero-knowledge proof information of the anonymous credentials of the described proof of step b comprises: access device is used the signature information after the signature private key that has generated is signed to a message, prove that public signature key that self obtained and encrypted anonymous credentials comprises can verify the information of described signature information, and the information of the encrypted corresponding certificate authority entity of anonymous credentials public signature key.
Preferably, when mutual information is carried by ssl protocol or tls protocol between described network access authentication equipment and the access device, described access device is after the ServerHello information that receives from network access authentication equipment, information after the encrypted public key of using the certificate revocation entity encrypted together to the identify label of anonymous credentials and access device, and legal zero-knowledge proof information sends to network access authentication equipment with Handshake Protocol to prove anonymous credentials, perhaps, described access device comprises the information after the encrypted public key of using the certificate revocation entity is encrypted together to the identify label of anonymous credentials and access device in the ClientHello that sends, and proves the zero-knowledge proof information that anonymous credentials is legal;
When mutual information is carried by the IKE agreement of IPv6 agreement or IPSec between described network access authentication equipment and the access device, described access device sends HDR, information after the encrypted public key that will use the certificate revocation entity during SA is encrypted together to the identify label of anonymous credentials and access device, and legal zero-knowledge proof information sends to network access authentication equipment with Handshake Protocol to prove anonymous credentials.
Preferably, this method further comprises: described network access authentication equipment confirms that described anonymous credentials is cancelled, or after verifying that zero-knowledge proof is incorrect, does not allow the access device access network.
Preferably, this method further comprises:
Network access authentication equipment obtains and preserves anonymous credentials in advance;
Information after the encrypted public key that access device obtains the application certificate revocation entity of network access authentication equipment is encrypted together to the identify label of anonymous credentials and network access authentication equipment, and prove the zero-knowledge proof information that anonymous credentials is legal; Confirm that described anonymous credentials is not cancelled, and according to zero-knowledge proof Information Authentication zero-knowledge proof correct after, execution in step b again.
Preferably, described anonymous credentials is kept on the hard disk of described equipment, or in the safety chip TPM.
Preferably, described certificate revocation entity is same physical entity or different physical entity with described certificate authority entity.
Key of the present invention is, at access device in the access request that network access authentication equipment sends, comprise the information after the encrypted public key of using the certificate revocation entity is encrypted together to the identify label of anonymous credentials and access device, and prove the zero-knowledge proof information that anonymous credentials is legal; Network access authentication equipment confirms that according to the information that receives the applied anonymous credentials of access device is not cancelled, and after verifying that zero-knowledge proof is correct, thinks that promptly access device is legal, allows the access device access network.Use the present invention, network access authentication equipment can be confirmed the legitimacy of access device under the situation of not knowing the access device true identity, and like this, the equipment that had both guaranteed access network is safe, has hidden the identity of access device again.Thereby make access device be anonymous and can not connect, satisfied user's user demand.
Description of drawings
Figure 1 shows that the schematic flow sheet of using realization access authentication of the present invention.
Embodiment
Below in conjunction with accompanying drawing the present invention is done detailed description further again.
In network, there is the certificate authority entity, certificate revocation entity, access device and network access authentication equipment.Wherein, the certificate authority physical memory is being responsible for issuing the module of issuing of anonymous credentials for legal access device; The certificate revocation physical memory is in the module of cancelling that is used to cancel the access device legal qualification; Exist in the access device of network to be accessed and be used to prove the legal proof module of self identity; Be used for verifying that there is the authentication module that is used to verify that access device is whether legal in the legal network access authentication equipment of access device.Above-mentioned certificate authority entity and certificate revocation entity can be same physical entities, also can be different physical entities.
Figure 1 shows that the schematic flow sheet of using realization access authentication of the present invention.The certificate authority entity has the public and private key of signature, and announces that public signature key, certificate revocation entity have the public and private key of encryption, and announces encrypted public key.
Anonymous credentials is obtained and preserved to step 101, access device.
Two kinds of concrete acquisition methods below are provided, but are not limited to this in actual applications.
A kind of method is: access device generates public signature key in advance, and the signature private key of this public signature key correspondence of zero-knowledge proof self, afterwards, access device sends for the certificate authority entity and obtains anonymous credentials request, includes the information of the signature private key of the public signature key that self generated and this public signature key correspondence of zero-knowledge proof self in this request; After this public signature key of certificate authority object authentication is legal, uses the signature private key of self public signature key of this access device is signed, and the result that will sign returns to access device, access device with this signature result who receives as anonymous credentials.
The legal process of above-mentioned certificate authority object authentication public signature key is consistent with the process of existing checking zero-knowledge proof, no longer describes in detail at this.
Another kind method is: the certificate authority entity is that access device generates the public and private key of signature, afterwards, the signature private key of using self is to signing from the public signature key that generates as access device, the result of signature and the public and private key of signature that generates for access device are sent to access device, and the signature result that access device will receive is as anonymous credentials.
Above-mentioned anonymous credentials is kept on the hard disk of access device, or in the safety chip TPM.And the above-mentioned process of obtaining anonymous credentials can be to finish in the presence of safety chip, also can finish under the situation that does not have safety chip to participate in.So-called finishing in the presence of safety chip is meant that the generation of key and encryption and decryption process are all finished in safety chip.
Legal zero-knowledge proof information comprises to prove anonymous credentials: access device is used the signature information after the signature private key that has generated is signed to a message, prove that public signature key that self obtained and encrypted anonymous credentials comprises can verify the information of described signature information, and the information of the encrypted corresponding certificate authority entity of anonymous credentials public signature key.
Wherein, network access authentication equipment is the information after encrypting together according to the identify label of the anonymous credentials that receives and access device, judges to use anonymous credentials by access device whether unrepealed concrete grammar is as follows:
Network access authentication equipment sends anonymous credentials checking request to the certificate revocation entity, the information after the encrypted public key that comprises the application certificate revocation entity that receives in this request is encrypted together to the identify label of anonymous credentials and access device;
After the certificate revocation entity receives this request, the encryption key of using self is to receiving decrypts information, obtain the identify label of access device, afterwards, judge in the access device identity data storehouse of cancelling legal qualification of self preserving in advance whether this identify label is arranged,, return the reversed response message of this anonymity credentials then for network access authentication equipment if having, otherwise, return the unrepealed response message of this anonymity credentials for network access authentication equipment;
Network access authentication equipment confirms according to the response message that the certificate revocation entity returns whether this anonymity credentials is not cancelled.
Network access authentication equipment is according to the legal zero-knowledge proof information of the anonymous credentials of the proof that receives, judges that whether correct zero-knowledge proof concrete determination methods consistent with the process of existing checking zero-knowledge proof, no longer describes in detail at this.
So far, network access authentication equipment has been confirmed this access device legitimacy under the situation of not knowing the access device true identity, and allows this access device to insert.Like this, the equipment that had both guaranteed access network is safe, has guaranteed the anonymity of access device again.
Information mutual between above-mentioned network access authentication equipment and the access device is by safe socket character (SSL, Secure Socket Layer) agreement, Transport Layer Security (TLS, Transport LayerSecurity) agreement, IPv6 agreement or IP security protocol (IPSec, Internet protocol Security) carrying of the cipher key change in (IKE, Internet Key Exchange) agreement.Further specify again below when between network access authentication equipment and the access device during by the carrying of above-mentioned agreement, access device sends the information after the encrypted public key of using the certificate revocation entity is encrypted together to the identify label of anonymous credentials and access device, and the opportunity that proves the zero-knowledge proof information that anonymous credentials is legal.Because concrete authentication mode is same as described above, no longer describe in detail below.
When between network access authentication equipment and the access device being the carrying of SSL or tls protocol, described access device is client (client), and described network access authentication equipment is server.At this moment, after client receives ServerHello from server, information after the encrypted public key of using the certificate revocation entity encrypted together to the identify label of anonymous credentials and access device, and legal zero-knowledge proof information sends to server with Handshake Protocol to prove anonymous credentials, whether used anonymous credentials by server according to the Information Authentication client that receives is not cancelled, and whether zero-knowledge proof is correct, if anonymous credentials is not cancelled and zero-knowledge proof is correct, then checking is passed through, and the continuation Handshake Protocol, otherwise stop Handshake Protocol.Perhaps, the information after the encrypted public key that client will use the certificate revocation entity is encrypted together to the identify label of anonymous credentials and access device, and legal zero-knowledge proof information sends to server with ClientHello to prove anonymous credentials; After server receives ClientHello from client, whether the checking access device is used anonymous credentials and is not cancelled, and whether zero-knowledge proof is correct, if anonymous credentials is not cancelled and zero-knowledge proof is correct, then checking is passed through, and the continuation Handshake Protocol, otherwise stop Handshake Protocol.
When between network access authentication equipment and the access device being the IKE agreement carrying of IPv6 or IPSec, described access device is as initiator (Initiator), and described network access authentication equipment is side (Responder) in response.Send HDR at Initiator, information after the encrypted public key that will use the certificate revocation entity during SA is encrypted together to the identify label of anonymous credentials and access device, and legal zero-knowledge proof information sends to Responder with Handshake Protocol to prove anonymous credentials, whether used anonymous credentials by Responder according to the Information Authentication Initiator that receives is not cancelled, and whether zero-knowledge proof is correct, if anonymous credentials is not cancelled and zero-knowledge proof is correct, then checking is passed through, show authentication success, and the continuation subsequent operation, otherwise stop Handshake Protocol.
In order further to guarantee the security credibility of network access authentication, whether access device also can be verified network access authentication equipment, be safe and reliable to confirm this network access authentication equipment.Also have the authentication module of the verification operation that is used to carry out this moment in the access device, network access authentication equipment also has the legal proof module of identity that is used to prove self.
The specific implementation process is consistent with the process of network access authentication device authentication equipment to be accessed, that is:
Network access authentication equipment obtains and preserves anonymous credentials in advance;
Information after the encrypted public key that access device obtains the application certificate revocation entity of network access authentication equipment is encrypted together to the identify label of anonymous credentials and network access authentication equipment, and prove the zero-knowledge proof information that anonymous credentials is legal; Confirm that described anonymous credentials is not cancelled, and according to zero-knowledge proof Information Authentication zero-knowledge proof correct after, initiate the access authentication request to network access authentication equipment again.
Above-mentioned anonymous credentials is kept on the hard disk of network access authentication equipment, or in the safety chip TPM.
Above-mentioned all relate to signature or during the operation of encrypting, can adopt the RSA system to sign or cryptographic operation, also can adopt elliptic curve cryptography (ECC) system to sign or cryptographic operation.
The above only is preferred embodiment of the present invention, and is in order to restriction the present invention, within the spirit and principles in the present invention not all, any modification of being done, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (9)
1, a kind of method that realizes network access authentication exists access device, network access authentication equipment and certificate revocation entity in network, it is characterized in that this method may further comprise the steps:
A, access device obtain and preserve anonymous credentials;
B, access device send the request of access to network access authentication equipment, comprise the information after the encrypted public key of using the certificate revocation entity is encrypted together to the identify label of anonymous credentials and access device in this request, and prove the zero-knowledge proof information that anonymous credentials is legal;
C, network access authentication equipment send anonymous credentials checking request to the certificate revocation entity, comprise the information after the encrypted public key of using the certificate revocation entity is encrypted together to the identify label of anonymous credentials and access device in this request;
After d, certificate revocation entity receive this request, the encryption key of using self is to receiving decrypts information, obtain the identify label of access device, and judge in the access device identity data storehouse of cancelling legal qualification of self preserving in advance whether this identify label is arranged, if have then return the reversed response message of this anonymity credentials for network access authentication equipment, otherwise, return the unrepealed response message of this anonymity credentials for network access authentication equipment;
E, network access authentication equipment confirm that according to the response message that the certificate revocation entity returns described anonymous credentials is not cancelled, and after verifying that zero-knowledge proof is correct, allow the access device access network.
2, method according to claim 1 is characterized in that, has the certificate authority entity that is used to issue certificate in network, and the method that the described access device of step a obtains anonymous credentials is:
Access device sends the anonymous credentials request of obtaining for the certificate authority entity, include the public signature key that self generates in advance in this request, and the information of the signature private key of this public signature key correspondence of zero-knowledge proof self, after this public signature key of certificate authority object authentication is legal, using the signature private key of self signs to the public signature key of this access device, and the result that will sign returns to access device, access device with this signature result who receives as anonymous credentials.
3, method according to claim 1 is characterized in that, has the certificate authority entity that is used to issue certificate in network, and the method that the described access device of step a obtains anonymous credentials is:
The certificate authority entity is that access device generates the public and private key of signature, the signature private key of using self is to signing from the public signature key that generates as access device, the result of signature and the public and private key of signature that generates for access device are sent to access device, and the signature result that access device will receive is as anonymous credentials.
4, method according to claim 1 is characterized in that,
The legal zero-knowledge proof information of the anonymous credentials of the described proof of step b comprises: access device is used the signature information after the signature private key that has generated is signed to a message, prove that public signature key that self obtained and encrypted anonymous credentials comprises can verify the information of described signature information, and the information of the encrypted corresponding certificate authority entity of anonymous credentials public signature key.
5, method according to claim 1 is characterized in that,
When mutual information is carried by ssl protocol or tls protocol between described network access authentication equipment and the access device, described access device is after the ServerHello information that receives from network access authentication equipment, information after the encrypted public key of using the certificate revocation entity encrypted together to the identify label of anonymous credentials and access device, and legal zero-knowledge proof information sends to network access authentication equipment with Handshake Protocol to prove anonymous credentials, perhaps, described access device comprises the information after the encrypted public key of using the certificate revocation entity is encrypted together to the identify label of anonymous credentials and access device in the ClientHello that sends, and proves the zero-knowledge proof information that anonymous credentials is legal;
When mutual information is carried by the IKE agreement of IPv6 agreement or IPSec between described network access authentication equipment and the access device, described access device sends HDR, information after the encrypted public key that will use the certificate revocation entity during SA is encrypted together to the identify label of anonymous credentials and access device, and legal zero-knowledge proof information sends to network access authentication equipment with Handshake Protocol to prove anonymous credentials.
6, method according to claim 1 is characterized in that, this method further comprises: described network access authentication equipment confirms that described anonymous credentials is cancelled, or after verifying that zero-knowledge proof is incorrect, does not allow the access device access network.
7, method according to claim 1 is characterized in that, this method further comprises:
Network access authentication equipment obtains and preserves anonymous credentials in advance;
Information after the encrypted public key that access device obtains the application certificate revocation entity of network access authentication equipment is encrypted together to the identify label of anonymous credentials and network access authentication equipment, and prove the zero-knowledge proof information that anonymous credentials is legal; Confirm that described anonymous credentials is not cancelled, and according to zero-knowledge proof Information Authentication zero-knowledge proof correct after, execution in step b again.
According to claim 1 or 7 described methods, it is characterized in that 8, described anonymous credentials is kept on the hard disk of described equipment, or in the safety chip TPM.
According to claim 2 or 3 described methods, it is characterized in that 9, described certificate revocation entity is same physical entity or different physical entity with described certificate authority entity.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2005100593864A CN100544254C (en) | 2005-03-29 | 2005-03-29 | A kind of method that realizes network access authentication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2005100593864A CN100544254C (en) | 2005-03-29 | 2005-03-29 | A kind of method that realizes network access authentication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1703005A CN1703005A (en) | 2005-11-30 |
| CN100544254C true CN100544254C (en) | 2009-09-23 |
Family
ID=35632542
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2005100593864A Expired - Fee Related CN100544254C (en) | 2005-03-29 | 2005-03-29 | A kind of method that realizes network access authentication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100544254C (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100448239C (en) * | 2006-02-28 | 2008-12-31 | 西安西电捷通无线网络通信有限公司 | Method for testing safety switch-in protocol conformity to identify service entity and system thereof |
| CN102045316B (en) * | 2009-10-16 | 2012-11-14 | 中兴通讯股份有限公司 | Anonymous communication registration method, anonymous communication method and data message transceiving system |
| CN102571729A (en) * | 2010-12-27 | 2012-07-11 | 方正宽带网络服务股份有限公司 | Internet protocol version (IPV)6 network access authentication method, device and system |
| GB2562454B (en) * | 2017-02-20 | 2019-05-29 | Trustonic Ltd | Anonymous attestation |
| CN108683508B (en) * | 2018-05-11 | 2021-02-09 | 越亮传奇科技股份有限公司 | Mobile terminal information authentication method based on equipment fingerprint |
| CN110572268B (en) * | 2019-09-12 | 2021-06-15 | 腾讯科技(深圳)有限公司 | Anonymous authentication method and device |
-
2005
- 2005-03-29 CN CNB2005100593864A patent/CN100544254C/en not_active Expired - Fee Related
Non-Patent Citations (1)
| Title |
|---|
| WO97/48208A 1 1997.12.18 |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1703005A (en) | 2005-11-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3661120B1 (en) | Method and apparatus for security authentication | |
| US10142297B2 (en) | Secure communication method and apparatus | |
| JP7175269B2 (en) | Internet-of-Things Device Record Verification Method and Apparatus, and ID Authentication Method and Apparatus | |
| US11128477B2 (en) | Electronic certification system | |
| EP3318003B1 (en) | Confidential authentication and provisioning | |
| CN100580657C (en) | Distributed single sign-on service | |
| CA2531533C (en) | Session-based public key infrastructure | |
| USH2270H1 (en) | Open protocol for authentication and key establishment with privacy | |
| TWI512524B (en) | System and method for identifying users | |
| CA2551113A1 (en) | Authentication system for networked computer applications | |
| WO2016155281A1 (en) | Application identifier management method and device | |
| CN102164033A (en) | Method, device and system for preventing services from being attacked | |
| CN112351037B (en) | Information processing method and device for secure communication | |
| CN100544254C (en) | A kind of method that realizes network access authentication | |
| CN110020869B (en) | Method, device and system for generating block chain authorization information | |
| WO2016173211A1 (en) | Application identifier management method and device | |
| CN110611679A (en) | Data transmission method, device, equipment and system | |
| WO2017008556A1 (en) | Authentication method and device for wireless access point and management platform | |
| CN110912685A (en) | Establishing a protected communication channel | |
| JP6045018B2 (en) | Electronic signature proxy server, electronic signature proxy system, and electronic signature proxy method | |
| KR101749449B1 (en) | Two Level Privacy Preserving Pseudonymous Authentication Method for Vehicular Ad-Hoc Network and System Therefor | |
| CN110572257B (en) | Identity-based data source identification method and system | |
| CN110855444A (en) | Pure software CAVA identity authentication method based on trusted third party | |
| Soni et al. | PAKE PROTOCOL WITH OTSP AND IMAGE BASED PASSWORD AUTHENTICATION. | |
| KR100917564B1 (en) | Method for ID-based ticket authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090923 Termination date: 20210329 |