CN101321100B - Communication method and system, and household base station - Google Patents

Communication method and system, and household base station Download PDF

Info

Publication number
CN101321100B
CN101321100B CN2007101073847A CN200710107384A CN101321100B CN 101321100 B CN101321100 B CN 101321100B CN 2007101073847 A CN2007101073847 A CN 2007101073847A CN 200710107384 A CN200710107384 A CN 200710107384A CN 101321100 B CN101321100 B CN 101321100B
Authority
CN
China
Prior art keywords
base station
home
user
identification code
identify label
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN2007101073847A
Other languages
Chinese (zh)
Other versions
CN101321100A (en
Inventor
邱勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN2007101073847A priority Critical patent/CN101321100B/en
Priority to PCT/CN2008/071179 priority patent/WO2008148348A1/en
Publication of CN101321100A publication Critical patent/CN101321100A/en
Application granted granted Critical
Publication of CN101321100B publication Critical patent/CN101321100B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/105PBS [Private Base Station] network

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the invention provides a communication method, a system, and a home base station, to enhance mobility of the home base station. The communication method comprises the following step of undergoing communication to a network side through a user ID code of the home base station stored in a ID card of the home base station (BSIM card) installed on a main body of the base station in detachable mode. The communication system comprises the home base station and a network side entity. The home base station for communications between the user ID code of the home base station and the network side comprises a main body of the base station, and a BSIM card. The user ID code is stored in the BSIM card which is installed on the main body of the base station in detachable mode. The home station is divided into the main body of the base station, and the BSIM card, so that a user can use any other home base station through the BSIM card, which improves mobility of the home base station.

Description

A kind of communication means and system, and base station from home
Technical field
The present invention relates to a kind of communication technology, relate in particular to a kind of communication means and system, reach base station from home.
Background technology
Along with professional flourish of Internet (the Internet), and the extensive use of broadband access network and wireless network, at a high speed, access network is the target that people pursue easily.For the resource of better utilization existing network, the cost of protecting network equipment operator is at 3GPP (3rd Generation Partnership Project; 3G (Third Generation) Moblie standardization body) introduced the notion of base station from home in.Base station from home is meant little base station miniaturization, that family or office use, possibly be fully privately owned, also can be under the situation that different priorities, authority are set, openly give popular the use, and its ownership is returned the individual, rather than returns government or operator; It uses object then possibly be user among a small circle, also possibly be large-scale user.Adopt base station from home to realize wireless access, can the better utilization conventional network resources, more practice thrift the cost of network equipment operator, merge the advantage separately of mobile access network and fixed access network network.
For base station from home, utilize the device identification of base station from home to identify the groups of users of using this base station from home, have only the groups of users of using base station from home registered after, the member of this groups of users just can use base station from home.In addition because base station from home is the base station that user oneself bought, was placed on the user place; That is to say that base station from home is outside the control of operator; When the family expenses base station is being linked among the mobile network, just carry out mutual authentication between needs and the mobile network like this, to differentiate the legitimacy of base station from home; In authentication process, adopt symmetric key.
Because adopt the device identification of base station from home to identify the groups of users of using this base station from home, like this, can produce following problem: (1) is that manufacturer provides because this is designated the sign of base station from home, will become very difficult if revise this sign; (2) when using this to identify the interdependent node of seeking network; Because being equipment vendor, device identification provides; Can not comprise routing iinformation; Therefore, in the mobile network, using the device identification of base station from home to seek corresponding HSS (Home Subscriber Server, home subscriber server) can be cumbersome.Simultaneously because the business that this base station from home that the user of base station from home can only use him to register provides; The user of base station from home is when the other places like this; If enjoy the business that this base station from home that he registers provides; Just must carry this base station from home, therefore, very poor to the mobility of user's base station from home.
Summary of the invention
The embodiment of the invention provides a kind of communication means and system, has reached base station from home, has strengthened the mobility with base station from home, and has made things convenient for the user.
Embodiments of the invention provide a kind of communication means, comprising:
Communicate through user of home base station identification code and network side; Said user of home base station identification code is stored in the base station from home identify label card; Contracted user's sign of expression base station from home; And be used for the groups of users that unique identification uses the base station, and be used for registering and authentication to the mobile network, said base station from home identify label card is removably mounted on the base station body.
Embodiments of the invention also provide a kind of communication system, comprise base station from home and network side entity,
Said base station from home; Be used for communicating through user of home base station identification code and network side entity, said base station from home comprises base station body and base station from home identify label card, contracted user's sign of expression base station from home; And be used for the groups of users that unique identification uses the base station; And be used for registering and authentication to the mobile network, said user identification code is stored in the base station from home identify label card, and said base station from home identify label card is removably mounted on the base station body.
Embodiments of the invention also provide a kind of base station from home, comprise base station body and base station from home identify label card,
Said base station body; It comprises: first transmitting element; Be used for reading the user of home base station identification code request to the transmission of base station from home identify label card, first receiving element is used to receive the affirmation message that has the user of home base station identification code that base station from home identify label card sends; Communication unit is used for communicating through said user of home base station identification code and network side;
Said base station from home identify label card; It is removably mounted on the base station body; Comprise first memory cell, be used to store the user of home base station identification code, said user of home base station identification code is represented contracted user's sign of base station from home; And be used for the groups of users that unique identification uses the base station, and be used for registering and authentication to the mobile network; First receiving element is used to receive that base station body sends reads user of home base station identification code request message; First transmitting element is used for sending the affirmation message that comprises the user of home base station identification code to base station body.
The embodiment of the invention makes the user pass through the BSIM card and can use other any base station from home through base station from home being separated into base station body and BSIM card, strengthened the mobility of base station from home.In addition,, when the user arrives the other places, only need carry the BSIM card, the BSIM card is installed on the base station body, just can communicate by letter, receive the business of network side, thereby greatly facilitate the user with network side because the BSIM card is easy to carry about with one.
Description of drawings
Fig. 1 shows the structure of the BSIM ID of the embodiment of the invention;
Fig. 2 shows the authorizing procedure of base station from home in PLMN (Universal Mobile Telecommunication System, UMTS) network of the embodiment of the invention one;
Fig. 3 shows the authorizing procedure when the family expenses base station is managed by MME in SAE/LTE SAE (System Architecture Evolution, System Architecture Evolution)/LTE (Long Term Evolution, Long Term Evolution) network of the embodiment of the invention two;
Fig. 4 shows the authorizing procedure of base station from home in the UMTS network of the embodiment of the invention three;
Fig. 5 shows the another kind of authorizing procedure of base station from home in the UMTS network of the embodiment of the invention four;
Fig. 6 shows in the SAE/LTE network or in the UMTS network of the embodiment of the invention five, the authorizing procedure when the family expenses base station is managed by as GW;
Fig. 7 shows the communication system of the embodiment of the invention.
Embodiment
Understand and realization the present invention for the ease of persons skilled in the art, combine accompanying drawing to describe embodiments of the invention at present.
In embodiments of the present invention, whole base station from home is made up of two parts: i.e. base station body and base station from home identify label card (that is, BSIM (Base Station Identifier Module) card).The BS Number (base station from home main body number) of storage base station from home in base station body; The contracted user of storage base station from home identifies BSIM ID (user of home base station identification code) and basic key in the BSIM card; And some authentication arithmetics and derivative key generating algorithm (hereinafter to be referred as key schedule), BSIM ID is used for the groups of users that unique identification uses a certain base station.Also can store the relevant information of other and communication in the BSIM card, like each user data of users of using base station from home (for example telephone number etc.) and network data (allow to use the user list of this base station from home, base station from home position identifier, derivative key life cycle etc. when the last time registers); Said other with communication relevant information can dynamic change in communication process.
When opening an account registration, can obtain a BSIM card.After obtaining the BSIM card; Can the BSIM card be removably mounted in arbitrary base station body, base station body is in when start, registers and authentication to the mobile network with regard to the BSIM ID of BSIM card capable of using; After the success of registration authentication, base station from home just can carry out various communication with network.
As shown in Figure 1, said BSIM ID can be made up of following three parts:
Mobile country code (MCC) identifies the country that base station from home belongs to uniquely;
Mobile network code, MNC (MNC), the network of the ownership of sign base station from home;
Move base station from home identification code (MBIN), identify the base station from home in the home network, and can identify the home subscriber server HSS under the base station from home.So can find corresponding HSS according to the MBIN of BSIM ID.
MNC and MBIN form country and move base station from home identification code (NMBI) altogether.The distribution of MCC can be managed by ITU.NMBI can be responsible for by each operator or national policy department.
BSIM ID also can form otherwise, as long as can satisfy the groups of users that unique identification uses a certain base station.
The embodiment of the invention discloses a kind of communication means; Said method comprises: base station from home communicates through user of home base station identification code and network side; Said user of home base station identification code is stored in the base station from home identify label card, and said base station from home identify label card is removably mounted on the base station body.Said base station from home identify label card is also stored basic key and authentication arithmetic, so that base station from home and network side carry out authentication.After base station from home was divided into base station body and BSIM card, communication process changed main body and carries out in the authentication process in family expenses base station and network side, the registration authentication process that is described in respectively in the various heterogeneous networks through embodiment one to embodiment five below.
Embodiment one
Present embodiment is described the registration method for authenticating of base station from home in PLMN (Public Land Mobile Network, public land mobile network) carrier network of the embodiment of the invention.
In Fig. 2, base station from home has comprised base station body and BSIM card, and is as shown in Figure 2, and the registration authentication process of base station from home is described below.
The register request message that comprises BSIM ID is sent in step 1, base station from home start to network side.
After step 2, network side receive register request message, find corresponding basic key, carry out authentication arithmetic according to BSIM ID and basic key then, and send authentication request message to base station from home according to the BSIM ID in the register request message.
After step 3, base station from home receive base station from home transmission authentication request message, use the basic key in the BSIM card to carry out authentication arithmetic, and send authentication response message to network.
In step 2 and step 3; Basic key capable of using generates derivative key; This derivative key can be used as IKE (Internet Key Exchange among the IPSec (a kind of IP Security agreement); Netkey exchange) wildcard is used for setting up the security association (SA) of IPSEC, and this derivative key also can be with the key of doing transmission data between base station from home and the network are protected.
Step 4, network side carry out authentication to base station from home, if the authentication success uses the user of this base station from home to be legal users, network can provide subscribed services for the user through this base station from home, and network sends enrollment response message to base station from home.
In step 1 to step 4, just simply enumerate a kind of method for authenticating, those skilled in the art can know and also can adopt other method for authenticating to carry out authentication.
The user can use the BSIM ID in the BSIM card to carry out other corresponding process according to the requirement of network side after accepting subscribed services that network provides through base station from home, for example increases or deletion can be used user in the user list of this base station from home etc.
The base station from home of the embodiment of the invention also is fit to other network; Like networks such as UMTS network, SAE/LTE; Through embodiment two to embodiment five in networks such as UMTS network, SAE/LTE, the start shooting authentication process in when registration of base station from home is described with reference to Fig. 3 to Fig. 6 below; For the authentication process under other situation, similar with it, repeat no more at this.In Fig. 3 to Fig. 6, BSIM representes the BSIM card, and MME representes Mobility Management Entity, when said network is the SAE/LTE network, adopts the MME node; SGSN is a Serving GPRS Support Node, when said network is UMTS, adopts the SGSN node.HSS is a home subscriber server, is used to store its corresponding basic key of BSIM ID of base station from home; In Fig. 6, as (GW) can be a security gateway or an aggregation node, can bear the function of subnetwork side and part wireless control node.
Embodiment two
As shown in Figure 3, present embodiment is described in the authentication process when start is registered under the situation of being managed by MME when the family expenses base station in the SAE/LTE network.
After step 301, the base station body start, send the request message that reads BSIM ID to the BSIM card.
Step 302, BSIM card send acknowledge message to base station body, comprise the BSIM ID of BSIM card in the message.
Step 303, base station body are sent register request message (Register) to MME, and said register request message comprises BSIM ID.
Step 304, MME send authentication information request message (AuthInfoReq) to HSS, so that from HSS request authentication information, said authentication information request message comprises BSIM ID.
After step 305, HSS receive the authentication information request message; BSIM ID according in the authentication information request message finds corresponding basic key, and produces random number (Rand) according to basic key, is parameter with basic key and random number; Carry out authentication arithmetic, produce authenticating result Result1; HSS also can produce algorithm according to basic key, random number and specific key and generate derivative key simultaneously; HSS sends authentication information response message (AuthInfoResp) to MME then; Authenticating result Result1, random number and derivative key are sent to MME, and said authentication information response message comprises authenticating result Result1, random number and derivative key.
Step 306, MME send authentication request message (AuthChallenge) to the BSIM card, and random number is sent to the BSIM card;
Step 307, BSIM card according to the basic key of storing in the random number that receives and the BSIM card use with step 305 in identical authentication arithmetic generation authenticating result Result2; Also can according to basic key and random number use with step 305 in identical key produce algorithm generation derivative key; Then; The BSIM card sends authentication response message to MME, and Result2 sends to MME with authenticating result; The derivative key that generates in step 305 and the step 307 can be used as the wildcard of IKE among the IPSec (a kind of IP Security agreement); Be used for setting up the security association (SA) of IPSEC, also can be with the key of doing transmission data between base station from home and the network are protected.
Step 308, MME compare this authenticating result Result2 with the authenticating result Result1 that HSS sends, if difference then failed authentication, otherwise the authentication success, MME will send registration ack message RegisterAck to base station body.
In step 301 to step 308, just simply enumerate a kind of method for authenticating, those skilled in the art can know and also can adopt other method for authenticating to carry out authentication.
Embodiment three
As shown in Figure 4, present embodiment is described in the authentication process in start when registration of base station from home in the UMTS network.
After step 401, the base station body start, send the request message that reads BSIM ID to the BSIM card.
Step 402, BSIM card send acknowledge message to base station body, comprise the BSIM ID of BSIM card in the message.
Step 403, base station body are sent register request message (Register) to RNC, and said register request message comprises BSIM ID.
Step 404, RNC send authentication information request message (AuthInfoReq) to HSS, so that from HSS request authentication information, said authentication information request message comprises BSIM ID.
After step 405, HSS receive the authentication information request message; BSIM ID according in the authentication information request message finds corresponding basic key, and produces random number according to basic key, is parameter with basic key and Rand; Carry out authentication arithmetic, produce authenticating result Result1; HSS also can produce algorithm according to basic key, random number and specific key and generate derivative key simultaneously; HSS sends authentication information response message (AuthInfoResp) to RNC then; Authenticating result Result1, random number and derivative key are sent to RNC, and said authentication information response message comprises authenticating result Result1, random number and derivative key.
Step 406, RNC send authentication request message (AuthChallenge) to the BSIM card, and random number is sent to the BSIM card;
Step 407, BSIM card according to the basic key of storing in random number and the BSIM card use with step 405 in identical authentication arithmetic generation authenticating result Result2; Also can according to basic key and random number use with step 405 in identical key produce algorithm generation derivative key; Then; The BSIM card sends authentication response message to RNC, and Result2 sends to RNC with authenticating result; The derivative key that generates in step 405 and the step 407 can be used for setting up the security association (SA) of IPSEC as the wildcard of IKE among the IPSec, also can be with the key of doing transmission data between base station from home and the network are protected.
Step 408, RNC compare this authenticating result Result2 with the authenticating result Result1 that HSS sends, if difference then failed authentication, otherwise the authentication success, RNC will send registration ack message RegisterAck to base station body.
In step 401 to step 408, just simply enumerate a kind of method for authenticating, those skilled in the art can know and also can adopt other method for authenticating to carry out authentication.
Embodiment four
As shown in Figure 5, present embodiment is described in the authentication process in another kind when registration start of base station from home in the UMTS network.
After step 501, the base station body start, send the request message that reads BSIM ID to the BSIM card.
Step 502, BSIM card send acknowledge message to base station body, comprise the BSIM ID of BSIM card in the message.
Step 503, base station body are sent register request message (Register) to RNC, and said register request message comprises BSIM ID.
Step 504, RNC send authentication information request message (AuthInfoReq) to SGSN, so that the request authentication information, said authentication information request message comprises BSIM ID.
Step 505, SGSN send authentication information request message (AuthInfoReq) to HSS, so that from HSS request authentication information, said authentication information request message comprises BSIM ID.
After step 506, HSS receive the authentication information request message, finding corresponding basic key according to the BSIM ID in the authentication information request message, and produce random number, is parameter with basic key and Rand, carries out authentication arithmetic, produces authenticating result Result1; HSS also can produce algorithm according to basic key, random number and specific key and generate derivative key simultaneously; HSS sends authentication information response message (AuthInfoResp) to RNC then, and authenticating result Result1, random number and derivative key are sent to SGSN.
Step 507, SGSN send authentication information response message (AuthInfoResp) to RNC, and random number is sent to RNC.
Step 508, RNC send authentication request message (AuthChallenge) to the BSIM card, and random number is sent to the BSIM card, and said authentication request message comprises random number.
After step 509, BSIM card are received authentication request message; According to the basic key of storing in the random number in the authentication request message and the BSIM card use with step 505 in identical authentication arithmetic generation authenticating result Result2; Also can according to basic key, random number use with step 505 in identical key produce algorithm generation derivative key; The BSIM card sends authentication response message to RNC, and Result2 sends to RNC with authenticating result; The derivative key that generates in step 506 and the step 509 can be used for setting up the security association (SA) of IPSEC as the wildcard of IKE among the IPSec, also can be with the key of doing transmission data between base station from home and the network are protected.
Step 510, RNC send authenticating result comparison of request (CompResultReq) to SGSN, and Result2 sends to SGSN with authenticating result.
Step 511, SGSN compare this authenticating result Result2 with the authenticating result Result1 that HSS sends, if difference then failed authentication, otherwise the authentication success, SGSN sends authenticating result to RNC and relatively responds (CompResultReq).
Step 512, RNC will send registration ack message (RegisterAck) to base station body.
In step 501 to step 512, just simply enumerate a kind of method for authenticating, those skilled in the art can know and also can adopt other method for authenticating to carry out authentication.
Embodiment five
As shown in Figure 6, present embodiment be described in the SAE/LTE network or in the UMTS network when the family expenses base station is managed by as GW the authentication process in when registration start.
After step 601, the base station body start, send the request message that reads BSIM ID to the BSIM card.
Step 602, BSIM card send acknowledge message to base station body, comprise the BSIM ID of BSIM card in the message.
Step 603, base station body are sent register request message (Register) to as, and said register request message comprises BSIM ID.
Step 604, as are sent authentication information request message (AuthInfoReq) to HSS, so that from HSS request authentication information, said authentication information request message comprises BSIM ID.
After step 605, HSS receive the authentication information request message; BSIM ID according in the authentication information request message finds corresponding basic key, and produces random number according to basic key, is parameter with basic key and Rand; Carry out authentication arithmetic, produce authenticating result Result1; HSS also can produce algorithm according to basic key, random number and specific key and generate derivative key simultaneously; HSS sends authentication information response message (AuthInfoResp) to as then; Authenticating result Result1, random number and derivative key are sent to as, and said authentication information response message comprises authenticating result Result1, random number and derivative key.
Step 606, as are sent authentication request message (AuthChallenge) to the BSIM card, and random number is sent to the BSIM card.
Step 607, BSIM card according to the basic key of storing in random number and the BSIM card use with step 605 in identical authentication arithmetic generation authenticating result Result2; Also can according to basic key and random number use with step 605 in identical key produce algorithm generation derivative key; Then; The BSIM card sends authentication response message to as, and Result2 sends to as with authenticating result; The derivative key that generates in step 605 and the step 607 can be used for setting up the security association (SA) of IPSEC as the wildcard of IKE among the IPSec, also can be with the key of doing transmission data between base station from home and the network are protected.
Step 608, as are compared this authenticating result Result2 with the authenticating result Result1 that HSS sends, if difference then failed authentication, otherwise the authentication success, as will be sent registration ack message RegisterAck to base station body.
In step 601 to step 608, just simply enumerate a kind of method for authenticating, those skilled in the art can know and also can adopt other method for authenticating to carry out authentication.
Embodiment six
As shown in Figure 7, present embodiment discloses a kind of communication system, comprises base station from home and network side entity.
Said base station from home is used for communicating through user of home base station identification code and network side entity; Said base station from home comprises base station body and base station from home identify label card; Said user identification code is stored in the base station from home identify label card, and said base station from home identify label card is removably mounted on the base station body.
Said base station from home comprises base station body and base station from home identify label card.Said base station from home can be base station from home or the AP (Access Point, access point) in the UMTS network, also can be base station from home or Home eNB in the SAE/LTE network etc.
Said base station body comprises: first transmitting element; Be used for reading the user of home base station identification code request to the transmission of base station from home identify label card; First receiving element is used to receive the affirmation message that has the user of home base station identification code that base station from home identify label card sends; Communication unit is used for communicating through said user of home base station identification code and network side, and with the communication process of network side in, obtain random number from network side; Second transmitting element is used for the random number that communication unit obtains is issued base station from home identify label card; Second receiving element is used to receive the authenticating result of base station from home identify label card.
Said base station from home identify label card, it is removably mounted on the base station body, comprises first memory cell, is used to store the user of home base station identification code; First receiving element is used to receive that base station body sends reads user of home base station identification code request message; First transmitting element is used for sending the affirmation message that comprises the user of home base station identification code to base station body; Second receiving element is used to receive the random number that second transmitting element of said base station body sends; Second memory cell is used to store basic key and authentication arithmetic; The 3rd memory cell (not shown) is used to store derivative key generating algorithm and network data; The 4th memory cell (not shown) is used for storaging user data; Performance element is used for carrying out authentication according to the random number of said second receiving element reception and the basic key of said second cell stores, and produces authenticating result; Second transmitting element is used for sending the authenticating result that performance element produces to base station body.
According to the embodiment of the invention; Through base station from home being divided into base station body and BSIM card, owing to storage BSIM ID and basic key on the BSIM card, because basic key is stored on the BSIM card; When changing base station from home, the user needn't arrive equipment operator there burning key again; The selection of more base station body also is provided to user of home base station simultaneously, and this has great convenience for the user, and has saved the investment of user to base station body.
When the user uses professional that this base station from home that he registered provides in the other places, as long as it is just passable to carry the BSIM card, needn't carry base station body, improved user's mobility, brought convenience to the user.
Though described the present invention through embodiment, those of ordinary skills know, under the situation that does not break away from spirit of the present invention and essence, just can make the present invention that many distortion and variation are arranged, and scope of the present invention is limited appended claim.

Claims (16)

1. a communication means is characterized in that, comprising:
Base station from home communicates through user of home base station identification code and network side; Wherein, said base station from home comprises: base station from home identify label card and base station body, said user of home base station identification code are stored in the said base station from home identify label card; Contracted user's sign of expression base station from home; And be used for the groups of users that unique identification uses the base station, and be used for registering and authentication to the mobile network, said base station from home identify label card is removably mounted on the said base station body.
2. method according to claim 1 is characterized in that, said base station from home identify label card is also stored basic key and authentication arithmetic, so that base station from home and network side carry out authentication.
3. method according to claim 2 is characterized in that, said base station from home and network side carry out authentication and specifically comprise:
Send the user of home base station identification code to network side; Network side is carried out authentication arithmetic according to the user of home base station identification code that receives with the corresponding basic key of user of home base station identification code; Obtain first authenticating result and random number; And return authentication request message, said authentication request message comprises random number;
Carry out authentication arithmetic according to random number and basic key, obtain second authenticating result;
Send authentication response message to network side, said authentication response message comprises second authenticating result; Make network side carry out authentication according to second authenticating result in first authenticating result and the authentication response message.
4. method according to claim 3 is characterized in that, saidly sends the user of home base station identification code to network side and specifically comprises: send the user of home base station identification code through register request message to network side.
5. method according to claim 4 is characterized in that, said method comprises that also said network side carries out according to second authenticating result in first authenticating result and the authentication response message after the authentication, sends enrollment response message to base station from home.
6. method according to claim 3 is characterized in that, said before network side sends the user of home base station identification code in execution, said method also comprises:
Base station body is sent to base station from home identify label card and is read the user of home base station identification code request;
Base station from home identify label card sends the base station body that confirms message to that comprises the user of home base station identification code.
7. according to one of them described method of claim 3 to 6; It is characterized in that; Said base station from home identify label card is also stored the derivative key generating algorithm; After said acquisition first authenticating result and random number, and after said acquisition second authenticating result, said method also comprises: generate derivative key according to basic key, random number and derivative key generating algorithm.
8. method according to claim 7 is characterized in that said derivative key is used to set up security association, perhaps is used for the key that the transmission data are protected between family expenses base station and network.
9. according to one of them described method of claim 1 to 6, it is characterized in that said user of home base station identification code comprises:
Mobile country code identifies the country that base station from home belongs to uniquely;
Mobile network code, MNC, the network of the ownership of sign base station from home;
Move the base station from home identification code, identify the base station from home in the home network, and can identify the home subscriber server under the base station from home.
10. a communication system comprises base station from home and network side entity, it is characterized in that,
Said base station from home; Be used for communicating through user of home base station identification code and network side entity, said base station from home comprises base station body and base station from home identify label card, and said user identification code is stored in the base station from home identify label card; Contracted user's sign of expression base station from home; And be used for the groups of users that unique identification uses the base station, and be used for registering and authentication to the mobile network, said base station from home identify label card is removably mounted on the base station body.
11. system according to claim 10 is characterized in that, said base station from home comprises base station body and base station from home identify label card,
Said base station body; It comprises: first transmitting element; Be used for reading the user of home base station identification code request to the transmission of base station from home identify label card, first receiving element is used to receive the affirmation message that has the user of home base station identification code that base station from home identify label card sends; Communication unit is used for communicating through said user of home base station identification code and network side;
Said base station from home identify label card, it is removably mounted on the base station body, comprises first memory cell, is used to store the user of home base station identification code; First receiving element is used to receive that base station body sends reads user of home base station identification code request message; First transmitting element is used for sending the affirmation message that comprises the user of home base station identification code to base station body.
12. system according to claim 11; It is characterized in that; The communication unit of said base station body with the communication process of network side in; Obtain random number from network side, said base station body also comprises: second transmitting element is used for the random number that communication unit obtains is issued base station from home identify label card; Second receiving element is used to receive the authenticating result of base station from home identify label card;
Said base station from home identify label card also comprises:
Second receiving element is used to receive the random number that second transmitting element of said base station body sends;
Second memory cell is used to store basic key and authentication arithmetic;
Performance element is used for carrying out authentication according to the random number of said second receiving element reception and the basic key of said second cell stores, and produces authenticating result;
Second transmitting element is used for sending the authenticating result that performance element produces to base station body.
13. a base station from home is characterized in that, comprises base station body and base station from home identify label card,
Said base station body; It comprises: first transmitting element; Be used for reading the user of home base station identification code request to the transmission of base station from home identify label card, first receiving element is used to receive the affirmation message that has the user of home base station identification code that base station from home identify label card sends; Communication unit is used for communicating through said user of home base station identification code and network side;
Said base station from home identify label card; It is removably mounted on the base station body; Comprise first memory cell, be used to store the user of home base station identification code, said user of home base station identification code is represented contracted user's sign of base station from home; And be used for the groups of users that unique identification uses the base station, and be used for registering and authentication to the mobile network; First receiving element is used to receive that base station body sends reads user of home base station identification code request message; First transmitting element is used for sending the affirmation message that comprises the user of home base station identification code to base station body.
14. base station from home according to claim 13 is characterized in that,
The communication unit of said base station body with the communication process of network side in, obtain random number from network side, said base station body also comprises: second transmitting element is used for the random number that communication unit obtains is issued base station from home identify label card; Second receiving element is used to receive the authenticating result of base station from home identify label card;
Said base station from home identify label card also comprises:
Second receiving element is used to receive the random number that second transmitting element of said base station body sends;
Second memory cell is used to store basic key and authentication arithmetic;
Performance element is used for carrying out authentication according to the random number of said second receiving element reception and the basic key of said second cell stores, and produces authenticating result;
Second transmitting element is used for sending the authenticating result that performance element produces to base station body.
15. base station from home according to claim 14 is characterized in that,
Said base station from home identify label card also comprises the 3rd memory cell, is used to store derivative key generating algorithm and network data.
16. base station from home according to claim 15 is characterized in that, said base station from home identify label card also comprises the 4th memory cell, is used for storaging user data.
CN2007101073847A 2007-06-04 2007-06-04 Communication method and system, and household base station Active CN101321100B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN2007101073847A CN101321100B (en) 2007-06-04 2007-06-04 Communication method and system, and household base station
PCT/CN2008/071179 WO2008148348A1 (en) 2007-06-04 2008-06-04 Communication method, system, and home bs

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2007101073847A CN101321100B (en) 2007-06-04 2007-06-04 Communication method and system, and household base station

Publications (2)

Publication Number Publication Date
CN101321100A CN101321100A (en) 2008-12-10
CN101321100B true CN101321100B (en) 2012-11-07

Family

ID=40093193

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2007101073847A Active CN101321100B (en) 2007-06-04 2007-06-04 Communication method and system, and household base station

Country Status (2)

Country Link
CN (1) CN101321100B (en)
WO (1) WO2008148348A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102009004358A1 (en) 2009-01-08 2010-07-15 T-Mobile International Ag A method for renewing additional information stored in the terminal for the terminal-based detection of home base stations in a cellular mobile radio network
CN102056164B (en) * 2009-11-10 2015-04-01 中兴通讯股份有限公司 Method for accessing home base station into network and home base station management server
CN104349315B (en) * 2013-07-31 2018-01-05 普天信息技术有限公司 It is a kind of to ensure base station and the method and system of user equipment information safety
CN110245943B (en) * 2019-05-20 2021-04-23 创新先进技术有限公司 Receipt storage method and node based on judgment condition

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1558697A (en) * 2004-02-10 2004-12-29 Ut˹�￵ͨѶ���޹�˾ PHS system authentication method
CN1561136A (en) * 2004-02-18 2005-01-05 Ut˹�￵ͨѶ���޹�˾ PHS mobile phone network discriminating method
EP1786222A1 (en) * 2005-11-15 2007-05-16 Nortel Networks Limited Access network, gateway and management server for a cellular wireless communication system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1558697A (en) * 2004-02-10 2004-12-29 Ut˹�￵ͨѶ���޹�˾ PHS system authentication method
CN1561136A (en) * 2004-02-18 2005-01-05 Ut˹�￵ͨѶ���޹�˾ PHS mobile phone network discriminating method
EP1786222A1 (en) * 2005-11-15 2007-05-16 Nortel Networks Limited Access network, gateway and management server for a cellular wireless communication system

Also Published As

Publication number Publication date
WO2008148348A1 (en) 2008-12-11
CN101321100A (en) 2008-12-10

Similar Documents

Publication Publication Date Title
CN104836787B (en) System and method for Authentication Client website
CN105052184B (en) Method, equipment and controller for controlling user equipment to access service
CN101156487B (en) Proximity based authentication using tokens
CN102215474B (en) Method and device for carrying out authentication on communication equipment
CN1960567B (en) Communication method for terminal to enter to and exit from idle mode
CN100459799C (en) Control system and control method for terminal to use network
CN102111766B (en) Network accessing method, device and system
EP1860906B1 (en) A general authentication form and a method for implementing the authentication
US20060195893A1 (en) Apparatus and method for a single sign-on authentication through a non-trusted access network
CN103609154B (en) A kind of WLAN access authentication method, equipment and system
CN103039053A (en) Secure registration of group of clients using single registration procedure
CN101297515A (en) EAP/SIM authentication for mobile IP to leverage GSM/SIM authentication infrastructure
CN100469196C (en) Identification method for multi-mode terminal roaming among heterogenous inserting technology networks
CN101150857A (en) Certificate based authentication authorization accounting scheme for loose coupling interworking
WO2007091699A2 (en) Method, system and apparatus for indirect access by communication device
CN104243145A (en) Key generation in a communication system
CN1357986A (en) Cheat detecting method in mobile telecommunication network
CN106105134A (en) Improved end-to-end data protection
CN103843377A (en) Method and apparatus for enabling access to applications integrated with a visited network
CN101785343B (en) Method, system and device for fast transitioning resource negotiation
CN107205251A (en) A kind of method of accessing terminal to network, device and terminal
CN101662768B (en) Authenticating method and equipment based on user identification module of personal handy phone system
CN101321100B (en) Communication method and system, and household base station
CN102316450B (en) Group-based M2M (machine-to-machine) communication authentication method and equipment
WO2006079953A1 (en) Authentication method and device for use in wireless communication system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant