CN101394275B - Method, system and device implementing routing safety - Google Patents
Method, system and device implementing routing safety Download PDFInfo
- Publication number
- CN101394275B CN101394275B CN2007101522225A CN200710152222A CN101394275B CN 101394275 B CN101394275 B CN 101394275B CN 2007101522225 A CN2007101522225 A CN 2007101522225A CN 200710152222 A CN200710152222 A CN 200710152222A CN 101394275 B CN101394275 B CN 101394275B
- Authority
- CN
- China
- Prior art keywords
- router
- access request
- equipment
- request equipment
- check
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the invention discloses a method for achieving routing security, which comprises the following steps: access request equipment test a router to be selected for validity; and when the router passes the validity test, the router is selected as the router providing routing. The embodiment of the invention further discloses a system and a device for achieving safe routing. The invention can increase routing safety.
Description
Technical field
The present invention relates to the communications field, particularly a kind of method, system and equipment of realizing routing safety.
Background technology
Routing safety is commonly referred to as by taking to resist the means of routing attack, guarantees the operate as normal of router.Routing attack is usually expressed as: the assailant claims that oneself can provide good route, such as satisfy between own and the base station channel better or the own energy condition of the Route Selection of agreement regulation such as abundance relatively, select it as route with node around attracting, further attack processing then.Purpose according to routing attack is different with means, routing attack can be divided into the numerous species type, such as, Sybil attack is meant that the assailant has a plurality of identity, can reduce distributed storage greatly, disperse route or multichannel route etc. to possess the validity of the routing plan of fault tolerance; The selection forwarding attack then is meant selectively or all refuses to transmit the packet of receiving.Also have the false routing information that the routing iinformation that exchanges between the node is cheated, distorted or resets attack and with enough big ability to Web broadcast HELLO grouping with the HELLO flood attack that exists of stating oneself to neighbor node or the like multiple routing attack type.
The method that realizes routing safety at present is: for ensureing routing safety or attack being limited in certain scope, adopt corresponding mean of defense at different routing attack types, such as, for Sybil attack, generally adopt DSE arithmetic that node is carried out authentication; And for selecting forwarding attack, generally adopt the multichannel route or use many winding paths to resist attack.
Realize at present the method for routing safety,, that is to say that then just to be considered to route be believable as long as can discern mutually between two equipment owing to be based on data encryption mostly.Thereby after key was intercepted and captured, routing safety can't be guaranteed.
In addition,, take identical mean of defense, can't guarantee routing safety for the routing attack type of different network topologies because routing safety and Routing Protocol and network topology etc. have very confidential relation.Such as, in wireless sensor network (WSN, Wireless Sensor Network) as shown in Figure 1, WSN among Fig. 1 is the sub-clustering network topology, and the black matrix node is a bunch head, can be divided into 1 grade of bunch of head, 2 grades of bunches of heads, ..., the N level is bunch first-class, as L1 among Fig. 1 and L2 etc.Bunch head when carrying out information perception and collection, need provide routing function as general sensing node.And a bunch head is taked mechanism by turns, to prolong the useful life of leader cluster node and whole network.Bunch subfacies is general sensing node or general device, and TL3 as shown in FIG. and TM1 etc. are to carry out information perception and collection.For the defence method of selecting many routes that forwarding attack adopted, in the network topology of sub-clustering, almost be infeasible.Because sensing node has only through bunch head feedback information that could make progress, thereby can't realize many routes.
As seen, realize the method for routing safety at present, routing safety can't be guaranteed, and routing security is relatively poor.
Summary of the invention
The embodiment of the invention provides a kind of method that realizes routing safety, and this method can improve routing security.
The embodiment of the invention also provides a kind of system that realizes routing safety, and this system can improve routing security.
The embodiment of the invention also provides a kind of equipment of realizing routing safety, and this equipment can improve routing security.
For achieving the above object, the technical scheme of the embodiment of the invention specifically is achieved in that
A kind of method that realizes routing safety, this method comprises: the router that access request equipment is treated selection carries out the legitimacy check, after router described to be selected is by the legitimacy check, with router described to be selected as the router that route is provided;
When once existing previous router to provide route, router described to be selected is carried out the legitimacy check comprise: route described to be selected is carried out the key check for described access request equipment; Receive the sign of the previous router that router described to be selected provides, the sign correctness of the described previous router that provides is provided, wherein, router described to be selected is specially by legitimate verification: the key check that router described to be selected is carried out is correct, and the sign of the described previous router that provides of router described to be selected is correct; Perhaps, when existing current router to provide route, router described to be selected is carried out the legitimacy check comprise: router described to be selected is carried out the key check for described access request equipment; By described current router router described to be selected is carried out authentication.
A kind of system that realizes routing safety, described system comprises: access request equipment and router to be selected;
Described access request equipment is carried out the legitimacy check to router described to be selected; When router described to be selected by the check after, described access request equipment with router described to be selected as the router that route is provided;
Described access request equipment comprises: inspection module, be used to check router to be selected, and obtain assay; Described inspection module comprises: be used for router described to be selected is carried out the key verification unit of key check and is used to trigger current router carries out authentication to router described to be selected authentication ' unit; Executive Module, when being used for assay at described verification unit and showing router described to be selected by check, with router described to be selected as the router that route is provided.
A kind of equipment of realizing routing safety, described equipment comprises:
Inspection module, the router that is used to treat selection carries out the legitimacy check, obtains assay;
Description of drawings
Executive Module is used for when the assay of described verification unit shows that router described to be selected is checked by legitimacy, with router described to be selected as the router that route is provided;
Described inspection module comprises:
The key verification unit is used for router described to be selected is carried out the key check;
Authentication ' unit is used to trigger current router router described to be selected is carried out authentication.
As seen from the above technical solution, method, system and the equipment of the realization routing safety that the embodiment of the invention provides, by certain router to be selected is tested, after this router to be selected is by check, just it is chosen as the router that route is provided, thereby can improves routing security.
Embodiment
Fig. 1 is a sub-clustering network topology schematic diagram in the prior art;
Fig. 2 is a method flow schematic diagram of realizing routing safety in the first embodiment of the invention;
Fig. 3 is a method flow schematic diagram of realizing routing safety in the second embodiment of the invention;
Fig. 4 is a method flow schematic diagram of realizing routing safety in the third embodiment of the invention;
Realize the system configuration schematic diagram of routing safety in Fig. 5 four embodiment of the invention.
For making purpose of the present invention, technical scheme and advantage clearer, below with reference to the accompanying drawing embodiment that develops simultaneously, the present invention is described in further detail.
A kind of method that the embodiment of the invention provides is: the router that access request equipment is treated selection carries out the legitimacy check, after this router to be selected is by the legitimacy check, with router described to be selected as the router that route is provided.
Fig. 2 is a method flow schematic diagram of realizing router safety in the first embodiment of the invention.Present embodiment is that example describes with sub-clustering network topology structure as shown in Figure 1, supposes that log equipment does not have current router, as shown in Figure 2, specifically may further comprise the steps:
Step 201: the router that the access request equipment check is to be selected.
In the present embodiment, check the method for router to be selected to be: router described to be selected to be carried out key check the legitimacy check that realizes this router to be selected.Key examination requirements router to be selected provides correct key, and it is multiple to provide the form of key to have, and can use message of secret key encryption such as router to be selected, access request equipment with the corresponding secret key deciphering with checking.The cryptographic algorithm of using during distribution temporary key in the present embodiment can be used symmetric encipherment algorithm of the prior art, and cryptographic algorithm etc. also can use public-key.
Step 202: whether judge router to be selected by check, if, execution in step 204, otherwise, execution in step 203.
Step 203: do not accept the route that this router provides, process ends.
Step 204: router that will be to be selected is as the router that route is provided, and this router is tested to access request equipment.
In the present embodiment, the method for router check access request equipment can for: treat access request equipment and carry out Collective qualification, the process of access request equipment being carried out Collective qualification comprises:
Obtain the sign of access request equipment, whether the sign of judging access request equipment is stored in any router or equipment of the network under the router that route is provided, if, access request equipment is passed through Collective qualification, otherwise, judge that access request equipment not by authentication or send authentication request to the user and carry out authentification of user and confirm, when receiving user's authenticate-acknowledge, judges that access request equipment is by authentication.
In the present embodiment, suppose that router is a secondary bunch L2 among Fig. 1, then Ren Zheng detailed process can for: whether the sign of judging earlier access request equipment is stored in to it and provides among bunch L2 of route, if then access request equipment is passed through Collective qualification; Otherwise, sign to a upper level bunch L1 feedback access request equipment, L1 bunch of head is to equipment TL2 and each secondary bunch head of its subordinate's association, it is L2, LA2 bunch head, send the sign of this access request equipment, the L2 that request belongs to a L1 bunch of subordinate carries out Collective qualification with related equipment TL2 to this access request equipment with LA2 bunch of head, whether the sign of promptly judging access request equipment is stored among L2 and LA2 bunch of head and the related equipment TL2 thereof, if have, then this access request equipment is passed through Collective qualification; Otherwise,, check whether the sign of access request equipment is stored in the supervision end, if access request equipment is passed through Collective qualification directly to monitoring that end reports the sign of access request equipment; Otherwise, judge other router and equipment in the network again, whether store the sign of access request equipment such as M1, M2, TM1, TL3 etc., if all there is not the sign of access request equipment in all-router in the network and the equipment, then, handle according to the strategy that sets in advance.Can certainly adopt other order to judge.
Present embodiment, suppose the strategy that sets in advance can for: send authentication request to the user.If final, a bunch L2 does not receive that authentication is by confirming that then this access request equipment is not by authentication; Otherwise this access request equipment is passed through Collective qualification.Certainly the strategy that sets in advance also can for: all do not have the sign of access request equipment in all-router in network and the equipment, judge that access request equipment do not pass through Collective qualification.
The equipment mark of using in the present embodiment authentication is to be stored in advance in router or the supervision end, such as device identification, can be stored in router during by Collective qualification or monitor in the end at equipment, and enter and leave the corresponding device sign that renewal has been stored according to equipment; The regular identification information its subordinate's node of router feeds back to and monitors end; When it is not re-used as router, empty the storage of its relevant subordinate's node identification.
Step 205: router is handled access request equipment according to authentication result.
In the present embodiment, if authentication result authenticates for passing through, then router allows this access request equipment to network or provides route for it.The sign of this access request equipment of router stores, and the sign of access request equipment reported monitor end; If not by authentication, router is then refused this terminal equipment and is networked.
In the present embodiment, except that authenticating, can also carry out key check, the key that just requires networking requesting terminal equipment to set in advance in providing to access request equipment.Then step 205 should be according to authentication result and key assay, handles access request equipment.
Router in the various mode of operations in the present embodiment can be to its subordinate's node distribution temporary key to provide data integrity verifying, multi-hop completeness check and secure communication.Can also carry out the distribution of temporary key by the form of use encrypting, with the safety of the distribution procedure that guarantees temporary key.
Fig. 3 is the method flow schematic diagram that equipment is realized router safety in the second embodiment of the invention.Present embodiment is that example describes with sub-clustering network topology structure as shown in Figure 1, the hypothesis access request equipment has current router in the present embodiment, suppose that current router is bunch L2 in the sub-clustering network topology structure, as shown in Figure 3, specifically may further comprise the steps:
Step 301: the router that access request equipment is treated selection by current router carries out authentication.
In the present embodiment, the similar process among detailed process and first embodiment, just authentication request is initiated by access request equipment, and authentication is its router to be selected.Concrete grammar is: the sign of obtaining router to be selected, whether the sign of judging router to be selected is stored in any router or equipment in the current router belonging network, if, judge that router to be selected is by authentication, otherwise, according to the strategy that sets in advance, judge that router to be selected is not by authentication or send authentication request to the user and carry out authentification of user and confirm, when receiving user's authenticate-acknowledge, judge that router to be selected is by authentication.
In conjunction with sub-clustering network topology structure shown in Figure 1, detailed process is: the sign of obtaining router to be selected, whether the sign of judging router to be selected earlier is stored in a bunch L2, equipment TL2 and a bunch LA2 or the supervision end, if, router to be selected is by authentication, otherwise access request equipment is passed through Collective qualification; Otherwise, judge other router and equipment in the network again, such as the sign of router whether to be selected such as M1, M2, TM1, TL1, if the sign of router all not selected in all-router in the network and the equipment, according to the strategy that sets in advance, handle accordingly.Can certainly adopt other order to judge.
Suppose in the present embodiment that the strategy that sets in advance is: send authentication request to the user, a bunch L2 sends authentication request to the user, when receiving user's authenticate-acknowledge, router to be selected is by authentication, otherwise router to be selected is not by authentication.Certainly the strategy that sets in advance also can be the sign of router all not selected in all-router in network and the equipment, judges that router to be selected is not by authentication.
If in the present embodiment before the router for the treatment of selection carries out authentication, access request equipment is no longer related with a bunch L2, promptly a bunch L2 is the previous router of access request equipment, can adopt following authentication method in this case: require router to be selected, returning bunch sign of a L2, is the trustable router in the network to guarantee router to be selected.
Step 302: access request equipment is handled router to be selected according to authentication result.
In the present embodiment, if authentication result be router to be selected by authentication, the router that then access request equipment will be to be selected is as the router that route is provided.If by authentication, router is not then refused the route that router to be selected provides to router to be selected.
In the present embodiment, except authenticating, can also carry out key check, the key that just requires terminal equipment to set in advance in providing to access request equipment.Then step 302 should be according to authentication result and key assay, handles router to be selected.
In the present embodiment, the networking of each new equipment is finally confirmed by the user, thereby has been ensured the identity safety of equipment in the network; And before certain router of choice of equipment, can this router be authenticated, guaranteed security of routing.
Fig. 4 is a method flow schematic diagram of realizing router safety in the third embodiment of the invention.As shown in Figure 4, in the present embodiment, suppose that the mode of operation of terminal equipment has following three kinds:
Pattern one: Direct Model, under the situation that router to be selected allows, be left intact, router that directly will be to be selected networks when router to be selected allows as the router of selecting.
Pattern two: cipher key mode, the key that requires router to provide to set in advance, when having only router that correct key can be provided, when just checking by key, router that just will be to be selected is as the router of selecting.
Pattern three: certification mode, not only require router that the key that sets in advance is provided, also to carry out authentication by the router that the router of its current association is treated selection, when router to be selected by authentication with when providing correct key, with router to be selected router as selection, so that carry out relatedly with it,, provide route or the like by router such as equipment mark is stored in the router of selection.
Correspondingly, in the present embodiment, suppose that the mode of operation of router also has following three kinds:
Pattern one: Direct Model, work in the router of this pattern, do not require access request equipment carried out any authentication that promptly any equipment networks at any time.
Pattern two: the key test mode works in the router of this pattern, the key that requires access request equipment to provide to set in advance: if access request equipment can provide correct key, then allow to network; Otherwise the networking request of router refusal access request equipment does not perhaps provide routing function to it.
Pattern three: certification mode.The router that works in this pattern not only requires equipment that the key that sets in advance is provided after the networking request of the equipment of receiving, and also will carry out Collective qualification to this equipment; When this equipment by Collective qualification with when providing correct key, permission equipment networks or provides route for equipment.
In addition, in the present embodiment, the current router of supposing equipment is a router one, and router to be selected is a router two, and equipment provides the process of route to comprise from route exchanging is provided by router one to router two:
Step 401: the mode of operation that router is set.
Present embodiment, the mode of operation that is assumed to be the router setting is the key test mode.
Step 402: the mode of operation that equipment is set.
In the present embodiment, the mode of operation that is assumed to be equipment is the key test mode.
Step 403: equipment sends the request of networking to router one, and router one is carried out the key check.
Step 404: router one returns the request response that networks to equipment, and access request equipment is carried out the key check.
In the present embodiment, all by the key check, router one provides route for equipment for equipment and router one.When equipment need be with the router two networking, when providing route by router two such as needs, execution in step 405~step 407.
Step 405: the mode of operation of conversion equipment.
In the present embodiment, by the order of receiving conversion mode of operation, equipment carries out the conversion of mode of operation, supposes equipment is transformed into pattern three by pattern two.
Step 406: equipment sends the request of networking to router two, and router two is carried out authentication and key check.
In the present embodiment, the identity identifying method that adopts in the step 301 in the method for authentication and the second embodiment of the invention is identical.
Step 407: whether judge router two by authentication and key check, if, execution in step 408, otherwise, execution in step 411.
Step 408: router two returns the request response that networks to equipment, and equipment is carried out Collective qualification and key check.
In the present embodiment, the Collective qualification method that adopts in the step 202 in the method for authentication and the first embodiment of the invention.
Step 409: whether judgment device is checked by Collective qualification and key, if, execution in step 410, otherwise, execution in step 411.
Step 410: router two provides route to equipment.
Step 411: process ends.
In the present embodiment,, can reach the flexible equilibrium between networking flexibility, security overhead and the internet security by selecting suitable mode of operation.By the authentication of user, guaranteed the safety of the identity of equipment in the network to access request equipment; Before equipment carries out router, its selected router is carried out identity validation, guaranteed security of routing.
Fig. 5 is the system that realizes routing safety in the four embodiment of the invention, and this system comprises: access request equipment 510 and router five 20 to be selected; Wherein, access request equipment 510, the router five 20 for the treatment of selection carries out the legitimacy check, and after router five to be selected 20 was by the legitimacy check, the router five 20 that access request equipment 510 will be to be selected was as the router that route is provided.
Router five 20 to be selected as after the router of route is provided, can also be checked access request equipment 510, after access request equipment 510 is by check, allows access request equipment 510 to network or provides route for access request equipment 510.
Router five 20 to be selected comprises routing unit 521 and verification unit 522, verification unit 522, after router five to be selected 20 is as the router of selecting, the check access request equipment, after access request equipment is by check, allow access request equipment networking or notice routing unit 521 for access request equipment provides route service, then provide route service by routing unit 521.
Access request equipment 510 comprises: inspection module 511 and Executive Module 512.
Particularly, the router five 20 that inspection module 511 is treated selection carries out the legitimacy check, obtains assay.Executive Module, when the assay of verification unit 511 shows that the router five of selecting 20 to be selected is checked by legitimacy, with router five to be selected 20 as the router that route is provided.
Inspection module 511 comprises: key verification unit 513 and authentication ' unit 514
Particularly, key verification unit 513, the router five 20 for the treatment of selection carries out the key check.
Authentication ' unit 514, the router five 20 that the triggering current router is treated selection carries out authentication.
The above is preferred embodiment of the present invention only, is not to be used to limit protection scope of the present invention.All any modifications of being done within the spirit and principles in the present invention, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (12)
1. method that realizes routing safety, it is characterized in that, this method comprises: the router that access request equipment is treated selection carries out the legitimacy check, after router described to be selected is by the legitimacy check, with router described to be selected as the router that route is provided;
When once existing previous router to provide route, router described to be selected is carried out the legitimacy check comprise: route described to be selected is carried out the key check for described access request equipment; Receive the sign of the previous router that router described to be selected provides, the sign correctness of the described previous router that provides is provided, wherein, router described to be selected is specially by legitimate verification: the key check that router described to be selected is carried out is correct, and the sign of the described previous router that provides of router described to be selected is correct; Perhaps,
When existing current router to provide route, router described to be selected is carried out the legitimacy check comprise: router described to be selected is carried out the key check for described access request equipment; By described current router router described to be selected is carried out authentication.
2. method according to claim 1 is characterized in that, describedly by current router router described to be selected is carried out authentication and comprises:
Obtain the sign of router described to be selected, whether the sign of judging router described to be selected is stored in any router or other equipment in the described current router belonging network, if, judge that router described to be selected is by authentication, otherwise, judge that router described to be selected is not by authentication or send authentication request to the user and carry out authentification of user and confirm, when receiving user's authenticate-acknowledge, judge that router described to be selected is by authentication.
3. method according to claim 2 is characterized in that, whether the sign of the router that described judgement is to be selected is stored in any router or other equipment comprises:
The sign of judging earlier router described to be selected whether be stored in described current router, with described current router belong to same go up the neighbouring device of level router or monitor hold, whether the sign of judging router described to be selected again is stored in the described current router belonging network in other router and other equipment except that described current router, neighboring router and supervision end.
4. method according to claim 1, it is characterized in that, with router described to be selected as the router that route is provided after, described method further comprises: described router is checked described access request equipment, after described access request equipment is by check, allows described access request equipment to network or provide route for described access request equipment.
5. method according to claim 4 is characterized in that, described router check access request equipment comprises: described access request equipment is carried out Collective qualification.
6. method according to claim 5 is characterized in that, when access request equipment was carried out Collective qualification, this method further comprised described: described access request equipment is carried out the key check;
Described access request equipment is by verifying as: described equipment provides correct key during by Collective qualification.
7. according to claim 5 or 6 described methods, it is characterized in that the described process that access request equipment is carried out Collective qualification comprises:
Obtain the sign of described access request equipment, whether the sign of judging described access request equipment is stored in any router or other equipment of the network under the described router that route is provided, if, described access request equipment is passed through Collective qualification, otherwise, judge that described access request equipment not by authentication or send authentication request to the user and carry out authentification of user and confirm, when receiving user's authenticate-acknowledge, judges that described access request equipment is by authentication.
8. method according to claim 7 is characterized in that, whether the described sign of judging access request equipment is stored in any router or other equipment and comprises:
The sign of judging earlier described access request equipment whether be stored in current router, with current router belong to same go up the neighbouring device of level router or monitor hold, whether the sign of judging described access request equipment again is stored in the described current router belonging network in other router and other equipment except that described current router, neighboring router and supervision end.
9. method according to claim 8 is characterized in that, described access request equipment is by behind the Collective qualification, and the described sign that the described access request equipment of router stores of route is provided reports the sign of described access request equipment to described supervision end.
10. a system that realizes routing safety is characterized in that, described system comprises:
Router to be selected, be used for by choice of equipment as router after, route service is provided;
Access request equipment is used for router described to be selected is carried out the legitimacy check; When router described to be selected by the check after, with router described to be selected as the router that route is provided;
Described access request equipment comprises:
Inspection module is used to check router to be selected, and obtains assay; Described inspection module comprises: be used for router described to be selected is carried out the key verification unit of key check and is used to trigger current router carries out authentication to router described to be selected authentication ' unit;
Executive Module, when being used for assay at described verification unit and showing router described to be selected by check, with router described to be selected as the router that route is provided.
11. system according to claim 10 is characterized in that, router described to be selected comprises:
Routing unit is used to provide route service;
Verification unit, be used for router described to be selected as the router of selecting after, check described access request equipment, after described access request equipment is by check, allows described access request equipment networking or notify described routing unit to provide route service for described access request equipment.
12. an equipment of realizing routing safety is characterized in that, described equipment comprises:
Inspection module is used to check router to be selected, and obtains assay;
Executive Module, when being used for assay at described verification unit and showing router described to be selected by check, with router described to be selected as the router that route is provided;
Described inspection module comprises:
The key verification unit is used for router described to be selected is carried out the key check;
Authentication ' unit is used to trigger current router router described to be selected is carried out authentication.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101522225A CN101394275B (en) | 2007-09-19 | 2007-09-19 | Method, system and device implementing routing safety |
| PCT/CN2008/072392 WO2009036706A1 (en) | 2007-09-19 | 2008-09-17 | Method, system and device for realizing route security |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101522225A CN101394275B (en) | 2007-09-19 | 2007-09-19 | Method, system and device implementing routing safety |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101394275A CN101394275A (en) | 2009-03-25 |
| CN101394275B true CN101394275B (en) | 2011-08-03 |
Family
ID=40467531
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2007101522225A Expired - Fee Related CN101394275B (en) | 2007-09-19 | 2007-09-19 | Method, system and device implementing routing safety |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN101394275B (en) |
| WO (1) | WO2009036706A1 (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101835179B (en) * | 2010-04-06 | 2013-09-25 | 华为技术有限公司 | Wireless sensor network, method for establishing security relationship therein and service node |
| CN103763102B (en) * | 2013-12-31 | 2018-09-28 | 上海斐讯数据通信技术有限公司 | A kind of wifi safety management systems and management method based on message push |
| CN104581863A (en) * | 2015-02-05 | 2015-04-29 | 北京哈工大计算机网络与信息安全技术研究中心 | Security routing method for internet of things based on topological quick check |
| CN112671765B (en) * | 2020-12-23 | 2022-09-06 | 浪潮云信息技术股份公司 | Method and device for verifying validity of wireless network equipment |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101015225A (en) * | 2004-06-30 | 2007-08-08 | 松下电器产业株式会社 | Communication handover method, communication message processing method, and communication control method |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4000933B2 (en) * | 2002-07-19 | 2007-10-31 | ソニー株式会社 | Wireless information transmission system, wireless communication method, and wireless terminal device |
| US7483409B2 (en) * | 2005-12-30 | 2009-01-27 | Motorola, Inc. | Wireless router assisted security handoff (WRASH) in a multi-hop wireless network |
-
2007
- 2007-09-19 CN CN2007101522225A patent/CN101394275B/en not_active Expired - Fee Related
-
2008
- 2008-09-17 WO PCT/CN2008/072392 patent/WO2009036706A1/en active Application Filing
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101015225A (en) * | 2004-06-30 | 2007-08-08 | 松下电器产业株式会社 | Communication handover method, communication message processing method, and communication control method |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2009036706A1 (en) | 2009-03-26 |
| CN101394275A (en) | 2009-03-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101486030B1 (en) | Method for combining authentication and secret keys management mechanism in a sensor network | |
| Bohge et al. | An authentication framework for hierarchical ad hoc sensor networks | |
| CN100586087C (en) | Wireless access apparatus and method, and wireless network | |
| CN101222331B (en) | Authentication server, method and system for bidirectional authentication in mesh network | |
| KR101447339B1 (en) | Key management and node authentication method for sensor network | |
| KR20120105507A (en) | Method and system for establishing secure connection between user terminals | |
| CN101282208B (en) | Method for updating safety connection association master key as well as server and network system | |
| CN102547701A (en) | Authentication method and wireless access point as well as authentication server | |
| CN1941695B (en) | Method and system for generating and distributing key during initial access network process | |
| CN107396350A (en) | SDN inter-module method for security protection based on the SDN 5G network architectures | |
| CN101420686A (en) | Industrial wireless network security communication implementation method based on cipher key | |
| CN101552984B (en) | Base station secure accessing method of mobile communication system | |
| CN107483415A (en) | A kind of mutual authentication method of shared electricity consumption interactive system | |
| CN108882238A (en) | A kind of lightweight rotation ca authentication method in mobile ad hoc network based on common recognition algorithm | |
| CN105323754A (en) | Distributed authentication method based on pre-shared key | |
| CN101394275B (en) | Method, system and device implementing routing safety | |
| CN111988328A (en) | Safety guarantee method and system for acquiring terminal data of power generation unit of new energy plant station | |
| CN101622825B (en) | Method and arrangement for providing a wireless mesh network | |
| CN103888940B (en) | Multi-level encryption and authentication type WIA-PA network handheld device communication method | |
| Bouassida | Authentication vs. Privacy within Vehicular Ad Hoc Networks. | |
| CN103460669A (en) | Method and communications device for the cryptographic protection of field device data communication | |
| CN104703174B (en) | A kind of wireless Mesh netword routing safety guard method | |
| Thenmozhi et al. | Trust based cluster and secure routing scheme for wireless sensor network | |
| Samad | Securing wireless mesh networks: a three dimensional perspective | |
| Bhavyashree et al. | Modified cluster based certificate blocking of misbehaving node in MANETS |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20110803 Termination date: 20180919 |