CN101394281A - Wireless mesh network access security authentication method based on WLAN - Google Patents
Wireless mesh network access security authentication method based on WLAN Download PDFInfo
- Publication number
- CN101394281A CN101394281A CNA2008102006524A CN200810200652A CN101394281A CN 101394281 A CN101394281 A CN 101394281A CN A2008102006524 A CNA2008102006524 A CN A2008102006524A CN 200810200652 A CN200810200652 A CN 200810200652A CN 101394281 A CN101394281 A CN 101394281A
- Authority
- CN
- China
- Prior art keywords
- state
- peer link
- plm
- authentication
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Small-Scale Networks (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention disclose a security certificating method for the access of the wireless mesh network based on a wireless local area network in the technical field of wireless networks. When both certificating sides enter a PLM process used for exchanging security parameters after completing 802.11 open certification; a PLM state machine takes over the operation of a 802.11 state machine; the PLM process is composed of a pair of equivalent link requesting/equivalent link confirming messages respectively sent by both certification sides; a 802.11i/RSN security parameter and a 802.11s/ MSA security parameter are mutually consulted, and a storage key used for pre-certification is selected, and the role of each during the following EAP certification stage is determined; the PLM state machine controls a mechanism for transceiving and retransmitting the message; and when the PLM process is over, the mechanism is recontrolled by the 802.11 state machine, and an internal event calling IOCTL is produced to notify an EAP user end to prepare to begin an EAP certification process and four times of handshake interaction. The method satisfies the new features such as the dynamical self-organization of a WLAN Mesh network, and has reliable safety performance.
Description
Technical field
The present invention relates to the access security authentication method in a kind of radio network technique field, specifically, what relate to is a kind of mesh network access security authentication method based on WLAN (wireless local area network).
Background technology
Wireless Mesh netword (based on wireless mesh network) is a kind of emerging wireless access technology.Because of characteristics such as its self-organizing, easily expansion, low cost are widely used in fields such as municipal administration, disaster relief, security monitoring, industrial management, medical first aid.In view of its main application fields, the safety that how to guarantee the Mesh network is that can this technology be able to one of key issue of successful Application.
Madwifi is the system driver of being developed for Atheros (Atheros communication common carrier) 802.11 wireless network chips, and the function that is mainly used between operating system and wireless network card is mutual.Net80211 module wherein is one 802.11 protocol stack, has realized that the security capabilities that defines in IEEE 802.11 standards is found, empty authentication and process such as related.Wireless Mesh netword on structure and IEEE 802.11 links is called WLAN-Mesh (based on the Mesh network of WLAN (wireless local area network)).
Access authentication technique is used to verify the validated user identity, determines the validated user permissions and generates the confidentiality and integrity that a cover key code system is used for protecting network transmission data.In the application of WLAN, simple WEP (wired equivalent protection agreement) mechanism can't effectively guarantee the transmission over networks safety of data and insert user's legitimacy.Therefore IEEE (international IEEE) standardization body has proposed 802.11i and has augmented the security feature that scheme is used to improve WLAN (WLAN (wireless local area network)).IEEE 802.11i standard provides reliable security solution for wireless local network user, has wherein proposed the new security system of WLAN (wireless local area network)---robust security network RSN (Robust Security Network).The RSN architecture is divided into the two large divisions: security association management and data encryption mechanism.Wherein RSN security association management mechanism comprises: RSN negotiating safety capability process, 802.1x verification process and 802.1x cipher key distribution process.802.11i selected the access control protocol of IEEE 802.1x, realized the access control pattern of applicant (Supplicant), authenticator (Authenticator) and certificate server (AS) based on port.Carrying out the 802.1x authentication behind the RSN negotiating safety capability, is the cipher key distribution process 4-Way Handshake of 802.1x after authentication is finished, and produces the key that is used for data communication.RSN data encryption mechanism mainly contains TKIP (Temporal Key Integrirty Protocol) and CCMP (counter mode cypher block chaining message authentication code agreement).
In order to adapt to the characteristics of Mesh network, IEEE has proposed a safety approach that is called Mesh security association (MSA) specially.Compare with the 802.11i scheme, MSA has used new key code system, and has stipulated a series of new authentication protocols foundation and used this key code system.The main purpose of setting up key architecture is exactly: 1) by refinement MP (Mesh node) role, set up branch and zone isolation enhanced safety.Add new role MKD (Mesh Key Distributor, Mesh key distribution person) and exercise the partial function act on behalf of AS, the no key of use of communicating by letter between MP and MA (Mesh Authenticator, Mesh authenticator) and the MKD branch different with MA.2) simplify verification process.Do not need all to carry out the 802.1x checking between the MP after the association at every turn.Promptly having passed through between MP after the initial authentication can direct correlation and carry out cipher key change, and no longer needs to carry out alternately with MKD or SA.The MSA system is made of several different agreements, and wherein major part is exactly MSA authentication mechanism (MSA Authentication).The authentication and the association key of necessity generated when the MSA authentication mechanism had been realized Mesh network of MP adding.Similar with 802.11i, a complete MSA verification process is broadly divided into three phases: Peer Link Management (peer link management) stage that is made of a pair of two-way Peer Link Open/Confirm (peer link request/affirmation) message; The optional MSA initial authentication stage (EAP Extensible Authentication Protocol); The MSA 4-Way Handshake stage.Hostapd and WPA Supplicant (
Http:// hostap.epitest.fi/) be widely used 802.11i client, realize the function of 802.11i agreement respectively at AP (access point) end and STA (client computer) end.Mainly comprise the EAP authentication framework, shaken hands for 4 times and organized the mutual and various concrete key algorithms etc. of shaking hands.
Find by prior art documents, in the technical documentation " Joint SEE-Mesh Wi-Mesh Proposal to 802.11 TGs " that IEEE 802.11 task groups s announce, defined a process that the Mesh node authenticates mutually.Only use two reverse 802.11i verification process to authenticate in this scheme simply as the Mesh node of self-organizing.Its shortcoming also is tangible: the message number of at first such authentication mode is the twice of common 802.11i agreement, implements greatly to reduce network performance, and this is unacceptable to wireless network.Secondly this scheme can not really solve the self-organizing problem of Mesh node, because not all Mesh node all has the function that authentication is provided for other nodes, such authentication mode is easy to produce behind a large amount of network overheads or authentification failure.Last the document does not provide the realization details yet, and its specific implementation feasibility is also doubtful.
Summary of the invention
The objective of the invention is at the deficiencies in the prior art, a kind of WLAN-Mesh network access security authentication method based on Madwifi is provided, in the new features such as dynamic self-organization that satisfy WLAN Mesh network,, WLAN Mesh network is not less than the desired security performance of 802.11i standard for providing.The present invention also is the support that increases peer link management (PLM) protocol interaction among the Madwifi on the net80211 module basis by realizing at existing 802.11 protocol stacks, to realize the negotiations process of new security parameter, pre-stored key and authentication role.Call existing 802.1x protocol client by compatibility simultaneously, realize authentification of user and key code system generative process.
The present invention is achieved by the following technical solutions, comprises the steps:
The first step drives initialized while initialization MSA relevant parameter, data structure and PLM state machine at Madwifi.
Second step, after both sides finish 802.11 open authentication, preserve current 802.11 states and take over 802.11 state machines and come into operation by the PLM state machine, the authentication both sides enter " LISTEN " state.
In the 3rd step, the authentication both sides send the peer link request message in synchronous or asynchronous mode to the other side.Adding this scene of network for new node, then is that new node MP at first sends the peer link request message to the Mesh node M A with authentication capability, and the PLM state machine of MP enters " OPN_SNT " state.
In the 4th step, MA receives whether the parameter that checking is wherein carried behind the peer link request message that MP sends mates local configuration, by after carry out key and select and role's option program.The PLM state machine of MA enters " OPN_RCVD " state.
In the 5th step,, so then send a peer link request message to MP if MA did not send the peer link request message after the 4th step, described flow process was finished.Then send a peer link acknowledge message, this message has been carried the result of key selection and role's option program.
In the 6th step, MP successively handles peer link request message and the peer link acknowledge message received, and carries out key and select and role's option program.The PLM state machine of MP arrives order according to message and enters " OPN_RCVD " or " CNF_RCVD " state.The security parameter that carries in acknowledging receipt of message is complementary with local configuration, and the key that carries is selected and the result of the result of role's option program and the local key selection of carrying out and role's option program consistent after, MP carries out last affirmation to peer link acknowledge message of MA transmission.
In the 7th step, the PLM state machine of MP enters " ESTAB " state after MP sends the peer link acknowledge message, and generates the end of an internal event notice 802.1x client PLM process.System comes back to the management of 802.11 state machines.802.1x client will be carried out initialization according to security parameter and authentication role that the PLM stage is determined alternately.
The 8th step, MA receive from MP peer link acknowledge message checking wherein parameter and key is selected and the result of role's option program.Enter " ESTAB " state by its PLM state machine of back, and generate the end of an internal event notice 802.1x client PLM process.802.1x client will be carried out initialization according to security parameter and authentication role that the PLM stage is determined alternately.
In the 9th step, authentication both sides' 802.1x client begins the EAP negotiations process, if success then authenticate both sides and will hold and share master key MSK (master session key).
In the tenth step, it is mutual that the authentication both sides begin 4-Way Handshake.If success then authenticate both sides and will hold and share session key PTK (interim conversation key).Verification process finishes.
The present invention had both satisfied the demand of the new features such as dynamic self-organization of WLAN Mesh network, provided the security performance that is equal to the 802.11i standard-required for the WLANMesh network again.The present invention develops being widely used on the net80211 protocol stack basis of wlan device, and favorable compatibility is provided, and is convenient to use in the wireless Mesh netword based on 802.11 link establishments.The present invention has kept the use of 802.11i framework to greatest extent, carries out not only having guaranteed compatibility and flexibility alternately with upper strata 802.1x client by general ioctl (I/O control) mechanism, and is easy to realize.
Description of drawings
Fig. 1 is a MSA verification process schematic diagram;
Fig. 2 is a PLM state machine state transition diagram.
Embodiment
Below in conjunction with accompanying drawing embodiments of the invention are elaborated: present embodiment is being to implement under the prerequisite with the technical solution of the present invention, provided detailed execution mode and concrete operating process, but protection scope of the present invention is not limited to following embodiment.
It is example that present embodiment authenticates with the Mesh node M A with authentication capability with new node MP adding network:
The first step drives initialized while initialization MSA relevant parameter, data structure and PLM state machine at Madwifi.
The MSA parameter is the expansion to RSN parameter among the 802.11i, EAP mode of comprise whether using the MSA function, whether require the EAP authentication, supporting or the like.Roughly can divide in serve as reasons configuration decision and the negotiation and dynamically determine two types.Here will be according to configuration file initialization section parameter.Described PLM state machine is the finite state machine that is used to control peer link management phase information receiving and transmitting and retransmission mechanism, sees Fig. 2, during initialization the PLM state machine is placed " IDLE " state.
In second step, both sides carry out beacon-scan (beacon broadcast/scanning) and 802.11 verification process as usual.See that security capabilities discovery and empty authentication phase among Fig. 1 are mutual.Interacting message in this stage is still controlled by 802.11 state machines.
After both sides finish 802.11 open authentication, preserve current 802.11 states and take over 802.11 state machines and come into operation by the PLM state machine, the authentication both sides enter " LISTEN " state.This moment, 802.11 state machines of new node MP should stop at " AUTH " (accept enter after the authentication frame state) state, and 802.11 state machines of MA should stop at " RUN " (state machine end-state) state.
In the 3rd step, the beginning peer link is managed the mutual of (PLM) stage.Send peer link request message in synchronous or asynchronous mode to the other side these stage authentication both sides.Adding this scene of network for new node, then is that new node MP at first sends the peer link request message to the Mesh node M A with authentication capability, and the PLM state machine of MP enters " OPN_SNT " state.
The peer link request message is a kind of Action management frames (one of 12 kinds of management frames of IEEE802.11 standard definition).Its content frame has increased two information element (IE newly exactly with the main distinction of related request management frame, Information elements): MSA IE (Mesh safety management information word) and MSC IE (Mesh security configuration information unit) are used to carry the MSA parameter.MP enters " OPN_SNT " state after sending the peer link request message, and a retry timer R is set, the expired the other side of showing of R does not receive the peer link request message that sends or does not make correct response that at this moment MP will retransmit the peer link request message and reenter " OPN_SNT " state.Authentification failure after retransmitting number of times to surpass MAXRETRY (maximum retry constant), MP enters " HOLDING " state.
In the 4th step, MA receives whether the parameter that checking is wherein carried behind the peer link request message that MP sends mates local configuration, by after carry out key and select and role's option program.The PLM state machine of MA enters " OPN_RCVD " state.MA judges mainly whether algorithm that the other side proposes and method parameter obtain the support of local configuration, if support then the IE in the message is preserved so that use the back, otherwise directly abandons the message of receiving.
The key selection course authenticates the pre-stored key that generates and preserve before being used to select to authenticate both sides several times, carries out quick pre-authentication in order to skip loaded down with trivial details EAP authentication phase.The pre-stored key that the result of this process and both sides preserve and to the join dependency of certificate server AS.Role's selection course is used for determining at contingent EAP verification process next whom doing the authenticator, and who does the applicant.The join dependency whether result of this process and both sides ask to carry out the EAP authentication and arrive certificate server AS.
The 5th step was not if MA sent the peer link request message so then to peer link request message of MP transmission, timer R is set simultaneously the described flow process of step 4 is finished after.What the purposes of the content of peer link request message and timer R was all described in step 3 here is similar.Then send a peer link acknowledge message.
The peer link acknowledge message also is the Action management frames, and the main distinction of its content frame and associated response management frames also is initiate MSA IE and MSC IE.MSAIE in this message has carried that key in the step 4 is selected and the result of role option program.Other parameters are all constant.
In the 6th step, MP successively handles peer link request message and the peer link response message received, and carries out selecting and role's option program as the key described in the step 4.
If receive the peer link request message in order earlier, then the PLM state machine of MP enters " OPN_RCVD " state, and carries out the processing procedure that step 4 is described.If receive the peer link acknowledge message earlier, the PLM state machine of MP will enter " CNF_RCVD " state so.At this moment MP will preserve that parameter in the peer link response message is used for and to after receive that the result of peer link request message compares.MP also needs to delete the R timer, and also creating a C timer again is used to manage the re-transmission of peer link acknowledge message, if not receiving in C timer official hour that the peer link request message authenticates so will fail, MP will enter " HOLDING " state.Be complementary with local configuration correctly receiving peer link request and peer link acknowledge message and acknowledge receipt of the security parameter that carries in the message, and the key that carries is selected and the result of the result of role's option program and the local key selection of carrying out and role's option program consistent after, MP carries out last affirmation to peer link acknowledge message of MA answer.
In the 7th step, the PLM state machine of MP enters " ESTAB " state after MP sends the peer link acknowledge message, and all timers and the using system IOCTL mechanism of deleting generates an internal event notice 802.1x client PLM process and finishes.Afterwards MP come back to the management of 802.11 state machines and by " AUTH " state transitions to " RUN " state.802.1x client will be carried out initialization according to security parameter and authentication role that the PLM stage is determined alternately.
The 8th step, MA receive from MP peer link acknowledge message checking wherein parameter and key is selected and the result of role's option program.Enter " ESTAB " state by its PLM state machine of back, delete all timers and generate an internal event notice 802.1x client PLM process and finish.802.1x client will be carried out initialization according to security parameter and authentication role that the PLM stage is determined alternately.
The 9th step, authentication both sides' 802.1x client (Hostapd/WPA Supplicant) beginning EAP negotiations process.Shown in 802.1x/EAP authentication phase among Fig. 1, will use EAPOL (EAP on the local area network (LAN)) agreement that EAP message is carried out encapsulated delivery in this process.And between MA and MPP (Mesh gateway node), will use EAP message transmission protocol encapsulation EAP message on the wireless multi-hop circuit, to transmit.This process is controlled by the EAPOL state machine.If success then authenticate both sides and will hold and share master key MSK.
In the tenth step, it is mutual that the authentication both sides begin 4-Way Handshake.If success then authenticate both sides and will hold and share session key PTK.Verification process finishes.
Present embodiment is by realizing increasing the mutual support of peer link management agreement on the basis at existing 802.11 protocol stacks, to realize the negotiations process of new security parameter, pre-stored key and authentication role, call existing 802.1x protocol client by compatibility simultaneously, realize authentification of user and key code system generative process, in the new features such as dynamic self-organization that satisfy the WLANMesh network,, WLAN Mesh network is not less than the desired security performance of 802.11i standard for providing.
Claims (8)
1. the WLAN-Mesh network access security authentication method based on Madwifi is characterized in that comprising the steps:
The first step drives initialized while initialization MSA parameter, data structure and PLM state machine at Madwifi;
Second step, after both sides finish 802.11 open authentication, preserve current 802.11 states and take over 802.11 state machines and come into operation by the PLM state machine, the authentication both sides enter " LISTEN " state;
The 3rd step, the authentication both sides send the peer link request message in synchronous or asynchronous mode to the other side, adding this scene of network for new node, then is that new node MP at first sends the peer link request message to the other side's node M A, and the PLM state machine of MP enters " OPN_SNT " state;
In the 4th step, MA receives whether the parameter that checking is wherein carried behind the peer link request message that MP sends mates local configuration, by after carry out key and select and role's option program, the PLM state machine of MA enters " OPN_RCVD " state;
The 5th step, if MA did not send the peer link request message after the 4th step, described flow process was finished, so then send a peer link request message to MP, then send a peer link acknowledge message, this message has been carried the result of key selection and role's option program;
The 6th step, MP successively handles peer link request message and the peer link acknowledge message received, and carry out key and select and role's option program, the PLM state machine of MP arrives order according to message and enters " OPN_RCVD " or " CNF_RCVD " state, the security parameter that carries in acknowledging receipt of message is complementary with local configuration, and the key that carries is selected and the result of the result of role's option program and the local key selection of carrying out and role's option program consistent after, MP carries out last affirmation to peer link acknowledge message of MA transmission;
The 7th step, the PLM state machine of MP enters " ESTAB " state after MP sends the peer link acknowledge message, and generate internal event notice 802.1x client PLM process and finish, system comes back to the management of 802.11 state machines, and the 802.1x client will be carried out initialization according to security parameter and authentication role that the PLM stage is determined alternately;
The 8th step, MA receive from MP peer link acknowledge message checking wherein parameter and key is selected and the result of role's option program, enter " ESTAB " state by its PLM state machine of back, and generating the end of an internal event notice 802.1x client PLM process, the 802.1x client will be carried out initialization according to security parameter and authentication role that the PLM stage is determined alternately;
In the 9th step, authentication both sides' 802.1x client begins the EAP negotiations process, if success then authenticate both sides and will hold and share master key MSK;
In the tenth step, it is mutual that the authentication both sides begin 4-Way Handshake, if success then authenticate both sides and will hold and share session key PTK, verification process finishes.
2. the WLAN-Mesh network access security authentication method based on Madwifi according to claim 1, it is characterized in that, in the step 1, described MSA parameter is the expansion to RSN parameter among the 802.11i, the EAP mode that comprises whether using the MSA function, whether requires the EAP authentication, supports, divide in serve as reasons configuration decision and the negotiation and dynamically determine two types, here will be according to configuration file initialization section parameter; Described PLM state machine is the finite state machine that is used to control peer link management phase information receiving and transmitting and retransmission mechanism, during initialization the PLM state machine is placed the IDLE state.
3. the WLAN-Mesh network access security authentication method based on Madwifi according to claim 1, it is characterized in that, in the step 2, described authentication both sides enter " LISTEN " state, this moment, 802.11 state machines of new node MP should stop at " AUTH " state, and 802.11 state machines of MA should stop at " RUN " state.
4. the WLAN-Mesh network access security authentication method based on Madwifi according to claim 1, it is characterized in that, in the step 3, described peer link request message is a kind of Action management frames, the main distinction of its content frame and association request frame has increased two information elements exactly newly: MSA IE and MSC IE, be used to carry the MSA parameter, MP enters " OPN_SNT " state after sending the peer link request message, and a retry timer R is set, the expired the other side of showing of R does not receive the peer link request message that sends or does not make correct response, at this moment MP will retransmit the peer link request message and reenter " OPN_SNT " state, authentification failure after retransmitting number of times to surpass maximum retry constant MAXRETRY, MP enters " HOLDING " state.
5. the WLAN-Mesh network access security authentication method based on Madwifi according to claim 1, it is characterized in that, in the step 4, described key authenticates the pre-stored key that generates and preserve before selecting to be used to select to authenticate both sides several times, carry out quick pre-authentication to skip loaded down with trivial details EAP authentication phase, the pre-stored key that the result of this process and both sides preserve and to the join dependency of certificate server AS; Role's selection course is used for determining at contingent EAP verification process next whom doing the authenticator, and who does the requestor, and whether the result of this process and both sides ask to carry out the EAP authentication and to the join dependency of certificate server AS.
6. the WLAN-Mesh network access security authentication method based on Madwifi according to claim 1, it is characterized in that, in the step 5, described peer link acknowledge message is the Action management frames, the main distinction of its content frame and association response frame also is initiate MSAIE and MSCIE, MSAIE in this message has carried that key in the step 4 is selected and the result of role's option program, and other parameters are all constant.
7. the WLAN-Mesh network access security authentication method based on Madwifi according to claim 1, it is characterized in that, in the step 6, if receive the peer link request message in order earlier, then the PLM state machine of MP enters " OPN_RCVD " state, and carries out the processing procedure that step 4 is described; If receive the peer link acknowledge message earlier, the PLM state machine of MP will enter " CNF_RCVD " state so, at this moment MP will preserve that parameter in the peer link request acknowledge message is used for and to after receive that the result of peer link request message compares, MP also needs to delete the R timer, and also creating a C timer again is used to manage the re-transmission of peer link acknowledge message, will not fail if receive in C timer official hour that the peer link request message authenticates so, MP will enter " HOLDING " state, be complementary with local configuration correctly receiving peer link request and peer link acknowledge message and acknowledge receipt of the security parameter that carries in the message, and the key that carries is selected and the result of the result of role's option program and the local key selection of carrying out and role's option program consistent after, MP carries out last affirmation to peer link request message of MA answer.
8. the WLAN-Mesh network access security authentication method based on Madwifi according to claim 1, it is characterized in that, in the step 7, eight, it is described after the PLM of MP state machine enters " ESTAB " state, MP deletes all timers and generates an internal event notice 802.1x client PLM process and finishes, afterwards MP and MA all get back to again the management of 802.11 state machines and respectively by " AUTH " state and " RUN " state transitions to " RUN " state, the 802.1x client will be carried out initialization according to PLM stage mutual definite security parameter and authentication role.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008102006524A CN101394281A (en) | 2008-09-27 | 2008-09-27 | Wireless mesh network access security authentication method based on WLAN |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008102006524A CN101394281A (en) | 2008-09-27 | 2008-09-27 | Wireless mesh network access security authentication method based on WLAN |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101394281A true CN101394281A (en) | 2009-03-25 |
Family
ID=40494379
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2008102006524A Pending CN101394281A (en) | 2008-09-27 | 2008-09-27 | Wireless mesh network access security authentication method based on WLAN |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101394281A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102170637A (en) * | 2010-02-26 | 2011-08-31 | 杭州华三通信技术有限公司 | Key management method, system and device for centrally-controlled MESH network |
| CN102461329A (en) * | 2009-06-24 | 2012-05-16 | 马维尔国际贸易有限公司 | Wireless multiband security |
| CN103402201A (en) * | 2013-08-01 | 2013-11-20 | 广州大学 | Pre-authentication-based authentication method for WiFi-WiMAX (wireless fidelity-worldwide interoperability for microwave access) heterogeneous wireless network |
| CN103581124A (en) * | 2012-07-26 | 2014-02-12 | 雷凌科技股份有限公司 | Management frame handling method and related communication device thereof |
| CN107211488A (en) * | 2014-12-04 | 2017-09-26 | 瑞典爱立信有限公司 | It is used for the method to the business datum application safety of reception by what the WLAN node in integrated wireless communications network was performed |
| CN108234238A (en) * | 2016-12-22 | 2018-06-29 | 尼特莫公司 | Debugging and personalization equipment in LAN |
| CN112702241A (en) * | 2020-11-26 | 2021-04-23 | 北京小米移动软件有限公司 | Communication method, system and device of intelligent equipment |
-
2008
- 2008-09-27 CN CNA2008102006524A patent/CN101394281A/en active Pending
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102461329A (en) * | 2009-06-24 | 2012-05-16 | 马维尔国际贸易有限公司 | Wireless multiband security |
| CN102461329B (en) * | 2009-06-24 | 2015-08-12 | 马维尔国际贸易有限公司 | Wireless multiband security |
| CN102170637A (en) * | 2010-02-26 | 2011-08-31 | 杭州华三通信技术有限公司 | Key management method, system and device for centrally-controlled MESH network |
| CN102170637B (en) * | 2010-02-26 | 2014-04-02 | 杭州华三通信技术有限公司 | Key management method, system and device for centrally-controlled MESH network |
| CN103581124A (en) * | 2012-07-26 | 2014-02-12 | 雷凌科技股份有限公司 | Management frame handling method and related communication device thereof |
| CN103581124B (en) * | 2012-07-26 | 2017-04-12 | 联发科技股份有限公司 | Management frame handling method and related communication device thereof |
| CN103402201A (en) * | 2013-08-01 | 2013-11-20 | 广州大学 | Pre-authentication-based authentication method for WiFi-WiMAX (wireless fidelity-worldwide interoperability for microwave access) heterogeneous wireless network |
| CN103402201B (en) * | 2013-08-01 | 2016-08-17 | 广州大学 | A kind of WiFi-WiMAX heterogeneous wireless network authentication method based on pre-authentication |
| CN107211488A (en) * | 2014-12-04 | 2017-09-26 | 瑞典爱立信有限公司 | It is used for the method to the business datum application safety of reception by what the WLAN node in integrated wireless communications network was performed |
| CN108234238A (en) * | 2016-12-22 | 2018-06-29 | 尼特莫公司 | Debugging and personalization equipment in LAN |
| CN108234238B (en) * | 2016-12-22 | 2022-01-14 | 尼特莫公司 | Commissioning and personalization device in a local area network |
| CN112702241A (en) * | 2020-11-26 | 2021-04-23 | 北京小米移动软件有限公司 | Communication method, system and device of intelligent equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP1540878B1 (en) | Linked authentication protocols | |
| Prasad et al. | 3GPP 5G security | |
| RU2407181C1 (en) | Authentication of safety and control of keys in infrastructural wireless multilink network | |
| EP1997292B1 (en) | Establishing communications | |
| CN101500229B (en) | Method for establishing security association and communication network system | |
| CN101379801B (en) | For the EAP method of EAP expansion (EAP-EXT) | |
| CN1836404B (en) | Method and system for reducing cross switch wait time | |
| JP4551202B2 (en) | Ad hoc network authentication method and wireless communication terminal thereof | |
| CN101616410B (en) | Access method and access system for cellular mobile communication network | |
| CA2792490C (en) | Key generation in a communication system | |
| KR100832893B1 (en) | A method for the access of the mobile terminal to the WLAN and for the data communication via the wireless link securely | |
| Xu et al. | Attacks on PKM protocols of IEEE 802.16 and its later versions | |
| CN101562814A (en) | Access method and system for a third-generation network | |
| US20030084287A1 (en) | System and method for upper layer roaming authentication | |
| US20070162751A1 (en) | Method and apparatus for performing mutual authentication within a network | |
| US20090100262A1 (en) | Apparatus and method for detecting duplication of portable subscriber station in portable internet system | |
| KR101002799B1 (en) | mobile telecommunication network and method for authentication of mobile node in mobile telecommunication network | |
| US20090028101A1 (en) | Authentication method in a radio communication system, a radio terminal device and radio base station using the method, a radio communication system using them, and a program thereof | |
| CN101394281A (en) | Wireless mesh network access security authentication method based on WLAN | |
| CN104602229B (en) | A kind of efficient initial access authentication method for WLAN and 5G combination network application scenarios | |
| CN104683343A (en) | Method for rapidly logging WiFi hotspot by terminal | |
| CN113872755A (en) | Key exchange method and device | |
| CN101635922B (en) | Safety communication method of wireless mesh network | |
| JP2011182335A (en) | Authentication method, communication station, authentication station and terminal | |
| CN106304400A (en) | The IP address distribution method of wireless network and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20090325 |