CN101909296B - Authentication in communication network - Google Patents
Authentication in communication network Download PDFInfo
- Publication number
- CN101909296B CN101909296B CN201010170863.5A CN201010170863A CN101909296B CN 101909296 B CN101909296 B CN 101909296B CN 201010170863 A CN201010170863 A CN 201010170863A CN 101909296 B CN101909296 B CN 101909296B
- Authority
- CN
- China
- Prior art keywords
- value
- mobile node
- access node
- authentication
- node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention relates to an authentication in a communication network, and further provides a method for moving a node to an authentication of a communication system. The communication system comprises a plurality of access nodes, a mobile node capable of roaming among a plurality of the access nodes, and a control node which is communicated with a plurality of the access nodes. The method comprises the steps of: (a) generating a numerical value chain containing a series of values by an unidirectional coding function so that a set value in the chain can be obtained easily from a following value, but the following value can not be obtained easily from the set value; (b) transmitting a value from the numerical value chain to an access node desired to be connected with the mobile node from the mobile node every time the mobile node is in search of respective authentication from the access node, wherein the following value of the transmitted value in the chain has been transmitted to the access node; (c) transferring the transmitted value by the access node to the control node; (d), applying the unidirectional coding function at the control node to the transmitted value so as to move the node based on the value authentication of the numerical value chain before the transmitted value in the chain.
Description
Technical field
The present invention relates to the authentication in communication network, more particularly, although dispensable, relate to the authentication of the wireless terminal roamed in accessed communication network.
Background technology
Fig. 1 describes the structure of the cellular communications network for mobile radio terminal with chart.This network comprises one group by the interconnective access node 4,6 of IP network 12.Subscriber has subscriber equipment (UE) 1, and has the reservation to " ownership " network 3.Home network has attaching position register (HLR) 10, it comprise store such as charge information, service allows and the database of subscriber information of subscriber locations.Subscriber can with UE and roam to one access foreign wireless network 2, he wishes to access some communication service by the first access node 4 there, such as audio call (by circuit-switched network route), linking Internet, is connected or other data service with the peer-data of other UE.Be allowed through before UE accesses these services subscriber, accessed network requirement authentication subscriber, this realizes typically via accessed network 2 and home network 3 contact.Accessed network can perform some initial inspection and carry out legal request to examine UE.
Accessed network 2 can not be permitted subscriber and be accessed any service, until it knows that these accesses will be paid, and thus visited network sends authentication request 5 to home network to determine that whether subscriber is the subscriber of home network registration, and because of but trusty.Only in message 5 ', confirm that subscriber registers in the home network at home network 3, accessed network just provides the access to available service.Authentication process may need to exchange between visited network and home network more than a pair message 5,5 '.In the time of its cost and in the communication overhead forced in communication network, whole authentication process may be all a tediously long process.Agreement for authentication roaming subscriber comprises MAP, RADIUS and DIAMETER.
After successful authentication, situation may change, so that the access node 6 that UE must be replaced by accesses visited network.UE may depend on many factors for the access node connecting visited network, especially comprises physical proximity, bandwidth capacity and existing running load.Such as situation may so in wireless lans, and cell size is very little here, and UE movement is between access nodes very frequent.
At every turn when UE wishes to be attached to a new access node, access node must wait for the response 7 ' from home network by sending request 7 to home network 3, and repeats the authentication process that performed by last access node.This second authentication process spends with the time of the similar length of initial authentication process and consumes similar amount of network resources.It is undesirable for transmitting excessive signaling data in a network; Network operator is provided to fixing allocated bandwidth, and the data can only be correlated with for service are to charge subscribers.Signaling data represents the bandwidth that can not charge and uses, and network operator is wished to be used and minimized.Second authentication process will probably cause the interruption of the service provided for subscriber.If such as subscriber accesses network address, this may not be a major issue, and the less delayed be provided here in data can not cause adverse influence to the service quality provided.But, for the service that such as audio call or multimedia broadcasting of spreading are such, be undesirable to the interruption of this service.
Therefore, desirable to provide a kind of secure authentication mechanism of Authentication time reduced when switching access node.It would also be desirable to provide a kind of safe authentication mechanism, it walks around inquiry home network to confirm the needs of the identity of UE, thus reduces the signaling consumption on home network.
Propose one and be called that the concept of " transferring (handoff) fast " is used in network, wherein UE switches continually between different access node, and this concept provides a kind of means faster for switching between alternative access node.Provide authentication completely, but walk around home network.This can realize in the following manner: use try to be the first (preemptive) from home network to control, such as from current access node switch before authentication UE to use a new access node, or by some context transfer between two access nodes, thus fully avoid home network.
First of these fast handoff mechanism is still stand undesirable a large amount of signaling consumption, thus needs the more signalings between ownership and visited network when UE switches access node at every turn.Further consider that these " transfer " second point of mechanism fast, proposed many different quick transfers to realize, and these realize all by use the session key that is distributed to certain type of access node or again KI avoid the excessive communication with home network 3.These keys are decided through consultation by home network and visited network both sides during initial authentication, and key is distributed between the access node of visited network.When this makes to switch between access nodes, UE can be attached rapidly again, and system can't be made to be subject to the impact of unnecessary Security Vulnerability, a main fragility is: the access node of single divulge a secret (comprised) has the access to all such sessions and KI again.Thus the single access node of divulging a secret can provide information for the third party of malice, and this will make this third party to imitate UE and when providing paying from visited network access service.
Therefore, desirable to provide a kind of fast handoff mechanism for switching mobile node between the access node of access network fast, which obviating single access node may divulge a secret and allow third party to access the risk of other access node.
Summary of the invention
According to a first aspect of the invention, provide a kind of method to communication system authentication mobile node, this communication system comprises multiple access node, the method comprises: (a) uses one-way coding function (one-way coding function) to generate the numerical chain comprising a series of value, to make in chain a specified value to obtain from a value subsequently easily, but this value subsequently can not obtain easily from that specified value; B () is sent from mobile node and is wished from a value of the first numerical chain the access node that is attached to mobile node; And (c) use this sent value to carry out this mobile node of authentication at access node place.
According to a second aspect of the invention, provide a kind of when mobile node according to any aforementioned claim to the method drawing safe KI during access node authentication oneself, the method comprises the first KI K providing and used by this mobile node and one first access node
s0; Send the hash hash (K of the first KI
s0) to one second access node and this mobile node; And according to hash hash (K
s0) generate new KI K
s1.
According to a further aspect in the invention, provide a kind of mobile radio terminal, this terminal comprises the device for using one-way coding function to generate and store the first numerical chain, this first numerical chain comprises a series of n value, to make in chain a specified value to obtain from a value subsequently easily, but this value subsequently can not obtain easily from that specified value; And for this numerical chain is disclosed to access node value to allow the device of this mobile radio terminal of access node authentication.
According to another aspect of the invention, provide a kind of access node of communication system, there is the device of the value for receiving the first numerical chain from mobile node, this first numerical chain comprises a series of n value, use one-way coding function to make in chain a specified value to obtain from a value subsequently easily, but this value subsequently can not obtain easily from that specified value; And be used for based on this value and the device of this mobile node of authentication.
In accordance with a further aspect of the present invention, provide a kind of Controlling vertex of communication system, there is the device of the value for receiving the first numerical chain from mobile node or access node, this first numerical chain comprises a series of n value, use one-way coding function to make in chain a specified value to obtain from a value subsequently easily, but this value subsequently can not obtain easily from that specified value; And be used for based on this value and the device of this mobile node of authentication.
Accompanying drawing explanation
Fig. 1 diagrammatically show the structure of communication network;
Fig. 2 diagrammatically show the structure of communication network according to an embodiment of the invention; And
Fig. 3 is the flow chart of the method showing certain embodiments of the invention.
Embodiment
Fig. 2 diagrammatically show the structure of the cellular communications networks for mobile radio terminal according to a first embodiment of the present invention, with similar digitized representation and the similar parts shown in Fig. 1.Access node 4,6 is connected to each other by network.Network can be cellular telecommunication network, the such as combination of 3G network, WLAN, 3G and wlan network, or the cellular network of other type any.The subscriber of home network 3 has mobile radio terminal 1, and attempts to access the service from the such as audio call of accessed (foreign country) wireless network 2, linking Internet or other data service.Before allowance subscriber access service, visited network needs the mandate from the home network of subscriber.In order to make subscriber by authentication, visited network sends authentication request to home network, and home network checks the details of subscriber in HLR 10.Authentication process is defined in MAP, RADIUS and DIAMETER (RFC 3588) agreement and the agreement for wireless network especially 802.1x, 802.11i and EAP (RFC 2298).After successful authentication, the details of visited network store subscriber in its visitor location register (VLR) 11.UE and then can be accessed from the obtainable service of visited network by the first access node 4.
Certain existing exchange agreement can be used to produce KI or session key, and use it for the business of to encrypt after initial authentication between UE and given access node.
In initial authentication process (such as the exchange of message 5,5 ') period, determine a numerical chain, it will to be used to when mobile node switches access node in the stage after a while this mobile node of authentication again.In certain embodiments, numerical chain may concerning known UE.(may be more suitable for being applied to existing protocol as RADIUS and DIAMETER) in certain embodiments, numerical chain is all known to UE and home network.This chain is a series of n numeral, has value H
1, H
2h
n, to make in chain a specified value to obtain from a value subsequently easily, but this value subsequently can not obtain easily from this specified value.This can by using one-way coding function, and such as hash (hash) function realizes, to obtain chain, wherein a H
i-1=hash (H
i).Function hash () defines by this way, makes to be difficult to reversing (reverse) this computing, namely obtains this function has carried out computing value to it.Unilateral hash function used may be such as MD5 or SHA-1.Function hash () can be common practise; Its one-way functionality means that it needs not to be secret.Any be that safe one-way function is all suitable in cryptography.
Numerical chain is from a seed H as last value of chain
ngenerate.The successive applications of unidirectional hash () function returns preceding value in this chain, is back to the first digit H in sequence downwards
1.Seed is decided through consultation between UE and home network, sends between two sides with certain encrypted form.Seed can be generated by pseudo-random number generator.Alternatively, seed can be only known to UE and home network or the value that only can be drawn by it based on some, and such as EAP MSK or EMSK value, existing authentication protocol need not be adapted the agreement realizing this embodiment in this case.According to an alternative embodiment, UE oneself generates seed, and home network is to it and do not know, thus can not obtain it.
After generating seed, UE and home network can generate remaining sequence by the successive applications of one-way coding function and obtain H
1.Immediately following subscriber to visited network initial authentication after, be worth H
1with authentication encryption key K
rfirst access node of the access node together, be attached by UE and the access node be distributed in access network.Alternatively, access node receives H from Controlling vertex
1value.UE or home network provide H to Controlling vertex
1, Controlling vertex upgrades access node subsequently
Consider that UE moves to the situation of a new access node, UE provides KI K to the second access node 6
r, and by providing the value H in numerical chain
2confirm its identity.Second access node 6 knows this one-way coding function, and by this function application in value H
2, thus obtain value H
1, because hash is (H
2)=H
1.Second access node will previously be distributed to the H of this access node
1value with by the value H provided by UE
2the H that " hash " obtains
1value compare.Because two equipment that only have knowing in numerical chain value are subsequently UE and home network, if these two H
1value equal, then think that UE is by authentication.If these two values compared are not mated, then may refuse the request of access service.After successful authentication, the second access node 6 sends update notification message 8 other access node to access network, and they are known, and UE have switched access node.Update notification message can comprise the nearest H value that UE provides, or alternatively, it can comprise the instruction that UE has switched access node simply, and other access node in this case in access network makes counter increment 1.
When UE wishes to switch to another access node and requires the authentication again of another time, UE provides the next H value in numerical chain to this another access node.This another access node and then itself and the H value of distributing recently are compared by the H value computing of the disclosure with hash () function, or, when only making a counter increment, this result also compares with the H value of storage by the read-around ratio that its application hash () function is suitable.Require that its uses H value higher than those values used in sequence to UE when asking again authentication at every turn, to guarantee that the access node of divulging a secret can not use its K at the access node place that UE not yet accessed
rknowledge.
Update notification can be sent to all access nodes of access network by local multicast mechanism.This process and H
1and K
rinitial distribution must be safe.In another embodiment, the distribution relating to the information of multiple user is sent in batches, and such as, all user profile upgrades for every 10 seconds.
In an alternative embodiment, UE by Controlling vertex to new AN authentication.Replace to access node broadcast update notification, Controlling vertex stores new H value.When UE request is in another access node authentication, the new H value inquiry Controlling vertex that this another access node UE provides.One-way function is applied to new H value to compare with the H value stored by Controlling vertex.If two value couplings, Controlling vertex is to this UE of another access node authentication.In this embodiment, access node does not need store or one-way coding function is applied to provided H value.The single position making one to trust performs authentication instead of dispensed value is also safer potentially in whole communication system.
The numerical chain of n value is generated by subsequent iteration initial seed value being carried out to n-1 hash function.By allowing applying for maximum n-1 time of one-way coding function, system only allows delivering of between access node limited number of time.After reaching the delivering of the maximum number that allows between access node, this process must be restarted by generating a new numerical chain at UE and home network place.Therefore, in the event that this system is damaged by third party, this system rewritten a limited number of times switches access node before the fail safe only allowing this third party in system being recovered.Therefore, in order to by requiring that the inspection frequently to home network arranges the fail safe of higher level, the value of n is set lower.
Show the step of the method for above-described embodiment in the flow chart of Fig. 3, wherein the value of n increases progressively 1 when each continuous print mandate is attempted.
In another embodiment, the value of numerical chain can be used for generating the new IP address of UE, if not the new IP address being also at least all part.When the ue attaches to a new access node, it must disclose the next one value of numerical chain.It can also use this value to generate the interface identifier part of IP address according to the method for British patent No.2367986, and its content is here quoted as a reference.
According to one more embodiment of the present invention, UE each wish to be attached to new access node time, in its open sequence forward, than next farther H value, such as, if UE discloses H to being attached its oneself a upper access node
3, so it can disclose H
5(or any higher H value, until H
n), and underground H
4.In this case, new access node must more than once by hash () function application in disclosed value, to be exported compared with the public H value of distributing recently.
Any other access node may only be provided H
1and from the instruction of update notification comparatively early: UE has switched access node given number m time.Separately based on this information, another access node knows that one-way coding function must be applied to the H value at least m+1 time that the UE that seeks authentication provides by it, applies n-1 time at most.If through value neither one and the UE of hash provide corresponding, then access node must suppose that again authentication request can not be permitted.
According to an also embodiment of the present invention, produce multiple numerical chain by UE and home network so that UE can use them concurrently on multiple interface.The plurality of chain uses different seeds to generate with identical one-way coding function.Alternatively, multiple chain can realize different one-way coding function, and communication carrier subsequently realizes the instruction of this coding function on a given chain.This create one and " belong to " mechanism more fast, even if wherein also only need single initial authentication on the node with multiple interface.Different numerical chain must be used to avoid a Replay Attack to each interface.
According to one more embodiment of the present invention, numerical chain is bound with the particular mac address on access node interface by amendment one-way coding function, makes H
i-1=hash (H
i, MAC Address), third party can not be declared, and a given numerical chain is effective to another MAC Address.Even if third party obtains the MAC Address of UE, the trial of any imitation UE all must add a cover the MAC Address stamp of third party oneself, and access node can be fraudulent and refuse this service request because of this.
According to another embodiment of the invention, a kind of method for drawing the secure authentication key used when UE switches access node is as described above provided.Initially suppose that UE and the first access node share public KI K
s0.Known for realizing the method for this point.In another embodiment, be just switched to new access node from the first access node, the first access node just sends and comprises value hash (K
s0) message to new access node, new access node sends these values to UE.UE then can by himself to K
s0carry out hash, confirm that this message rises really and start from the first access node.Then, UE and new access node can use equation K
s1=hash (hash (K
s0)) draw new authentication secret key.New access node can not determine original KI K
s0, because it can not reverse this one-way coding function hash (K
s0) obtain K
s0.The message sent by first node can also comprise (nonce) N now
p0, this new KI uses equation K in this case
s1=hash (hash (K
s0), N
p0) generate.
In another embodiment, the first access node sends the hash hash (K of KI
s0) to new access node, and mobile node and new access node exchange current N
c1and N
a1, new authentication secret key uses equation K
s1=hash (hash (K
s0), N
c1, N
a1) draw, so that the first access node can not learn new authentication secret key, exchange now unless it intercepts this, and new access node can not learn KI more early, because it can not reverse this one-way coding function to obtain K
s0.Going back in an embodiment, the first access node can also with hash (K
s0) value send current NP0 together, new authentication secret key uses equation K in this case
s1=hash (hash (K
s0), N
p0, N
c1, N
a1) generate.
The invention provides a kind of method of the access node authentication mobile node to access network.Those skilled in the art should understand can make various amendment to above-described embodiment, and does not deviate from scope of the present invention.
Claims (23)
1. to a method for communication system authentication mobile node, this communication system comprises: multiple access node; And the Controlling vertex to communicate with described multiple access node, wherein, described mobile node can at the internetwork roaming of described multiple access node, and the method comprises:
A () uses one-way coding function to generate to comprise the numerical chain of a series of value, the set-point in described numerical chain can easily be obtained from value subsequently, but this value subsequently can not easily obtain from that set-point;
B () is when described mobile node is sought oneself to carry out authentication to it to access node each time, new value from described numerical chain is sent to from described mobile node the access node that this mobile node wishes to be attached to, wherein said new value is arranged in after described chain sent to the value of access node;
C described new value is transmitted to described Controlling vertex by () described access node; And
D (), at described Controlling vertex place, described one-way coding function is applied to described new value thus value based on the described numerical chain before value new described in described chain carries out authentication to described mobile node.
2. method according to claim 1, wherein comprises the authentication of described mobile node and the comparatively early value of the output and described numerical chain that are applied to described new value described one-way coding function at least one times being compared.
3. method according to claim 2, the comparatively early value of wherein said numerical chain is the value directly before described new value.
4. method according to claim 1, wherein when to described mobile node successful authentication, described Controlling vertex storage update notice.
5. method according to claim 4, wherein said update notification comprises the described new value that described mobile node provides.
6. method according to claim 1, the value H of wherein said numerical chain
i-1can utilize to be defined as and make H
i-1=hash (H
i) one-way coding function from the value H of described numerical chain
iobtain.
7. method according to claim 1, wherein by providing the seed H of described numerical chain
ngenerate described numerical chain, all preceding values can by applying described one-way coding function and obtaining continuously.
8. method according to claim 7, wherein said seed H
nit is the value based on being only known to described mobile node and home network.
9. method according to claim 7, wherein said seed H
nit is the value based on being only known to described mobile node.
10. method according to claim 7, wherein said seed H
nbased on EAP MSK or EMSK value.
11. methods according to claim 8, wherein said seed H
nbased on the value of stochastic generation.
12. methods according to claim 8, are wherein encrypted to make described access node can not determine described seed to described seed.
13. methods according to claim 1, first value of the numerical chain wherein obtained by one-way coding function is applied successively to seed is that the home network subscribed by mobile node or mobile node is supplied to this Controlling vertex.
14. 1 kinds of methods to communication system authentication mobile node, the Controlling vertex that this communication system comprises multiple access node, multiple interface and communicates with described multiple access node, the method comprises and generates multiple numerical chain according to the method for claim 1, each of multiple numerical chain corresponds to one of multiple interface, and method according to claim 1 this mobile node of authentication on the plurality of interface.
15. methods according to claim 14, wherein said mobile node is concurrently to multiple interface authentication it oneself.
16. methods according to claim 1, the value of wherein said numerical chain is for generating at least part of IP address of described mobile node.
17. methods according to claim 1, wherein each numerical chain is bound to the particular mac address corresponding to specific access node.
18. methods according to claim 1, wherein said communication system comprises Radio Access Network, and described mobile node is wireless terminal.
The method of 19. 1 kinds of authentication mobile nodes when mobile node is roamed in communication system, the method comprises:
At mobile node from after the first access node of communication system is switched to the second access node, use the method for arbitrary claim in claim 1-13 to second this mobile node of access node authentication.
20. methods according to claim 19, wherein said mobile node had previously been crossed to described communication system authentication by the home network of described mobile node.
21. 1 kinds use method in claim 19-20 described in any one to the method drawing safe KI during access node authentication oneself when mobile node, and the method comprises:
First KI K is provided
s0, use for by described mobile node and the first access node;
Send the hash hash (K of the first KI
s0) to the second access node and described mobile node; And
According to described hash hash (K
s0) generate new KI K
s1.
22. methods according to claim 21, wherein new authentication secret key is by according to function K
s1=hash (hash (K
s0)) come hash hash (K
s0) get hash and generate.
23. methods according to claim 21, comprise step further:
The the first current N provided by described mobile node is provided between described mobile node and described second access node
c1with the provided by described second access node second current N
a1; And wherein new authentication secret key K
s1according to function K
s1=hash (hash (K
s0), N
c1, N
a1), according to the first session key K
s0, the first current N
c1with the second current N
a1hash generate.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010170863.5A CN101909296B (en) | 2003-12-24 | 2003-12-24 | Authentication in communication network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010170863.5A CN101909296B (en) | 2003-12-24 | 2003-12-24 | Authentication in communication network |
Related Parent Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2003801109162A Division CN1887019B (en) | 2003-12-24 | 2003-12-24 | Authentication in a communication network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101909296A CN101909296A (en) | 2010-12-08 |
| CN101909296B true CN101909296B (en) | 2014-12-24 |
Family
ID=43264584
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010170863.5A Expired - Fee Related CN101909296B (en) | 2003-12-24 | 2003-12-24 | Authentication in communication network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101909296B (en) |
-
2003
- 2003-12-24 CN CN201010170863.5A patent/CN101909296B/en not_active Expired - Fee Related
Non-Patent Citations (2)
| Title |
|---|
| Lein Harn 等.On the Security of Wireless Network Access with Enhancements.《proceedings of the 2003 ACM workshop on wireless SEC》.2003, * |
| USUS2002/0002678A1A1 2002.01.03 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101909296A (en) | 2010-12-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP2877199B2 (en) | Roaming method | |
| US20190028889A1 (en) | Method and apparatus for new key derivation upon handoff in wireless networks | |
| CA2659959C (en) | Systems and methods for key management for wireless communications systems | |
| JP7241202B2 (en) | System and method for handling telescopic FQDN | |
| CN1887019B (en) | Authentication in a communication network | |
| CN101675644B (en) | User profile, policy, and pmip key distribution in a wireless communication network | |
| JP4284324B2 (en) | Method and mobile radio system for forming and distributing encryption key in mobile radio system | |
| US9197615B2 (en) | Method and system for providing access-specific key | |
| KR101237121B1 (en) | Systems and methods for group key distribution and management for wireless communications systems | |
| US20070064948A1 (en) | Methods and apparatus for the utilization of mobile nodes for state transfer | |
| WO2005027559A1 (en) | Fast authentication method and apparatus for inter-domain handover | |
| CN103370899A (en) | Wireless device, registration server and method for provisioning of wireless devices | |
| CN109155734B (en) | Key generation and distribution method based on identity identification cryptographic technology | |
| CN114846764A (en) | Method, apparatus and system for updating anchor keys in a communication network for encrypted communication with service applications | |
| CN109548180B (en) | Communication method based on block chain and communication system based on block chain | |
| JP4468581B2 (en) | System and method for encrypting transmissions | |
| CN115004742A (en) | Method, device and system for anchor key generation and management for encrypted communication with service applications in a communication network | |
| US7813718B2 (en) | Authentication in a communication network | |
| CN114946153A (en) | Method, device and system for application key generation and management in a communication network in encrypted communication with a service application | |
| CN101909296B (en) | Authentication in communication network | |
| WO2009054901A2 (en) | Methods for provisioning mobile stations and wireless communications with mobile stations located within femtocells | |
| Vasudevan et al. | An integrated approach for energy efficient handover and key distribution protocol for secure NC-enabled small cells | |
| CA2780461A1 (en) | System, method and devices for enabling efficient hybrid route optimization between two mobile endpoints | |
| CN116865954A (en) | PDT cluster communication encryption group call intercommunication method, device and system | |
| Bjornland et al. | CTM internetworking: extending the CTM authentication feature to roaming users |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20141224 Termination date: 20161224 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |