CN102572818B - A kind of application key management method of MTC group device and system - Google Patents
A kind of application key management method of MTC group device and system Download PDFInfo
- Publication number
- CN102572818B CN102572818B CN201010579213.6A CN201010579213A CN102572818B CN 102572818 B CN102572818 B CN 102572818B CN 201010579213 A CN201010579213 A CN 201010579213A CN 102572818 B CN102572818 B CN 102572818B
- Authority
- CN
- China
- Prior art keywords
- application key
- mtc
- mtc device
- group
- bsf
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/065—Network architectures or network communication protocols for network security for supporting key management in a packet data network for group communications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/043—Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
- H04W12/0431—Key distribution or pre-distribution; Key agreement
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/06—Selective distribution of broadcast services, e.g. multimedia broadcast multicast service [MBMS]; Services to user groups; One-way selective calling services
- H04W4/08—User group management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/70—Services for machine-to-machine communication [M2M] or machine type communication [MTC]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Multimedia (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses the application key management method that a kind of machine type communication (MTC) organizes equipment, be applied to the system of MTC device, guide service function (BSF) and the MTC server composition being provided with Subscriber Identity Module, comprise: MTC device is known has the application key corresponding with the group identity information of self just in use, sends a request message to BSF; After BSF receives request message, application key is sent to MTC device; MTC device uses application key to set up with MTC server and communicates.MTC device sharing application key in same MTC device group can be realized by the present invention.
Description
Technical field
The present invention relates to mobile communication and machine type communication (MTC, MachineTypeCommunication) technology, refer to a kind of application key management method and system of MTC group device especially.
Background technology
MTC refers to the employing wireless communication technology, realizes the general name of machine and machine, data communication between machine with people and a series of technology exchanged and combination thereof.Machine To Machine (M2M, machinetomachine) has two layers of meaning: ground floor is machine itself, is called smart machine in built-in field; The second layer is meant to the connection between machine and machine, by network, machine is linked together.Widely, such as intelligent measure, remote monitoring, tracking, medical treatment etc., make human lives more intelligent to the range of application of MTC.Compared with traditional interpersonal communication, MTC device (M2MDevice) enormous amount, application is extensive, has huge market prospects.
In MTC communication, main remote interconnection technique comprises global system for mobile communications (GSM, GlobalSystemforMobileCommunications)/general packet radio service technology (GPRS, GeneralPacketRadioService)/universal mobile telecommunications system (UMTS, UniversalMobileTelecommunicationsSystem), closely interconnection technique mainly contains 802.11b/g, bluetooth, Zigbee, radio-frequency (RF) identification (RFID, RadioFrequencyIdentification) etc.Because MTC incorporates radio communication and information technology, can be used for two-way communication, as collected information, parameters and transmission instruction at a distance, therefore can realize different application schemes, as safety monitoring, automatic vending, cargo tracking etc.The equipment related in nearly all daily life all likely becomes potential service object.MTC provide equipment real time data between the systems, between remote equipment or and individual between set up the simple means of wireless connections.
GBA (GenericBootstrappingArchitecture) refers to universal guiding structure, and GBA architectural framework defines a kind of general key agreement mechanisms between terminal and server.Fig. 1 describes the network model of GBA architectural framework, mainly comprises following network element:
UE is the general name of terminal equipment (as mobile phone) and (U) SIM card, and terminal here can be the mobile terminal (as mobile phone etc.) of plug-in card, also can be the fixed terminal (as Set Top Box etc.) of plug-in card;
NAF (NetworkApplicationFunction): i.e. application server, realizes the logic of business functions of application, for terminal provides business service after the certification of complete paired terminal;
BSF (BootstrappingServerFunction): BSF is the core network element of GBA, BSF and UE is by the certification of AKA protocol realization, and the application key negotiated subsequently for communicating between UE with NAF, BSF can set the lifetime of key according to local policy;
HSS (HomeSubscriberSystem): i.e. user attaching server, stores the authorization data in terminal (U) SIM card, as the Ki etc. in SIM card;
SLF (SubscriptionLocatorFunction): i.e. signing position functions, BSF obtains by inquiry SLF the HSS title storing relevant user data.Single HSS environment and in do not need SLF.In addition, when BSF is configured to use preassigned HSS, do not require to use SLF yet.
In mobile communication system, after introducing MTC device, due to MTC device One's name is legion, in order to reduce offered load, save Internet resources, need to carry out management optimization to MTC device in the mode of group, like this, MTC device just can be undertaken controlling by the mode of group, manage and charging etc., thus adapts to the demand of operator.Whether MTC device according to place same area, or can have identical MTC feature, or whether belongs to identical MTC user and divide into groups.In addition, because grouping significantly can reduce network resource loads, therefore, group informational needs obtains safeguard protection, otherwise assailant's possible spoofing becomes group membership and acquisition group information.
When MTC device carries out service communication, MTC device needs to carry out secure connection with MTC server, therefore needs to carry out security key exchange between MTC device and MTC server.MTC device and MTC server can carry out authentication and key agreement by GBA mode.Owing to comprising multiple MTC device in a MTC device group, after the MTC device in a MTC device group and MTC server to set up the application key communicating and use by GBA mode, how other MTC device in same group share this application key is the problem needing to solve.
Summary of the invention
In view of this, main purpose of the present invention is the application key management method and the system that provide a kind of MTC group device, can realize MTC device sharing application key in same MTC device group.
To achieve these goals, technical scheme of the present invention is achieved in that
The invention provides a kind of application key management method of MTC group device, be applied to the system of machine type communication (MTC) equipment, guide service function (BSF) and the MTC server composition being provided with Subscriber Identity Module, the method comprises:
Described MTC device is known has the application key corresponding with the group identity information of self just in use, sends a request message to described BSF;
After described BSF receives described request message, described application key is sent to described MTC device;
Described MTC device uses described application key to set up with described MTC server and communicates.
Wherein, described group of identity information of described MTC device and the subscriber identity information of described MTC device and the equipment identity information of described MTC device is carried in described request message.
Described group of identity information is: group mark (G-ID); The mark of described G-ID MTC device group belonging to described MTC device;
The subscriber identity information of described MTC device is MTC User Identity; Described MTC User Identity is international mobile subscriber identity (IMSI);
The equipment identity information of described MTC device is MTC device identify label; Described MTC device identify label is International Mobile Equipment Identity code (IMEI).
Before described application key is sent to described MTC device by described BSF, the method also comprises: perform authentication process with described MTC device after described BSF receives described request information, and determines that described MTC device is the member of the MTC device group being designated described G-ID;
Described application key is sent to described MTC device by described BSF, specifically comprises: the described application key that the described G-ID that self preserves by described BSF is corresponding sends to described MTC device.
The method also comprises: described BSF is encrypted sending to the described application key of described MTC device by the group key that described G-ID is corresponding.
Described MTC device is known has the application key corresponding with the group identity information of self to use, and specifically comprises:
Described MTC device sends negotiation request message to described MTC server; Described group of mark (G-ID) of described MTC device, described MTC User Identity and described MTC device identify label is carried in described negotiation request message;
Described MTC server, according to the described G-ID in described negotiation request message, when checking the application key used in the corresponding relation database of the G-ID that self preserves with application key, feeds back initialization information to described MTC device;
Described MTC device knows have the application key corresponding with the group identity information of self to use according to described initial message.
The method also comprises: described MTC server is according to the described G-ID in described negotiation request message, when checking the application key do not used in the corresponding relation database of the G-ID that self preserves with application key, to described MTC device feedback initialization information;
According to described initial message, described MTC device knows that the application key corresponding with the group identity information of self does not use.
Described MTC device knows not corresponding with the group identity information of self application key just in use according to described initial message, and the method also comprises:
Described MTC device and described BSF perform and guide authentication process, generate application key; Described BSF preserves the corresponding relation of the described application key of described G-ID and generation;
Described MTC device and described MTC server perform secure association procedure, and described MTC server obtains described application key to BSF request;
Described MTC server is set up and is preserved the corresponding relation of described G-ID and described application key.
The method also comprises: described BSF arranges the lifetime of described application key.
When the lifetime of all conversation ends or described application key that use described application key is to after date, described MTC server deletes the corresponding relation of described G-ID and described application key.
Present invention also offers a kind of application key management system of MTC group device, comprising: the MTC device of Subscriber Identity Module, BSF and MTC server are installed; Wherein,
Described MTC device, for knowing there be the application key corresponding with the group identity information of self just in use, sending a request message to described BSF, obtaining described application key; And use described application key to set up with described MTC server to communicate;
Described BSF, for after receiving described request message, sends to described MTC device by described application key;
Described MTC server, to set up with described MTC device for using described application key and communicates.
Wherein, described group of identity information of described MTC device and the subscriber identity information of described MTC device and the equipment identity information of described MTC device is carried in described request message;
Described group of identity information is: group mark (G-ID); The mark of described G-ID MTC device group belonging to described MTC device;
The subscriber identity information of described MTC device is MTC User Identity; Described MTC User Identity is IMSI;
The equipment identity information of described MTC device is MTC device identify label; Described MTC device identify label is IMEI.
Described BSF, also for before send to described MTC device after receiving described request information, by described application key, performs authentication process with described MTC device, determines that described MTC device is the member of the MTC device group being designated described G-ID; Also send to described MTC device for the described application key that the described G-ID self preserved is corresponding; And be encrypted sending to the described application key of described MTC device by the group key that described G-ID is corresponding.
Described MTC device, also for sending negotiation request message to described MTC server; Described group of mark (G-ID) of described MTC device, described MTC User Identity and described MTC device identify label is carried in described negotiation request message;
Described MTC server, also for according to the described G-ID in described negotiation request message, when checking the application key used in the corresponding relation database of the G-ID that self preserves with application key, to described MTC device feedback initialization information;
Accordingly, described MTC device also has the application key corresponding with the group identity information of self to use for knowing according to described initial message.
Described MTC device, also for knowing not corresponding with the group identity information of self application key according to described initial message just in use, performing with described BSF and guiding authentication process, generates application key; After described guiding authentication process completes, perform secure association procedure with described MTC server;
Accordingly, described BSF, also for after the described application key of generation, arranges the lifetime of described application key, and preserves the corresponding relation of the described application key of described G-ID and generation;
Accordingly, described MTC server, also in execution secure association procedure, obtains described application key to described BSF request, sets up and preserves the corresponding relation of described G-ID and described application key.
Described MTC server, also for when all conversation ends of the described application key of use or the lifetime of described application key are to after date, deletes the corresponding relation of described G-ID and described application key.
The application key managing project of MTC group device of the present invention: MTC device is known has the application key corresponding with the group identity information of self just in use (particularly, G-ID in the negotiation request message that MTC server sends according to MTC device, the application key used is checked whether in the G-ID self preserved with the corresponding relation database of application key), send a request message to BSF; After BSF receives request message, application key is sent to MTC device; MTC device uses application key to set up with MTC server and communicates; So just achieve MTC device sharing application key in same MTC device group.
Accompanying drawing explanation
Fig. 1 is the network model schematic diagram of GBA architectural framework;
Fig. 2 is the application key management system of MTC device of the present invention;
Fig. 3 is MTC group device application key visioning procedure schematic diagram of the present invention
Fig. 4 is MTC group device application Authentication theory schematic flow sheet of the present invention.
Embodiment
Below in conjunction with the drawings and specific embodiments, the technical solution of the present invention is further elaborated.
The main process of the application key management method of MTC group device of the present invention is: MTC device is known has the application key corresponding with the group identity information of self just in use, sends a request message to BSF; After BSF receives request message, this application key is sent to MTC device; MTC device uses this application key to set up with MTC server and communicates.
In the present invention, before a MTC device in MTC device group communicates with MTC server, this MTC device, by creating or add the mode of this MTC device group, obtains group identity information G-ID, the i.e. mark of MTC device group belonging to MTC device and the group key Kg of this MTC device group from network.
Wherein, the group identity information of MTC device and the subscriber identity information of MTC device and the equipment identity information of MTC device is carried in described request message;
Group identity information is group mark (G-ID); Subscriber identity information is for being MTC User Identity, can be international mobile subscriber identity (IMSI, InternationalMobileSubscriberIdentificationNumber), or other may be used for the mark identifying MTC user identity; Equipment identity information is MTC device identify label, can be International Mobile Equipment Identity code (IMEI, InternationalMobileEquipmentIdentity), or other may be used for the mark identifying MTC device identity.
The application key management method of MTC device of the present invention is applied in the system shown in Fig. 2, comprise: Subscriber Identity Module is installed, as Universal Integrated Circuit Card (UICC, UniversalIntegratedCircuitCard), the MTC device of user identification module (SIM, SubscriberIdentityModule), BSF and MTC server; This system can also comprise HSS, the authorization data in the Subscriber Identity Module of main store M TC equipment, as the Ki etc. in SIM card, assists BSF to perform and the authentication of MTC device and certification.
When a MTC device in MTC device group needs to communicate with MTC server, need by the application key (Ks-NAF) between GBA process establishment MTC device and MTC server; If Fig. 3 is MTC group device application key visioning procedure schematic diagram of the present invention, comprising:
Certain MTC device in step 301:MTC equipment group sends negotiation request message to MTC server; The group identity information of MTC device is comprised if G-ID and MTC device subscriber identity information are if IMSI and MTC device identity information are as IMEI in negotiation solicited message.
Step 302:MTC server, according to the G-ID in negotiation request message, in the corresponding relation database of G-ID and the Ks-NAF self preserved, checks whether the Ks-NAF used.If there is no the Ks-NAF used, the Bootstrapping initialization information that MTC server is not set up to the application key that MTC device feedback G-ID is corresponding.
Perform between step 303:MTC equipment and BSF and guide authentication process (be embodied as prior art herein, repeat no more), MTC device and BSF carry out the certification of MTC device by AKA agreement, generate application key K s-NAF.Guiding the final stage of authentication, BSF sets up the corresponding relation of G-ID and Ks-NAF.The corresponding relation of G-ID and Ks-NAF is administered and maintained by BSF.
A G-ID can only set up corresponding relation with a Ks-NAF at most.The mapping table of a G-ID and Ks-NAF is shown in the MTC device group being designated G-ID has at least a MTC device to communicate with MTC server at use Ks-NAF.
Perform secure association procedure between step 304:MTC equipment and MTC server, make MTC device and MTC server sharing application key K s-NAF, then MTC server obtains Ks-NAF to BSF request; MTC server is set up and is preserved the corresponding relation of G-ID and Ks-NAF.Wherein, secure association procedure is prior art, repeats no more herein.
Can be specifically that the corresponding relation of G-ID and Ks-NAF is kept in a database by MTC server.MTC server manages and safeguards the corresponding relation database of G-ID and Ks-NAF.Using all conversation ends of Ks-NAF or Ks-NAF to after date, MTC server deletes the corresponding relation of G-ID and Ks-NAF in a database.
Fig. 4 is MTC group device application Authentication theory schematic flow sheet of the present invention, comprising:
Certain MTC device in step 401:MTC equipment group sends negotiation request message to MTC server; At the group identity information consulting to comprise in solicited message MTC device if the subscriber identity information of G-ID and MTC device is if the equipment identity information of IMSI and MTC device is as IMEI.
Step 402:MTC server, according to the G-ID in negotiation request message, in the corresponding relation database of G-ID and the Ks-NAF self preserved, checks whether the Ks-NAF used.If there is the Ks-NAF used, the Bootstrapping initialization information that MTC server has been set up to the application key that MTC device feedback G-ID is corresponding.
The Bootstrapping initialization information that the application key that step 403:MTC equipment is corresponding according to the G-ID received has been set up, to BSF transmission request information, the group identity information comprising MTC device in solicited message is if the subscriber identity information of G-ID and MTC device is if the equipment identity information of IMSI and MTC device is as IMEI.
Perform authentication process (it is embodied as prior art, repeats no more) with MTC device after step 404:BSF receives solicited message, and determine that this MTC device is the member of the MTC device group being designated G-ID.
Step 405: after authentication is passed through, BSF sends to MTC device after being encrypted by the group key Kg that G-ID is corresponding by Ks-NAF corresponding for G-ID.
Step 406:MTC device decrypts is directly communicated with MTC server by Ks-NAF after obtaining Ks-NAF.
In order to realize said method, present invention also offers a kind of application key management system of MTC group device, as shown in Figure 2, comprising: the MTC device of Subscriber Identity Module, BSF and MTC server are installed; Wherein,
MTC device, for knowing there be the application key corresponding with the group identity information of self just in use, sends a request message to BSF, obtains application key; And use application key to set up with MTC server and communicate;
BSF, for after receiving request message, sends to MTC device by application key;
MTC server, communicates for using application key to set up with MTC device.
Wherein, the group identity information of MTC device and the subscriber identity information of MTC device and the equipment identity information of MTC device is carried in request message;
Group identity information is: group mark G-ID; The mark of G-ID MTC device group belonging to MTC device;
The subscriber identity information of MTC device is MTC User Identity; MTC User Identity is IMSI;
The equipment identity information of MTC device is MTC device identify label; MTC device identify label is IMEI.
BSF, also for before send to MTC device after receiving solicited message, by application key, performs authentication process with MTC device, determines that MTC device is the member of the MTC device group being designated G-ID; Also send to MTC device for the application key that the G-ID self preserved is corresponding; And be encrypted sending to the application key of MTC device by the group key that G-ID is corresponding.
MTC device, also for sending negotiation request message to MTC server; G-ID, MTC User Identity and the MTC device identify label of MTC device is carried in negotiation request message;
MTC server, also for according to the G-ID in negotiation request message, when checking the application key used in the corresponding relation database of the G-ID that self preserves with application key, to MTC device feedback initialization information;
Accordingly, MTC device also has the application key corresponding with the group identity information of self to use for knowing according to initial message.
MTC device, also for knowing not corresponding with the group identity information of self application key according to initial message just in use, performing with BSF and guiding authentication process, generates application key; After guiding authentication process completes, perform secure association procedure with MTC server;
Accordingly, BSF, also for after generation application key, arranges the lifetime of application key, and preserves the corresponding relation of the application key of G-ID and generation;
Accordingly, MTC server, also for performing in secure association procedure, obtains application key to BSF request, sets up and preserves G-ID and the corresponding relation applying key.
MTC server, also for when all conversation ends of use application key or the lifetime of application key are to after date, deletes G-ID and the corresponding relation applying key.
Wherein, this system can also comprise HSS, the authorization data in the Subscriber Identity Module of main store M TC equipment, as the Ki etc. in SIM card, assist BSF to complete above-mentioned and MTC device authentication, verification process, wherein authentication, verification process are prior art, repeat no more herein.
The above, be only preferred embodiment of the present invention, be not intended to limit protection scope of the present invention.
Claims (16)
1. an application key management method for MTC group device, is characterized in that, be applied to the system of machine type communication MTC device, guide service function BSF and the MTC server composition being provided with Subscriber Identity Module, the method comprises:
Described MTC device is known has the application key corresponding with the group identity information of self just in use, sends a request message to described BSF;
After described BSF receives described request message, described application key is sent to described MTC device;
Described MTC device uses described application key to set up with described MTC server and communicates.
2. the application key management method of MTC group device according to claim 1, it is characterized in that, in described request message, carry described group of identity information of described MTC device and the subscriber identity information of described MTC device and the equipment identity information of described MTC device.
3. the application key management method of MTC group device according to claim 2, is characterized in that,
Described group of identity information is: group mark G-ID; The mark of described G-ID MTC device group belonging to described MTC device;
The subscriber identity information of described MTC device is MTC User Identity; Described MTC User Identity is international mobile subscriber identity IMSI;
The equipment identity information of described MTC device is MTC device identify label; Described MTC device identify label is International Mobile Equipment Identity code IMEI.
4. the application key management method of MTC group device according to claim 3, is characterized in that,
Before described application key is sent to described MTC device by described BSF, the method also comprises: perform authentication process with described MTC device after described BSF receives described request information, and determines that described MTC device is the member of the MTC device group being designated described G-ID;
Described application key is sent to described MTC device by described BSF, specifically comprises: the described application key that the described G-ID that self preserves by described BSF is corresponding sends to described MTC device.
5. the application key management method of MTC group device according to claim 4, it is characterized in that, the method also comprises: described BSF is encrypted sending to the described application key of described MTC device by the group key that described G-ID is corresponding.
6. the application key management method of MTC group device according to claim 5, it is characterized in that, described MTC device is known has the application key corresponding with the group identity information of self to use, and specifically comprises:
Described MTC device sends negotiation request message to described MTC server; Described group of mark G-ID, described MTC User Identity and described MTC device identify label of described MTC device is carried in described negotiation request message;
Described MTC server, according to the described G-ID in described negotiation request message, when checking the application key used in the corresponding relation database of the G-ID that self preserves with application key, feeds back initialization information to described MTC device;
Described MTC device knows have the application key corresponding with the group identity information of self to use according to described initial message.
7. the application key management method of MTC group device according to claim 6, it is characterized in that, the method also comprises: described MTC server is according to the described G-ID in described negotiation request message, when checking the application key do not used in the corresponding relation database of the G-ID that self preserves with application key, to described MTC device feedback initialization information;
According to described initial message, described MTC device knows that the application key corresponding with the group identity information of self does not use.
8. the application key management method of MTC group device according to claim 7, is characterized in that, described MTC device knows corresponding with the group identity information of self application key just in use according to described initial message, and the method also comprises:
Described MTC device and described BSF perform and guide authentication process, generate application key; Described BSF preserves the corresponding relation of the described application key of described G-ID and generation;
Described MTC device and described MTC server perform secure association procedure, and described MTC server obtains described application key to BSF request;
Described MTC server is set up and is preserved the corresponding relation of described G-ID and described application key.
9. the application key management method of MTC group device according to claim 8, it is characterized in that, the method also comprises: described BSF arranges the lifetime of described application key.
10. the application key management method of MTC group device according to claim 9, is characterized in that,
When the lifetime of all conversation ends or described application key that use described application key is to after date, described MTC server deletes the corresponding relation of described G-ID and described application key.
The application key management system of 11. 1 kinds of MTC group device, is characterized in that, comprising: be provided with the MTC device of Subscriber Identity Module, guide service function BSF and MTC server; Wherein,
Described MTC device, for knowing there be the application key corresponding with the group identity information of self just in use, sending a request message to described BSF, obtaining described application key; And use described application key to set up with described MTC server to communicate;
Described BSF, for after receiving described request message, sends to described MTC device by described application key;
Described MTC server, to set up with described MTC device for using described application key and communicates.
12., according to the application key management system of MTC group device described in claim 11, is characterized in that,
Described group of identity information of described MTC device and the subscriber identity information of described MTC device and the equipment identity information of described MTC device is carried in described request message;
Described group of identity information is: group mark G-ID; The mark of described G-ID MTC device group belonging to described MTC device;
The subscriber identity information of described MTC device is MTC User Identity; Described MTC User Identity is IMSI;
The equipment identity information of described MTC device is MTC device identify label; Described MTC device identify label is IMEI.
13., according to the application key management system of MTC group device described in claim 12, is characterized in that,
Described BSF, also for before send to described MTC device after receiving described request information, by described application key, performs authentication process with described MTC device, determines that described MTC device is the member of the MTC device group being designated described G-ID; Also send to described MTC device for the described application key that the described G-ID self preserved is corresponding; And be encrypted sending to the described application key of described MTC device by the group key that described G-ID is corresponding.
14., according to the application key management system of MTC group device described in claim 13, is characterized in that,
Described MTC device, also for sending negotiation request message to described MTC server; Described group of mark G-ID, described MTC User Identity and described MTC device identify label of described MTC device is carried in described negotiation request message;
Described MTC server, also for according to the described G-ID in described negotiation request message, when checking the application key used in the corresponding relation database of the G-ID that self preserves with application key, to described MTC device feedback initialization information;
Accordingly, described MTC device also has the application key corresponding with the group identity information of self to use for knowing according to described initial message.
15., according to the application key management system of MTC group device described in claim 14, is characterized in that,
Described MTC device, also for knowing not corresponding with the group identity information of self application key according to described initial message just in use, performing with described BSF and guiding authentication process, generates application key; After described guiding authentication process completes, perform secure association procedure with described MTC server;
Accordingly, described BSF, also for after the described application key of generation, arranges the lifetime of described application key, and preserves the corresponding relation of the described application key of described G-ID and generation;
Accordingly, described MTC server, also in execution secure association procedure, obtains described application key to described BSF request, sets up and preserves the corresponding relation of described G-ID and described application key.
16., according to the application key management system of MTC group device described in claim 15, is characterized in that,
Described MTC server, also for when all conversation ends of the described application key of use or the lifetime of described application key are to after date, deletes the corresponding relation of described G-ID and described application key.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010579213.6A CN102572818B (en) | 2010-12-08 | 2010-12-08 | A kind of application key management method of MTC group device and system |
| PCT/CN2011/077440 WO2012075814A1 (en) | 2010-12-08 | 2011-07-21 | Method and system for application key management for mtc group devices |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010579213.6A CN102572818B (en) | 2010-12-08 | 2010-12-08 | A kind of application key management method of MTC group device and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102572818A CN102572818A (en) | 2012-07-11 |
| CN102572818B true CN102572818B (en) | 2016-02-10 |
Family
ID=46206589
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010579213.6A Expired - Fee Related CN102572818B (en) | 2010-12-08 | 2010-12-08 | A kind of application key management method of MTC group device and system |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN102572818B (en) |
| WO (1) | WO2012075814A1 (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103813309B (en) * | 2012-11-15 | 2019-03-29 | 中兴通讯股份有限公司 | Safety communicating method, apparatus and system between a kind of MTC device based on SIP |
| CN104581704B (en) * | 2013-10-25 | 2019-09-24 | 中兴通讯股份有限公司 | A kind of method and network entity for realizing secure communication between equipment for machine type communication |
| CN104661171B (en) * | 2013-11-25 | 2020-02-28 | 中兴通讯股份有限公司 | Small data secure transmission method and system for MTC (machine type communication) equipment group |
| CN104980269A (en) * | 2014-04-03 | 2015-10-14 | 华为技术有限公司 | Secret key sharing method, device and system |
| CN105792095A (en) * | 2014-12-23 | 2016-07-20 | 中兴通讯股份有限公司 | Secret key negotiation method and system for MTC (Machine Type Communication) packet communication and network entity |
| CN106162515B (en) * | 2015-04-14 | 2020-07-07 | 中兴通讯股份有限公司 | Method, device and system for machine type communication safety communication |
| CN108616354B (en) * | 2018-04-27 | 2021-10-26 | 北京信息科技大学 | Key negotiation method and device in mobile communication |
| GB2579574B (en) * | 2018-12-03 | 2021-08-11 | Advanced Risc Mach Ltd | Bootstrapping with common credential data |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101325583A (en) * | 2007-06-15 | 2008-12-17 | 华为技术有限公司 | Method for registering gateway address and mobility management entity |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101442742B (en) * | 2008-12-12 | 2011-04-20 | 华为技术有限公司 | Method, system and equipment for implementing end-to-end encipher of mobile cluster set call |
| CN101895858B (en) * | 2009-05-20 | 2014-11-05 | 华为技术有限公司 | Location update strategy acquisition, location update reject and paging methods and equipment |
| CN101860807A (en) * | 2010-05-05 | 2010-10-13 | 工业和信息化部电信传输研究所 | Managing and communication establishing method of M2M terminal device group and device |
-
2010
- 2010-12-08 CN CN201010579213.6A patent/CN102572818B/en not_active Expired - Fee Related
-
2011
- 2011-07-21 WO PCT/CN2011/077440 patent/WO2012075814A1/en active Application Filing
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101325583A (en) * | 2007-06-15 | 2008-12-17 | 华为技术有限公司 | Method for registering gateway address and mobility management entity |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102572818A (en) | 2012-07-11 |
| WO2012075814A1 (en) | 2012-06-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102572818B (en) | A kind of application key management method of MTC group device and system | |
| CN102469455B (en) | Based on equipment for machine type communication group management method and the system of universal guiding structure | |
| EP2750424B1 (en) | Method, device and system for binding mtc device and uicc | |
| US9241260B2 (en) | Key sharing method and system for machine type communication (MTC) server | |
| CN102036222B (en) | Method and system for changing M2M equipment selected home operator | |
| CN102215560B (en) | Method and system for managing M2M (machine to machine) terminal | |
| CN102469458B (en) | Group authentication method in a kind of M2M communication and system | |
| CN102202389B (en) | A kind of method and system gateway being realized to management | |
| CN102076124B (en) | System, method and equipment for changing signature data | |
| EP2744250B1 (en) | Method and apparatus for binding universal integrated circuit card and machine type communication device | |
| EP3076695B1 (en) | Method and system for secure transmission of small data of mtc device group | |
| CN102026149A (en) | Method and system for changing selected home operators of M2M equipment | |
| CN103024719A (en) | Mobility management entity (MME) selection method and MME selection system for terminal group | |
| CN102026193A (en) | System and method for providing machine communication identity module for machine to machine equipment (M2ME) | |
| CN104349311A (en) | Key establishment method and system used for small-data transmission of machine-type communication | |
| CN104936306A (en) | Method for establishing small data safe transmission connection of MTC equipment set, HSS and system | |
| CN102869015B (en) | A kind of method and system of MTC device triggering | |
| CN101540985B (en) | Method for implementing terminal zero intervention charging of WAPI system | |
| CN104581704A (en) | Method for secure communication between MTC (Machine Type Communication) devices and network entity | |
| CN108133142A (en) | A kind of mobile device remote connection and the method for manipulation PC machine | |
| CN102025496B (en) | System and method for providing machine communication identity module for machine to machine equipment | |
| CN103581895A (en) | Triggering method and system based on MTC device group | |
| CN102938891A (en) | Method and system for achieving offline triggering of machine type communication (MTC) device | |
| CN102857899B (en) | A kind of connection control method and system of MTC device | |
| CN102202390B (en) | A kind of method and system that wireless sensor node is realized management |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20160210 Termination date: 20201208 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |