CN105142097A - Method and system for realizing terminal access - Google Patents
Method and system for realizing terminal access Download PDFInfo
- Publication number
- CN105142097A CN105142097A CN201510509451.2A CN201510509451A CN105142097A CN 105142097 A CN105142097 A CN 105142097A CN 201510509451 A CN201510509451 A CN 201510509451A CN 105142097 A CN105142097 A CN 105142097A
- Authority
- CN
- China
- Prior art keywords
- terminal
- mobile communication
- gateway
- authentication code
- access mark
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a method and system for realizing terminal access. The method comprises: a mobile communication gateway is used as a relay gateway in an IOT (Internet of Thing) network; and the method further comprises: an access identifier and authentication code for mobile communication are distributed to a terminal through the relay gateway; and the terminal performs authentication and data encryption through the distributed access identifier and authentication code. According to the method disclosed by the invention, the mobile communication gateway is used as the relay gateway; the access identifier and the authentication code for mobile communication are distributed to the terminal, so that data encryption is performed; on the premise of ensuring low power consumption and low cost of an IOT terminal, the data transmission safety of an IOT is improved; authentication is performed through the access identifier and the authentication code for mobile communication; and the network deployment complexity is reduced.
Description
Technical field
The present invention relates to technology of Internet of things, espespecially a kind of method and system realizing terminal access.
Background technology
Low cost and low-power consumption are two advantages of technology of Internet of things, and short distance wireless technical can meet the requirement of technology of Internet of things on cost and power consumption.At present, in Internet of Things network, M2M terminal realizes network insertion by gateway after connecting based on short-distance wireless such as WIFI or Zigbee.This terminal access method, M2M terminal is by after convergence to gateway, and gateway can obtain the cleartext information converging transfer; In addition, short distance wireless technical exempts to authorize frequency range, and fail safe is poor, for ensureing that data security needs to arrange user authentication information, adds network design cost, more artificial participation also makes network design more complicated.
Summary of the invention
In order to solve the problems of the technologies described above, the invention provides a kind of method and system realizing terminal access, under Internet of Things low cost and low-power consumption prerequisite can be ensured, improve internet security, reduce network design cost and simplified network deployment.
In order to reach the object of the invention, the invention provides a kind of method realizing terminal access, in Internet of Things network, using mobile communication gateway as Tandem Gateway, comprising:
By access mark and authentication code that Tandem Gateway is terminal distribution mobile communication;
Terminal by distribute access mark and authentication code carry out authentication and data encryption.
Further, before the access mark of terminal distribution mobile communication and authentication code, the method also comprises:
Terminal room short-range wireless communication protocol is converted to mobile communication protocol by described Tandem Gateway.
Further, carry out data encryption comprise by the access mark of distributing and authentication code:
Terminal by distribute access mark and authentication code in network layer, data are encrypted.
Further, mobile communication gateway is:
G mobile communication 3G gateway or forth generation mobile communication technology 4G gateway.
On the other hand, the application also provides a kind of system realizing terminal access, comprising: Tandem Gateway and some terminals; Wherein,
Tandem Gateway is mobile communication gateway, for being the access mark of terminal distribution mobile communication and authentication code;
Terminal, carries out authentication and data encryption for the access mark by distributing and authentication code.
Further, Tandem Gateway also for, before the access mark of terminal distribution mobile communication and authentication code, terminal room short-range wireless communication protocol is converted to mobile communication protocol.
Further, terminal specifically for, by distribute access mark and authentication code in network layer, data are encrypted.
Compared with prior art, technical scheme comprises: in Internet of Things network, using mobile communication gateway as Tandem Gateway, also comprises: the access mark and the authentication code that by Tandem Gateway are terminal distribution mobile communication; Terminal by distribute access mark and authentication code carry out authentication and data encryption.The inventive method, using mobile communication gateway as Tandem Gateway, for the access mark of terminal distribution mobile communication and authentication code carry out data encryption, under the prerequisite ensureing internet-of-things terminal low-power consumption and low cost, improves the fail safe of data transmission of internet of things; Carry out authentication by the access mark of mobile communication and authentication code, reduce the complexity of network design.
Accompanying drawing explanation
Accompanying drawing described herein is used to provide a further understanding of the present invention, and form a application's part, schematic description and description of the present invention, for explaining the present invention, does not form inappropriate limitation of the present invention.In the accompanying drawings:
Fig. 1 is the flow chart that the present invention realizes the method for terminal access;
Fig. 2 is the structure journey figure that the present invention realizes the system of terminal access;
Fig. 3 is that M2M terminal completes the flow chart of network registry by Tandem Gateway.
Embodiment
For making the object, technical solutions and advantages of the present invention clearly understand, hereinafter will be described in detail to embodiments of the invention by reference to the accompanying drawings.It should be noted that, when not conflicting, the embodiment in the application and the feature in embodiment can combination in any mutually.
Fig. 1 is the flow chart that the present invention realizes the method for terminal access, as shown in Figure 1, in Internet of Things network, using mobile communication gateway as Tandem Gateway, comprising:
Step 100, be access mark and the authentication code of terminal distribution mobile communication by Tandem Gateway;
Before the access mark of terminal distribution mobile communication and authentication code, the inventive method also comprises:
Terminal room short-range wireless communication protocol is converted to mobile communication protocol by Tandem Gateway.
It should be noted that, terminal room short-range wireless communication protocol is converted to the conventional techniques means that mobile communication protocol is those skilled in the art.The data that can WIFI agreement be used to report home appliance as home gateway are converted to mobile communication protocol, pass to background application server.
Step 101, terminal by distribute access mark and authentication code carry out authentication and data encryption.
In this step, carry out data encryption comprise by the access mark of distributing and authentication code:
Terminal by distribute access mark and authentication code in network layer, data are encrypted.
Mobile communication gateway is: G mobile communication (3G) gateway or forth generation mobile communication technology (4G) gateway.
It should be noted that, mobile communication gateway can also be the gateway of the communication technology of transition between 3G gateway or 4G gateway, also can be the new gateway of evolution development, or, meet the gateway of other communication technologys of data transmission of internet of things requirement.
The inventive method, using mobile communication gateway as Tandem Gateway, for the access mark of terminal distribution mobile communication and authentication code carry out data encryption, under the prerequisite ensureing internet-of-things terminal low-power consumption and low cost, improves the fail safe of data transmission of internet of things; Carry out authentication by the access mark of mobile communication and authentication code, reduce the complexity of network design.
Fig. 2 is the structure journey figure that the present invention realizes the system of terminal access, as shown in Figure 2, comprising: Tandem Gateway and some terminals; Wherein,
Tandem Gateway is mobile communication gateway, for being the access mark of terminal distribution mobile communication and authentication code;
Terminal, carries out authentication and data encryption for the access mark by distributing and authentication code.
Terminal specifically for, by distribute access mark and authentication code in network layer, data are encrypted.
Tandem Gateway also for, before the access mark of terminal distribution mobile communication and authentication code, terminal room short-range wireless communication protocol is converted to mobile communication protocol.
Know detailed description below by way of specific embodiment to the inventive method, embodiment, only for stating the present invention, is not intended to limit the present invention the protection range of method.
Embodiment 1
The present embodiment realizes being described from paging, position updating process and network registration process to part embodiment of the present invention specific implementation process.
1, paging
MME sends beep-page message, this beep-page message paging M2M terminal, and carries the information of affiliated Tandem Gateway;
Base station (eNB) receives the beep-page message of paging M2M terminal that MME sends: the M2M terminal obtaining paging, and the information of Tandem Gateway belonging to M2M terminal;
After base station receives the beep-page message of MME transmission, send the message of paging Tandem Gateway, this message carries the information of M2M terminal.
Tandem Gateway receives the message of the paging Tandem Gateway that base station sends, and judges the information whether carrying M2M terminal in beep-page message; If had, the information according to the M2M terminal of carrying sends beep-page message to M2M terminal, and the paging according to M2M terminal configures, paging M2M terminal on M2M short-range radio link.
M2M terminal, according to the paging configuration of oneself, short-range radio link monitors beep-page message.
2, position updating process:
Tandem Gateway sends location area updating request (TAURequest) order, carries M2M end message in this order, and what instruction upgraded is the device authentication (TA) of M2M terminal.
Tandem Gateway forwards to M2M terminal the TAU received and receives Accept order.
3, network registration process
Fig. 3 is that M2M terminal completes the flow chart of network registry by Tandem Gateway, as shown in Figure 3,
Step 300 ~ step 305 certification connection procedure, if there is wireless heterogeneous networks (RRC) between Tandem Gateway and eNB to connect, then step 301 ~ 305 can be omitted, and use step 306b to send network insertion service (NAS) message; Otherwise, perform step 301 ~ 305, use step 306a to send NAS message;
In step 305, Tandem Gateway passes to M2M terminal the configuration of radio bearer (RB), makes M2M terminal that the configuration of RB can be used to transmit NAS message, so that Tandem Gateway uses same RB configuration to forward the NAS message of M2M terminal;
Step 306a, M2M terminal send connection request (Attachrequest) and common data connection request (PDNCONNECTIVITYREQUEST) to Tandem Gateway.
Step 306b, RRC connection establishment complete.
In step 306a or 306b, Tandem Gateway can indicate that current what carry out is the register flow path of M2M terminal;
Step 307, initialization terminal information.
Step 308, base station send identity (Identity), certification (Authentication), safety (Security) confirmation to M2M terminal.
The security process that step 308 is carried out, be between M2M terminal and network, Tandem Gateway can not obtain the key information of M2M terminal;
Step 309, identity environment set up request.
Step 310, base station are to M2M terminal transmitting terminal capability query.
Step 311, M2M terminal are to base station feedback terminal ability information.
Step 312, base station indicate to MME transmitting terminal ability information.
Step 313, M2M terminal send safe mode request (SecurityModeCommand) to base station.
Step 314, base station send safe mode to M2M terminal and confirm.
Step 315, base station send RRC to MME and connect reconstruct.
Step 316, M2M terminal send RRC and connect reconstruct confirmation to base station.
Step 317, base station send initialization context to mobile management entity and set up response (Initialcontextsetupresponse).
Step 318, M2M terminal send html tag information transmission (comprising AttachComplete, ActivatedefaultEPSbearercontextaccept) to base station.
Step 319, base station send up link (UPLINK) network insertion service (NAS) transmission to MME.
It should be noted that, after step 309, eNB to carry out eNB and S-GW between S1 carrying, and the mapping between the Data Radio Bearer (DRB) between Tandem Gateway and eNB, and above-mentioned S1 to carry with DRB be all that M2M terminal is relevant; Due to after step 314, security process is enabled, subsequent message Tandem Gateway can not read, step 315 can set up M2M carrying between M2M terminal and Tandem Gateway, but M2M terminal needs in step 316 relevant configuration to be sent to Tandem Gateway, so that set up the DRB of M2M terminal between Tandem Gateway and eNB, further, Tandem Gateway will set up the mapping of M2M carrying and DRB.
Although the execution mode disclosed by the present invention is as above, the execution mode that described content only adopts for ease of understanding the present invention, and be not used to limit the present invention.Those of skill in the art belonging to any the present invention; under the prerequisite not departing from the spirit and scope disclosed by the present invention; any amendment and change can be carried out in the form implemented and details; but scope of patent protection of the present invention, the scope that still must define with appending claims is as the criterion.
Claims (7)
1. realize a method for terminal access, it is characterized in that, in Internet of Things network, using mobile communication gateway as Tandem Gateway, comprising:
By access mark and authentication code that Tandem Gateway is terminal distribution mobile communication;
Terminal by distribute access mark and authentication code carry out authentication and data encryption.
2. method according to claim 1, is characterized in that, before the access mark of terminal distribution mobile communication and authentication code, the method also comprises:
Terminal room short-range wireless communication protocol is converted to mobile communication protocol by described Tandem Gateway.
3. method according to claim 1 and 2, is characterized in that, the described access mark by distribution and authentication code carry out data encryption and comprise:
Terminal by distribute access mark and authentication code in network layer, data are encrypted.
4. method according to claim 1, is characterized in that, described mobile communication gateway is:
G mobile communication 3G gateway or forth generation mobile communication technology 4G gateway.
5. realize a system for terminal access, it is characterized in that, comprising: Tandem Gateway and some terminals; Wherein,
Tandem Gateway is mobile communication gateway, for being the access mark of terminal distribution mobile communication and authentication code;
Terminal, carries out authentication and data encryption for the access mark by distributing and authentication code.
6. system according to claim 5, is characterized in that, described Tandem Gateway also for, before the access mark of terminal distribution mobile communication and authentication code, terminal room short-range wireless communication protocol is converted to mobile communication protocol.
7. system according to claim 1 and 2, is characterized in that, described terminal specifically for, by distribute access mark and authentication code in network layer, data are encrypted.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510509451.2A CN105142097A (en) | 2015-08-18 | 2015-08-18 | Method and system for realizing terminal access |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510509451.2A CN105142097A (en) | 2015-08-18 | 2015-08-18 | Method and system for realizing terminal access |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105142097A true CN105142097A (en) | 2015-12-09 |
Family
ID=54727279
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510509451.2A Pending CN105142097A (en) | 2015-08-18 | 2015-08-18 | Method and system for realizing terminal access |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105142097A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107566381A (en) * | 2017-09-12 | 2018-01-09 | 中国联合网络通信集团有限公司 | Equipment safety control method, apparatus and system |
| WO2018153362A1 (en) * | 2017-02-27 | 2018-08-30 | 华为技术有限公司 | Method for accessing internet-of-things platform, internet-of-things platform, and internet-of-things device |
| CN109041140A (en) * | 2018-07-09 | 2018-12-18 | 深圳绿米联创科技有限公司 | It is switched fast wireless network methods, Intelligent hardware and terminal device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102546699A (en) * | 2010-12-13 | 2012-07-04 | 中国移动通信集团广东有限公司 | Data transmission method and device for acquisition terminals |
| CN203241793U (en) * | 2013-04-18 | 2013-10-16 | 何惠彬 | Agriculture production monitoring and management system based on internet of things |
| CN203278885U (en) * | 2013-01-18 | 2013-11-06 | 无锡赛思汇智科技有限公司 | Gateway device between internet of things and mobile communication networks, and data interactive system |
| CN104601602A (en) * | 2015-02-26 | 2015-05-06 | 北京成众志科技有限公司 | Terminal device network security enhanced access and authentication method |
-
2015
- 2015-08-18 CN CN201510509451.2A patent/CN105142097A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102546699A (en) * | 2010-12-13 | 2012-07-04 | 中国移动通信集团广东有限公司 | Data transmission method and device for acquisition terminals |
| CN203278885U (en) * | 2013-01-18 | 2013-11-06 | 无锡赛思汇智科技有限公司 | Gateway device between internet of things and mobile communication networks, and data interactive system |
| CN203241793U (en) * | 2013-04-18 | 2013-10-16 | 何惠彬 | Agriculture production monitoring and management system based on internet of things |
| CN104601602A (en) * | 2015-02-26 | 2015-05-06 | 北京成众志科技有限公司 | Terminal device network security enhanced access and authentication method |
Non-Patent Citations (1)
| Title |
|---|
| 陈广泉等: "物联网网络架构演进研究", 《2012全国无线及移动通信学术大会论文集(上)》 * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018153362A1 (en) * | 2017-02-27 | 2018-08-30 | 华为技术有限公司 | Method for accessing internet-of-things platform, internet-of-things platform, and internet-of-things device |
| CN108512870A (en) * | 2017-02-27 | 2018-09-07 | 华为技术有限公司 | Access method, platform of internet of things and the internet of things equipment of platform of internet of things |
| CN108512870B (en) * | 2017-02-27 | 2020-10-23 | 华为技术有限公司 | Method for accessing Internet of things platform, Internet of things platform and Internet of things equipment |
| CN107566381A (en) * | 2017-09-12 | 2018-01-09 | 中国联合网络通信集团有限公司 | Equipment safety control method, apparatus and system |
| CN107566381B (en) * | 2017-09-12 | 2020-03-13 | 中国联合网络通信集团有限公司 | Equipment safety control method, device and system |
| CN109041140A (en) * | 2018-07-09 | 2018-12-18 | 深圳绿米联创科技有限公司 | It is switched fast wireless network methods, Intelligent hardware and terminal device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11606824B2 (en) | Network-initiated PDU session connection update method between terminal and network | |
| CN109891920B (en) | Layer 2 relay supporting coverage and resource constrained devices in wireless networks | |
| US20200304989A1 (en) | Method and apparatus for connecting a terminal to network based on applicable network information in mobile communication system | |
| CN108141751B (en) | Method for supporting lawful interception of remote proximity service (UE) in a network | |
| EP2903322B1 (en) | Security management method and apparatus for group communication in mobile communication system | |
| KR102115425B1 (en) | Apparatus and method for changing between default path and direct path in wireless communication system | |
| US20140126489A1 (en) | Managing operating parameters for communication bearers in a wireless network | |
| US11013051B2 (en) | Establishing or resuming a wireless communication connection in a wireless communication network | |
| KR20140135889A (en) | Method and apparatus for discovery of device-to-device communications | |
| EP3487260A1 (en) | Link establishment method and related device | |
| KR102164823B1 (en) | Service method for converged core network, universal control entity and converged core network system | |
| CN101990202B (en) | Method for updating user policy and application server | |
| KR20090016430A (en) | Method and apparatus for registering terminal in packet switching domain | |
| KR20180038716A (en) | Method for transferring sinmaling messages of the terminal between the network function | |
| WO2017209367A1 (en) | Method for performing authentication of terminal for each service in wireless communication system, and device therefor | |
| CN110754112B (en) | Network access method, mobility support method, and data transmission method and device | |
| KR20150051568A (en) | Security supporting method and system for proximity based service device to device discovery and communication in mobile telecommunication system environment | |
| US20230073658A1 (en) | Privacy protection for sidelink communications | |
| JP2019506762A (en) | Method for data transmission in inter-vehicle and road-to-vehicle communication systems | |
| CN105142097A (en) | Method and system for realizing terminal access | |
| KR20140096955A (en) | Method and apparatus for device to device communication | |
| CN104349497A (en) | UE proximity discovering method and device | |
| CN104581704A (en) | Method for secure communication between MTC (Machine Type Communication) devices and network entity | |
| CN106256110B (en) | House local breakout in communication system | |
| KR20180106780A (en) | Method for updating pdu session connection between terminal and network by the network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20151209 |