CN1996840A - WAPI-based wireless LAN operation method - Google Patents

WAPI-based wireless LAN operation method Download PDF

Info

Publication number
CN1996840A
CN1996840A CNA2006101053764A CN200610105376A CN1996840A CN 1996840 A CN1996840 A CN 1996840A CN A2006101053764 A CNA2006101053764 A CN A2006101053764A CN 200610105376 A CN200610105376 A CN 200610105376A CN 1996840 A CN1996840 A CN 1996840A
Authority
CN
China
Prior art keywords
portable terminal
wap
access point
wireless access
certificate
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CNA2006101053764A
Other languages
Chinese (zh)
Other versions
CN100448196C (en
Inventor
张变玲
曹军
赖晓龙
马奔腾
马向辰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Iwncomm Co Ltd
China Mobile Group Design Institute Co Ltd
Original Assignee
China Iwncomm Co Ltd
China Mobile Group Design Institute Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Iwncomm Co Ltd, China Mobile Group Design Institute Co Ltd filed Critical China Iwncomm Co Ltd
Priority to CNB2006101053764A priority Critical patent/CN100448196C/en
Publication of CN1996840A publication Critical patent/CN1996840A/en
Priority to PCT/CN2007/071370 priority patent/WO2008080351A1/en
Application granted granted Critical
Publication of CN100448196C publication Critical patent/CN100448196C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Small-Scale Networks (AREA)

Abstract

This invention relates to one wireless local operation method based on WAPI, which comprises the following steps: 21, interface controller identifies the mobile terminal account information; 22, servo gives out mobile terminal authorization information according to the account information result to exchange mobile terminal and network data.

Description

A kind of wireless LAN operation method based on WAPI
Technical field
The present invention relates to the WLAN (wireless local area network) field, especially a kind of wireless LAN operation method based on WAPI.
Background technology
WLAN (wireless local area network) WLAN (Wireless Local Area Network) is with flexibility, agility and the extensibility of its framework, and development in recent years has been widely used in hot zones operation, enterprise, industry and family field rapidly.
For WLAN (wireless local area network), safety is most important.In May, 2003, China issued WLAN (wireless local area network) standard GB 15629.11 and GB15629.1102, and this is the standard of China's first batch of promulgation in the WLAN (wireless local area network) field.2006, the WLAN (wireless local area network) national standard is revised single GB15629.11-2003/XG1-2006 and other correlator item standards GB15629.1101, GB/T15629.1103 and GB15629.1104 for No. 1 and is is also issued and implemented, and has begun to take shape WLAN (wireless local area network) national standard system.Comprised brand-new WAPI (WLAN Authentication and PrivacyInfrastructure) security mechanism in the standards system, this security mechanism is made up of WAI (WLAN AuthenticationInfrastructure) and WPI (WLAN Privacy Infrastructure) two parts.
WAPI provides based on the authentication of certificate and wildcard and cryptographic key negotiation method, and this method can provide very high fail safe, guarantees that legal users inserts legal network, the data security on the protection Radio Link.
When WLAN used under operating environment, authentication and charging had very confidential relation.Charging is to carry out on the basis of authentication, there has been ripe separately authentication and accounting mode in operators at present, but these modes not necessarily can and be revised the certificate verification that defines in the list for No. 1 with standard GB 15629.11 and merge, how mating these ripe authentication and accounting modes and standard GB 15629.11 and revise the certificate verification that defines in the list No. 1, is one of key issue of WLAN operation.
Present authentication mechanism (as Radius) is only realized the unilateral authentication of network to the user, realizes functions such as chargings on the basis of authentication, and this authentication and accounting mode is effective, promptly more suitable under cable environment under the safer situation of link.But and very dangerous, these authentication and accounting modes directly are applied in the WLAN (wireless local area network) bigger safety problem can occur to the WLAN (wireless local area network) link owing to its opening flag.
Summary of the invention
The present invention is authentication and the method for charging and the incompatible technical problem of authentication method of standard GB 15629.11 and No. 1 single regulation of modification thereof that operator is used for wireless LAN operation in the solution background technology, and a kind of also present multiple authentication of using of support of national standard, wireless LAN operation method based on WAPI of charging method of meeting is provided.
Technical solution of the present invention is: the present invention is a kind of wireless LAN operation method based on WAPI, and its special character is: this method comprises link level authenticating step and account information authenticating step,
Described account information authenticating step is as follows:
21) access controller authenticates the account information of portable terminal;
22) server provides the portable terminal authentication information according to the account information authentication result, and portable terminal and network carry out the exchange of information data, and promptly portable terminal can accesses network.
Described link level authenticating step is as follows:
1) certificate issued of portable terminal and WAP (wireless access point) build-in services device;
2) when portable terminal need be visited LAN (local area network (LAN)), at first be associated to WAP (wireless access point), set up link and connect by portable terminal;
3) after portable terminal was associated to WAP (wireless access point), WAP (wireless access point) sent to portable terminal and differentiates Active Frame, the startup verification process;
4) portable terminal and WAP (wireless access point) are carried out certificate verification according to GB GB15629.11 and No. 1 single regulation of modification thereof by server;
5) if certificate verification is successful, portable terminal and WAP (wireless access point) are carried out session key agreement, and WAP (wireless access point) is announced multicast key to portable terminal;
6) WAP (wireless access point) allows portable terminal to insert;
Above-mentioned steps 4) concrete steps of certificate verification are as follows in:
4.1) portable terminal send to insert differentiates request to WAP (wireless access point), wherein comprises the certificate of portable terminal;
4.2) WAP (wireless access point) sends request of certificate authentication to server, wherein comprises the certificate of portable terminal and WAP (wireless access point);
4.3) server verifies the certificate of portable terminal and WAP (wireless access point), and return certificate to WAP (wireless access point) and differentiate response, wherein comprise the identification result of portable terminal and WAP (wireless access point) certificate;
4.4) the portable terminal certificate identification result that returns according to server of WAP (wireless access point) determines whether to allow this portable terminal to insert, and send to insert to portable terminal and differentiate response;
4.5) portable terminal is according to insert differentiating that the certificate identification result to WAP (wireless access point) of server in the response determines whether to insert this WAP (wireless access point), if then proceed to step 5), otherwise finishes.
Above-mentioned link level authenticating step also can be following steps:
1) portable terminal is provided with identical wildcard with WAP (wireless access point);
2) when portable terminal needs accesses network, at first be associated to WAP (wireless access point) by portable terminal, set up link and connect;
3) after portable terminal was associated to WAP (wireless access point), portable terminal and WAP (wireless access point) were carried out session key agreement, and WAP (wireless access point) is announced multicast key to portable terminal;
4) WAP (wireless access point) allows portable terminal to insert.
Above-mentioned steps 21) access controller authenticates as follows to the account information of portable terminal in: finish when the certificate verification stage, during user's browse network, system ejects webpage automatically, the prompting user imports username and password, server is according to username and password checking user's identity, and according to the visit of authentication result Control Network, if authentication success, the portable terminal addressable network.
Above-mentioned steps 21) access controller authenticates as follows to the account information of portable terminal in: finish when the certificate verification stage, portable terminal utilizes the information in the SIM card, carry out authentication and session key agreement by certificate server and WAP (wireless access point), and according to the visit of authentication result Control Network, if authentication success, portable terminal can accesses network.
The present invention differentiates to be two separate processes by separating link level authentication and user class identity; the link level authentication is used to protect the safety of Radio Link access; the user class identity is differentiated management services such as being used for mandate and charging; make WLAN (wireless local area network) can be used as the expansion of original Operation Network; and make the operation management of WLAN (wireless local area network) and original Operation Network consistent, so the present invention has the following advantages:
1, meets national standard.The present invention adopts the safe access technology that meets national standard at the link level verification process, can realize that bidirectional identification is differentiated between user and the network, again can with management system compatibilities such as original mandate, charging, it meets the regulation of GB GB15629.11-2003, GB15629.11-2003/XG1-2006 and subitem standard thereof fully.
2, safe.The present invention adopts the safe access technology that meets national standard at the link level verification process, utilization is based on the certificate mechanism of public key cryptography system, really realized the two-way authentication between portable terminal (MT) and WAP (wireless access point) (AP), satisfy operator fully to the requirement that safety inserts, make the fail safe of Radio Link be guaranteed; And it is equal to wire link; except the safety access and data communication of protection Radio Link; can also protect the information of follow-up user account authentication phase effectively; in the user account information authentication phase; network is further verified the mobile terminal user identity; whether the control portable terminal can accesses network, and charges according to authentication result control accesses network and to customer access network, so the present invention is safe.
3, the present invention can continue to use present existing authentification of user charging way, and flexibility is good, after WAP (wireless access point) sets certificate, need not the aaa server on backstage is provided with again, and installs, networking is convenient, can be used for the operation in areas such as large-scale focus.
Embodiment
The present invention includes link level authenticating step and account information authenticating step, when the present invention was used for WAPI based on certificate, its link level authenticating step was as follows:
1) certificate issued of portable terminal and WAP (wireless access point) build-in services device;
2) when portable terminal needs accesses network, at first be associated to WAP (wireless access point) by portable terminal, set up link and connect;
3) after portable terminal was associated to WAP (wireless access point), WAP (wireless access point) sent to portable terminal and differentiates Active Frame, the startup verification process;
4) portable terminal and WAP (wireless access point) are carried out certificate verification according to GB GB15629.11 and No. 1 single regulation of modification thereof by server;
4.1) portable terminal send to insert differentiates request to WAP (wireless access point), wherein comprises the certificate of portable terminal;
4.2) WAP (wireless access point) sends request of certificate authentication to server, wherein comprises the certificate of portable terminal and WAP (wireless access point);
4.3) server verifies the certificate of portable terminal and WAP (wireless access point), and return certificate to WAP (wireless access point) and differentiate response, wherein comprise the identification result of portable terminal and WAP (wireless access point) certificate;
4.4) the portable terminal certificate identification result that returns according to server of WAP (wireless access point) determines whether to allow this portable terminal to insert, and send to insert to portable terminal and differentiate response;
4.5) portable terminal is according to insert differentiating that the certificate identification result to WAP (wireless access point) of server in the response determines whether to insert this WAP (wireless access point), if then proceed to step 5), otherwise finishes.
5) if certificate verification is successful, portable terminal and WAP (wireless access point) are carried out session key agreement, and WAP (wireless access point) is announced multicast key to portable terminal;
6) WAP (wireless access point) allows portable terminal to insert;
When the present invention was used for WAPI based on wildcard, its link level authenticating step was as follows:
1) portable terminal is provided with identical wildcard with WAP (wireless access point);
2) when portable terminal needs accesses network, at first be associated to WAP (wireless access point) by portable terminal, set up link and connect;
3) after terminal was associated to WAP (wireless access point), portable terminal and WAP (wireless access point) were carried out session key agreement, and WAP (wireless access point) is announced multicast key to portable terminal;
4) access point allows portable terminal to insert.
No matter be based on certificate and also be based on wildcard, its account information authenticating step is as follows:
21) access controller authenticates the account information of portable terminal;
22) server provides the portable terminal authentication information according to the account information authentication result, and portable terminal and network carry out the exchange of information data, and promptly portable terminal can accesses network.
Step 21 wherein) access controller authenticates as follows to the account information of portable terminal in: finish when the certificate verification stage, during user's browse network, system ejects webpage automatically, the prompting user imports username and password, server is according to username and password checking user's identity, and according to the visit of authentication result Control Network, if authentication success, the portable terminal addressable network.
Access controller also can authenticate as follows to the account information of portable terminal in the step 21: finish when the certificate verification stage, portable terminal utilizes the information in the SIM card, carry out authentication and session key agreement by certificate server and WAP (wireless access point), and according to the visit of authentication result Control Network, if authentication success, portable terminal can accesses network.
Explanation of nouns:
1, portable terminal (MT): the terminal that wireless network adapter is installed.
2, WAP (wireless access point) (AP): the equipment that the network insertion service is provided for portable terminal.
3, server (AS): provide identity to differentiate the network entity of service and certificate management functions.
4, access controller (AC): the network equipment that customer access network is provided access control.
5, SIM: subscriber identification module.

Claims (6)

1, a kind of wireless LAN operation method based on WAPI is characterized in that: this method comprises link level authenticating step and account information authenticating step,
Described account information authenticating step is as follows:
21) access controller authenticates the account information of portable terminal;
22) server provides the portable terminal authentication information according to the account information authentication result, and portable terminal and network carry out the exchange of information data, and promptly portable terminal can accesses network.
2, the wireless LAN operation method based on WAPI according to claim 1 is characterized in that: described link level authenticating step is as follows:
1) certificate issued of portable terminal and WAP (wireless access point) build-in services device;
2) when portable terminal needs accesses network, at first be associated to WAP (wireless access point) by portable terminal, set up link and connect;
3) after portable terminal was associated to WAP (wireless access point), WAP (wireless access point) sent to portable terminal and differentiates Active Frame, the startup verification process;
4) portable terminal and WAP (wireless access point) are carried out certificate verification according to GB GB 15629.11 and No. 1 single regulation of modification thereof by server;
5) if certificate verification is successful, portable terminal and WAP (wireless access point) are carried out session key agreement, and WAP (wireless access point) is announced multicast key to portable terminal;
6) WAP (wireless access point) allows portable terminal to insert;
3, the wireless LAN operation method based on WAPI according to claim 1 is characterized in that: described link level authenticating step is as follows:
1) portable terminal is provided with identical wildcard with WAP (wireless access point);
2) when portable terminal needs accesses network, at first be associated to WAP (wireless access point) by portable terminal, set up link and connect;
3) after portable terminal was associated to WAP (wireless access point), portable terminal and WAP (wireless access point) were carried out session key agreement, and WAP (wireless access point) is announced multicast key to portable terminal;
4) WAP (wireless access point) allows portable terminal to insert.
4, method of runing according to claim 2 based on the WAPI standard of certificate, it is characterized in that: the concrete steps of certificate verification are as follows in the described step 4):
4.1) portable terminal send to insert differentiates request to WAP (wireless access point), wherein comprises the certificate of portable terminal;
4.2) WAP (wireless access point) sends request of certificate authentication to server, wherein comprises the certificate of portable terminal and WAP (wireless access point);
4.3) server verifies the certificate of portable terminal and WAP (wireless access point), and return certificate to WAP (wireless access point) and differentiate response, wherein comprise the identification result of portable terminal and WAP (wireless access point) certificate;
4.4) the portable terminal certificate identification result that returns according to server of WAP (wireless access point) determines whether to allow this portable terminal to insert, and send to insert to portable terminal and differentiate response;
4.5) portable terminal is according to insert differentiating that the certificate identification result to WAP (wireless access point) of server in the response determines whether to insert this WAP (wireless access point), if then proceed to step 5), otherwise finishes.
5, according to claim 1 or 2 or 3 or 4 described methods of runing based on the WAPI standard of certificate, it is characterized in that: access controller authenticates as follows to the account information of portable terminal described step 21): finish when the certificate verification stage, during user's browse network, system ejects webpage automatically, the prompting user imports username and password, server is according to username and password checking user's identity, and according to the visit of authentication result Control Network, if authentication success, the portable terminal addressable network.
6, according to claim 1 or 2 or 3 or 4 described methods of runing based on the WAPI standard of certificate, it is characterized in that: access controller authenticates as follows to the account information of portable terminal described step 21): finish when the certificate verification stage, portable terminal utilizes the information in the SIM card, carry out authentication and session key agreement by certificate server and WAP (wireless access point), and according to the visit of authentication result Control Network, if authentication success, portable terminal can accesses network.
CNB2006101053764A 2006-12-29 2006-12-29 WAPI-based wireless LAN operation method Expired - Fee Related CN100448196C (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CNB2006101053764A CN100448196C (en) 2006-12-29 2006-12-29 WAPI-based wireless LAN operation method
PCT/CN2007/071370 WO2008080351A1 (en) 2006-12-29 2007-12-28 Wireless local network operation method based on wapi

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2006101053764A CN100448196C (en) 2006-12-29 2006-12-29 WAPI-based wireless LAN operation method

Publications (2)

Publication Number Publication Date
CN1996840A true CN1996840A (en) 2007-07-11
CN100448196C CN100448196C (en) 2008-12-31

Family

ID=38251795

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2006101053764A Expired - Fee Related CN100448196C (en) 2006-12-29 2006-12-29 WAPI-based wireless LAN operation method

Country Status (2)

Country Link
CN (1) CN100448196C (en)
WO (1) WO2008080351A1 (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008080351A1 (en) * 2006-12-29 2008-07-10 China Iwncomm Co., Ltd. Wireless local network operation method based on wapi
WO2010096998A1 (en) * 2009-02-27 2010-09-02 西安西电捷通无线网络通信股份有限公司 Method for realizing convergent wapi network architecture with split mac mode
WO2010096995A1 (en) * 2009-02-27 2010-09-02 西安西电捷通无线网络通信股份有限公司 Method for realizing convergent wapi network architecture with separate mac mode
CN101562811B (en) * 2009-05-14 2011-04-06 西安西电捷通无线网络通信股份有限公司 STA roaming switching method when WPI is finished by WTP in convergence type WLAN and system thereof
CN102006671A (en) * 2009-08-31 2011-04-06 中兴通讯股份有限公司 System and method for realizing call forwarding
CN101662766B (en) * 2009-09-25 2012-09-05 中国电信股份有限公司 Method for realizing WAPI and centralized access controller device
WO2013189389A2 (en) * 2012-11-26 2013-12-27 中兴通讯股份有限公司 Method, system and device for sharing authentication of wireless local area network
US8819778B2 (en) 2009-05-14 2014-08-26 China Iwncomm Co., Ltd. Method and system for switching station in centralized WLAN when WPI is performed by access controller
US9015331B2 (en) 2009-02-27 2015-04-21 China Iwncomm Co., Ltd. Method for implementing a convergent wireless local area network (WLAN) authentication and privacy infrastructure (WAPI) network architecture in a local MAC mode
WO2017020530A1 (en) * 2015-07-31 2017-02-09 宇龙计算机通信科技(深圳)有限公司 Enhanced wlan certificate authentication method, device and system
CN110071916A (en) * 2019-04-10 2019-07-30 苏州浪潮智能科技有限公司 A kind of LAN safety authentication method and device
CN113316149A (en) * 2021-06-04 2021-08-27 广东电网有限责任公司 Identity security authentication method, device, system, wireless access point and medium
WO2021238769A1 (en) * 2020-05-27 2021-12-02 西安西电捷通无线网络通信股份有限公司 Digital certificate installation method and device

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102006590A (en) 2009-09-03 2011-04-06 中兴通讯股份有限公司 System and method for realizing direct communication between WAPI (Wireless LAN Authentication and Privacy Infrastructure) terminals
CN107623668A (en) 2016-07-16 2018-01-23 华为技术有限公司 A kind of method for network authorization, relevant device and system

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1297107C (en) * 2003-03-31 2007-01-24 华为技术有限公司 Key distribution method based on preshared key
CN100373843C (en) * 2004-03-23 2008-03-05 中兴通讯股份有限公司 Key consaltation method in radio LAN
CN1564524A (en) * 2004-03-26 2005-01-12 中兴通讯股份有限公司 Method of radio terminal charging fee in radio LAN
CN1674497A (en) * 2004-03-26 2005-09-28 华为技术有限公司 Certification method for WLAN terminal switching in mobile network
CN100365981C (en) * 2004-05-17 2008-01-30 华为技术有限公司 A charging method based on WLAN authentication and privacy infrastructure certificate
CN1805441B (en) * 2005-11-23 2011-01-05 西安电子科技大学 Integrated WLAN authentication architecture and method of implementing structural layers
CN100388664C (en) * 2005-12-16 2008-05-14 西安电子科技大学 Access method for realizing WLAN multi mode safety identification
CN100448196C (en) * 2006-12-29 2008-12-31 西安西电捷通无线网络通信有限公司 WAPI-based wireless LAN operation method

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008080351A1 (en) * 2006-12-29 2008-07-10 China Iwncomm Co., Ltd. Wireless local network operation method based on wapi
US8813199B2 (en) 2009-02-27 2014-08-19 China Iwncomm Co., Ltd. Method for realizing convergent WAPI network architecture with separate MAC mode
WO2010096998A1 (en) * 2009-02-27 2010-09-02 西安西电捷通无线网络通信股份有限公司 Method for realizing convergent wapi network architecture with split mac mode
WO2010096995A1 (en) * 2009-02-27 2010-09-02 西安西电捷通无线网络通信股份有限公司 Method for realizing convergent wapi network architecture with separate mac mode
US9015331B2 (en) 2009-02-27 2015-04-21 China Iwncomm Co., Ltd. Method for implementing a convergent wireless local area network (WLAN) authentication and privacy infrastructure (WAPI) network architecture in a local MAC mode
KR101276154B1 (en) * 2009-02-27 2013-06-18 차이나 아이더블유엔콤 씨오., 엘티디 Method for realizing convergent wapi network architecture with split mac mode
US8855018B2 (en) 2009-02-27 2014-10-07 China Iwncomm Co., Ltd. Method for realizing convergent WAPI network architecture with split MAC mode
CN101562811B (en) * 2009-05-14 2011-04-06 西安西电捷通无线网络通信股份有限公司 STA roaming switching method when WPI is finished by WTP in convergence type WLAN and system thereof
US8819778B2 (en) 2009-05-14 2014-08-26 China Iwncomm Co., Ltd. Method and system for switching station in centralized WLAN when WPI is performed by access controller
US8750521B2 (en) 2009-05-14 2014-06-10 China Iwncomm Co., Ltd. Method and system for station switching when wireless terminal point completes WPI in convergent WLAN
CN102006671A (en) * 2009-08-31 2011-04-06 中兴通讯股份有限公司 System and method for realizing call forwarding
CN101662766B (en) * 2009-09-25 2012-09-05 中国电信股份有限公司 Method for realizing WAPI and centralized access controller device
WO2013189389A3 (en) * 2012-11-26 2014-02-13 中兴通讯股份有限公司 Method, system and device for sharing authentication of wireless local area network
WO2013189389A2 (en) * 2012-11-26 2013-12-27 中兴通讯股份有限公司 Method, system and device for sharing authentication of wireless local area network
WO2017020530A1 (en) * 2015-07-31 2017-02-09 宇龙计算机通信科技(深圳)有限公司 Enhanced wlan certificate authentication method, device and system
CN110071916A (en) * 2019-04-10 2019-07-30 苏州浪潮智能科技有限公司 A kind of LAN safety authentication method and device
WO2021238769A1 (en) * 2020-05-27 2021-12-02 西安西电捷通无线网络通信股份有限公司 Digital certificate installation method and device
CN113316149A (en) * 2021-06-04 2021-08-27 广东电网有限责任公司 Identity security authentication method, device, system, wireless access point and medium
CN113316149B (en) * 2021-06-04 2023-05-12 广东电网有限责任公司 Identity security authentication method, device, system, wireless access point and medium

Also Published As

Publication number Publication date
CN100448196C (en) 2008-12-31
WO2008080351A1 (en) 2008-07-10

Similar Documents

Publication Publication Date Title
CN100448196C (en) WAPI-based wireless LAN operation method
KR100645512B1 (en) Apparatus and method for authenticating user for network access in communication
CN101150594B (en) Integrated access method and system for mobile cellular network and WLAN
CN100417274C (en) Certificate based authentication authorization accounting scheme for loose coupling interworking
US7607013B2 (en) Method and apparatus for access authentication in wireless mobile communication system
JP4624785B2 (en) Interworking function in communication system
US20040162105A1 (en) Enhanced general packet radio service (GPRS) mobility management
CN1805441B (en) Integrated WLAN authentication architecture and method of implementing structural layers
CN103716795A (en) Wireless network safe access method, apparatus and system
WO2012094841A1 (en) Network access method, apparatus and system
CN105894627A (en) Bluetooth access control equipment and bluetooth access control management system and method
CN107409307A (en) Wireless house access network automatically configures
CN102869014A (en) Terminal and data communication method
CN101296138B (en) Wireless terminal configuration generating method, system and device
CN104467923A (en) Apparatus interacting method, apparatus and system
CN100512111C (en) The method for realizing WAPI-based WLAN operation via the classified terminal certificate
JP2023162296A (en) Non-3GPP device access to core network
CN100512110C (en) The method for realizing WAPI-based WLAN operation via a terminal certificate
EP1927254B1 (en) Method and a device to suspend the access to a service
WO2013170814A2 (en) Mobile terminal with built-in pppoe dialing function and dialing method thereof
CN109743716A (en) A kind of Wireless LAN Verification System and method based on NFC
CN102104872A (en) Method, device and system for securely accessing WAPI network
CN106332303A (en) Method and device for building connection
CN105792104A (en) Authentication method, authentication system, and route device
KR101046450B1 (en) Web Authentication Introduction System and Method in Wireless LAN

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C56 Change in the name or address of the patentee

Owner name: XI'AN IWNCOMM CO., LTD.

Free format text: FORMER NAME: XIDIAN JIETONG WIRELESS NETWORK COMMUNICATION CO LTD, XI'AN

CP01 Change in the name or title of a patent holder

Address after: High tech Zone technology two road 710075 Shaanxi city of Xi'an Province, No. 68 Xi'an Software Park A201

Co-patentee after: CHINA MOBILE GROUP DESIGN INSTITUTE Co.,Ltd.

Patentee after: CHINA IWNCOMM Co.,Ltd.

Address before: High tech Zone technology two road 710075 Shaanxi city of Xi'an Province, No. 68 Xi'an Software Park A201

Co-patentee before: CHINA MOBILE GROUP DESIGN INSTITUTE Co.,Ltd.

Patentee before: CHINA IWNCOMM Co.,Ltd.

CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20081231

Termination date: 20211229