WO2014177106A1 - Procédé et système de contrôle d'accès au réseau - Google Patents
Procédé et système de contrôle d'accès au réseau Download PDFInfo
- Publication number
- WO2014177106A1 WO2014177106A1 PCT/CN2014/079248 CN2014079248W WO2014177106A1 WO 2014177106 A1 WO2014177106 A1 WO 2014177106A1 CN 2014079248 W CN2014079248 W CN 2014079248W WO 2014177106 A1 WO2014177106 A1 WO 2014177106A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- identification information
- unique identification
- terminal device
- network
- network management
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 230000006870 function Effects 0.000 description 8
- 238000004590 computer program Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 4
- 238000004891 communication Methods 0.000 description 2
- 238000007781 pre-processing Methods 0.000 description 2
- 230000010354 integration Effects 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/70—Admission control; Resource allocation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/069—Authentication using certificates or pre-shared keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/40—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using virtualisation of network functions or resources, e.g. SDN or NFV entities
Definitions
- the present invention relates to network access control technologies, and in particular, to a network access control method and system. Background technique
- wireless base stations in the era of LTE (Long Term Evolution), will deploy large number of small base stations (Small Cell) on a large scale in order to improve coverage. ), the Backhaul network that Small Cell reaches the core network is mostly deployed in the enterprise and user's home. Instead of going through the carrier's proprietary bearer network, the public transport network is selected to connect to the carrier's core network. The access security requirements of the accessed Small Cell are very high, and unauthorized base stations are not allowed to access their own core network.
- the 3rd Generation Partnership Project (3GPP) recommends the use of IPSec (IP Security) technology to secure communication between the base station and the core network, while the base station and security gateway (SeGW, Security Gateway) Identity authentication technology is generally based on digital certificate authentication.
- IPSec IP Security
- SeGW Security Gateway
- IP Security IP Security
- the base station and security gateway SeGW, Security Gateway
- the IPSec protocol can solve the need for authentication and encryption of the two parties, it cannot solve the scenario where the digital certificate is stolen and then masqueraded as a legitimate user. In this way, if someone steals the digital certificate, the security gateway can be bypassed to access the core network. Authorized access or attack.
- the main purpose of the embodiments of the present invention is to provide a network access control method and system, which can improve the security and legality of a terminal accessing a network, and is compatible with more key associations.
- Negotiation can improve the security and legality of a terminal accessing a network, and is compatible with more key associations.
- the embodiment of the present invention provides a network access control method, where the method includes: the security authentication device receives the unique identification information of the terminal device; the security authentication device performs the digital certificate authentication on the terminal device; after the digital certificate authentication is passed, the terminal is The unique identification information of the device is authenticated, and the access authority of the terminal is determined.
- the method further includes: the network management device storing the unique identification information of each legal terminal device in batches, and establishing a unique identification information database.
- the security authentication device receives the unique identification information of the terminal device, and includes: obtaining the unique identification information of the terminal device from the IKE message from the terminal device.
- the authenticating the unique identification information of the terminal device, determining the access rights of the terminal includes:
- the security authentication device parses the received IKE packet, obtains the unique identifier information of the terminal device in the IKE packet, and sends the obtained unique identifier information to the network management device; the network management device pre-stores the unique identifier information received by the network management device. The unique identification information of each legal terminal device is matched. After the matching is successful, it is confirmed that the terminal device is allowed to access the network.
- the unique identification information is a device unique identifier (Device ID) and/or a source IP address.
- the embodiment of the present invention further provides a network access control system, where the system includes: a terminal device, a security authentication device, and a network management device;
- the terminal device is configured to send its unique identification information to the security authentication device;
- the security authentication device is configured to perform digital certificate authentication on the terminal device;
- the network management device is configured to authenticate the unique identification information of the terminal device and determine the access rights of the terminal device.
- the security authentication device is further configured to receive and parse the unique identifier of the terminal device. After the digital certificate is verified, the unique identification information that is parsed is sent to the network management device.
- the network management device is further configured to store the unique identification information of each legal terminal device in batches, and establish a database of unique identification information.
- the network management device is further configured to retrieve a unique identifier information database according to the received unique identifier information, and match the received unique identifier information with the unique identifier information stored in the unique identifier information database, if the matching succeeds And determining to allow the terminal device to access the network; otherwise, determining to reject the terminal device from accessing the network.
- Embodiments of the present invention also provide a computer storage medium in which computer executable instructions are stored, the computer executable instructions being used to perform the above method.
- the terminal device sends its own unique identification information to the security authentication device, and the security authentication device performs digital certificate authentication on the terminal device; after the digital certificate authentication is passed, the terminal device The unique identification information is authenticated, and the access authority of the terminal is determined.
- the terminal accessing the network has a valid identity, thereby improving the security and legality of the terminal accessing the network.
- the IKE technology involved in the embodiment of the present invention can be compatible with the Internet Key Exchange Protocol version 2 (IKEv2). , Internet key exchange version 2 ), and compatible with Internet Key Exchange Protocol version 1 ( IKEvl , Internet key exchange version 1 ).
- FIG. 1 is a schematic flowchart of a basic implementation of a network access control method according to an embodiment of the present invention
- FIG. 2 is a schematic flowchart of a network access control method according to an embodiment of the present invention
- FIG. 4 is a schematic structural diagram of a network access control system according to an embodiment of the present invention. detailed description
- the terminal device sends the unique identification information of the terminal to the security authentication device; the security authentication device performs the digital certificate authentication on the terminal device; after the digital certificate authentication is passed, the unique identification information of the terminal device is authenticated, and the terminal is determined. Access rights to the device.
- the terminal device can place its unique identification information in the internet key exchange.
- IKE Internet key exchange
- the IKE packet may be the IKEv2 version of the packet
- Determining the unique identification information of the terminal device, and determining the access authority of the terminal device includes: the security authentication device parses the received IKE packet, obtains the unique identifier information of the terminal device in the IKE packet, and obtains the unique identifier information.
- the identification information is sent to the network management device, and the network management device matches the unique identification information with the unique identification information of each legal terminal device that is pre-stored by the network management device. After the matching is successful, the terminal device is allowed to access the network.
- the terminal device may be a small cell (Small Cell); the unique identifier information may be a device unique identifier (Device ID) and/or a source IP address of the terminal device; the security authentication device may be secure.
- a gateway or a high-end router; the network management device can be a server or a computer having a network management function.
- the network access control method includes:
- Step 101 The terminal device sends its own unique identification information to the security authentication device.
- the unique identifier information may include one or more types, and may be a Device ID and/or a source IP address.
- the terminal device sends its own unique identification information to the security authentication device, specifically: the terminal device places its unique identification information in the IKE packet and sends the information to the security authentication device.
- the IKE packet is actually The application can be an IKEv2 version of the packet. Either the IKEvl version of the message;
- the method further includes: the network management device stores the unique identifier information of each legal terminal device in batches, and establishes a unique identifier information database, so as to subsequently access the terminal device requesting access. Perform a secure authentication of uniquely identified information.
- the security authentication device may be a security gateway or a high-end router
- the network management device may be a server or a computer having a network management function
- the terminal device may be a Small CelL
- Step 102 The security authentication device performs digital certificate authentication on the terminal device. After the digital certificate authentication is passed, the unique identification information of the terminal device is authenticated, and the access rights of the terminal device are determined.
- the security authentication device performs the digital certificate authentication on the terminal device as follows: The security authentication device performs IKE negotiation with the terminal device, and first performs digital certificate authentication on the terminal device.
- the device authenticates the unique identification information of the terminal device, and determines the access authority of the terminal device, which is: the security authentication device parses the received IKE packet, and obtains the unique identifier information of the terminal device in the IKE packet, and obtains the obtained
- the unique identification information is sent to the network management device, and the network management device matches the unique identification information with the unique identification information of each legal terminal device that is pre-stored by the network management device. After the matching is successful, the terminal device is allowed to access the network.
- the unique identifier information is a Device ID
- the terminal device is a Small Cell
- the security authentication device is a security gateway
- Step 201 The network management device stores the Device ID of each legal Small Cell in batches, and establishes a unique identification information database.
- the network management device may be a server or a computer having a network management function; this step is a pre-processing, and may be entered at any time before the terminal device accesses the network. Row.
- Step 202 When the small cell needs to access the network, the device ID is filled in the IKE packet and sent to the security gateway.
- the IKE packet is in the IKE packet.
- Step 203 The security gateway performs IKE negotiation with the Small Cell, first performs digital certificate authentication on the Small Cell, and determines whether the authentication is passed. If the authentication passes, step 204 is performed; otherwise, step 208 is executed to end the current processing flow.
- Step 204 The security gateway parses the Device ID from the IKE message, and parses the
- the Device ID is sent to the network management device.
- Steps 205 to 207 The network management device searches the unique identifier information database, and matches the received device ID with the unique identifier information stored in the unique identifier information database to determine whether the matching is successful. If the matching is successful, the access authority of the Small Cell is determined. To allow the Small Cell to access the core network; otherwise, determine the access right of the Small Cell to reject the Small Cell access to the core network, and perform step 208 to end the current processing flow.
- FIG. 3 is a schematic flowchart of a network access control method according to another embodiment of the present invention.
- the unique identifier information is a device ID and a source IP address
- the terminal device is a Small Cell
- the security authentication device is Security gateway;
- the method for the network access control includes:
- Step 301 The network management device stores the Device ID and the source IP address of each legal Small Cell in batches, and establishes a unique identification information database.
- the network management device may be a server or a computer having a network management function. This step is a pre-processing, and may be performed at any time before the terminal device accesses the network. Step 302: When the small cell needs to access the network, the device ID and the source IP address are filled in the IKE packet and sent to the security gateway.
- the device ID is filled in the IKE file: the Device ID is filled in the ID payload field in the IKE message according to the format recommended by the 3GPP; the source IP address is filled in the IKE message: according to the format recommended by the 3GPP The source IP address is in the source IP address field of the IKE packet.
- the IKE packet can be the IKEv2 version.
- Step 303 The security gateway performs IKE negotiation with the Small Cell, first performs digital certificate authentication on the Small Cell, and determines whether the authentication is passed. If the authentication is passed, step 304 is performed; otherwise, step 308 is performed to end the current processing flow.
- Step 304 The security gateway parses the device ID and the source IP address from the IKE packet, and sends the resolved device ID and source IP address to the network management device.
- Steps 305-307 The network management device searches the unique identifier information database, and matches the received device ID and the source IP address with the unique identifier information stored in the unique identifier information database to determine whether the matching is successful. If the matching is successful, determine the Small Cell. The access permission is to allow the Small Cell to access the core network; otherwise, the access right of the Small Cell is determined to be denied access to the core network by the Small Cell, and step 308 is executed to end the current processing flow.
- embodiments of the present invention can be applied to, but not limited to, a plurality of communication scenarios of the Small Cell, and the same applies to an Asymmetric Digital Subscriber Line (ADSL) application scenario of the broadband access.
- ADSL Asymmetric Digital Subscriber Line
- the network access control system includes: a terminal device 40, a security authentication device 41, and a network management device 42;
- the terminal device 40 is configured to send its own unique identification information to the security authentication device 41.
- the sending is: filling the unique identification information of the user into the IKE packet;
- the security authentication device 41 is configured as the terminal device. 40 certification of digital certificates;
- the network management device 42 is configured to authenticate the unique identification information of the terminal device 40, and determine the access authority of the terminal device 40.
- the security authentication device 41 is further configured to receive and parse the unique identification information of the terminal device 40, and send the parsed unique identification information to the network management device 42 after confirming that the digital certificate authentication is passed;
- the security authentication device 41 is further configured to perform IKE negotiation with the terminal device 40.
- the network management device 42 is further configured to store the unique identification information of each legal terminal device in batches, and establish a database of unique identification information.
- the network management device 42 is further configured to retrieve the unique identifier information database according to the received unique identifier information, and match the received unique identifier information with the unique identifier information stored in the unique identifier information database, and if the matching is successful, determine Allowing the terminal device to access the network; No, it is determined that the terminal device is denied access to the network;
- the unique identifier information may be a device ID and/or a source IP address; the security authentication device may be a security gateway or a high-end router; the network management device may be a server or a computer having a network management function; The device can be a Small Cell.
- the embodiment of the present invention further provides a computer storage medium, wherein computer executable instructions are stored, and the computer executable instructions are used to execute the method described in the foregoing embodiments.
- Each of the above units may be implemented by a central processing unit (CPU), a digital signal processor (DSP) or a Field-Programmable Gate Array (FPGA) in the electronic device.
- CPU central processing unit
- DSP digital signal processor
- FPGA Field-Programmable Gate Array
- embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention can take the form of a hardware embodiment, a software embodiment, or a combination of software and hardware aspects. Moreover, the invention can take the form of a computer program product embodied on one or more computer usable storage media (including but not limited to disk storage and optical storage, etc.) in which computer usable program code is embodied.
- the present invention has been described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (system), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or FIG.
- These computer program instructions can be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing device to produce a machine for the execution of instructions for execution by a processor of a computer or other programmable data processing device.
- the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
- the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
- These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
- the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Le présent mode de réalisation de l'invention concerne un procédé de contrôle d'accès au réseau comprenant les étapes suivantes: un dispositif de sécurité et d'authentification reçoit une information d'identification unique du terminal, et le dispositif d'authentification et de sécurité procède à une authentification par certificat numérique pour le terminal; après l'authentification par certificat numérique, l'information d'identification unique du terminal et les permissions d'accès du terminal sont déterminées. L'invention concerne en outre un système de contrôle d'accès au réseau, comprenant : un terminal configuré pour transmettre ses propres informations d'identification uniques à un dispositif d'authentification et de sécurité; un dispositif d'authentification et de sécurité configuré pour réaliser une authentification par certificat numérique pour le terminal, un dispositif de gestion de réseau configuré pour authentifier l'information d'identification unique du terminal et pour déterminer les permissions d'accès du terminal.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310461292.4A CN104518874A (zh) | 2013-09-26 | 2013-09-26 | 一种网络接入控制方法和系统 |
CN201310461292.4 | 2013-09-26 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2014177106A1 true WO2014177106A1 (fr) | 2014-11-06 |
Family
ID=51843180
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2014/079248 WO2014177106A1 (fr) | 2013-09-26 | 2014-06-05 | Procédé et système de contrôle d'accès au réseau |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN104518874A (fr) |
WO (1) | WO2014177106A1 (fr) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105847234A (zh) * | 2016-03-11 | 2016-08-10 | 中国联合网络通信集团有限公司 | 可疑终端接入预警方法、网关管理平台及网关设备 |
CN115086085A (zh) * | 2022-08-19 | 2022-09-20 | 南京华盾电力信息安全测评有限公司 | 一种新能源平台终端安全接入认证方法及系统 |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106454836B (zh) * | 2015-08-06 | 2021-12-31 | 中兴通讯股份有限公司 | 一种增强设备证书使用安全的方法及装置 |
CN106603461A (zh) * | 2015-10-14 | 2017-04-26 | 阿里巴巴集团控股有限公司 | 一种业务认证的方法、装置和系统 |
CN109379354A (zh) * | 2018-10-10 | 2019-02-22 | 小雅智能平台(深圳)有限公司 | 一种绑定智能设备的方法、装置和系统 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1863048A (zh) * | 2005-05-11 | 2006-11-15 | 中兴通讯股份有限公司 | 用户与接入设备间因特网密钥交换协商方法 |
CN101064611A (zh) * | 2006-04-24 | 2007-10-31 | 维豪信息技术有限公司 | 基于注册和呼叫控制的应用整合方法 |
WO2013109417A2 (fr) * | 2012-01-18 | 2013-07-25 | Zte Corporation | Identité et informations de client ike notarisées par l'intermédiaire d'une prise en charge de données utiles de configuration ike |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN200941622Y (zh) * | 2006-06-19 | 2007-08-29 | 福建星网锐捷网络有限公司 | 一种网络认证授权系统及使用的交换机 |
CN101656738B (zh) * | 2009-09-22 | 2012-10-03 | 中兴通讯股份有限公司 | 一种对接入网络的终端进行验证的方法和装置 |
CN102984173B (zh) * | 2012-12-13 | 2017-02-22 | 迈普通信技术股份有限公司 | 网络接入控制方法及系统 |
-
2013
- 2013-09-26 CN CN201310461292.4A patent/CN104518874A/zh active Pending
-
2014
- 2014-06-05 WO PCT/CN2014/079248 patent/WO2014177106A1/fr active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1863048A (zh) * | 2005-05-11 | 2006-11-15 | 中兴通讯股份有限公司 | 用户与接入设备间因特网密钥交换协商方法 |
CN101064611A (zh) * | 2006-04-24 | 2007-10-31 | 维豪信息技术有限公司 | 基于注册和呼叫控制的应用整合方法 |
WO2013109417A2 (fr) * | 2012-01-18 | 2013-07-25 | Zte Corporation | Identité et informations de client ike notarisées par l'intermédiaire d'une prise en charge de données utiles de configuration ike |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105847234A (zh) * | 2016-03-11 | 2016-08-10 | 中国联合网络通信集团有限公司 | 可疑终端接入预警方法、网关管理平台及网关设备 |
CN105847234B (zh) * | 2016-03-11 | 2018-11-20 | 中国联合网络通信集团有限公司 | 可疑终端接入预警方法、网关管理平台及网关设备 |
CN115086085A (zh) * | 2022-08-19 | 2022-09-20 | 南京华盾电力信息安全测评有限公司 | 一种新能源平台终端安全接入认证方法及系统 |
Also Published As
Publication number | Publication date |
---|---|
CN104518874A (zh) | 2015-04-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10601594B2 (en) | End-to-end service layer authentication | |
CN107079007B (zh) | 用于基于证书的认证的方法、装置和计算机可读介质 | |
US10638321B2 (en) | Wireless network connection method and apparatus, and storage medium | |
US9131378B2 (en) | Dynamic authentication in secured wireless networks | |
US8694782B2 (en) | Wireless authentication using beacon messages | |
JP4824813B2 (ja) | アプリケーションの認証 | |
WO2017028593A1 (fr) | Procédé pour amener un dispositif d'accès à un réseau à accéder à un point d'accès à un réseau sans fil, dispositif d'accès à un réseau, serveur d'application et support de stockage lisible par ordinateur non volatil | |
EP3328108A1 (fr) | Procédé d'authentification, procédé de ré-authentification et appareil de communication | |
US11451959B2 (en) | Authenticating client devices in a wireless communication network with client-specific pre-shared keys | |
WO2016077007A1 (fr) | Fourniture de certificat pour authentification sur un réseau | |
TW201644291A (zh) | 用於使用特定於應用的網路存取身份碼來進行到無線網路的受贊助連接的設備和方法(一) | |
JP2013534754A (ja) | 通信システムにおいて加入者認証とデバイス認証とをバインドするための方法および装置 | |
TW201644292A (zh) | 用於使用特定於應用的網路存取身份碼來進行到無線網路的受贊助連接的設備和方法(二) | |
JP2012503945A (ja) | Homenode−b装置およびセキュリティプロトコル | |
WO2014180198A1 (fr) | Procédé, système et dispositif d'accès d'un terminal et support de stockage informatique | |
CN110545252B (zh) | 一种认证和信息保护的方法、终端、控制功能实体及应用服务器 | |
CN107005534A (zh) | 安全连接建立 | |
KR20120091635A (ko) | 통신 시스템에서 인증 방법 및 장치 | |
WO2014177106A1 (fr) | Procédé et système de contrôle d'accès au réseau | |
US20150249639A1 (en) | Method and devices for registering a client to a server | |
WO2012171284A1 (fr) | Procédé et dispositif d'authentification par un tiers et carte à puce prenant en charge une authentification bidirectionnelle | |
Matos et al. | Secure hotspot authentication through a near field communication side-channel | |
WO2017020530A1 (fr) | Procédé, dispositif et système d'authentification de certificat de réseau local sans fil (wlan) améliorés | |
WO2019196794A1 (fr) | Dispositif et procédé d'authentification, et support de stockage lisible par ordinateur | |
WO2017020546A1 (fr) | Procédé et appareil de vérification de dispositif d'accès à un réseau |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 14791892 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 14791892 Country of ref document: EP Kind code of ref document: A1 |