CN100388850C - Method of bidirectional authentication during subscriber switch in digital cellular mobile communication system - Google Patents

Method of bidirectional authentication during subscriber switch in digital cellular mobile communication system Download PDF

Info

Publication number
CN100388850C
CN100388850C CNB2003101040493A CN200310104049A CN100388850C CN 100388850 C CN100388850 C CN 100388850C CN B2003101040493 A CNB2003101040493 A CN B2003101040493A CN 200310104049 A CN200310104049 A CN 200310104049A CN 100388850 C CN100388850 C CN 100388850C
Authority
CN
China
Prior art keywords
base station
mobile subscriber
user
new
resh
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB2003101040493A
Other languages
Chinese (zh)
Other versions
CN1630405A (en
Inventor
谢宇
虞忠辉
赖增桂
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CETC 30 Research Institute
Original Assignee
CETC 30 Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CETC 30 Research Institute filed Critical CETC 30 Research Institute
Priority to CNB2003101040493A priority Critical patent/CN100388850C/en
Publication of CN1630405A publication Critical patent/CN1630405A/en
Application granted granted Critical
Publication of CN100388850C publication Critical patent/CN100388850C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The present invention discloses a method of bidirectional authentication during subscriber switch-in digital cellular mobile communication systems, which comprises a normal switching complete bidirection identification method and an emergency switching simple bidirection identification method in different sector of same base station and different base station of same dynamic field and normal switching complete bidirection identification method and an emergency switching simple bidirection identification method in different base stations of the same dynamic scope. The present invention has the advantages that owing to the bidirection identification between a user and a mobile user when the user exchange networks, the present invention realizes the secure communication in user exchange and effectively assures the benefits of the users and network operators.

Description

Bidirectional authentication method when digital cellular mobile communication systems user is switched
Technical field
The present invention relates in digital cellular mobile communication systems, a kind of of use moves when switching automatically the method that user and base station identity are carried out two-way discriminating the user.
Background technology
In the second generation and third generation digital cellular mobile communication systems, the authentication scheme that adopts during registration generally all is unidirectional, promptly a network enabled system does not support the discriminating of user to network system to user's discriminating, and the user may be subjected to palming off the attack of base station like this.And present digital cellular mobile communication systems all do not provide the switching authentication scheme when the user is switched.Therefore, when switching, the user is still existed bigger security breaches to network, common interest is protected effectively.
Summary of the invention
The objective of the invention is to: when solving digital cellular mobile communication systems and switching between user-network access registration and base station, the two-way discriminating problem between user and the network can be provided when providing a kind of user to switch by the bidirectional authentication method of user and secure communication of network.
The objective of the invention is by setting up following switching condition and implementing that following discrimination method realizes:
The condition of implementing to switch is: Radio Link is set up in the sector by base stations control between user and base station, establishes wired link by aaa server between the base station; Used session key SK is differentiated in communication, switches authentication arithmetic NT-A3, TN-A3 and has been stored in user side and base station end, and NT-A3 represents the authentication arithmetic of network to portable terminal, and TN-A3 represents the authentication arithmetic of portable terminal to network.
The bidirectional authentication method that digital cellular mobile communication systems user is switched includes: (A) the complete bidirectional authentication method of normal switching takes place when mobile in the mobile subscriber between different sectors in the administration of same base station; And the simple bidirectional authentication method that (B) promptly switches; (C) mobile subscriber occurs in the same dynamic domain the normal complete bidirectional authentication method that switches takes place when mobile between different base station; And the simple bidirectional authentication method that (D) promptly switches; Wherein:
(A) between the different sectors of mobile subscriber in the administration of same base station when mobile, the complete bidirectional authentication method of normal switching taking place, carries out as follows:
The user sends the two-way discriminating handoff request that enters new sector by old sector to the base station, and request message is encrypted, and the user produces one and differentiates random number RA NDH ' simultaneously, and it together is sent to the base station together with message;
Figure C20031010404900062
The base station sends two-way discriminating handoff response message by old sector to the mobile subscriber, and will utilize the user to differentiate random number RA NDH, session key SK, the user that network calculates the authentication arithmetic NT-A3 of portable terminal differentiates and replys RESH, differentiate that together with the network that network produces random number RA NDH ' is sent to the mobile subscriber, the mobile subscriber differentiates the user who receives and replys RESH, differentiate random number RA NDH with own by the user, session key SK, the user expectation that network calculates the authentication arithmetic NT-A3 of portable terminal differentiates that replying XRESH compares, finish discriminating to new sector, if unanimity then this sector be true, otherwise be vacation;
Figure C20031010404900063
The new handoff sectors of mobile subscriber is passed to authentication parameters such as the aerial working key WK of mobile subscriber's data, cryptographic algorithm in the base station;
Figure C20031010404900064
The mobile subscriber will differentiate random number RA NDH ' with network, SK, the network that NT-A3 calculates differentiates that replying RESH ' reports together with handover success, be sent to the base station by new sector, after receive the base station itself and the expectation of the network that oneself calculates are differentiated that replying XRESH ' compares, finish discriminating to the mobile subscriber, if unanimity then this user be very, can open the legitimate correspondence of mobile subscriber by new sector.
(B) the urgent simple bidirectional authentication method that switches between different sectors when mobile, takes place in the mobile subscriber in same base station, is undertaken by following step:
The mobile subscriber directly sends urgent handover report to the base station by new sector, user's discriminating of being calculated by the base station together with own registration of preserving the time is simultaneously replied RESH and is sent to the base station, after received the base station, the user expectation discriminating that the user calculates during with own registration of preserving with RESH was replied XRESH and is compared;
Figure C20031010404900066
If RESH is consistent with the XRESH comparative result, then new sector will be passed under the encryption parameters such as user's aerial datamation key WK and cryptographic algorithm in the base station, and the network discriminating that the user calculates during the registration that will preserve is simultaneously replied RESH ' and sent to the mobile subscriber;
Figure C20031010404900067
After the mobile subscriber receives network differentiated that the network expectation discriminating that calculates the base station when replying RESH ' with own registration of preserving replys XRESH ' and compare, if the result is consistent, think that the base station is a legitimate base station, can open the legitimate correspondence of mobile subscriber by new sector.
(C) the normal complete bidirectional authentication method that switches between different base station when mobile, takes place in the mobile subscriber in same dynamic domain, is undertaken by following step:
The mobile subscriber initiates handoff request between the base station by old sector to old base station, simultaneously the user is differentiated that random number RA NDH together sends to old base station;
Figure C20031010404900072
New base station is sent to the random number RA NDH that receives in old base station, authentication is initiated to mobile subscriber's registration base station in new base station, authentication is carried out at server A AA place, home to return in the registration base station, and authentication success is then registered the base station encryption parameters such as WK, SK, cryptographic algorithm are issued to new base station;
Figure C20031010404900073
New base station is issued new sector to encryption parameter;
New base station sends normal handoff response by new sector to the mobile subscriber, and the user that will utilize the user to differentiate that random number RA NDH, SK and NT-A3 calculate simultaneously differentiates and replys RESH, and the random number RA NDH ' that this base station produces sends to the mobile subscriber together:
Figure C20031010404900075
The mobile subscriber differentiates the user who receives and replys RESH and oneself use RANDH, the user expectation that SK and NT-A3 calculate differentiates that replying RESH compares, finish discriminating to new sector if the result is consistent, the mobile subscriber will normally be switched and be finished report, reach and use RANDH ', SK, the network that TN-A3 calculates differentiates that replying RESH ' sends to new base station by new sector, after receive new base station it being replied XRESH ' with the network expectation discriminating that oneself calculates compares, finish discriminating to the mobile subscriber, if unanimity then this user is true, can open the legitimate correspondence of mobile subscriber by new sector.
(D) the urgent simple bidirectional authentication method that switches between different base station when mobile, takes place in the mobile subscriber in same dynamic domain, is undertaken by following step:
Figure C20031010404900076
The mobile subscriber sends urgent handoff request by new base station to the registration base station, and the other side differentiates that replying RESH also sends to and register the base station during simultaneously together with own registration of preserving;
Figure C20031010404900077
Registration is after the base station receives, user expectation differentiates that replying XRESH compares during with own registration of preserving with RESH, and unanimity then comprises old base station the encryption parameter of WK, SK, cryptographic algorithm, and registers random number RA NDH as a result, and RANDH ' passes to new base station;
New sector is passed to encryption parameter in new base station;
Figure C20031010404900079
New base station sends urgent handover acknowledge by new sector to the mobile subscriber, and the user network discriminating is replied RESH ' and passed to the mobile subscriber during registration that also will preserve simultaneously;
Figure C200310104049000710
The mobile subscriber with the RESH ' that receives during with own registration of preserving network expectation discriminating reply XRESH ' and compare, unanimity then allows to use the new sector communication of base station as a result.
The invention has the advantages that: owing to solved in the digital cellular mobile communication systems, the user is two-way discriminating and the licensing issue between network and the user when switching, realize the secure communication the when user is switched, guaranteed user and network operator both sides' interests effectively.
Description of drawings
Two-way discrimination process schematic diagram when Fig. 1 is normal the switching in the same base station
Two-way discrimination process schematic diagram when Fig. 2 is urgent the switching in the same base station
Complete two-way discrimination process schematic diagram between different base station in same dynamic domain when Fig. 3 is normal the switching
Simple two-way discrimination process schematic diagram between different base station in same dynamic domain when Fig. 4 is urgent the switching
Fig. 5 is mobile communication system network figure
Embodiment
Bidirectional authentication method when digital cellular mobile communication systems user is switched, be to realize by the execution of differentiating software, this discriminating software is stored in the two ends of communicating pair respectively, concrete physical storage locations is: mobile subscriber such as mobile phone are stored in the SIM card, and the discriminating software of base station end is stored in the base station controller.Any one party can be initiated two-way discriminating request among the both sides, and the two-way discrimination process during switching is fast automatic finishing between mobile phone and base station controller and aaa server.
If the user takes machine by the hand when one of same base station work sector moves to another sector, switch dual of the present invention in the SIM cards of mobile phones is to differentiating that software and the two-way discriminating software of the present invention in the base station controller will carry out switching evaluator of the present invention fast, finishes the switching discrimination process automatically and do not influence proper communication.
Illustrate that below in conjunction with Fig. 1, Fig. 2 the user takes machine by the hand when one of same base station work sector moves to another sector, the two-way discriminating secure communication process of switching between mobile subscriber's mobile phone and base station.
When Fig. 1 has provided normal switching in same base station, when mobile phone user moves to another sector from a work sector, the two-way discriminating secure communication process that takes place between the machine of taking by the hand and base station:
Mark among Fig. 1
Figure C20031010404900081
Expression: mobile subscriber's mobile subscriber's mobile phone of definitely saying so, send the normal handoff request of two-way discriminating that enters new sector to the base station by old sector, request message is encrypted, and mobile subscriber's mobile phone produces one and differentiates random number RA NDH ' simultaneously, and it together is sent to the base station together with message;
Mark among Fig. 1
Figure C20031010404900082
Expression: the base station sends two-way discriminating handoff response message by old sector to mobile subscriber's mobile phone, and will utilize the user to differentiate random number RA NDH, session key SK, the user that network calculates the authentication arithmetic NT-A3 of portable terminal differentiates and replys RESH, differentiate that together with the network that network produces random number RA NDH ' is sent to mobile subscriber's mobile phone, mobile subscriber's mobile phone is differentiated the user who receives and is replied RESH, differentiate random number RA NDH with own by the user, session key SK, the user expectation that network calculates the authentication arithmetic NT-A3 of portable terminal differentiates that replying XRESH compares, finish discriminating to new sector, if comparative result unanimity then this sector is true, otherwise is false;
Mark among Fig. 1
Figure C20031010404900091
Expression:: the new handoff sectors of mobile subscriber's mobile phone is passed to authentication parameters such as the aerial working key WK of the data of mobile subscriber's mobile phone, cryptographic algorithm in the base station;
Mark among Fig. 1
Figure C20031010404900092
Expression: mobile subscriber's mobile phone will be differentiated random number RA NDH ' with network, SK, the network that NT-A3 calculates differentiates that replying RESH ' reports together with handover success, be sent to the base station by new sector, after receive the base station itself and the expectation of the network that oneself calculates are differentiated that replying XRESH ' compares, finish discriminating to mobile subscriber's mobile phone, if the comparative result unanimity then this user be very, can open the legitimate correspondence of mobile subscriber by new sector.
When Fig. 2 has provided urgent switching in same base station, when mobile phone user moves to another sector from a work sector, the simple two-way discriminating secure communication process that takes place between the machine of taking by the hand and base station:
Mark among Fig. 2
Figure C20031010404900093
Expression: mobile subscriber's mobile phone directly sends urgent handover report to the base station by new sector, user's discriminating of being calculated by the base station together with own registration of preserving the time is simultaneously replied RESH and is sent to the base station, after received the base station, the user expectation discriminating that the user calculates during with own registration of preserving with RESH was replied XRESH and is compared;
Mark among Fig. 2
Figure C20031010404900094
Expression: if RESH is consistent with the XRESH comparative result, then new sector will be passed under the encryption parameters such as the aerial datamation key WK of mobile subscriber's mobile phone and cryptographic algorithm in the base station, and the network that the user calculates during the registration that will preserve simultaneously differentiates that replying RESH ' sends to mobile subscriber's mobile phone;
Mark among Fig. 2
Figure C20031010404900095
Expression: after mobile subscriber's mobile phone is received network differentiated that the network expectation discriminating that calculates the base station when replying RESH ' with own registration of preserving replys XRESH ' and compare, think that the base station is a legitimate base station, can open the legitimate correspondence of mobile subscriber by new sector if the result is consistent.
Fig. 3 has provided the mobile subscriber and between different base station when mobile, the normal two-way discriminating secure communication process of switching has taken place between mobile subscriber's mobile phone and base station in same dynamic domain:
Mark among Fig. 3
Figure C20031010404900096
Expression: mobile subscriber's mobile phone is initiated handoff request between the base station by old sector to old base station, simultaneously the user is differentiated that random number RA NDH together sends to old base station:
Mark among Fig. 3
Figure C20031010404900097
Expression: new base station is sent to the random number RA NDH that receives in old base station, authentication is initiated to the registration base station of mobile subscriber's mobile phone in new base station, authentication is carried out at server A AA place, home to return in the registration base station, and authentication success is then registered the base station encryption parameters such as WK, SK, cryptographic algorithm are issued to new base station;
Mark among Fig. 3
Figure C20031010404900101
Expression: new base station is issued new sector to encryption parameter;
Mark among Fig. 3
Figure C20031010404900102
Expression: new base station sends normal handoff response by new sector to mobile subscriber's mobile phone, the user that will utilize the user to differentiate that random number RA NDH, SK and NT-A3 calculate simultaneously differentiates and replys RESH, and the random number RA NDH ' that this base station produces sends to mobile subscriber's mobile phone together;
Mark among Fig. 3
Figure C20031010404900103
Expression: mobile subscriber's mobile phone is differentiated the user who receives and is replied RESH and oneself use RANDH, the user expectation that SK and NT-A3 calculate differentiates that replying RESH compares, finish discriminating to new sector if the result is consistent, mobile subscriber's mobile phone will normally switch finishes report, reach and use RANDH ', SK, the network that TN-A3 calculates differentiates that replying RESH ' sends to new base station by new sector, after receive new base station it being replied XRESH ' with the network expectation discriminating that oneself calculates compares, finish discriminating to mobile subscriber's mobile phone, if comparative result unanimity then this user is true, can open the legitimate correspondence of mobile subscriber by new sector.
Fig. 4 has provided the mobile subscriber and between different base station when mobile, the urgent two-way discriminating secure communication process of switching has taken place between mobile subscriber's mobile phone and base station in same dynamic domain:
Mark among Fig. 4 Expression: mobile subscriber's mobile phone sends urgent handoff request by new base station to the registration base station, and the other side differentiates that replying RESH also sends to and register the base station during simultaneously together with own registration of preserving;
Mark among Fig. 4
Figure C20031010404900105
Expression: after receive the registration base station, the user expectation discriminating is replied XRESH and is compared during with own registration of preserving with RESH, if the result is consistent, then old base station is comprised the encryption parameter of WK, SK, cryptographic algorithm, and registration random number RA NDH, RANDH ' passes to new base station;
Mark among Fig. 4
Figure C20031010404900106
Expression: new sector is passed to encryption parameter in new base station;
Mark among Fig. 4 Expression: new base station sends urgent handover acknowledge by new sector to mobile subscriber's mobile phone, and the user network discriminating is replied RESH ' and passed to mobile subscriber's mobile phone during the registration that also will preserve simultaneously;
Mark among Fig. 4
Figure C20031010404900108
Expression: mobile subscriber's mobile phone with the RESH ' that receives during with own registration of preserving network expectation discriminating reply XRESH ' and compare, unanimity then allows to use the new sector communication of base station as a result.
Fig. 5 has provided mobile communication system network figure, and this figure acceptance of the bid shows the situation that system has three base stations, and it is mobile between different sectors in same base station to indicate mobile subscriber's mobile phone, and the communication scheme under situation of movement between different base station.

Claims (1)

1. the bidirectional authentication method when the digital cellular mobile communication systems user is switched, include: normal complete bidirectional authentication method that switches and the urgent simple bidirectional authentication method that switches take place when mobile in the mobile subscriber between different sectors in the administration of same base station, and the mobile subscriber occurs in the same dynamic domain the simple bidirectional authentication method that normal complete bidirectional authentication method that switches and urgent switching take place when mobile between different base station; Wherein:
(A) the complete bidirectional authentication method of normal switching taking place when mobile, carries out as follows between the different sectors of mobile subscriber in the administration of same base station:
Figure C2003101040490002C1
The user sends the two-way discriminating handoff request that enters new sector by old sector to the base station, and request message is encrypted, and the user produces one and differentiates random number RA NDH simultaneously, and it together is sent to the base station together with message;
Figure C2003101040490002C2
The base station sends two-way discriminating handoff response message by former sector to the mobile subscriber, and will utilize the user to differentiate random number RA NDH, session key SK, the user that network calculates the authentication arithmetic NT-A3 of portable terminal differentiates and replys RESH, differentiate that together with the network that network produces random number RA NDH ' is sent to the mobile subscriber, the mobile subscriber differentiates the user who receives and replys RESH, differentiate random number RA NDH with own by the user, session key SK, the user expectation that network calculates the authentication arithmetic NT-A3 of portable terminal differentiates that replying XRESH compares, can finish discriminating to new sector, if unanimity then this sector be true, otherwise be vacation;
Figure C2003101040490002C3
The base station is with the aerial working key WK of mobile subscriber's data, and encryption parameters such as cryptographic algorithm are passed to the new handoff sectors of mobile subscriber;
Figure C2003101040490002C4
The mobile subscriber will differentiate random number RA NDH ' with network, SK, the network that NT-A3 calculates differentiates that replying RESH ' reports together with handover success, be sent to the base station by new sector, after receive the base station itself and the expectation of the network that oneself calculates are differentiated that replying XRESH ' compares, can finish discriminating to the mobile subscriber, if unanimity then this user be very, can open the legitimate correspondence of mobile subscriber by new sector;
(B) the urgent simple bidirectional authentication method that switches between different sectors when mobile, takes place in the mobile subscriber in same base station, is undertaken by following step:
Figure C2003101040490002C5
The mobile subscriber directly sends urgent handover report to the base station by new sector, user's discriminating of being calculated by the base station together with own registration of preserving the time is simultaneously replied RESH and is sent to the base station, after received the base station, the user expectation discriminating that the user calculates during with own registration of preserving with RESH was replied XRESH and is compared;
Figure C2003101040490003C1
If RESH is consistent with XRESH, then new sector will be passed under the encryption parameters such as user's aerial datamation key WK and cryptographic algorithm in the base station, and the network that the user calculates during the registration that will preserve simultaneously differentiates that replying RESH ' sends to the mobile subscriber;
After the mobile subscriber receives network differentiated that the network expectation discriminating that calculates the base station when replying RESH ' with own registration of preserving replys XRESH ' and compare, if consistently think that the base station is a legitimate base station, can open the legitimate correspondence of mobile subscriber by new sector;
(C) the normal complete bidirectional authentication method that switches takes place when mobile in the mobile subscriber between different base station in same dynamic domain, is undertaken by following step:
Figure C2003101040490003C3
The mobile subscriber initiates handoff request between the base station by old sector to old base station, simultaneously the user is differentiated that random number RA NDH together sends to old base station;
Figure C2003101040490003C4
New base station is sent to the random number RA NDH that receives in old base station, authentication is initiated to mobile subscriber's registration base station in new base station, authentication is carried out at server A AA place, home to return in the registration base station, and authentication success is then registered the base station encryption parameters such as WK, SK, cryptographic algorithm are issued to new base station;
Figure C2003101040490003C5
New base station is issued new sector to encryption parameter;
Figure C2003101040490003C6
New base station sends normal handoff response by new sector to the mobile subscriber, and the user that will utilize the user to differentiate that random number RA NDH, SK and NT-A3 calculate simultaneously differentiates and replys RESH, and the random number RA NDH ' that this base station produces sends to the mobile subscriber together;
Figure C2003101040490003C7
The mobile subscriber differentiates the user who receives and replys RESH and oneself use RANDH, the user expectation that SK and NT-A3 calculate differentiates that replying RESH compares, then finish discriminating as unanimity to new sector, the mobile subscriber will normally be switched and be finished report, reach with network and differentiate random number RA NDH ', session key SK, the network that portable terminal is calculated the authentication arithmetic TN-A3 of network differentiates that replying RESH ' sends to new base station by new sector, after receive new base station it being replied XRESH ' with the network expectation discriminating that oneself calculates compares, can finish discriminating to the mobile subscriber, if unanimity then this user is true, can open the legitimate correspondence of mobile subscriber by new sector;
(D) the urgent simple bidirectional authentication method that switches between different base station when mobile, takes place in the mobile subscriber in same dynamic domain, is undertaken by following step:
Figure C2003101040490003C8
The mobile subscriber sends urgent handoff request by new base station to the registration base station, and the other side differentiates that replying RESH also sends to and register the base station during simultaneously together with own registration of preserving;
Figure C2003101040490003C9
Registration is after the base station receives, user expectation differentiates that replying XRESH compares during with own registration of preserving with RESH, if consistent, then old base station comprised the encryption parameter of WK, SK, cryptographic algorithm, and register random number RA NDH that RANDH ' passes to new base station;
Figure C2003101040490004C1
New sector is passed to encryption parameter in new base station;
Figure C2003101040490004C2
New base station sends urgent handover acknowledge by new sector to the mobile subscriber, and the user network discriminating is replied RESH ' and passed to the mobile subscriber during registration that also will preserve simultaneously;
Figure C2003101040490004C3
The mobile subscriber with the RESH ' that receives during with own registration of preserving the network expectation differentiate that replying XRESH ' compares, the consistent then new sector communication of permission use base station.
CNB2003101040493A 2003-12-18 2003-12-18 Method of bidirectional authentication during subscriber switch in digital cellular mobile communication system Expired - Fee Related CN100388850C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB2003101040493A CN100388850C (en) 2003-12-18 2003-12-18 Method of bidirectional authentication during subscriber switch in digital cellular mobile communication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2003101040493A CN100388850C (en) 2003-12-18 2003-12-18 Method of bidirectional authentication during subscriber switch in digital cellular mobile communication system

Publications (2)

Publication Number Publication Date
CN1630405A CN1630405A (en) 2005-06-22
CN100388850C true CN100388850C (en) 2008-05-14

Family

ID=34842929

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2003101040493A Expired - Fee Related CN100388850C (en) 2003-12-18 2003-12-18 Method of bidirectional authentication during subscriber switch in digital cellular mobile communication system

Country Status (1)

Country Link
CN (1) CN100388850C (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007033548A1 (en) * 2005-09-19 2007-03-29 Huawei Technologies Co., Ltd. A method and device for obtaining the security association information during the mobile terminal handoff procedure
CN102355468B (en) * 2006-02-28 2014-08-13 华为技术有限公司 Safe communication method
CN101031141B (en) * 2006-02-28 2011-11-09 华为技术有限公司 Safety telecommunication method
RU2416882C2 (en) * 2006-10-20 2011-04-20 Нокиа Корпорейшн Generating security keys in next-generation mobile communication networks
CN101286844B (en) 2008-05-29 2010-05-12 西安西电捷通无线网络通信有限公司 Entity bidirectional identification method supporting fast switching
US8131296B2 (en) 2008-08-21 2012-03-06 Industrial Technology Research Institute Method and system for handover authentication
CN103312499B (en) 2012-03-12 2018-07-03 西安西电捷通无线网络通信股份有限公司 A kind of identity identifying method and system
CN103312670A (en) 2012-03-12 2013-09-18 西安西电捷通无线网络通信股份有限公司 Authentication method and system
CN106131841A (en) * 2015-05-15 2016-11-16 中兴通讯股份有限公司 A kind of access authentication method, equipment and system
CN106304061B (en) * 2015-05-26 2020-01-10 成都鼎桥通信技术有限公司 User authentication method under fault weakening state
WO2017084043A1 (en) * 2015-11-18 2017-05-26 Alcatel-Lucent Shanghai Bell Co., Ltd. Handover between e-utran and wlan

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1193449A (en) * 1995-06-29 1998-09-16 艾利森公司 Authentication and handover, methods and systems for radio personal communications
CN1321049A (en) * 2000-02-09 2001-11-07 朗迅科技公司 Enhanced safety of hand-over in radio communicaltion
WO2002030132A2 (en) * 2000-09-29 2002-04-11 Nokia Corporation Method and system for security mobility between different cellular systems
US20020197979A1 (en) * 2001-05-22 2002-12-26 Vanderveen Michaela Catalina Authentication system for mobile entities

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1193449A (en) * 1995-06-29 1998-09-16 艾利森公司 Authentication and handover, methods and systems for radio personal communications
CN1321049A (en) * 2000-02-09 2001-11-07 朗迅科技公司 Enhanced safety of hand-over in radio communicaltion
WO2002030132A2 (en) * 2000-09-29 2002-04-11 Nokia Corporation Method and system for security mobility between different cellular systems
US20020197979A1 (en) * 2001-05-22 2002-12-26 Vanderveen Michaela Catalina Authentication system for mobile entities

Also Published As

Publication number Publication date
CN1630405A (en) 2005-06-22

Similar Documents

Publication Publication Date Title
US11863543B2 (en) Network device proximity-based authentication
EP1757139B1 (en) Method of preventing or limiting the number of simultaneous sessions in wireless local area network (wlan)
AU684434B2 (en) Method and apparatus for authentication in a communication system
US8112065B2 (en) Mobile authentication through strengthened mutual authentication and handover security
CN100388850C (en) Method of bidirectional authentication during subscriber switch in digital cellular mobile communication system
CN104219244B (en) A kind of method of anti-position deceptions of iBeacon and certificate server, base station
CN104604272A (en) Establishing a device-to-device communication session
CN102958048A (en) Method for optimal selection between WiFi (wireless fidelity) network and TD-SCDMA (time division-synchronous code division multiple access) network
JP2005110112A (en) Method for authenticating radio communication device in communication system, radio communication device, base station and authentication device
EP1103137A1 (en) Arranging authentication and ciphering in mobile communication system
CN105792194B (en) Authentication method, authentication device, the network equipment, the Verification System of base station legitimacy
JP2003061129A (en) Mobile communication system, communication control method and mobile terminal used for the same and its control method
CN101222760A (en) Method for establishing session key agreement
CN101228766A (en) Exchange of key material
WO2005083910A1 (en) Method and apparatus for access authentication in wireless mobile communication system
CN101222322A (en) Safety ability negotiation method in super mobile broadband system
CN108924838B (en) Inter-operator network switching method and device, operator equipment and terminal
JP2005109823A (en) Layer 2 switch device, radio base station, network system and radio communication method
JP2020501440A (en) Emergency number setting method, acquisition method and device
CN109495894B (en) Method and system for preventing pseudo base station
CN101026866A (en) AK context cache method for wireless communication system
EP2530962B1 (en) Authentication
CN101193427A (en) Pre-authentication method for supporting quick switch
CN101938746A (en) Anti-cloning method and device of user identification module
CN112004228B (en) Real person authentication method and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20080514

Termination date: 20111218