CN101330747B - Optimization method for acquiring authentication cryptographic key during position updating process - Google Patents
Optimization method for acquiring authentication cryptographic key during position updating process Download PDFInfo
- Publication number
- CN101330747B CN101330747B CN2007101363888A CN200710136388A CN101330747B CN 101330747 B CN101330747 B CN 101330747B CN 2007101363888 A CN2007101363888 A CN 2007101363888A CN 200710136388 A CN200710136388 A CN 200710136388A CN 101330747 B CN101330747 B CN 101330747B
- Authority
- CN
- China
- Prior art keywords
- context
- grappling
- idle pulley
- portable terminal
- enters
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The invention provides an optimization method of acquiring an authorization key in the process of location update. When a mobile terminal enters the idle mode, an anchored paging controller (PC) saves relevant authorization key context, namely the AK context of the mobile terminal. When the mobile terminal begins location update, if an anchored PC judges that the acquisition of the AK context is not required to be launched, then the locally saved context is sent to the service base station of the mobile terminal. The invention provides a set of optimization mechanism for acquiring the AK context via the anchored PC, which optimizes the process for the acquisition of the AK context by the anchored PC, simplifies the information process, enhances the processing efficiency of the network, and reduces the probability of failure.
Description
Technical field
The present invention relates to (World Interoperability for Microwave Access at WiMAX, whole world inserting of microwave interoperability) anchoring paging controller (Anchor PC in the network, Anchor PagingController) and between the anchoring authentication device (Anchor Authenticator), in position updating process, obtain a kind of optimization method of KI (AK, Authentication Key).
Background technology
The formulation of WiMAX network architecture standard and research are that the network work group (NWG, Network Working Group) at WiMAX Forum is carried out, and are divided into three phases according to development need, and Release1.0.0 issues at present.
The WiMAX network reference model is based on IEEE802.16's, by registration terminal/portable terminal (SS/MS), access business network (ASN) be connected three logic entities of business network (CSN) and form, each logic entity has been represented one group of functional entity, and each function can or be distributed in a plurality of physical equipments at single physical equipment and realize.As shown in Figure 1.ASN is mainly WiMAX user corresponding wireless access and control is provided, and is made up of base station (BS) and IAD (ASN-GW).CSN has comprised authentication, mandate, billing function (AAA) and home agent (HA) for MS provides IP Connection Service.
Authentication device (Authenticator) is an end that is positioned at point-to-point link, the unit that the other end that helps MS to be connected to link authenticates.Before allowing terminal to be linked into business, its forcible authentication.Authentication device also comprises the AAA client, communicates with certificate server based on AAA, provides the authentication business by aaa protocol for authentication device.Authentication device usually and cipher key distributor be positioned at same position, also can be positioned at same position with authentication relaying and key receiving function.In this article, authentication device resides among the ASN-GW as the functional entity of ASN-GW.
Paging controller (PC, Paging Controller) is the functional entity of MS behavior under idle pulley in the supervising the network.In IEEE 802.16e, it identifies by the PC sign (PC ID) of 6 bytes, and this PC ID can be mapped to the address of functional entity in the NWG.PC both can reside in base station (BS) and go up (the consideration category that does not belong to NWG), also can separate residing among the ASN-GW by the R6 reference point with BS.In this article, PC resides among the ASN-GW.Be in the MS of idle pulley for each, a PC (being called Anchor PC) who comprises this MS positional information all must be arranged.
For the power consumption that reduces MS prolonging the worked duration of MS, the NWG protocol definition idle pulley of MS (Idle Mode).When the professional processing of long-time nothing, MS or BS can trigger MS and enter idle pulley, as shown in Figure 2.
Step 201, MS sends de-registration request (DREG_REG) message and gives BS, and indication enters idle pulley;
Step 202, BS sends the idle pulley request of entering (IM_Entry_State_Change_Req) message and gives relay PC;
Step 203, relay PC are transmitted idle pulley and are entered request message to Anchor PC (grappling PC);
Step 204, grappling PC sends idle pulley for grappling Authenticator and enters request message, and whether checking allows MS to enter idle pulley;
Step 205, grappling Authenticator checking is passed through, and allows MS to enter idle pulley, sends idle pulley and enters response (IM_Entry_State_Change_Rsp) notice grappling PC;
Step 206, grappling PC sends idle pulley and enters response message to relay PC;
Step 207, relay PC are transmitted idle pulley and are entered response message to BS;
Step 208, BS sends and nullifies response (DREG_RSP) message to MS, has wherein carried the paging relevant parameter;
Step 209 and 210 by M_Entry_State_Change_Ack (" idle pulley enters and replys ") message, confirms that idle pulley enters response message and sends;
Step 211 and 212, grappling PC notice grappling data channel functional entity, indication has entered idle pulley;
Step 213, the data channel deletion between service access business network and the grappling data channel functional entity;
Step 214, the renewal process of the security parameter of eating dishes without rice or wine;
After MS enters idle pulley, BS will delete all information relevant with this MS, and the information that BS preserves will be transferred on the grappling PC.Under idle pulley, MS need by the position more new technological process (Location Update) Periodic Notice network MS still survive and informing network MS latest position information.
Fig. 3 is the position new technological process more of MS under the idle pulley.
Step 301, MS sends position updating request (RNG_REQ) message and gives serving BS broadcasts, and indicating positions upgrades;
Step 302, serving BS broadcasts sends position updating request (LU_Req) message and promptly serves ASN-GW to relay PC;
Step 303, relay PC is transmitted location update request message and is given grappling PC;
Step 304,305, grappling PC obtains flow process by context and obtain AK context (authentication key contexts) from Authenticator;
Step 306, grappling PC is included in the position with correct AK context and upgrades in response (LU_Rsp) message, is handed down to relay PC;
Step 307, relay PC are transmitted the position and are upgraded response message to BS;
Step 308, BS sends the position and upgrades response (RNG_RSP) message to MS;
Step 309, the renewal process of the security parameter of eating dishes without rice or wine;
The affirmation message digit that step 310 and 311, position are upgraded in the three step handshake information is put the transmission of upgrading confirmation (LU_Cnf) message.
Serving BS (Serving BS) need carry out authentication to position updating request (RNG_REQ) message that MS sends, and because when entering idle pulley, BS has comprised all information the AK deletion, so need to obtain from grappling PC again.Grappling PC obtains the AK context to grappling Authenticator after the position updating request (LU_Req) of receiving service ASN (serving ASN), and the AK context that obtains is sent to the serving BS broadcasts use.In this process, grappling PC is transmitted to BS with the AK context from Authenticator just as a relaying.For position renewal each time, grappling PC can carry out above-mentioned steps and obtain the AK context from grappling Authenticator, and treatment effeciency is lower.
Summary of the invention
The technical problem to be solved in the present invention provides the optimization method that obtains KI in a kind of position updating process, improves the position and upgrades treatment effeciency.
In order to solve the problems of the technologies described above, the invention provides the optimization method that obtains KI in a kind of position updating process, when portable terminal enters idle pulley, it is the AK context that anchoring paging controller PC preserves the relevant authentication key contexts of described portable terminal, when described portable terminal is initiated the position renewal, if described grappling PC judges that not needing to initiate the AK context obtains, then the AK context that this locality is preserved sends to the serving BS of described portable terminal.
Further, said method also can have following characteristics, if grappling PC judges that needing to initiate the AK context obtains, then described anchoring paging controller obtains the AK context from authentication device, this AK context is sent to the serving BS of described portable terminal.
Further, said method also can have following characteristics, described anchoring paging controller is by judging whether local AK context judges whether effectively that needing to initiate the AK context obtains, if described local AK context is effective, then not needing to initiate the AK context obtains, if described local AK context is invalid, then needs to initiate the AK context and obtain.
Further, said method also can have following characteristics, and described AK context refers to that effectively the Base Station Identification of preserving in the local AK context of preserving is consistent with the serving BS of described portable terminal, and described AK context was in the lifetime, otherwise described AK context is invalid.
Further, said method also can have following characteristics, and entering at idle pulley increases an AK context field in the response message, when described portable terminal enters the idle pulley response, comprise following steps:
(a) when portable terminal enters idle pulley, follow the tracks of the local policy authentication device and the AK context of serving BS correspondence is entered response message by idle pulley send to grappling PC;
(b) after grappling PC receives that idle pulley enters response message, preserve the AK context that wherein carries.
Further, said method also can have following characteristics, and the AK context field that described idle pulley enters in the response message is an Optional Field.
Further, said method also can have following characteristics, and when described portable terminal was initiated the position renewal, described grappling PC migration took place or do not move.
The invention provides a cover grappling PC and obtain the contextual optimization mechanism of AK, optimized grappling PC and obtained the contextual flow process of AK, simplified message flow, improved network processes efficient, reduced the failure probability.
Description of drawings
Fig. 1 is a Wimax network architecture reference model block diagram;
Fig. 2 enters Idle Mode flow chart for existing MS;
Fig. 3 upgrades flow chart for the position that does not have Anchor PC migration in the prior art;
Fig. 4 enters Idle Mode flow chart for MS of the present invention;
Fig. 5 does not upgrade flow chart for the present invention has the position of grappling PC migration;
Fig. 6 upgrades flow chart for the position that the present invention has grappling PC migration.
Embodiment
The present invention is based on the relevant protocol specification (comprising Stage2 and Stage3) of Release1.0.0 of NWG issue.
For the MS that enters idle pulley, grappling PC preserves its relevant information, so grappling PC can deposit the AK context, and by suitable judgment processing, guarantees to offer the correct AK context of BS, there is no need necessarily to obtain from Authenticator.
Main thought of the present invention is, when MS entered idle pulley, grappling PC preserved the AK context of serving BS broadcasts, and when MS carries out the position when upgrading, grappling PC determines whether needing to initiate that AK is contextual to be obtained by corresponding judgment.This method specifically comprises the steps:
(a) idle pulley enters increases an Optional Field AK context (AK Context) in response (IM_Entry_State_Change_Rsp) message;
(b) when MS enters idle pulley, follow the tracks of local policy Authenticator and the AK context of serving BS broadcasts correspondence is entered response (IM_Entry_State_Change_Rsp) message by idle pulley send to grappling PC;
(c) after grappling PC receives that idle pulley enters response message, preserve the AK context that wherein carries;
(d) when MS carries out position updating request, grappling PC determines whether obtaining the AK context to grappling Authenticator by certain judgement, if do not need, then directly the AK context of preserving is returned to serving BS broadcasts.
Be described in further detail below in conjunction with the enforcement of drawings and Examples technical solution of the present invention.
The embodiment of the invention provides a cover grappling PC to obtain the contextual optimization mechanism of AK, three flow processs in concrete implementation process, have been contained, comprise: enter idle pulley, position renewal (grappling PC does not move) and position and upgrade (grappling PC migration), wherein, Fig. 4 is that MS enters idle flow process, in this flow process, by idle pulley being entered the response message expansion, grappling PC can be kept at this locality with the safe key that obtains from grappling Authenticator.Fig. 5 and Fig. 6 are more new technological process of position, grappling PC determines whether obtaining the AK context to grappling Authenticator by certain judgement in this process, if do not need, then directly the AK context of preserving is returned to serving BS broadcasts, thereby simplified message flow.
Fig. 4 is that MS enters Idle Mode flow process, comprises following step:
Step 401 is to step 404, and is identical with step 201-204 among Fig. 2.
Step 405, grappling Authenticator checking is passed through, and allows MS to enter idle pulley, sends idle pulley and enters response notice Anchor PC.Increase an Optional Field AK context in this message, Authenticator selects the AK context of serving BS broadcasts is sent to grappling PC according to self strategy.Grappling PC preserves the AK context of receiving;
Step 206 among subsequent step 406 to 413 and Fig. 2 is to 213 identical.
Fig. 5 is that (grappling PC does not move) flow process is upgraded in the position, comprises following step:
Step 501 to step 503 and step 301 of the prior art to 303 identical,
Step 504, grappling PC judges whether this user-dependent AK context of grappling PC preservation is effective, be whether BS ID in the AK context is serving BS broadcasts, and judge whether this AK context still is in the lifetime, if two conditions are all passed through, then the AK context is effective, directly execution in step 507 sends to serving BS broadcasts with the local AK context of preserving of grappling PC, otherwise execution in step 505,506, obtain flow process by safe context and from Authenticator, obtain the AK context;
Step 307 among subsequent step 508 to 512 and Fig. 3 is to 311 identical.
Fig. 6 is that (grappling PC migration) flow process is upgraded in the position, and the position when the contextual processing of AK of the present invention is not moved with Fig. 5 grappling PC in this flow process more processing in the new technological process is consistent.
More the difference of new technological process is mainly in the contextual processing of AK for the present invention and existing grappling PC migration position, and promptly step 605 is to step 607, and other flow processs are consistent with existing procedure.
Claims (7)
1. obtain the optimization method of KI in the position updating process, when portable terminal enters idle pulley, it is the AK context that anchoring paging controller PC preserves the relevant authentication key contexts of described portable terminal, when described portable terminal is initiated the position renewal, if grappling PC judges that not needing to initiate the AK context obtains, then the AK context that this locality is preserved sends to the serving BS of described portable terminal.
2. the method for claim 1 is characterized in that, if grappling PC judges that needing to initiate the AK context obtains, then described anchoring paging controller obtains the AK context from authentication device, this AK context is sent to the serving BS of described portable terminal.
3. method as claimed in claim 1 or 2, it is characterized in that, described anchoring paging controller is by judging whether local AK context judges whether effectively that needing to initiate the AK context obtains, if described local AK context is effective, then not needing to initiate the AK context obtains, if described local AK context is invalid, then needs to initiate the AK context and obtain.
4. method as claimed in claim 3, it is characterized in that described AK context refers to that effectively the Base Station Identification of preserving in the local AK context of preserving is consistent with the serving BS of described portable terminal, and described AK context was in the lifetime, otherwise described AK context is invalid.
5. the method for claim 1 is characterized in that, entering at idle pulley increases an AK context field in the response message, when described portable terminal enters the idle pulley response, comprise following steps:
(a) when portable terminal enters idle pulley, follow the tracks of the local policy authentication device and the AK context of serving BS correspondence is entered response message by idle pulley send to grappling PC;
(b) after grappling PC receives that idle pulley enters response message, preserve the AK context that wherein carries.
6. method as claimed in claim 5 is characterized in that, the AK context field that described idle pulley enters in the response message is an Optional Field.
7. the method for claim 1 is characterized in that, when described portable terminal was initiated the position renewal, described grappling PC migration took place or do not move.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101363888A CN101330747B (en) | 2007-07-26 | 2007-07-26 | Optimization method for acquiring authentication cryptographic key during position updating process |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101363888A CN101330747B (en) | 2007-07-26 | 2007-07-26 | Optimization method for acquiring authentication cryptographic key during position updating process |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101330747A CN101330747A (en) | 2008-12-24 |
| CN101330747B true CN101330747B (en) | 2011-07-13 |
Family
ID=40206280
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2007101363888A Expired - Fee Related CN101330747B (en) | 2007-07-26 | 2007-07-26 | Optimization method for acquiring authentication cryptographic key during position updating process |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101330747B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102238538A (en) * | 2010-04-22 | 2011-11-09 | 中兴通讯股份有限公司 | Method and system for updating air-interface keys in idle mode |
| WO2017214854A1 (en) * | 2016-06-14 | 2017-12-21 | 华为技术有限公司 | Authentication method, and tracking area updating method and device |
| CN108632818A (en) * | 2017-03-21 | 2018-10-09 | 中兴通讯股份有限公司 | The method and device of mobile terminal position updating |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1794873A (en) * | 2005-08-24 | 2006-06-28 | 华为技术有限公司 | Method of controlling position renewing |
| CN1997212A (en) * | 2006-01-05 | 2007-07-11 | 华为技术有限公司 | Method for location update in the wireless communication network |
-
2007
- 2007-07-26 CN CN2007101363888A patent/CN101330747B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1794873A (en) * | 2005-08-24 | 2006-06-28 | 华为技术有限公司 | Method of controlling position renewing |
| CN1997212A (en) * | 2006-01-05 | 2007-07-11 | 华为技术有限公司 | Method for location update in the wireless communication network |
Non-Patent Citations (2)
| Title |
|---|
| JP特开2000-116223A 2000.04.25 |
| 张媛.《第三代移动通信系统安全技术研究》.《中国优秀硕士学位论文全文数据库》.2005,第1-73页. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101330747A (en) | 2008-12-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR100979201B1 (en) | Mobile terminals and Method for updating software thereof | |
| EP2041690B1 (en) | Method, system and smart card reader for management of access to a smart card | |
| CN102972054B (en) | The local secure key at radio communication device place updates | |
| CN107959951A (en) | ESIM cards, automatic switchover eSIM cards configuration file method and system | |
| CN101330731B (en) | Method for negotiating and transmitting position updating time length information | |
| CN103155686B (en) | For the apparatus and method communicated | |
| CN101345992B (en) | Paging method and system of heterogeneous network, and terminal used for the same | |
| CN104735814A (en) | Access method, system and related device for automatically getting access to WiFi network | |
| CN101043741B (en) | Network-exit processing method of terminal under idle mode | |
| CN102036224B (en) | Method, system and upgrading control entity for informing mobile equipment of upgrading software | |
| CN101194471A (en) | Method and apparatus for dormant mode support with paging | |
| CN101005351A (en) | System and method for information processing | |
| CA2509150A1 (en) | A process method about the service connection between the wireless local area network and user terminal | |
| CN101478811A (en) | Method and system for saving power on mobile computing device | |
| US9686722B2 (en) | Method and device for accounting in WiFi roaming based on AC and AP interworking | |
| CN101291531B (en) | Updating method for tracing area list | |
| CN101043706A (en) | Terminal entering idle mode, network reentrance method | |
| CN101599850A (en) | The collocation method of WLAN (wireless local area network), system and device | |
| EP3547759B1 (en) | Method, access point and wireless local area network system for establishing a wireless local area network connection between an access point and a station | |
| CN101330747B (en) | Optimization method for acquiring authentication cryptographic key during position updating process | |
| CN106558126B (en) | A kind of gate inhibition's key code management method and system | |
| JP2005196758A (en) | Resume method of offline computer | |
| CN1937836A (en) | Method for updating safety alliance information after mobile terminal switching | |
| CN101651586B (en) | Processing method, device and system for updating CSG information | |
| CN101155397B (en) | Position updating method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20110713 Termination date: 20190726 |