Embodiment
The present invention realizes among the method embodiment of media-independent switching, MN and each network entity all possess the MIH function, by set up between MN and each network entity and the Security Association between each network entity (Security Association SA), forms the security architecture of MIH.Wherein, the foundation of SA by between MN and each network entity or the shared key between each network entity realize.For convenience of explanation, in the embodiment of the invention, the shared key between MN and the network side Serving PoS is referred to as first shares key (Kms), this key need generate before MN obtains information on services; Shared key between Serving PoS and the information server is referred to as second shares key (Kns), but this key can dynamically generate also static configuration, is decided by actual demand; Key between MN and the information server is referred to as the 3rd shares key (Kmn), this key needs dynamically to generate; Shared key between Serving PoS and each the candidate PoS is referred to as the 4th shares key (Kcs); Shared key between MN and the authentication and authorization charging server (AAA Server) is referred to as the 5th shares key (Kma); Shared key between MN and the target P oS is referred to as the 6th shares key (Kmc); And,, security architecture is divided into default security architecture and direct security architecture according to the MIHF of the MN new Correspondent Node of the clear and definite MIH of needs whether.
Under the default security architecture, the MIHF of MN only need know whether the MIHF of the MIH PoS of Serving PoA exists, and other MIHF in the network are all invisible concerning MN.For the MIHF of MN, only need to set up and the MIHF of the MIH PoS of Serving PoA between SA, and ask all services to it.Default security architecture as shown in Figure 1, solid line is represented directly to link to each other, dotted line represents and can not directly link to each other that thick line represents to have the connection of the safeguard protection relevant with the MIHF of MN.But may there be Security Association in other connections be uncorrelated with the MIHF of MN.
Under direct security architecture, the MIHF of MN need know the existence of MIHF of the MIH PoS of Serving PoA, also needs to know the existence of other MIHF in the network.For the MIHF of MN, the security association between the MIHF that it need be set up and all need be mutual with it, and respectively to the corresponding service of their requests.Its framework can be as shown in Figure 2, and solid line is represented directly to link to each other, and dotted line represents and can not directly link to each other that thick line represents to have the connection of the safeguard protection relevant with the MIHF of MN.But may there be Security Association in other connections be uncorrelated with the MIHF of MN.Of particular note, thick dotted line also shows and has Security Association between them, although they can not directly link to each other.MIH PoS is the functional module that network side does not comprise the PoA of MN among Fig. 1 and Fig. 2, can be directly mutual with the MN that possesses the MIH function, for example possess the router of MIH function in the cable network.
Method embodiment one
Fig. 3 realizes the signaling process figure of method first embodiment that media-independent switches for the present invention, and present embodiment is an example with default security architecture, and handoff procedure is specially:
Step 101:MN sends the service request information of protecting through Kms " [MIH_Service-REQ] Kms " to Serving PoS, has guaranteed the safety between MN and the Serving PoS; " [MIH_Service-REQ] Kms " expression " MIH_Service-REQ " message is through the Kms protection, and following situation is similar.
Step 102:Serving PoS receives " [MIH_Service-REQ] Kms " message, and checking Kms, has guaranteed the reliability of message.
After checking was passed through, Serving PoS sent the service response message of protecting through Kms " [MIH_Service-RSP] Kms " to MN, includes MN requested service information in " [MIH_Service-RSP] Kms " message;
Step 103:MN receives " [MIH_Service-RSP] Kms ", and checking Kms, after checking is passed through, has obtained information on services such as ambient network information safely and effectively.
After checking is passed through, MN is according to information on services select target network, and to the handover preparation request message " [MIH_Prepare-REQ] Kms " of Serving PoS initiation through the Kms protection, whether allow oneself to insert with the query aim network, portability MN prepares the PoS information of inquiry in " [MIH_Prepare-REQ] Kms ";
Step 104:Serving PoS receives " [MIH_Prepare-REQ] Kms ", and checking Kms;
After checking was passed through, Serving PoS sent the resource query request message of protecting through Kcs " [MIH_Query-REQ] Kcs " to each candidate PoS;
Step 105: each candidate PoS receives " [MIH_Query-REQ] Kcs ", and checking Kcs;
After checking was passed through, each candidate PoS judged whether this service point can insert MN, returned the resource query response message of protecting through Kcs " [MIH_Query-RSP] Kcs " to Serving PoS, and " [MIH_Query-RSP] Kcs " comprises judged result; And,, then also can be this MN reserved resource if judge and can insert.
Step 106:Serving PoS receives " [MIH_Query-RSP] Kcs ", and checking Kcs;
After checking was passed through, Serving PoS was the destination service point that MN selects access according to judged result, and to the switching command that MN sends process Kms protection, included target P oS information in the switching command; Perhaps Serving PoS sends through the switching of Kms protection to MN and prepares response message " [MIH_Prepare-RSP] Kms ", includes judged result in " [MIH_Prepare-RSP] Kms "; Serving PoS can be handed down to MN after receiving " [MIH_Prepare-RSP] Kms " immediately, also can wait all candidate PoS all to be handed down to MN behind the return results.
Step 107:MN receives switching command or " [MIH_Prepare-RSP] Kms ", and checking Kms;
After checking was passed through, MN sent through the switching of Kms protection to Serving PoS according to switching command and carries out request message " [MIH_Commit-REQ] Kms "; Or MN obtains judged result from " [MIH_Prepare-RSP] Kms ", and sends " [MIH_Commit-REQ] Kms " through the Kms protection according to judged result to Serving PoS; Include target P oS information in " [MIH_Commit-REQ] Kms ", as the IP address of target P oS, network access Identifier (Network Access Identifier, NAI) or the identifier of MIHF identifiers such as (ID);
Step 108:Serving PoS receives " [MIH_Commit-REQ] Kms ", and checking Kms;
After checking was passed through, Serving PoS obtained " [MIH_Commit-REQ] Kcs ", and according to target P oS information " [MIH_Commit-REQ] Kcs " is sent to target P oS with Kcs protection " MIH_Commit-REQ " message;
Step 109: target P oS receives " [MIH_Commit-REQ] Kcs ", and checking Kcs;
After checking was passed through, target P oS returned through the switching of Kcs protection to Serving PoS and carries out response message " [MIH_Commit-RSP] Kcs ";
Step 110:Serving PoS receives " [MIH_Commit-RSP] Kcs ", and checking Kcs;
After checking was passed through, Serving PoS obtained " [MIH_Commit-RSP] Kms " with Kms protection " MIH_Commit-RSP " message, and sends to MN;
Step 111:MN receives " [MIH_Commit-RSP] Kms ", and checking Kms;
After checking was passed through, MN generated request message " [MIH_Key-REQ] Kma " by target P oS to the key that aaa server sends through the Kma protection;
Step 112: target P oS is transmitted to aaa server by " AAA REQ " message with " [MIH_Key-REQ] Kma ";
Step 113:AAA server receives " AAA REQ ", after the acquisition " [MIH_Key-REQ] Kma ", and checking Kma;
After checking was passed through, aaa server generated Kmc, and sent " AAA RSP " to target P oS, returned checking result and Kmc;
Step 114: target P oS generates response message " [MIH_Key-RSP] Kmc " to the key that MN returns through the Kmc protection;
Step 115:MN receives " [MIH_Key-RSP] Kmc ", checking Kmc; After checking is passed through, finish switching.Afterwards, MN also can send handoff completion message " [MIH_Complete-REQ] Kmc " to target P oS, treats that target P oS returns response message " [MIH_Complete-RSP] Kmc ", confirms to switch and finishes.
In the present embodiment, after Serving PoS receives " [MIH_Service-REQ] Kms " message, also can be under the situation that the Kms checking is passed through, further judge self whether store M N institute information requested, if then carry out: Serving PoS sends the service response message of protecting through Kms " [MIH_Service-RSP] Kms " to MN; Otherwise, Serving PoS sends " [MIH_Service-REQ] Kns " to information server, information server receives " [MIH_Service-REQ] Kns " message, after checking Kns passes through, return " [MIH_Service-RSP] Kns " message that comprises MN requested service information to Serving PoS; Serving PoS receives " [MIH_Service-RSP] Kns " message, and by acquired information behind the checking Kns, carry out then: Serving PoS sends the service response message of protecting through Kms " [MIH_Service-RSP] Kms " to MN.Do not pass through under the situation of checking at Kms, Serving PoS returns failure information to MN.
MN obtains the process of information on services, and also available following process is replaced:
Information server is to each PoS broadcasting " [MIH_Service] Kns " message, and wherein Kns can be different because of PoS;
After Serving PoS receives " [MIH_Service] Kns " message, checking Kns, and under the situation that checking is passed through, give all MN by " [MIH_Service] Kms " information broadcast with the information on services that obtains, wherein Kms also can be different because of MN;
MN receives " [MIH_Service] Kms " message, obtains information on services behind the checking Kms.
In the present embodiment media-independent handoff procedure,, promptly utilize to share key, guaranteed that MN safety obtains information on services by setting up SA between MN and the Serving PoS; Between MN and Serving PoS, candidate PoS, aaa server, and set up the safety that SA has guaranteed that network switches between the PoS, thereby guaranteed the safety that media-independent switches on the whole.
And, because the interactive object of MN acquiescence is exactly Serving PoS, therefore, can reduce signaling consumption carrying out not introducing any sign when MIH is mutual, be convenient to wireless transmission.
For simple IP and mobile IP network, because MN does not need to know other route-maps of Access Network in these two kinds of networks, only need know that his couple in router (AR) gets final product, this situation is similar with the situation of not striding the PoS visit, therefore AR and PoS role class are seemingly, network carries out obtaining the MIH function behind the simple upgrade to AR easily, does not need to stride the visit of PoS, and this programme can be applied to simple IP and mobile IP network easily.
Method embodiment two
Fig. 4 realizes the signaling process figure of method second embodiment that media-independent switches for the present invention.Present embodiment is an example with direct security architecture, and handoff procedure is specially:
Step 201:MN sends the service request information " [MIH_Service-REQ] Kmn " through the Kmn protection;
Serving PoS judges according to the transmission target information in the service request information " [MIH_Service-REQ] Kmn " whether this service point is the message transmission target of MN, if, then protect the shared key of message to should be the first shared key, Serving PoS can verify, after checking is passed through, ServingPoS returns information on services to MN, among the similar approach embodiment one: Serving PoS receives " [MIH_Service-REQ] Kms " message, and checking Kms; After checking was passed through, Serving PoS sent the service response message of protecting through Kms " [MIH_Service-RSP] Kms " to MN;
Step 202: when Serving PoS judged that this service point is not the message transmission target of MN, information server received " [MIH_Service-REQ] Kmn ", and checking Kmn;
After checking was passed through, information server sent the MN requested service response message of protecting through Kmn " [MIH_Service-REQ] Kmn " to MN, includes MN requested service information in " [MIH_Service-REQ] Kmn ";
Step 203:MN receives " [MIH_Service-REQ] Kmn " message, and checking Kmn; After checking was passed through, MN obtained information on services.
MN is according to information on services select target PoS, and " [MIH_Prepare-REQ] Kms " that initiate process Kms protection to Serving PoS;
Step 204:Serving PoS receives " [MIH_Prepare-REQ] Kms ", checking Kms;
After checking was passed through, Serving PoS sent " [MIH_Query-REQ] Kcs " that protects through Kcs to each candidate PoS of network side;
Step 205: each candidate PoS receives " [MIH_Query-REQ] Kcs ", and checking Kcs;
After checking was passed through, each candidate PoS judged whether this service point can insert MN, and returned " [MIH_Query-RSP] Kcs " that protects through Kcs to ServingPoS, and " [MIH_Query-RSP] Kcs " comprises judged result; And,, then also can be this MN reserved resource if judge and can insert.
Step 206:Serving PoS receives " [MIH_Query-RSP] Kcs ", and checking Kcs;
After checking was passed through, Serving PoS sent " [MIH_Prepare-RSP] Kms " message of protecting through Kms to MN, comprises judged result in " [MIH_Prepare-RSP] Kms ";
Step 207:MN receives " [MIH_Prepare-RSP] Kms ", and checking Kms;
After checking was passed through, MN sent " [MIH_Key-REQ] Kma " that protects through Kma according to judged result to the candidate PoS that can insert;
Step 208: the candidate PoS that can insert is transmitted to aaa server with " [MIH_Key-REQ] Kma " by " AAAREQ ";
Step 209:AAA server receives " [MIH_Key-REQ] Kma ", and checking Kma;
After checking was passed through, aaa server generated Kmc, and returned checking result and Kmc by " AAA RSP " to the PoS that can insert;
Step 210: the PoS Receipt Validation result and the Kmc that can insert, and to " [MIH_Key-RSP] Kmc " of MN transmission through the Kmc protection;
Step 211:MN receives " [MIH_Key-RSP] Kmc ", and checking Kmc;
After checking was passed through, MN selected target P oS to be accessed from the candidate PoS that can insert, and sent " [MIH_Commit-REQ] Kms " that protects through Kms to Serving PoS;
Step 212:Serving PoS receives " [MIH_Commit-REQ] Kms ", and checking Kms;
After checking was passed through, Serving PoS protected " [MIH_Commit-REQ] Kcs " with Kcs, and sends to target P oS;
Step 213: target P oS receives " [MIH_Commit-REQ] Kcs ", and checking Kcs;
After checking was passed through, target P oS sent " [MIH_Commit-RSP] Kcs " that protects through Kcs to Serving PoS;
Step 214:Serving PoS receives " [MIH_Commit-RSP] Kcs ", and checking Kcs;
After checking was passed through, Serving PoS sent " [MIH_Commit-RSP] Kms " that protects through Kms to MN;
Step 215:MN receives " [MIH_Commit-RSP] Kms ", and checking Kms, finishes switching.Afterwards, MN also can send handoff completion message " [MIH_Complete-REQ] Kmc " to target P oS, treats that target P oS returns response message " [MIH_Complete-RSP] Kmc ", confirms to switch and finishes.
In the present embodiment media-independent handoff procedure, by setting up SA between MN and each PoS and between each PoS, promptly utilize to share key, guaranteed that MN safety obtains the safety of information on services and network switching process, thereby solved the safety problem that media-independent switches on the whole.
In the present embodiment, after information server receives " [MIH_Service-REQ] Kmn ", also can further judge that according to the transmission purpose information in " [MIH_Service-REQ] Kmn " whether this service point is, and verify Kmn; And, the method that obtains information on services in the present embodiment among the method methods availalbe embodiment one of acquisition information on services is replaced the acquisition information on services, also can pass through ServingPoS broadcast service message " [MIH_Service] Kms " and obtain information on services to MN, also can " [MIH_Service] Kmn " message directly be broadcast to MN, obtain information on services by information server; The process that the process that obtains handover network after the information on services in the present embodiment also obtains among the methods availalbe embodiment one after the information on services is replaced, and safety realizes that the network of MN switches.
Because directly under the security architecture, MN can distinguish the object of key request, set up it and the SA of objective network at former network, therefore, this SA can set up after switching, has reduced switching delay.In the present embodiment, after MN receives " [MIH_Prepare-RSP] Kms " message, at first set up and all candidate PoS that can insert between SA, promptly generate the shared key between MN and candidate PoS that all can insert, initiate to switch the execution request message to target P oS then, avoided setting up in the hand-off execution process SA or caused to visit switching, saved the switching time of implementation, accelerated the network switch speed because can't set up.If MN need visit an information server that is positioned at home network, the Serving PoS of the visited network at his place may not have Security Association with this information server, can build SA earlier, and visit is switched then, thereby has saved visit switching time.
In the foregoing description, message is protected, both encrypted also integrity protection, specifically use which kind of mode to determine by concrete agreement with shared key.
Mobile node embodiment
Fig. 5 is the structural representation of mobile node embodiment of the present invention, and mobile node 10 comprises: information on services acquisition module 11, authentication module 12, request module 13 and message protection module 14; Wherein, information on services acquisition module 11 is used for obtaining through sharing the information on services of cryptographic key protection from network side; Authentication module 12 is used to verify described shared key, as Kms, Kmn, Kmc; Request module 13 is used for verifying at described authentication module initiates handover preparation request message according to described information on services to described network side under the situation that described shared key passes through; Or send the service request information be used to obtain described information on services to network side; Message protection module 14 usefulness Kms protect described handover preparation request message, service request information; Or protect service request information with Kmn.
In the present embodiment, the information on services acquisition module is used to also to receive that network side sends through the switching command of Kms protection or switch and prepare response message and switch to carry out response message, and described switching prepares to include described judged result in the response message; The described request module also is used for sending the switching of protecting through Kms according to described switching command to described service point and carries out request message; Or prepare response message from described switching and obtain described judged result, and send through the switching of Kms protection to described service point according to described judged result and to carry out request message; Described switching is carried out in the request message and is included the destination service dot information; Request module also is used for sending the key generation request message of protecting through Kma to the aaa server of described network side; The message protection module also is used for protecting described key to generate request message with Kma; The information on services acquisition module also is used to receive the key generation response message through the Kmc protection that network side sends; Authentication module also is used to verify Kmc.
Above-mentioned mobile node embodiment makes mobile node can carry out media-independent safely and switches by checking, protection module.
System embodiment
Fig. 6 is the structural representation of media-independent switched system embodiment of the present invention, system 20 comprises message transmission module 21, system message protection module 22, message sink module 23, system verification module 24 and handover module 25, and system message protection module 22 is used for sharing the cryptographic key protection information on services; Send information on services by message transmission module 21 to MN then through overprotection; Message sink module 23 is used to receive the handover preparation request message through the Kms protection that MN sends; System verification module 24 is used to verify Kms; Handover module 25 is used for according to described handover preparation request message MN being inserted the destination service point, finishes switching.
In the present embodiment, the message sink module also can be used for receiving the service request information through the Kms protection that MN sends; Message transmission module also can be used for sending the service response message that comprises information on services to MN; The also available Kms of system message protection module protects described service response message.
Handover module can comprise first receiver module, first authentication module, first protection module, first sending module, second receiver module, second authentication module, second protection module, second sending module, the 3rd receiver module, the 3rd authentication module, key production module and the 3rd sending module; Wherein, first authentication module, first protection module, first sending module are located among the Serving PoS, and after system verification module verification Kms passed through, first protection module sent to candidate PoS with Kcs resource conservation inquiry request message and by first sending module; Second receiver module, second authentication module, second protection module, second sending module are located at candidate PoS or target P oS, second receiver module receives the resource query request message that first sending module sends, the Kcs of second authentication module checking resource conservation inquiry request message, after checking is passed through, candidate PoS generates the resource query response message, second protection module sends to Serving PoS by second sending module after protecting with Kcs; First receiver module receives the resource query response message, first authentication module checking Kcs; First protection module sends to MN by first sending module after switching the preparation response message with the Kms protection; First receiver module receives the switching execution request message through the Kms protection that MN sends, first authentication module checking Kms, after checking is passed through, first protection module switches with the Kcs protection carries out request message, first sending module will be carried out request message through the switching of Kcs protection and send to second receiver module, after second receiver module receives, second authentication module checking Kcs, after checking is passed through, target P oS generates to switch and carries out response message, second protection module switches with the Kcs protection carries out response message, and second sending module will be carried out response message through the switching of overprotection and send to MN; Second receiver module receives the key generation request message with the Kma protection that MN sends, and the key that second sending module is protected Kma generates request message and sends to the 3rd receiver module; The 3rd receiver module, the 3rd authentication module, key production module and the 3rd sending module are located in the aaa server, and the 3rd receiver module receives key and generates request message, the 3rd authentication module checking Kma; After checking was passed through, key production module generated Kmc, and the 3rd sending module sends to second receiver module with the checking result and the Kcs of the 3rd authentication module; Second receiver module receives, and target P oS generates key and generates response message, and second protection module generates response message with Kmc protection key, and the key after second sending module will be protected generates response message and sends to MN; Second receiver module receives the switching through the Kmc protection of MN transmission and finishes request message; second authentication module checking Kmc; after checking is passed through; target P oS generates to switch and finishes response message; second protection module is protected with Kmc, and the switching after second sending module will be protected is finished response message and sent to MN.
Among the said system embodiment, the media-independent switched system also can comprise judge module, and judge module is located at Serving PoS, is used to judge whether this PoS is the transmission target of described service request information, or judges whether self stores the MN information requested; If this PoS is the transmission target of described service request information, then Serving PoS carries out corresponding operating, as checking Kms; If judge self to store the MN information requested, then first sending module sends to MN with the MN information requested.
The media-independent switched system also can comprise creation module, and creation module is located at Serving PoS, does not have store M N information requested if judge module is judged Serving PoS, then creates new service request information, sends to information server.
Said system embodiment by system protection module, system verification module and key production module, has guaranteed the safety that media-independent switches.
One of ordinary skill in the art will appreciate that: all or part of step that realizes said method embodiment can be finished by the relevant hardware of program command, aforesaid program can be stored in the computer read/write memory medium, this program is carried out the step that comprises said method embodiment when carrying out; And aforesaid storage medium comprises: various media that can be program code stored such as ROM, RAM, magnetic disc or CD.
It should be noted that at last: above embodiment only in order to technical scheme of the present invention to be described, is not intended to limit; Although with reference to previous embodiment the present invention is had been described in detail, those of ordinary skill in the art is to be understood that: it still can be made amendment to the technical scheme that aforementioned each embodiment put down in writing, and perhaps part technical characterictic wherein is equal to replacement; And these modifications or replacement do not make the essence of appropriate technical solution break away from the spirit and scope of various embodiments of the present invention technical scheme.