CN101426018A - Advanced security authentication for wireless network, golden key exchange system and method - Google Patents
Advanced security authentication for wireless network, golden key exchange system and method Download PDFInfo
- Publication number
- CN101426018A CN101426018A CNA2007101669234A CN200710166923A CN101426018A CN 101426018 A CN101426018 A CN 101426018A CN A2007101669234 A CNA2007101669234 A CN A2007101669234A CN 200710166923 A CN200710166923 A CN 200710166923A CN 101426018 A CN101426018 A CN 101426018A
- Authority
- CN
- China
- Prior art keywords
- access service
- service network
- action terminal
- key
- material parameter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention provides a safety authentication and key conversion system and method for wireless network. before a mobile terminal positioned at a first access service network switches to a second access service network adjacent to the first access service network, the mobile terminal performs an authentication flow between the mobile terminal and the second access service network so as not to be subject to authentication flow when the mobile terminal switches to the second access service network. The inventive method omits authentication flow of EAP-TLS for mobile terminal, includes exchanging authentication of server and client and related challenge/response, thereby saving large mount of time and computing resource, avoiding service interruption arising from too much consumption for time because wireless network service performs safety authentication and exchanges with key.
Description
Technical field
The present invention is relevant for a kind of data processing method of wireless network, and is particularly to a kind of advanced security authentication and golden key switching method (KEY MANAGEMENT SYSTEM ANDMETHOD FOR WIRELESS NETWORKS) of wireless network.
Background technology
Fig. 1 shows the network architecture schematic diagram that meets global intercommunication microwave access (WiMAX) standard.The WiMAX network architecture comprises two Internet service providers (Operator), i.e. network access supplier (Network Access Provider abbreviates NAP as) and network service provider (Network ServiceProvider abbreviates NSP as).In the WiMAX standard, NAP provides the service of WiMAX radio access by one or more access service networks (Access Service Network abbreviates ASN as).A NAP is made up of a plurality of ASN.NAP provides one group of complete function, and (MobileStation MS) uses to the action terminal.To authentication, (Authentication AuthorizationAccounting the abbreviates AAA as) capital construction of authorizing, charge, NAP passes on the aaa server of AAA information to rear end NSP.
On the other hand, NSP is main ISP, and it is made up of one or more association service network (Connectivity Service Network abbreviates CSN as).Because authentication is wherein a kind of service that NSP provides, so aaa server leaves among the CSN usually.Based on this framework, ASN can be used as an AAA acting server or an aaa authentication end.In general, ASN changes as the information in when communication usually and passes assembly, and each ASN comprises one or more base stations (BaseStation abbreviates BS as).Each base station provides large-scale radio access scope to use in order to the action terminal with the function of communicating by letter.
The WiMAX network system is used expansible type authentication protocol (ExtensibleAuthentication Protocol when authentication, abbreviate EAP as) mechanism, comprise EAP with TLS (EAP-Transport Level Security, abbreviate EAP-TLS as), EAP authentication and key agreement agreement (EAP-Authentication and Key Agreement Protocol, abbreviate EAP-AKA as), EAP orders usefulness person's identity module (EAP-Subscriber Identity Module, abbreviate EAP-SIM as) ... or the like, EAP-TLS capital construction (the Public Key Infrastructure that uses public-key wherein, abbreviate PKI as) framework, so be one to have the mechanism of high safety.The WiMAX standard is supported mobility, and it has defined " little switching (Micro Handoff) " roaming mechanism with " grand switching (Macro Handoff) "." little switching " is meant that an action terminal roams into the transmitting boundary of another base station from some base stations, but these two base stations are in same ASN." grand switching " is meant that an action terminal roams into another ASN from some ASN, because the gateway (Gateway) of this two ASN is positioned at identical CSN scope, therefore the action terminal of this roaming remains that process authenticates.
When the WiMAX network architecture is carried out " grand switching ", must utilize EAP mechanism again the action terminal to be done authentication, though compare safety, the authenticated exchange step is comparatively complicated.So under situation about will switch, if there is not suitable optimization (Optimization) mechanism, then identifying procedure can be quite time-consuming, and may cause taking action terminal when not having seam switching (Seamless Handoff), its online will interruption.
Therefore, the present invention proposes a kind of advanced security authentication and golden key switching method of wireless network, it provides a safety and has reconnected wire protocol fast.
Summary of the invention
Based on above-mentioned purpose, the embodiment of the invention has disclosed a kind of advanced security authentication and golden key switching method of wireless network.Before an action terminal that is positioned at one first access service network switches to the one second access service network adjacent with this first access service network, carry out this action terminal and the internetwork identifying procedure of this second access service in advance, make this action terminal when switching to this second access service network, do not need to carry out again this identifying procedure.
The embodiment of the invention has also disclosed a kind of advanced security authentication and golden key exchange system of wireless network, comprises action terminal, one first access service network and one second an access service network.Before this action terminal that is positioned at this first access service network switches to this second access service network adjacent with this first access service network, carry out this action terminal and the internetwork identifying procedure of this second access service in advance, make this action terminal when switching to this second access service network, do not need to carry out again this identifying procedure.
The inventive method is omitted the identifying procedure of EAP-TLS to the action terminal, the step that comprises the exchange authentication of server and client, and relevant challenge (Challenge/Response), so after switching, can save plenty of time and computational resource, avoid any wireless network services to expend the too many time and cause possible service disruption because of carrying out safety certification and the exchange of golden key.
Description of drawings
Fig. 1 shows the network architecture schematic diagram that meets global intercommunication microwave access (WiMAX) standard.
Fig. 2 A and Fig. 2 B show the advanced security authentication of the embodiment of the invention and the flow chart of steps of golden key switching method.
Fig. 3 shows the safety certification of the embodiment of the invention and the workflow schematic diagram of golden key exchange system.
The primary clustering symbol description:
100~action terminal
200~the first access service networks
300~the second access service networks
400~authenticated/authorized/accounting server
500~base station
ASN~access service network
BS~base station
CSN~association service network
MS~action terminal
NAP~network access supplier
NSP~network service provider
Embodiment
For purpose of the present invention, feature and advantage can be become apparent, preferred embodiment cited below particularly, and conjunction with figs. Fig. 2 A, Fig. 2 B and Fig. 3 are described in detail.Specification of the present invention provides different embodiment that the technical characterictic of the different execution modes of the present invention is described.Wherein, the usefulness that is configured to explanation of each assembly among the embodiment is not in order to restriction the present invention.And the part of drawing reference numeral repeats among the embodiment, is for the purpose of simplifying the description, is not the relevance that means between the different embodiment.
The embodiment of the invention has disclosed a kind of advanced security authentication and golden key exchange system and method for wireless network.
The advanced security authentication of the embodiment of the invention and golden key exchange system and method allow the action terminal before switching, and promptly respectively precompute the follow-up golden key of pairing master (Pairwise Master Key) with the ASN both parties in a lawsuit that may switch the past afterwards and promptly produce the required key material parameter (KeyingMaterial Parameter) of the main golden key of this pairing.Be the random number (Pseudo-Random Number) of a pseudorandom in the general enforcement of this key material parameter, but it is not in order to limit the present invention.Thus, when the action terminal really switches in the future wherein an ASN, can calculate the main golden key (Pairwise Master Key abbreviates PMK as) of pairing apace according to several key material parameters of before calculating in advance, as the basis of the follow-up required golden key of switching.
Fig. 2 A and Fig. 2 B show the advanced security authentication of the embodiment of the invention and the flow chart of steps of golden key switching method.
One action terminal is positioned at ASN
1Scope in, its utilize the EAP-TLS agreement and by remote authentication dial and connect that user service (Remote Authentication Dial-in User Service abbreviates RADIUS as) is finished and aaa server between mutual authentication (step S201).In this step, ASN
1And aaa server all is trusty for this action terminal.ASN
1With a neighboring AS N (ASN
j, the voucher (NCL) of the sequence (NL) of j=2~n) and each ASN is passed to this action terminal (step S202).Comprise in the neighboring AS N sequence each ASN identification code (Identity, ID).The PKI that has indivedual ASN in the voucher of each ASN.ASN voucher in each ASN identification code in the ASN sequence and the NCL is corresponding mutually, and it is expressed as (ASN
1, PUK_ASN
1), (ASN
2, PUK_ASN
2) ..., (ASN
n, PUK_ASN
n).In the invention process, suppose ASN
1Adjacent ASN number is less than 10 (this hypothesis meets the spatial dimension that ASN sets up), therefore for this action terminal institute must reception data volume be acceptable.The voucher of each ASN is issued by a Ticket Granting Ticket center (Root Certificate Authority (CA)), so this action terminal can utilize the voucher at this Ticket Granting Ticket center to verify the voucher (PUK_ASN of i ASN
i).
This action terminal produces the key material parameter X that next switching will be used
i(step S203).Because at present this action terminal only and ASN
1Link to each other, so must pass through ASN
1With the key material parameter X
iPass on (Relay) to ASN
2..., ASN
iWith the key material parameter X
iTransfer to ASN
jBefore, this action terminal utilizes the private key PRI_MS of oneself to the key material parameter X
iCombine digital stamped signature (Digital Signature) (j=2 this moment) (step S204), and use ASN
2PKI PUK_ASN
2Key material parameter X i is encrypted, and add ASN again
2Identification code (step S205).With the key material parameter X after the PUK encryption
iCan be expressed as ENCPUK_ASN
2(SIGPRI_MS (X
i)) ‖ MS-ID ‖ ASN
2-ID, but it is an embodiment only, is not in order to limit the present invention.ENCPUK_ASN
2Representation how to be expressed as the master on real the work.
ASN
1According to ASN
2The key material parameter X of identification code after with this action terminal encryption
iTransfer to ASN
2(step S206).ASN
2Receiving the key material parameter X
iAfterwards, can utilize its private key with stamped signature key material parameter X later earlier
iUntie, and then verify this digital signature whether correctly (step S207).If be proved to be successful, represent the key material parameter X
iIn transmitting, do not altered, and can determine to be produced by MS.ASN
2Can produce the key material parameter Y that when switching next time, will use with this action terminal
2(step S208), the private key that utilizes himself is to key material parameter Y
2Carry out digital signature (step S209), and the PKI PUK_MS that utilizes this action terminal is to key material parameter Y
2Encryption is to guarantee transmission security (step S210).Key material parameter Y after the encryption
2Can be expressed as ENCPUK_MS (SIGPRI_ASN
2(Y
2)) ‖ MS-ID ‖ ASN
2-ID.
ASN
2Via ASN
1With the key material parameter Y after encrypting
2Send this action terminal (step S211) to.ASN
1This action terminal can be when receiving the key material parameter of an ASN wherein, transferred at once, also this action terminal can be when collecting the key material parameter of a plurality of ASN, transferred to again.This action terminal is received ASN
1Change the key material parameter Y that transmits
2The time, use its private key with key material parameter Y
2Untie, and verify this digital signature whether correctly (step S212).As this action terminal and ASN
2(j=2) after the identifying procedure between is finished, whether judge j, promptly judge whether to still have other ASN to need to authenticate with this action terminal greater than n (step S213).If then step S204~S212 is re-executed once, till j is greater than n.
After the authentication between this action terminal and all ASN was all finished, this action this moment terminal had obtained the key material parameter X that produces voluntarily
iBe received from ASN
J (j=2~n)Key material parameter Y
J (j=2~n), and each ASN
jObtained the key material parameter Y that produces voluntarily
jKey material parameter X with this action terminal
i(step S214).When this action terminal will switch to ASN
jThe time, this action terminal and ASN
jRespectively according to acquired key material parameter X
iWith Y
j, utilize a hash function (Hash Function) to calculate PMK
XiWith PMK
Yj(step S215).If PMK
XiWith PMK
YjValue equate, can calculate the authentication gold key that meets 802.16 standards (Authentication Key, AK).ASN
jCan will authenticate golden key and send the base station of serving to, so this action terminal promptly switches to ASN
j
Note that this action terminal can perhaps can calculate PMK in advance there being when switching just to calculate PMK.In addition, PMK can utilize a hash function (Hash Function) to calculate, and it can be expressed as PMK
i(PMK
i=H (X
i‖ Y
j)).
Fig. 3 shows the safety certification of the embodiment of the invention and the workflow schematic diagram of golden key exchange system.
The safety certification of the embodiment of the invention and golden key exchange system comprise an action terminal (MS) 100, one first access service network (ASN at least
1) 200,1 second access service network (ASN
j) 300, one authenticated/authorized/accounting server (AAA) 400 and a base station (BS) 500.The terminal 100 of taking action this moment is positioned at the scope of the first access service network 200.
The second access service network 300 utilizes its private key with the key material parameter X
iUntie and verify digital signature then, shown in operation (7).Then, the second access service network 300 produces the key material parameter Y that the 100 next switchings of action terminal will be used
2(shown in operation (8)) utilizes its private key RPI_ASN
2To key material parameter Y
2Combine digital stamped signature (shown in operation (9)), and the PKI PUK_MS of utilization action terminal is to key material parameter Y
2Encrypt (shown in operation (10)).Key material parameter Y after the second access service network 300 will be encrypted
2Transfer to action terminal 100 via the first access service network 200, shown in operation (11).Action terminal 100 utilizes its private key with key material parameter Y
2Untie and verify digital signature then, shown in operation (12).
If also have other access service network (ASN
2~ASN
n, j=2~n), then repetitive operation (4)~operation (12) is till j is greater than n.After the authentication of 300 on action terminal 100 and the second access service network was finished, the terminal 100 of taking action this moment had obtained the key material parameter X of generation voluntarily
iWith the key material parameter Y that is received from the second access service network 300
2, and the second access service network 300 has been obtained the key material parameter Y that produces voluntarily
2Key material parameter X with this action terminal
i(shown in operation (12)~(15)).When action terminal 100 will switch to the second access service network 300, the action terminal 100 and the second access service network 300 were respectively according to acquired key material parameter X
iWith Y
2, utilize a hash function (Hash Function) to calculate PMK
XiWith PMK
Y2(shown in operation (16), (17)).If PMK
XiWith PMK
Y2Value equate, can calculate the authentication gold key that meets 802.16 standards.ASN
jCan will authenticate golden key and send the base station (shown in operation (18)) of serving to, promptly switch to the second access service network 300 as this action terminal 100.
The safety certification of the embodiment of the invention and golden key switching method and system are in the enforcement switching of action terminal and when implementing the exchange of safety certification and golden key, existing nothing is directly implemented complete EAP (as EAP-TLS) mechanism for authentication means in advance and is come efficiently, but mainly in the identifying procedure of the original EAP of clipped (as EAP-TLS) to taking action between terminal and ASN both parties in a lawsuit after the switching, the step that comprises the exchange authentication of server and client, and relevant challenge (Challenge/Response), its identifying procedure at least only needs 6 steps to finish.Therefore, the inventive method can be saved plenty of time and computational resource.
The present invention also provides a kind of recording medium (for example discs, disk sheet and removable hard drive or the like), and it writes down the authority sign-off program of an embodied on computer readable, so that carry out above-mentioned safety certification and golden key switching method.At this, be stored in the authority sign-off program on the recording medium, basically (for example the setting up organization chart code segment, sign-off forms code segment, setting program code snippet and deployment program code snippet) formed by a plurality of code segment, and the function of these code segment corresponds to the step of said method and the functional block diagram of said system.
Though the present invention discloses as above with preferred embodiment; right its is not in order to limiting the present invention, anyly has the knack of this skill person, without departing from the spirit and scope of the present invention; when can being used for a variety of modifications and variations, thus protection scope of the present invention when with claim the person of being defined be as the criterion.
Claims (22)
1. the advanced security authentication of a wireless network and golden key switching method, this method comprises the following steps:
Before an action terminal that is positioned at one first access service network switches to the one second access service network adjacent with the described first access service network, carry out described action terminal and the internetwork identifying procedure of described second access service in advance, make described action terminal when switching to the described second access service network, do not need to carry out again described identifying procedure.
2. the advanced security authentication of wireless network as claimed in claim 1 and golden key switching method is characterized in that described method also comprises the following steps:
Before described action terminal switches to the described second access service network:
A described action terminal and a certificate server authenticate;
The described first access service network sends the voucher of an adjacent access service network sequence and each access service network to described action terminal; And
Described action terminal is given the described second access service network with the described first key material parameter via the described first access service network transfers.
3. the advanced security authentication of wireless network as claimed in claim 2 and golden key switching method is characterized in that, described action terminal is behind the voucher of obtaining described adjacent access service network sequence and described each access service network:
Described action terminal produces carries out one first required key material parameter of a switching operation, utilizes its private key that one first digital signature is added to the described first key material parameter;
Utilize the PKI of the described second access service network that the described first key material parameter is encrypted; And
Give the described second access service network with the described first key material parameter after encrypting via the described first access service network transfers.
4. the advanced security authentication of wireless network as claimed in claim 2 and golden key switching method is characterized in that described method also comprises the following steps:
Described second its private key of access service network utilisation is untied the described first key material parameter and is verified described first digital signature then;
The described second access service network is given described action terminal with the described second key material parameter via the described first access service network transfers; And
Described action terminal is utilized its private key that the described second key material parameter is untied and is verified described second digital signature then.
5. the advanced security authentication of wireless network as claimed in claim 4 and golden key switching method is characterized in that, behind described first digital signature of the described second access service network verification:
The described second access service network produces described action terminal desire and carries out one second required key material parameter of described handover operation;
Utilize a private key of the described second access service network that one second digital signature is added to the described second key material parameter;
Utilize the PKI of described action terminal that the described second key material parameter is encrypted; And
Give described action terminal with the described second key material parameter after encrypting via the described first access service network transfers.
6. the advanced security authentication of wireless network as claimed in claim 4 and golden key switching method, it is characterized in that, after finishing described action terminal and the internetwork described identifying procedure of described second access service, the described first access service network sends the voucher of an adjacent access service network sequence and the described second access service network to described action terminal.
7. the advanced security authentication of wireless network as claimed in claim 6 and golden key switching method, it is characterized in that, the identification code that comprises the described second access service network in the described adjacent access service network sequence, and the voucher internal memory of the described second access service network has the PKI of the described second access service network.
8. the advanced security authentication of wireless network as claimed in claim 7 and golden key switching method, it is characterized in that the described first key material parameter of the identification code of the network based described second access service network of described first access service after with described action terminal encryption transfers to the described second access service network.
9. the advanced security authentication of wireless network as claimed in claim 4 and golden key switching method is characterized in that described method also comprises the following steps:
After described action terminal and the internetwork authentication of described second access service were finished, described action terminal and the described second access service network were all obtained described first and second key material parameter;
When described action terminal will switch to the described second access service network, described action terminal and the described second access service network went out the main golden key of one first pairing according to described first and second key material calculation of parameter respectively and lead golden key with one second pairing;
The value that described action terminal utilizes the main golden key of first pairing to produce a golden key of authentication and the main golden key of the described second access service network utilisation, second pairing produces the golden key of an authentication; And
The described second access service network sends the golden key of described authentication in its service network a base station, makes described action terminal switch to the second access service network.
10. the advanced security authentication of wireless network as claimed in claim 9 and golden key switching method, it is characterized in that, when the described first access service network is also adjacent with one the 3rd access service network, repeat above-mentioned authentication and encrypting step, make described the 3rd access service network obtain and verify the described first key material parameter, and described action terminal obtains and verify one the 3rd key material parameter that described the 3rd access service network produces.
11. the advanced security authentication of wireless network as claimed in claim 1 and golden key switching method, it is characterized in that, after described action terminal and the described second and the 3rd internetwork authentication of access service are finished, described action terminal obtains described first, second and the 3rd key material parameter, the described second access service network is obtained described first and second key material parameter, and described the 3rd access service network is obtained the described first and the 3rd key material parameter.
12. the advanced security authentication of a wireless network and golden key exchange system is characterized in that, described system comprises:
One action terminal;
One first access service network, it has described action terminal; And
One second access service network;
Wherein, before the described action terminal that is positioned at the described first access service network switches to the described second access service network adjacent with the described first access service network, carry out described action terminal and the internetwork identifying procedure of described second access service in advance, make described action terminal when switching to the described second access service network, do not need to carry out again described identifying procedure.
13. the advanced security authentication of wireless network as claimed in claim 12 and golden key exchange system is characterized in that, described system also comprises a certificate server, wherein:
Before described action terminal switches to the described second access service network, a described action terminal and a certificate server authenticate, the described first access service network sends the voucher of an adjacent access service network sequence and each access service network to described action terminal, and described action terminal is given the described second access service network with the described first key material parameter via the described first access service network transfers.
14. the advanced security authentication of wireless network as claimed in claim 13 and golden key exchange system, it is characterized in that, described action terminal is behind the voucher of obtaining described adjacent access service network sequence and described each access service network, produce and carry out one first required key material parameter of a switching operation, utilize its private key that one first digital signature is added to the described first key material parameter, utilize the PKI of the described second access service network that the described first key material parameter is encrypted, and the described first key material parameter after will encrypting is given the described second access service network via the described first access service network transfers.
15. the advanced security authentication of wireless network as claimed in claim 13 and golden key exchange system is characterized in that:
Described second its private key of access service network utilisation is untied the described first key material parameter and is verified described first digital signature then, the described second access service network is given described action terminal with the described second key material parameter via the described first access service network transfers, and described action terminal is utilized its private key that the described second key material parameter is untied to verify described second digital signature then.
16. the advanced security authentication of wireless network as claimed in claim 12 and golden key exchange system, it is characterized in that, behind described first digital signature of the described second access service network verification, the described second access service network produces described action terminal desire and carries out one second required key material parameter of described handover operation, utilize its private key that one second digital signature is added to the described second key material parameter, utilize the PKI of described action terminal that the described second key material parameter is encrypted, and the described second key material parameter after will encrypting is given described action terminal via the described first access service network transfers.
17. the advanced security authentication of wireless network as claimed in claim 15 and golden key exchange system, it is characterized in that, after finishing described action terminal and the internetwork described identifying procedure of described second access service, the described first access service network sends the voucher of an adjacent access service network sequence and the described second access service network to described action terminal.
18. the advanced security authentication of wireless network as claimed in claim 17 and golden key exchange system, it is characterized in that, the identification code that comprises the described second access service network in the described adjacent access service network sequence, and the voucher internal memory of the described second access service network has the PKI of the described second access service network.
19. the advanced security authentication of wireless network as claimed in claim 18 and golden key exchange system, it is characterized in that the described first key material parameter of the identification code of the network based described second access service network of described first access service after with described action terminal encryption transfers to the described second access service network.
20. the advanced security authentication of wireless network as claimed in claim 15 and golden key exchange system is characterized in that, described system also comprises a base station, wherein:
After described action terminal and the internetwork authentication of described second access service are finished, described action terminal and the described second access service network are all obtained described first and second key material parameter, when described action terminal will switch to the described second access service network, described action terminal and the described second access service network go out main golden key of one first pairing and the main golden key of one second pairing according to described first and second key material calculation of parameter respectively, the value that described action terminal utilizes the main golden key of first pairing to produce a golden key of authentication and the main golden key of the described second access service network utilisation, second pairing produces the golden key of an authentication, and the described second access service network sends the golden key of described authentication in its service network a base station, makes described action terminal switch to the second access service network.
21. the advanced security authentication of wireless network as claimed in claim 20 and golden key exchange system is characterized in that:
When the described first access service network is also adjacent with one the 3rd access service network, repeat above-mentioned authentication and encrypting step, make described the 3rd access service network obtain and verify the described first key material parameter, and described action terminal obtains and verify one the 3rd key material parameter that described the 3rd access service network produces.
22. the advanced security authentication of wireless network as claimed in claim 12 and golden key exchange system is characterized in that:
After described action terminal and the described second and the 3rd internetwork authentication of access service are finished, described action terminal obtains described first, second and the 3rd key material parameter, the described second access service network is obtained described first and second key material parameter, and described the 3rd access service network is obtained the described first and the 3rd key material parameter.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007101669234A CN101426018A (en) | 2007-10-29 | 2007-10-29 | Advanced security authentication for wireless network, golden key exchange system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007101669234A CN101426018A (en) | 2007-10-29 | 2007-10-29 | Advanced security authentication for wireless network, golden key exchange system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101426018A true CN101426018A (en) | 2009-05-06 |
Family
ID=40616348
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2007101669234A Pending CN101426018A (en) | 2007-10-29 | 2007-10-29 | Advanced security authentication for wireless network, golden key exchange system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101426018A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102239654A (en) * | 2009-08-14 | 2011-11-09 | 华为技术有限公司 | Authentication method and apparatus for passive optical network device |
| CN109391465A (en) * | 2017-08-04 | 2019-02-26 | 财团法人资讯工业策进会 | transmission device and transmission data protection method thereof |
-
2007
- 2007-10-29 CN CNA2007101669234A patent/CN101426018A/en active Pending
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102239654A (en) * | 2009-08-14 | 2011-11-09 | 华为技术有限公司 | Authentication method and apparatus for passive optical network device |
| CN109391465A (en) * | 2017-08-04 | 2019-02-26 | 财团法人资讯工业策进会 | transmission device and transmission data protection method thereof |
| CN109391465B (en) * | 2017-08-04 | 2022-01-21 | 财团法人资讯工业策进会 | Transmission device and transmission data protection method thereof |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101056177B (en) | Radio mesh re-authentication method based on the WLAN secure standard WAPI | |
| Chen et al. | Lightweight and provably secure user authentication with anonymity for the global mobility network | |
| EP3668042B1 (en) | Registration method and apparatus based on service-oriented architecture | |
| EP2487863B1 (en) | Enabling secure access to sensor network infrastructure using multiple interfaces and application based group key selection | |
| AU2003243680B2 (en) | Key generation in a communication system | |
| CN101018178B (en) | Inter-working function for a communication system | |
| CN101931955B (en) | Authentication method, device and system | |
| US20110320802A1 (en) | Authentication method, key distribution method and authentication and key distribution method | |
| US20070269048A1 (en) | Key generation in a communication system | |
| CN101222760A (en) | Method for establishing session key agreement | |
| CN103039053A (en) | Secure registration of group of clients using single registration procedure | |
| CN101147377A (en) | Secure bootstrapping for wireless communications | |
| CN102440019A (en) | Traffic encryption key generation in a wireless communication network | |
| CN101951590B (en) | Authentication method, device and system | |
| CN103688563A (en) | Performing a group authentication and key agreement procedure | |
| CN103139768A (en) | Authentication method and authentication device in integrated wireless network | |
| WO2012174959A1 (en) | Group authentication method, system and gateway in machine-to-machine communication | |
| Shrestha et al. | Kerberos based authentication for inter-domain roaming in wireless heterogeneous network | |
| US8407474B2 (en) | Pre-authentication method, authentication system and authentication apparatus | |
| Prasithsangaree et al. | A new authentication mechanism for loosely coupled 3G-WLAN integrated networks | |
| Zheng et al. | Trusted computing-based security architecture for 4G mobile networks | |
| Peinado | Privacy and authentication protocol providing anonymous channels in GSM | |
| CN102668610A (en) | Authenticator relocation method for WiMAX system | |
| Haddad et al. | Secure and efficient AKA scheme and uniform handover protocol for 5G network using blockchain | |
| KR20080093449A (en) | Gsm authentication in a cdma network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20090506 |