CN101540998A - Method and system for distributing mobile station mark in wireless communication system - Google Patents
Method and system for distributing mobile station mark in wireless communication system Download PDFInfo
- Publication number
- CN101540998A CN101540998A CN200910137603A CN200910137603A CN101540998A CN 101540998 A CN101540998 A CN 101540998A CN 200910137603 A CN200910137603 A CN 200910137603A CN 200910137603 A CN200910137603 A CN 200910137603A CN 101540998 A CN101540998 A CN 101540998A
- Authority
- CN
- China
- Prior art keywords
- mobile station
- terminal
- base station
- station identification
- capability negotiation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses a method and a system for distributing a mobile station mark in a wireless communication system; and in the process of accessing or re-accessing to the network of a terminal, a base station distributes the only mobile station mark STID for the terminal and transmits the mobile station mark to the terminal in the process of capability consultation after identification. The method and the system lead the terminal to be capable of obtaining the mobile station mark which is distributed by the network for the terminal.
Description
Technical field
The present invention relates to the communications field, distributing mobile station identifications method and system in a kind of wireless communication system.
Background technology
IEEE is the abbreviation of electronic motor engineering association (Institute of Electrical and Electronic Engineers).Except the relevant community activity of specialty, IEEE also formulates the standard of electronic equipment, comprises the standard of various different communication technologies.Wherein, the IEEE 802 main standards of formulating electronic engineering and computer realm are called LMSC (LAN/MAN Standards Committee, local area network (LAN)/metropolitan area network standard committee) again.And 802.16 standards systems mainly are at metropolitan area network, its main target is wireless access system air interface physical layer (PHY) and medium access control layer (MAC) standard of development in 2~66GHz frequency band, also has uniformity test relevant with air interface protocol and the coexistence standard between the different radio connecting system simultaneously.
According to whether supporting mobility, IEEE 802.16 standards can be divided into that fixed broadband wireless inserts air-interface standard and mobile broadband wireless inserts air-interface standard, wherein 802.16,802.16a, 802.16c, 802.16d belong to the fixed wireless access air-interface standard.802.16d be to 802.16, the revision of 802.16a and 802.16c, pass in IEEE 802 committees, with the title issue of IEEE 802.16-2004 in June, 2004.And 802.16e belongs to mobile broadband wireless access air-interface standard.This standard passed in IEEE 802 committees in November, 2005, with the title issue of IEEE802.16-2005.WiMAX promptly is based on the standard of IEEE 802.16 air interfaces, has become the wireless access wide band technology of influence power maximum in the world at present.
IEEE is working out the 802.16m standard at present.This standard is in order to study next step evolution path of WiMAX, target is to become the next generation mobile communication technology, and finally submit to the technology motion to become one of IMT-Advanced standard of ITU (International Telecommunication Unit, International Telecommunications Union) to ITU.This standard is with the existing 802.16e standard of compatibility.
The system description document of present 802.16m (System Description Document, SDD) in, defined moving station mark (Station ID).It is in the process that initial network enters or network reenters, and by the identifier that is used to discern this terminal that base station (ABS) distributes for each terminal (AMS), this identifier is unique in the scope of base station.Each all has the STID of an appointment in the terminal of network registry.System can reserve that some specific STID is used for for example broadcasting, multicast and ranging.
Need safeguard the mapping relations of STID and terminal MAC Address (AMS MAC Address) at network side, these mapping relations need be protected.Therefore when ABS need be distributed as the STID of AMS appointment, the message of this appointment need be encrypted.
Stipulate simultaneously that in SDD STID specifies, and the distribution of STID needs protection mechanism after terminal completes successfully initial authentication or re-authentication process.The three-way handshake process or the registration process that have patent to propose behind verification process are distributed STID.If issue STID in three-way handshake process, owing to the message of three-way handshake process only has integrity protection not have Confidentiality protection, and the transmission of STID needs protection mechanism.Therefore we have to adopt for example separately to the STID method of encrypting, and can increase the expense of system so undoubtedly.If issue STID,, concerning going up from the time, the protection of terminal privacy a little a bit postpones though avoided issuing increase problem to overhead in three-way handshake process in registration process.
Summary of the invention
The technical problem to be solved in the present invention provides distributing mobile station identifications method and system in a kind of wireless communication system, makes terminal can obtain the mobile station identification of network for its distribution safely.
For solving the problems of the technologies described above, the invention provides distributing mobile station identifications method in a kind of wireless communication system, in the process of terminal initial networking or network re-entry, this method comprises:
Terminal is to base station transmitting capacity negotiation request message;
After described base station receives described message for requesting capability negotiation,, wherein carry the mobile station identification that described base station is described terminal distribution to described terminal transmitting capacity negotiate response message.
Further, described response message of capability negotiation is an encrypting messages, or the mobile station identification that described response message of capability negotiation carries utilizes key-encrypting key KEK or traffic encryption key TEK to encrypt the back transmission according to cryptographic algorithm.
Further, the cryptographic algorithm of described mobile station identification presets, or described base station and terminal are held consultation in three-way handshake process.
For solving the problems of the technologies described above, the present invention also provides distributing mobile station identifications method in a kind of wireless communication system, in the process of terminal initial networking or network re-entry, the base station is the unique mobile station identification STID of terminal distribution, and in the capability negotiation process after authentication described mobile station identification is sent to terminal.
Further, described response message of capability negotiation is an encrypting messages, or the mobile station identification that described response message of capability negotiation carries utilizes key-encrypting key KEK or traffic encryption key TEK to encrypt the back transmission.
For solving the problems of the technologies described above, the present invention also provides distributing mobile station identifications system in a kind of wireless communication system, this system comprises terminal and the base station that connects by wireless network, described base station comprises interconnective mobile station identification distribution module and distributing mobile station identifications module, wherein, the mobile station identification distribution module is used for being the terminal distribution mobile station identification in terminal initial networking or re-networking process; The distributing mobile station identifications module, the capability negotiation process that is used for after authentication sends to terminal with mobile station identification STID.
Terminal is used to receive the mobile station identification of base station assigns.
Further, described terminal also is used for to described base station transmitting capacity negotiation request message, and receives described mobile station identification by the response message of capability negotiation that receives the transmission of described base station; Described base station also comprises receiver module, be used to receive the message for requesting capability negotiation that described terminal sends, and handling capacity negotiate response message sends described mobile station identification to described terminal; The mobile station identification distribution module of described base station completes successfully Certificate Authority operation back in terminal and is described terminal distribution mobile station identification.
Further, described response message of capability negotiation is that Confidentiality protection is arranged, and described mobile station identification directly sends in the message of encrypting.
Further, after the mobile station identification that carries of described response message of capability negotiation utilizes key-encrypting key KEK or traffic encryption key TEK to encrypt according to cryptographic algorithm.
Further, the cryptographic algorithm of described mobile station identification presets, or described base station and terminal are held consultation in three-way handshake process.
Compared to prior art; mobile station identification STID is distributed to terminal in the inventive method and the system in the capability negotiation process; and the capability negotiation process follows closely after the three-way handshake process; therefore can more early protect the privacy of terminal; terminal can obtain the mobile station identification STID of network for its distribution safely; and capability negotiation message is generally encrypted transmission, compares the independent encryption of STID like this and can reduce overhead undoubtedly.
Description of drawings
Fig. 1 is that distributing mobile station identifications method of the present invention utilizes the capability negotiation process to issue the schematic diagram that STID gives terminal.
Fig. 2 is that distributing mobile station identifications method of the present invention utilizes the capability negotiation process to issue the instantiation that STID gives terminal.
Embodiment
As shown in Figure 1, the distributing mobile station identifications method is in terminal initial networking or network re-entry process in the wireless communication system of the present invention, the base station is the unique mobile station identification STID of terminal distribution, and the capability negotiation process after authentication sends to terminal with mobile station identification.
As shown in Figure 2, terminal has been described in the process of initial network entry or network re-entry, the capability negotiation process of base station after authentication is handed down to STID the process of terminal.The distributing mobile station identifications method may further comprise the steps in the wireless communication system of the present invention:
Step 201: initial authentication or re-authentication process are carried out in terminal and base station;
Step 202: three-way handshake process is carried out in terminal and base station, checking authorization key AK (Authorization Key);
Step 203: terminal is carried the ability parameter that will consult to base station transmitting capacity negotiation request message;
Step 204: the base station is to terminal transmitting capacity negotiate response message, and wherein carrying the base station is the STID of terminal distribution and the ability parameter of negotiation;
If this message has Confidentiality protection, STID can directly send in the message of encrypting so; If this message is not done Confidentiality protection, then use KEK or TEK that STID is encrypted the back alternatively and send.When using secret key encryption STID that it is protected transmission, security parameters such as STID cryptographic algorithm can be undertaken pre-configured or held consultation in the SA-TEK three-way handshake process by system.
Step 205: terminal sends login request message to the base station, registers to the base station;
Step 206: the base station sends registration reply message to terminal, finishes registration process.
For realizing above method, the present invention also provides distributing mobile station identifications system in a kind of wireless communication system, and this system comprises base station and the terminal that connects by wireless network, wherein,
The base station is used for being the unique mobile station identification STID of terminal distribution in terminal initial networking or re-networking process, and in the capability negotiation process after authentication mobile station identification STID is sent to terminal.
The base station further comprises: interconnective mobile station identification distribution module and distributing mobile station identifications module, wherein
The mobile station identification distribution module is used for networking or re-networking process at terminal initial, after terminal completes successfully the Certificate Authority operation, is the terminal distribution mobile station identification;
The distributing mobile station identifications module, the capability negotiation process that is used for after authentication sends to terminal with mobile station identification STID, and concrete handling capacity negotiate response message sends mobile station identification;
Receiver module is used for the message for requesting capability negotiation that receiving terminal sends;
Terminal, terminal are used for to base station transmitting capacity negotiation request message and receive the response message of capability negotiation that the base station sends, and wherein carry the mobile station identification of base station assigns.
Described response message of capability negotiation is that Confidentiality protection is arranged, and described mobile station identification directly sends in the message of encrypting, or after utilizing key-encrypting key KEK or traffic encryption key TEK to encrypt according to cryptographic algorithm.
The cryptographic algorithm of described mobile station identification presets, or described base station and terminal are held consultation in three-way handshake process.
The above only is the preferred embodiments of the present invention.The present invention program is not limited to the IEEE802.16 system, its associative mode can be applied in other wireless communication system.For a person skilled in the art, the present invention can have various changes and variation.Within the spirit and principles in the present invention all, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Mobile station identification STID is distributed to terminal in the inventive method and the system in the capability negotiation process; and the capability negotiation process follows closely after the three-way handshake process; therefore can more early protect the privacy of terminal; terminal can obtain the mobile station identification STID of network for its distribution safely; and capability negotiation message is generally encrypted transmission, compares the independent encryption of STID like this and can reduce overhead undoubtedly.
Claims (10)
1, distributing mobile station identifications method in a kind of wireless communication system is characterized in that: in the process of terminal initial networking or network re-entry, this method comprises:
Terminal is to base station transmitting capacity negotiation request message;
After described base station receives described message for requesting capability negotiation,, wherein carry the mobile station identification that described base station is described terminal distribution to described terminal transmitting capacity negotiate response message.
2, the method for claim 1, it is characterized in that: described response message of capability negotiation is an encrypting messages, or the mobile station identification that described response message of capability negotiation carries utilizes key-encrypting key KEK or traffic encryption key TEK to encrypt the back transmission according to cryptographic algorithm.
3, method as claimed in claim 2 is characterized in that: the cryptographic algorithm of described mobile station identification presets, or described base station and terminal are held consultation in three-way handshake process.
4, distributing mobile station identifications method in a kind of wireless communication system, it is characterized in that: in the process of terminal initial networking or network re-entry, the base station is the unique mobile station identification STID of terminal distribution, and in the capability negotiation process after authentication described mobile station identification is sent to terminal.
5, method as claimed in claim 4, it is characterized in that: described response message of capability negotiation is an encrypting messages, or the mobile station identification that carries of described response message of capability negotiation is to utilize transmission after key-encrypting key KEK or traffic encryption key TEK encrypt.
6, distributing mobile station identifications system in a kind of wireless communication system, this system comprise terminal and the base station that connects by wireless network, it is characterized in that:
Described base station comprises interconnective mobile station identification distribution module and distributing mobile station identifications module, and the mobile station identification distribution module is used for being the terminal distribution mobile station identification in terminal initial networking or re-networking process; The distributing mobile station identifications module, the capability negotiation process that is used for after authentication sends to terminal with mobile station identification STID;
Terminal is used to receive the mobile station identification of base station assigns.
7, system as claimed in claim 6 is characterized in that: described terminal also is used for to described base station transmitting capacity negotiation request message, and receives described mobile station identification by the response message of capability negotiation that receives the transmission of described base station; Described base station also comprises receiver module, be used to receive the message for requesting capability negotiation that described terminal sends, and handling capacity negotiate response message sends described mobile station identification to described terminal; The mobile station identification distribution module of described base station completes successfully Certificate Authority operation back in terminal and is described terminal distribution mobile station identification.
8, system as claimed in claim 6 is characterized in that: described response message of capability negotiation is that Confidentiality protection is arranged, and described mobile station identification directly sends in the message of encrypting.
9, system as claimed in claim 6 is characterized in that: after the mobile station identification that described response message of capability negotiation carries utilizes key-encrypting key KEK or traffic encryption key TEK to encrypt according to cryptographic algorithm.
10, system as claimed in claim 9 is characterized in that: the cryptographic algorithm of described mobile station identification presets, or described base station and terminal are held consultation in three-way handshake process.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910137603A CN101540998A (en) | 2009-04-23 | 2009-04-23 | Method and system for distributing mobile station mark in wireless communication system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910137603A CN101540998A (en) | 2009-04-23 | 2009-04-23 | Method and system for distributing mobile station mark in wireless communication system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101540998A true CN101540998A (en) | 2009-09-23 |
Family
ID=41123921
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200910137603A Pending CN101540998A (en) | 2009-04-23 | 2009-04-23 | Method and system for distributing mobile station mark in wireless communication system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101540998A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102404722A (en) * | 2010-09-12 | 2012-04-04 | 三星电子株式会社 | Method and apparatus for resource map transmission in wireless communication system |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101150472A (en) * | 2007-10-22 | 2008-03-26 | 华为技术有限公司 | Authentication method, authentication server and terminal in WIMAX |
| US20080192931A1 (en) * | 2005-06-22 | 2008-08-14 | Seok-Heon Cho | Method For Allocating Authorization Key Identifier For Wireless Portable Internet System |
-
2009
- 2009-04-23 CN CN200910137603A patent/CN101540998A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080192931A1 (en) * | 2005-06-22 | 2008-08-14 | Seok-Heon Cho | Method For Allocating Authorization Key Identifier For Wireless Portable Internet System |
| CN101150472A (en) * | 2007-10-22 | 2008-03-26 | 华为技术有限公司 | Authentication method, authentication server and terminal in WIMAX |
Non-Patent Citations (1)
| Title |
|---|
| IEEE 802.16 BROADBAND WIRELESS ACCESS WORKING GROUP: "《IEEE 802.16m System Description Document [Draft]》", 10 April 2009 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102404722A (en) * | 2010-09-12 | 2012-04-04 | 三星电子株式会社 | Method and apparatus for resource map transmission in wireless communication system |
| CN102404722B (en) * | 2010-09-12 | 2015-08-05 | 三星电子株式会社 | For the method and apparatus of resource map transmission in wireless communication system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101375243B (en) | System and method for wireless network profile provisioning | |
| CN1268093C (en) | Distribution method of wireless local area network encrypted keys | |
| US7986940B2 (en) | Automatic wireless network linking method with security configuration and device thereof | |
| CN103945376B (en) | The wireless device and method that re-cipher key is carried out in the case where reducing packet loss conditions for high throughput wireless communication | |
| EP1972125B1 (en) | Apparatus and method for protection of management frames | |
| JP5175980B2 (en) | Position privacy support method | |
| US20060094401A1 (en) | Method and apparatus for authentication of mobile devices | |
| CN109644134A (en) | System and method for the certification of large-scale Internet of Things group | |
| JP2004304824A (en) | Authentication method and authentication apparatus in wireless lan system | |
| US20060056634A1 (en) | Apparatus, system and method for setting security information on wireless network | |
| KR20060122685A (en) | Key handshaking method for wireless local area networks | |
| CN101895882A (en) | Data transmission method, system and device in WiMAX system | |
| CN101420686A (en) | Industrial wireless network security communication implementation method based on cipher key | |
| CN101631306A (en) | Updating method of air key, terminal and base station | |
| CN103096307A (en) | Secret key verification method and device | |
| CN108882233B (en) | IMSI encryption method, core network and user terminal | |
| CN101697522A (en) | Virtual private network networking method, communication system and related equipment | |
| CN111770588B (en) | Method and system for quickly establishing wireless connection with wireless router | |
| CN101431409B (en) | Method for implementing secret communication in different wireless local area network | |
| CN101431408B (en) | Encryption apparatus capable of implementing connection between communication terminal and wireless local area network | |
| CN102883265B (en) | The positional information method of sending and receiving of access user, equipment and system | |
| CN101510825B (en) | Protection method and system for management message | |
| CN101388801B (en) | Legal listening method, system and server | |
| CN101588576B (en) | A kind of method and system of system for protecting terminal privacy in wireless communication | |
| CN101540998A (en) | Method and system for distributing mobile station mark in wireless communication system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20090923 |