CN101621799A - Method, device and system for processing terminal certificate authentication failure - Google Patents
Method, device and system for processing terminal certificate authentication failure Download PDFInfo
- Publication number
- CN101621799A CN101621799A CN200810068412A CN200810068412A CN101621799A CN 101621799 A CN101621799 A CN 101621799A CN 200810068412 A CN200810068412 A CN 200810068412A CN 200810068412 A CN200810068412 A CN 200810068412A CN 101621799 A CN101621799 A CN 101621799A
- Authority
- CN
- China
- Prior art keywords
- eap
- cause
- error
- failure
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the invention discloses a method, a device and a system for processing terminal certificate authentication failure so as to enable a terminal to know the specific cause of the certificate authentication failure. The method comprises that: a gateway where an NAS is positioned receives an access rejecting message from an HAAA, and the message carries EAP-Failure and an error cause value Error-Cause or EAP-Notification and the Error-Cause; an AR-EAP-Transfer message is sent to a base station, and the message carries the EAP-Failure and the Error-Cause or the EAP-Notification and the Error-Cause, so that the base station forwards the EAP-Failure and the Error-Cause or EAP-Notification and the Error-Cause to the terminal.
Description
Technical field
The invention belongs to communication technical field, relate in particular to a kind of processing method, device and system terminal certificate authentication failure.
Background technology
WiMAX (Worldwide Interoperability for Microwave Access, the microwave interoperability is inserted in the whole world) is a kind of wireless metropolitan area network technology based on the IEEE802.16 standard.WiMAX network wireless side is based on the wireless MAN access technology of IEEE802.16d/e standard, adopt OFDM (Orthogonal Frequency Division Multiplexing, orthogonal frequency division multiplexi) and OFDMA (OFDM Access, the OFDM access) physical-layer techniques, effectively anti-multipath decline.Under the optimum channel decline situation, transmission rate can be approached 75Mbps.
WiMAX cellular logic framework as shown in Figure 1, the whole network of WiMAX mainly is made up of following three parts:
(1) terminal: comprise SS (Subscriber Station, subscriber board) or MS (Mobile Station, travelling carriage), the user uses this devices accessing WiMAX network.
(2) accessing business network: ASN (Access Service Network, accessing business network) is defined as the network function set that the WiMAX terminal provides the wireless access service.ASN has comprised BS (BaseStation, base station) and ASN-GW (ASN Gateway, ASN gateway) network element.
(3) connection service network: CSN (Connectivity Service Network connects service network) is defined as the WiMAX terminal provides IP Connection Service.CSN mainly comprises prepaid server (PPS, Prepaid Server) and authentication (AAA, Authentication, Authorization andAccounting) logic entity such as server, the major function that is provided is: the IP address assignment of MS, Internet insert, AAA proxy or server, based on the authorization control of terminal etc.
In the prior art, the R1 interface among Fig. 1 is a wireless air interface, and R2 is a logic interfacing, and R3, R4, R5 interface are wireline interface.
Mobile terminal MS need carry out the initial authentication mandate alternately with AAA in access network, in use also may need to carry out re-authentication.Figure 2 shows that the process chart when MS and AAA carry out initial access authentication mandate and authentification failure alternately in the prior art.Concrete steps are:
The basic process of eating dishes without rice or wine is finished in step 201, terminal and base station.The terminal scanning down channel, set up and the base station synchronously, find range.
Step 202, terminal and network side are finished basic capability negotiation process, comprise the negotiation certification mode.
Step 203, NAS (Network Access Server, network access server) GW at place sends EAP-Request message and carries NAI (the Network AccessIdentifier of Identity message request terminal to BS, network access Identifier), described message is encapsulated in the AR-EAP-Transfer message.
Step 206, BS are encapsulated in EAP-Response message the NAS that is transmitted in the AR-EAP-Transfer message among the GW.
After the NAI of HAAA server authentication terminal is legal, initiate the EAP verification process, concrete verification process is with reference to RFC EAP-AKA, and EAP-TTLS etc. decide according to concrete authentication method.If Certificate Authority procedure failure (as user name mistake, password mistake, Sorry, your ticket has not enough value, User Status unusual (shutdown, deexcitation, locked), key are expired, user name conflict etc.), the access of HAAA server refusal terminal.
Step 209, GW send AR-EAP-Transfer message to BS, and described message is carried EAP-Failure or EAP-Notification information.
So far this terminal networks to authenticate and finishes.In the re-authentication process, there are not described step 201 and step 202, other steps are identical.
The inventor finds, in the prior art, just refusing terminal behind certificate authentication failure inserts, AAA does not have devolved authentication authorization failure cause value, Access Network gateway and base station can't pass to terminal with the certificate authentication failure cause value, and terminal can't be known the certificate authentication failure reason and operate accordingly.
Summary of the invention
The embodiment of the invention discloses a kind of processing method, comprising terminal certificate authentication failure:
The gateway GW at network access server NAS place receives the access-reject message Access-Reject from local AAA server HAAA, carries EAP-Failure and concrete failure reason value Error-Cause among the described Access-Reject or carries EAP-Notification information and described Error-Cause;
Send AR-EAP-Transfer message to base station BS, described AR-EAP-Transfer carries described EAP-Failure and Error-Cause or carries EAP-Notification information and Error-Cause, so that BS is transmitted to terminal with described EAP-Failure and Error-Cause or EAP-Notification information and Error-Cause.
The embodiment of the invention discloses a kind of processing unit, comprising terminal certificate authentication failure:
Receiver module: be used to receive access request message Access-Request, carry EAP-Response message in the described Access-Request message, carry the network identity of terminal in the described EAP-Response message from the GW at NAS place;
Authentication module: be used to authenticate the legitimacy of described terminal and/or initiate the EAP verification process;
Sending module: be used for when authentification failure, GW to the NAS place sends access-reject message Access-Reject, carry EAP-Failure and concrete failure reason value Error-Cause among the described Access-Reject, perhaps carry EAP-Notification information and described Error-Cause.
The embodiment of the invention also discloses a kind of processing unit, comprising terminal certificate authentication failure:
Receiver module: be used to receive access-reject message Access-Reject from local AAA server HAAA, carry EAP-Failure and Error-Cause among the described Access-Reject, perhaps carry EAP-Notification information and Error-Cause;
Sending module: be used for sending AR-EAP-Transfer message to base station BS, described AR-EAP-Transfer carries described EAP-Failure and Error-Cause, perhaps carries EAP-Notification information and Error-Cause.
The embodiment of the invention discloses a kind of treatment system, comprising terminal certificate authentication failure:
HAAA: be used for when certificate authentication failure, GW to the NAS place sends access-reject message Access-Reject, carry EAP-Failure and Error-Cause among the described Access-Reject, perhaps carry EAP-Notification information and Error-Cause;
GW: be used to receive Access-Reject from HAAA, and, carry described EAP-Failure and Error-Cause or EAP-Notification information and Error-Cause in the described EAP-Transfer message to base station BS transmission EAP-Transfer message.
By using embodiment of the invention disclosed method, device and system, when terminal authentication or authorization failure, the HAAA server is transmitted to terminal with EAP-Failure and Error-Cause or EAP-Notification information and the NAS and the BS of Error-Cause in GW, make terminal can understand the concrete reason of certificate authentication failure, terminal is operated accordingly according to the certificate authentication failure reason, avoid terminal blindly repeatedly to attempt.
Description of drawings
Fig. 1 is the logical architecture figure of WiMAX network in the prior art
Process chart when Fig. 2 carries out initial access authentication and certificate authentication failure alternately for MS in the prior art and AAA
Fig. 3 is the disclosed process flow figure to terminal certificate authentication failure of the embodiment of the invention
Fig. 4 is the disclosed process flow figure to terminal certificate authentication failure of the embodiment of the invention
Fig. 5 is the disclosed processing unit structural representation to terminal certificate authentication failure of the embodiment of the invention
Fig. 6 is the disclosed processing unit structural representation to terminal certificate authentication failure of the embodiment of the invention
Fig. 7 is that the disclosed treatment system to terminal certificate authentication failure of the embodiment of the invention constitutes schematic diagram
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, the specific embodiment of the invention is described in further detail below in conjunction with accompanying drawing.
Fig. 3 is the disclosed process flow figure to terminal certificate authentication failure of the embodiment of the invention.
The disclosed processing method to terminal certificate authentication failure of the embodiment of the invention is the processing method under the scene of terminal initial networking certificate authentication failure.Concrete steps are as follows:
The basic process of eating dishes without rice or wine is finished in step 301, terminal and base station.The terminal scanning down channel, set up and the base station synchronously, find range.
Step 302, terminal and network side are finished basic capability negotiation process, comprise the negotiation certification mode.
NAS (Network Access Server in step 303, the Access Network gateway (diagram GW), network access server) sends EAP-Request message and carry NAI (the Network Access Identifier of Identity message request terminal to BS, network access Identifier), described message is encapsulated in AR (AuthRelay)-EAP-Transfer message.
Step 304, BS are encapsulated in EAP-Request message in the PKMv2-RSP message and are transmitted to terminal;
Step 305, terminal send EAP-Response message to BS, and with response EAP-Request message, described EAP-Response message is encapsulated in the PKMv2-REQ/EAP-Transfer message and carries NAI.
Step 306, BS are encapsulated in EAP-Response message the NAS that is transmitted in the AR-EAP-Transfer message among the GW.
After the NAI of HAAA server authentication terminal is legal, initiate the EAP verification process, concrete verification process is with reference to RFC EAP-AKA, and EAP-TTLS etc. decide according to concrete authentication method.If Certificate Authority procedure failure (as user name mistake, password mistake, Sorry, your ticket has not enough value, User Status unusual (shutdown, deexcitation, locked), key are expired, user name conflict etc.), the access of HAAA server refusal terminal.
Step 308, HAAA server send access-reject message Access-Reject to GW, and described refuse information Access-Reject carries EAP-Failure and concrete failure reason value Error-Cause or EAP-Notification information and Error-Cause.
Certificate authentication failure is former because Sorry, your ticket has not enough value etc. as described, and then HAAA directly sends out the authentication of EAP-Failure end-of-message; Certificate authentication failure is former because user name or password mistake etc. as described, then HAAA does not send out EAP-Failure end-of-message authentication state and process immediately, but the response message of transmission failure (Failure) stops authentication phase attempting failing for three times later on just at least.Certificate server among the HAAA can resend sign (ID) request message and authenticate again, certificate server can send a notice (Notification) message and is used for pointing out opposite end authentication error (also can be placed on these informations the information of sign (ID) request message that resends) to give authentication opposite end (terminal) before this, as point out user name mistake, password mistake etc., be convenient to authenticate the opposite end and re-enter correct name name in an account book and password and authenticate.
Step 309, GW are carried at described EAP-Failure and Error-Cause or EAP-Notification information and Error-Cause in the AR-EAP-Transfer message and send to BS.
Step 310, BS are carried at described EAP-Failure and Error-Cause or EAP-Notification information and Error-Cause in the PKMv2-RSP/EAP-Transfer message and are transmitted to terminal.
By using the disclosed processing method of the embodiment of the invention to terminal certificate authentication failure, when terminal initial networks authentication or authorization failure, the HAAA server is transmitted to terminal with EAP-Failure and Error-Cause or EAP-Notification information and the NAS and the BS of Error-Cause in GW, make terminal can understand the concrete reason of certificate authentication failure, terminal is operated accordingly according to the certificate authentication failure reason, avoid terminal blindly repeatedly to attempt.
Fig. 4 is the disclosed process flow figure to terminal certificate authentication failure of the embodiment of the invention.
The disclosed processing method to terminal certificate authentication failure of the embodiment of the invention is the processing method under the scene of terminal re-authentication authorization failure.The re-authentication condition is that terminal strides that security domain switches that back network side (NAS) triggers, the safe context of terminal fast when expired terminal trigger or network side triggers as required.Concrete steps are as follows:
NAS (Network Access Server in step 401, the Access Network gateway (diagram GW), network access server) send EAP-Request message and carry the NAI of Identity message request terminal to BS, described message is encapsulated in the AR-EAP-Transfer message.
Step 402, BS are encapsulated in EAP-Request message in the PKMv2-RSP/EAP-Transfer message and are transmitted to terminal.
Need to prove, when network re-entry is triggered by end side, not execution in step 401 and step 402.
Step 403, terminal send EAP-Response message to BS, and described EAP-Response message is encapsulated in the PKMv2-REQ/EAP-Transfer message and carries the NAI of terminal.
Step 404, BS are encapsulated in EAP-Response message the NAS that is transmitted in the AR-EAP-Transfer message among the GW.
After the NAI of HAAA server authentication terminal is legal, initiate the EAP verification process, concrete verification process is with reference to RFC EAP-AKA, and EAP-TTLS etc. decide according to concrete authentication method.If Certificate Authority procedure failure (as user name mistake, password mistake, Sorry, your ticket has not enough value, User Status unusual (shutdown, deexcitation, locked), key are expired, user name conflict etc.), the access of HAAA server refusal terminal.
Step 406, HAAA server send access-reject message Access-Reject to GW, and described refuse information Access-Reject carries EAP-Failure and concrete failure reason value Error-Cause or EAP-Notification information and Error-Cause.
Step 407, GW are carried at described EAP-Failure and Error-Cause or EAP-Notification information and Error-Cause in the AR-EAP-Transfer message and send to BS.
Step 408, BS are carried at described EAP-Failure and Error-Cause or EAP-Notification information and Error-Cause in the PKMv2-RSP/EAP-Transfer message and are transmitted to terminal.
Step 409, optional; be enough to cause in the reason of certificate authentication failure under the scene of terminal exiting network (for example user name mistake, password mistake, Sorry, your ticket has not enough value, user's shutdown, user's deexcitation, subscriber card locked etc.); GW sends DP-Deregistration Request (data path goes registration) message trigger to BS and moves back net; described message is carried and is triggered the reason instruction Cause Indication move back net, and described CauseIndication is used for indicating HAAA to be carried at corresponding failure reason value Error-Cause among the Access-Reject in step 406.
Step 410:BS sends DREG CMD message trigger terminal exiting network to terminal, and carries described reason instruction Cause Indication.
Terminal is finished remainder according to prior art and is moved back the net flow process.
By using the disclosed processing method of the embodiment of the invention to terminal certificate authentication failure, when terminal re-authentication or authorization failure, the HAAA server is transmitted to terminal with EAP-Failure and Error-Cause or EAP-Notification information and the NAS and the BS of Error-Cause in GW, make terminal can understand the concrete reason of certificate authentication failure, terminal is operated accordingly according to the certificate authentication failure reason, avoid terminal blindly repeatedly to attempt.Reason at authentification failure is enough to cause that the Access Network gateway can also be initiated the terminal exiting network flow process under the scene of terminal exiting network, and will move back net reason notice terminal.
Fig. 5 is the disclosed processing unit structural representation to terminal certificate authentication failure of the embodiment of the invention.
The disclosed processing unit to terminal certificate authentication failure of the embodiment of the invention comprises:
Receiver module: be used to receive access request message Access-Request, carry EAP-Response message in the described Access-Request message, carry the network identity of terminal in the described EAP-Response message from the GW at NAS place;
Authentication module: be used to authenticate the legitimacy of described terminal and/or initiate the EAP verification process;
Sending module: be used for when authentification failure, GW to the NAS place sends access-reject message Access-Reject, carry EAP-Failure and concrete failure reason value Error-Cause among the described Access-Reject, perhaps carry EAP-Notification information and described Error-Cause.
Need to prove that described authentication module if the verification passes, is then further initiated the EAP verification process when the legitimacy of needs authentication NAI, if checking is not passed through, then directly reject the request of access.In some cases, service provider can not require the NAI checking yet and directly enters the EAP verification process.No matter proof procedure is how, all be prior art, repeat no more herein.
By using the disclosed processing unit of the embodiment of the invention, when terminal authentication is failed, EAP-Failure and Error-Cause or EAP-Notification information and Error-Cause can be sent to the GW at NAS place to terminal certificate authentication failure.
Fig. 6 is the disclosed processing unit structural representation to terminal certificate authentication failure of the embodiment of the invention.
The disclosed processing unit to terminal certificate authentication failure of the embodiment of the invention comprises:
Receiver module: be used to receive access-reject message Access-Reject from local AAA server HAAA, carry EAP-Failure and Error-Cause among the described Access-Reject, perhaps carry EAP-Notification information and Error-Cause;
Sending module: be used for sending AR-EAP-Transfer message to base station BS, described AR-EAP-Transfer carries described EAP-Failure and Error-Cause, perhaps carries EAP-Notification information and Error-Cause.
Optionally, described sending module also is used for sending DP-Deregistration Request message and carrying therein and trigger the reason instruction Cause Indication that moves back net to BS.
By using the disclosed processing unit of the embodiment of the invention to terminal certificate authentication failure, when receiving from the access-reject message Access-Reject of HAAA and the EAP-Failure that wherein carries and Error-Cause or EAP-Notification and Error-Cause, reason in the re-authentication failure is enough to cause under the scene of terminal exiting network, can send DP-Deregistration Request message and carry the reason instruction Cause Indication that net is moved back in triggering therein to BS, trigger and move back net at network termination.
Fig. 7 is that the disclosed treatment system to terminal certificate authentication failure of the embodiment of the invention constitutes schematic diagram
The disclosed treatment system to terminal certificate authentication failure of the embodiment of the invention comprises:
HAAA: be used for when certificate authentication failure, GW to the NAS place sends access-reject message Access-Reject, carry EAP-Failure and Error-Cause among the described Access-Reject, perhaps carry EAP-Notification information and Error-Cause;
GW: be used to receive Access-Reject from HAAA, and, carry described EAP-Failure and Error-Cause or EAP-Notification information and Error-Cause in the described EAP-Transfer message to base station BS transmission EAP-Transfer message.
Optionally, described device also comprises BS: be used for described EAP-Failure and Error-Cause or EAP-Notification and Error-Cause are transmitted to terminal.
Optionally, reason in the re-authentication failure is enough to cause under the scene of terminal exiting network, GW can also further send DP-Deregistration Request (data path goes registration) message trigger to BS and move back net, described message is carried and is triggered the reason instruction Cause Indication that moves back net, and described Cause Indication is used to indicate described failure reason value Error-Cause;
BS sends DREG_CMD message trigger terminal exiting network to terminal, and carries described reason instruction Cause Indication.
By using the disclosed treatment system of the embodiment of the invention to terminal certificate authentication failure, when terminal initial networks authentication or re-authentication failure, the HAAA server is transmitted to terminal with EAP-Failure and Error-Cause or EAP-Notification and the NAS and the BS of Error-Cause in GW, make terminal can understand the concrete reason of certificate authentication failure, reason in re-authentication failure is enough to cause under the scene of terminal exiting network, and GW can also move back net and transmit the concrete net cause value that moves back to terminal by the BS triggering terminal.
By using embodiment of the invention disclosed method, device and system, when terminal certificate authentication failure, the HAAA server is transmitted to terminal with EAP-Failure and Error-Cause or EAP-Notification and the NAS and the BS of Error-Cause in GW, make terminal can understand the concrete reason of certificate authentication failure, terminal is operated accordingly according to the certificate authentication failure reason, avoid terminal blindly repeatedly to attempt.Reason in re-authentication failure is enough to cause under the scene of terminal exiting network, gateway can also triggering terminal move back net and to the terminal transmission concrete move back the net cause value.
Above embodiment only in order to technical scheme of the present invention to be described, is not intended to limit; Although with reference to previous embodiment the present invention is had been described in detail, those of ordinary skill in the art is to be understood that: it still can be made amendment to the technical scheme that aforementioned each embodiment put down in writing, and perhaps part technical characterictic wherein is equal to replacement; And these modifications or replacement do not make the essence of appropriate technical solution break away from the spirit and scope of various embodiments of the present invention technical scheme.
Claims (10)
1, a kind of processing method to terminal certificate authentication failure is characterized in that, this method comprises:
The gateway GW at network access server NAS place receives the access-reject message Access-Reject from local AAA server HAAA, carry EAP-Failure and concrete failure reason value Error-Cause among the described Access-Reject, perhaps carry EAP-Notification and described Error-Cause;
Send AR-EAP-Transfer message to base station BS, described AR-EAP-Transfer carries described EAP-Failure and Error-Cause or carries EAP-Notification and Error-Cause, so that BS is transmitted to terminal with described EAP-Failure and Error-Cause or EAP-Notification and Error-Cause.
2, the method for claim 1 is characterized in that, further comprises step:
Described GW sends DP-Deregistration Request message to BS, indicate described BS to send DREG_CMD message to terminal, described DP-Deregistration Request message and DREG_CMD message carry and trigger the reason instruction Cause Indication that moves back net.
3, method as claimed in claim 2 is characterized in that, described Cause Indication is used to indicate corresponding failure reason value Error-Cause.
4, a kind of processing unit to terminal certificate authentication failure comprises:
Receiver module: be used to receive access request message Access-Request, carry EAP-Response message in the described Access-Request message, carry the network identity of terminal in the described EAP-Response message from the GW at NAS place;
Authentication module: be used to authenticate the legitimacy of described terminal and/or initiate the EAP verification process;
Sending module: be used for when authentification failure, GW to the NAS place sends access-reject message Access-Reject, carry EAP-Failure and concrete failure reason value Error-Cause among the described Access-Reject, perhaps carry EAP-Notification information and described Error-Cause.
5, device as claimed in claim 4 is characterized in that, described device is a HAAA or a self-existent device, but described self-existent device is positioned at HAAA or links to each other with HAAA with communication mode.
6, a kind of processing unit to terminal certificate authentication failure comprises:
Receiver module: be used to receive access-reject message Access-Reject from local AAA server HAAA, carry EAP-Failure and Error-Cause among the described Access-Reject, perhaps carry EAP-Notifcation information and Error-Cause;
Sending module: be used for sending AR-EAP-Transfer message to base station BS, described AR-EAP-Transfer carries described EAP-Failure and Error-Cause, perhaps carries EAP-Notification information and Error-Cause.
7, device as claimed in claim 6, it is characterized in that, described sending module also is used for sending DP-Deregistration Request message to BS, carries in the described DP-Deregistration Request message and triggers the reason instruction Cause Indication that moves back net.
8, a kind of treatment system to terminal certificate authentication failure comprises:
HAAA: be used for when certificate authentication failure, GW to the NAS place sends access-reject message Access-Reject, carry EAP-Failure and Error-Cause among the described Access-Reject, perhaps carry EAP-Notification information and Error-Cause;
GW: be used to receive Access-Reject from HAAA, and, carry described EAP-Failure and Error-Cause or EAP-Notification information and Error-Cause in the described EAP-Transfer message to base station BS transmission EAP-Transfer message.
9, system as claimed in claim 8 is characterized in that, also comprises:
BS: be used to receive the EAP-Transfer message from GW, with described EAP-Failure and Error-Cause, perhaps EAP-Notification information and Error-Cause are transmitted to terminal.
10, system as claimed in claim 9 is characterized in that,
Described GW also is used for sending DP-Deregistration Request message to BS, carries in the described DP-Deregistration Request message and triggers the reason instruction Cause Indication that moves back net;
Described BS also is used for sending DREG_CMD message to terminal, carries described reason instruction Cause Indication in the described DREG_CMD message.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810068412A CN101621799A (en) | 2008-07-04 | 2008-07-04 | Method, device and system for processing terminal certificate authentication failure |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810068412A CN101621799A (en) | 2008-07-04 | 2008-07-04 | Method, device and system for processing terminal certificate authentication failure |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101621799A true CN101621799A (en) | 2010-01-06 |
Family
ID=41514772
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200810068412A Pending CN101621799A (en) | 2008-07-04 | 2008-07-04 | Method, device and system for processing terminal certificate authentication failure |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101621799A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102448063A (en) * | 2011-12-26 | 2012-05-09 | 华为终端有限公司 | Method and equipment for finding reasons of authentication failure |
| CN103582132A (en) * | 2012-07-24 | 2014-02-12 | 电信科学技术研究院 | C-RNTI distribution method and system |
| CN104955045A (en) * | 2015-06-12 | 2015-09-30 | 联想(北京)有限公司 | Access control method, device, terminal and system |
| WO2020041933A1 (en) * | 2018-08-27 | 2020-03-05 | Telefonaktiebolaget Lm Ericsson (Publ) | Methods and devices for a secure connection |
| CN111194066A (en) * | 2020-01-10 | 2020-05-22 | 中国联合网络通信集团有限公司 | Base station alliance method and device |
| WO2022093501A1 (en) * | 2020-10-29 | 2022-05-05 | Cisco Technology, Inc. | Openroaming augmentation method for eap failures |
| CN115333769A (en) * | 2022-06-30 | 2022-11-11 | 中银金融科技有限公司 | Processing method and device for login authentication failure |
-
2008
- 2008-07-04 CN CN200810068412A patent/CN101621799A/en active Pending
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102448063A (en) * | 2011-12-26 | 2012-05-09 | 华为终端有限公司 | Method and equipment for finding reasons of authentication failure |
| CN103582132A (en) * | 2012-07-24 | 2014-02-12 | 电信科学技术研究院 | C-RNTI distribution method and system |
| CN103582132B (en) * | 2012-07-24 | 2018-08-07 | 电信科学技术研究院 | A kind of distribution method and system of C-RNTI |
| CN104955045A (en) * | 2015-06-12 | 2015-09-30 | 联想(北京)有限公司 | Access control method, device, terminal and system |
| CN104955045B (en) * | 2015-06-12 | 2019-02-05 | 联想(北京)有限公司 | A kind of connection control method, device, terminal and system |
| WO2020041933A1 (en) * | 2018-08-27 | 2020-03-05 | Telefonaktiebolaget Lm Ericsson (Publ) | Methods and devices for a secure connection |
| CN111194066A (en) * | 2020-01-10 | 2020-05-22 | 中国联合网络通信集团有限公司 | Base station alliance method and device |
| CN111194066B (en) * | 2020-01-10 | 2022-02-11 | 中国联合网络通信集团有限公司 | Base station alliance method and device |
| WO2022093501A1 (en) * | 2020-10-29 | 2022-05-05 | Cisco Technology, Inc. | Openroaming augmentation method for eap failures |
| US11943619B2 (en) | 2020-10-29 | 2024-03-26 | Cisco Technology, Inc. | Openroaming augmentation method for EAP failures |
| CN115333769A (en) * | 2022-06-30 | 2022-11-11 | 中银金融科技有限公司 | Processing method and device for login authentication failure |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110999356B (en) | Network security management method and device | |
| US8176327B2 (en) | Authentication protocol | |
| EP2730074B1 (en) | Methods for attaching a wireless device to a foreign 3gpp wireless domain using alternative authentication mechanisms | |
| US20240298174A1 (en) | Method and systems for authenticating ue for accessing non-3gpp service | |
| CN101621799A (en) | Method, device and system for processing terminal certificate authentication failure | |
| CN100469196C (en) | Identification method for multi-mode terminal roaming among heterogenous inserting technology networks | |
| JP2005524255A (en) | Key update in mobile radio systems | |
| WO2006024969A1 (en) | Wireless local area network authentication method | |
| US20080242264A1 (en) | Methods and system for terminal authentication using a terminal hardware indentifier | |
| WO2007106620A2 (en) | Method for authenticating a mobile node in a communication network | |
| US20210045050A1 (en) | Communications method and apparatus | |
| EP4241479A1 (en) | Subscription onboarding using a verified digital identity | |
| WO2008125062A1 (en) | Method of admittance judgment and paging user in mobile communication system, system and device thereof | |
| Lai et al. | Security issues on machine to machine communications | |
| CN112423299B (en) | Method and system for wireless access based on identity authentication | |
| WO2006079953A1 (en) | Authentication method and device for use in wireless communication system | |
| CN101272297B (en) | EAP authentication method of WiMAX network user | |
| CN101742507B (en) | System and method for accessing Web application site for WAPI terminal | |
| CN101483521B (en) | Multi-host access authentication method and system for WiMAX network | |
| CN100479571C (en) | A method for preventing abnormal access terminal to access and access network | |
| WO2021079023A1 (en) | Inter-mobile network communication security | |
| CN116391377A (en) | Authentication using digital identifier for UE access | |
| Latze et al. | Strong mutual authentication in a user-friendly way in eap-tls | |
| Kong et al. | Ieee802. 1x of protocol analysis and improvement | |
| CN103391542A (en) | EAP authentication triggering method and system, access network equipment and terminal equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Open date: 20100106 |