CN101662766B - Method for realizing WAPI and centralized access controller device - Google Patents
Method for realizing WAPI and centralized access controller device Download PDFInfo
- Publication number
- CN101662766B CN101662766B CN200910177201A CN200910177201A CN101662766B CN 101662766 B CN101662766 B CN 101662766B CN 200910177201 A CN200910177201 A CN 200910177201A CN 200910177201 A CN200910177201 A CN 200910177201A CN 101662766 B CN101662766 B CN 101662766B
- Authority
- CN
- China
- Prior art keywords
- equipment
- terminal
- wapi
- certificate
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The invention provides a method for realizing WAPI and an AC device based on a centralized control type AC+AP framework. The method stores a WAPI certificate on the AC device and comprises the following steps of associating an AP device by a terminal; announcing a terminal association event to the AC device by the AP device; carrying out access authentication on the terminal by the AC device; finishing certificate authentication by the AC device and an AS; and forwarding the interactive access authentication information of the terminal and the AC device by the AP device. In the method for realizing the WAPI and the AC device of the invention, the WAPI certificate is installed on the AC device, access authentication is finished by the AC device and the terminal, and the private keys of unicast and multicast generated by negotiation are installed on the AC device after authentication, thus having convenient certificate maintenance and ensuring certificate safety; in addition, encryption and decryption of empty message of users are carried out on the AC device instead of on the light-weight AP device, thus improving encryption and decryption efficiency and business experience for users.
Description
Technical field
The present invention relates to WAPI (WLAN Authentication and Privacy Infrastructure; WAPI) technology; Relate in particular to a kind of based on centralized control type AC (Access Controller; Access controller) and WAPI implementation method and AC equipment under AP (Access Point, the WAP) framework.
Background technology
Conventional wireless gathers multiple function, as: physical layer, link layer, ciphering user data, user's authentication, QoS (service quality), security strategy, user's management and other application level functions.This type WAP is commonly called as and is " fat " AP.Be characterized in flexible configuration, install simple, cost performance is high, and is but separate between the AP, can't be fit to user density height, a plurality of AP place of circumstance complications such as covering continuously.Produce centralized control type AC+AP equipment for this reason, cooperate, realize the function of " fat " AP equipment through Centralized Controller AC and Lightweight AP.
The WAPI technology; Realize exactly differentiating to carrying out identity between WAPI terminal, wireless access point AP, AS server (WAPI certificate server) three each other; After having only identity all to differentiate to pass through, the WAPI terminal just can be allowed to access network, and promptly legal users inserts legal AP equipment and legal network; WAPI user could normally use WLAN professional, has guaranteed fail safe and safety of data transmission that WAPI user uses.In order to use the WAPI technology; User certificate and the AS server certificate that the AS server is issued must be installed in the WAPI terminal; AP equipment must be installed device certificate and the AS server certificate that the AS server is issued, and wherein user certificate and device certificate are respectively as the digital identity voucher of WAPI terminal and AP equipment.
The WAPI technology that realizes based on centralized control type AC+AP (Lightweight AP) framework at present; Device certificate is mounted on the AC equipment; Through AC certificate is handed down to Lightweight AP equipment then; The WAPI terminal authentication is on Lightweight AP equipment through program request and the multicast base key that the back produces, and all need on Lightweight AP equipment, decipher or encrypt each blank-interface text.
Here can have following problem: the fail safe of the fail safe of the passage of issuing licence under the AC equipment and AP equipment itself makes the AP certificate have stolen possibility; The professional Information Security of AP equipment and AC equipment room depends on the self-defined tunnel of manufacturer, can not guarantee that it has enough fail safes and privacy; The performance of Lightweight AP equipment is limited, and therefore the WAPI terminal of association can influence the performance of Lightweight AP equipment more for a long time under a Lightweight AP equipment, finally can influence user's experience; Each Lightweight AP equipment all will be safeguarded two certificates (device certificate, AS server certificate), and the regular maintenance management is difficulty relatively.
Summary of the invention
The technical problem that the present invention will solve provides a kind of WAPI implementation method, has the convenience of higher fail safe, maintenance and promotes user experience.
The present invention provides a kind of WAPI implementation method; Storage WAPI certificate on AC equipment, storage WAPI certificate on said AC equipment is after lightweight access point AP equipment and said AC equipment are set up the tunnel; Said AC equipment does not issue the WAPI certificate of said AP equipment to said AP equipment; The work of WAPI certificate authentication is accomplished through said AC equipment and AS in the terminal, and this method comprises: terminal associated AP equipment, and AP equipment is to AC devices advertise terminal correlating event; Access authentication is carried out at AC equipment and terminal; AC equipment and AS accomplish the certificate authentication; The mutual access authentication message of terminal and AC equipment is by the AP device forwards.
According to an embodiment of WAPI implementation method of the present invention, also comprise: unicast key agreement is carried out at AC equipment and terminal, and the mutual unicast key agreement message of terminal and AC equipment is by the AP device forwards; AC equipment is to terminal announcement broadcasting key, and the mutual broadcast key notice message of terminal and AC is by the AP device forwards.AC equipment to mail to/carry out encrypt/decrypt from the business datum at said terminal, realize the secure service forwarding of data of AC equipment and terminal room through AP equipment.
WAPI implementation method provided by the invention, storage WAPI certificate on AC equipment is realized the WAPI access authentication by AC with the terminal, can avoid the safety issue that causes owing to AP in the WAPI implementation method of prior art, has higher fail safe.
The present invention also provides a kind of AC equipment of using said method; Storage WAPI certificate on said AC equipment; After lightweight access point AP equipment and said AC equipment were set up the tunnel, said AC equipment did not issue the WAPI certificate of said AP equipment to said AP equipment, and the work of WAPI certificate authentication is accomplished through said AC equipment and AS in the terminal; This AC equipment comprises: memory module is used to store the WAPI certificate; The access authentication module is used for the receiving terminal correlating event, sends to the terminal and differentiates the activation indication, receives the access of self terminal to differentiate request, inserts to the terminal transmission and differentiates response; The certificate authentication module is used for sending request of certificate authentication to AS, comprises the WAPI certificate of storing in the memory module in the request of certificate authentication, receives from the certificate of AS and differentiates response.
According to an embodiment of AC equipment of the present invention, this AC equipment also comprises: the unicast key agreement module is used for carrying out unicast key agreement with said terminal; The broadcast key announcement module is used for to said terminal announcement broadcasting key; The service message processing module, to mail to/carry out encrypt/decrypt from the business datum at said terminal.
Description of drawings
Fig. 1 illustrates the flow chart of an embodiment of WAPI implementation method of the present invention;
Fig. 2 illustrates the flow chart of another embodiment of WAPI implementation method of the present invention;
Fig. 3 illustrates the flow chart of another embodiment of WAPI implementation method of the present invention;
Fig. 4 illustrates the structure chart of an embodiment of AC equipment of the present invention;
Fig. 5 illustrates the structure chart of another embodiment of AC equipment of the present invention.
Embodiment
With reference to the accompanying drawings the present invention is more comprehensively described, exemplary embodiment of the present invention wherein is described.In the accompanying drawings, identical label is represented identical or similar assembly or element.
Basic thought of the present invention is on AC equipment, to deposit the WAPI certificate of Lightweight AP; After Lightweight AP and AC set up the tunnel, that the WAPI certificate of AP is handed down to AP was different with AC in the prior art, and AC does not issue the WAPI certificate of AP to Lightweight AP, and the terminal is accomplished WAPI certificate authentication through AC and AS and worked.
WAI adopts public-key encryptosystem, and certificate of utility comes STA in the wlan system and AP are carried out authentication.WAI has defined a kind of ASU by name (Authentication Service Unit; Service for checking credentials unit) entity; This entity is usually located in the AS server, be used for management participate in the needed certificate of information exchange each side (comprise certificate generation, issue, revoke and upgrade).Certificate the inside includes certificate authority person's (ASU) PKI and signature and certificate holder's PKI and signature (what sign employing is the distinctive ECDSA of WAPI) is the digital identity voucher of the network equipment.
Fig. 1 illustrates the flow chart of an embodiment of WAPI implementation method of the present invention.In the drawings, AC device processes terminal authentication identifying procedure, and the flow process of consulting base key.Idiographic flow is following:
In step 102, terminal associated AP equipment, AP equipment is to AC devices advertise terminal correlating event.The terminal is after being associated with AP, and AP announces correlating event to AC, and terminal and AC must carry out identity each other and differentiate.Earlier by STA oneself certificate and current time are submitted to AP, AP is transmitted to AC with certificate, the submission time of STA then.
In step 104, the WAPI certificate of AC equipment access AP device association initiate to insert identification flow, and the mutual discriminating message of terminal and AC equipment is by the Lightweight AP device forwards.The WAPI certificate of AC equipment access AP device association forms signature with the private key that the WAPI certificate one of certificate, submission time and the corresponding A P device association of STA is reinstated corresponding A P equipment then, and this signature is sent to AS together with this 3 part.
In step 106, AC equipment and AS carry out the certificate authentication alternately.The certificate discriminating is accomplished by AS, after it receives that AC submits next discriminating request to, can verify the signature of AP and the certificate of AP earlier.After differentiating successfully, the certificate of further verification terminal.At last, AS signs the identification result information at terminal and the identification result information of AP with the private key of oneself, and this signature is sent back to AC together with these two results.
AC carries out signature verification to the result who receives, and obtains the identification result to the terminal, determines whether allowing this terminal to insert according to this result.Simultaneously AC need be transmitted to the terminal with the checking result of AS, and the terminal also will verify the signature of AS, and obtains the identification result of AP, determines whether inserting AP according to this result.
Fig. 2 illustrates the flow chart of another embodiment of WAPI implementation method of the present invention.
As shown in Figure 2, in step 202, the WAPI certificate of issuing from AS is installed on AC, the incidence relation of configuration Lightweight AP and WAPI certificate, AC configuration WAPI ability information is to Lightweight AP;
In step 204, Lightweight AP is announced its WAPI ability to the terminal through Beacon/Probe Request;
In step 206, the WAPI terminal is related/remove to be associated to Lightweight AP;
In step 208, Lightweight AP association/go correlating event to report to AC with the terminal;
In step 210~212, access authentication is carried out at AC and terminal.AC sets up the terminal context, and obtains the related WAPI certificate of AP, initiates identification flow.AC directly and AS obtain the certificate identification result alternately.The WAI message of AC and terminal room is through transmitting with the control channel of AP; Through identification flow, AC and terminal negotiate base key, and are kept in the terminal context on the AC; Base key is used to consult singlecast key and multicast key.
In step 214, AC initiates the unicast key agreement flow process with the terminal, unicast key agreement result, and promptly singlecast key is kept in the terminal context on the AC, is used for the encryption and decryption of user data.
In step 216, AC initiates the broadcast key announcement flow process with the terminal; After the announcement flow process finished, AC and terminal interaction were encrypted message.
In step 218, AC carries out encrypt/decrypt to the business datum that mails to/come self terminal.
The service message handling process that AC is mail at the terminal comprises: the service message of the wireless encryption of AP receiving terminal; AP directly transmits the service message of wireless encryption to AC; AC obtains key according to the terminal context; According to the WPI agreement, AC is to wireless encryption message deciphering, and processing such as checking MIC.
The service message handling process that AC mails to the terminal comprises: AC obtains the context of the related Lightweight AP in terminal, makes up the wireless frame head of service message; AC obtains key according to the terminal context; According to the WPI agreement, AC makes up MIC (Message Integrity Code, message integrity code) to the wireless traffic message, and data such as are encrypted at processing; AC is forwarded to the related Lightweight AP in terminal to the service message of the wireless encryption handled through WPI; AP is directly at the service message of eating dishes without rice or wine to send this wireless encryption.
Fig. 3 illustrates the flow chart of another embodiment of WAPI implementation method of the present invention.
In step 302, Lightweight AP sends Beacon message to the terminal, comprises SSID and WAPI capability set information in the message.
In step 304, authentication Authentication message is sent to Lightweight AP in the terminal.
In step 306, Lightweight AP sends Association message to the terminal, comprises related SSID and WAPI capability set information in the message.
In step 308, AC equipment sends to the terminal and differentiates the activation indication.This indication is forwarded to the terminal through Lightweight AP.
In step 310,, the terminal send to insert differentiates request to AC equipment.This request is forwarded to AC through Lightweight AP.
In step 312, AC equipment sends request of certificate authentication to AS.
In step 314, AS sends certificate to AC equipment and differentiates response.
In step 316, AC equipment returns to insert to the terminal differentiates response.This response is forwarded to the terminal through Lightweight AP.
In step 318, AC equipment sends unicast key agreement request to the terminal.This request is forwarded to the terminal through Lightweight AP.
In step 320, the unicast key agreement response is sent to AC equipment in the terminal.This response is forwarded to AC through Lightweight AP.
In step 322, AC equipment sends unicast key agreement to the terminal and confirms.This affirmation is forwarded to the terminal through Lightweight AP.
In step 324, AC equipment sends multicast key/key announce between standing to the terminal.
In step 326, multicast key/key response between standing is sent to AC equipment in the terminal.
Step 302 among Fig. 3~306 belong to 802.11 link negotiation processes 31, and step 318~322 belong to unicast key agreement flow process 32, and step 324~326 belong to multicast key and consult flow process 33, and step 308~326 belong to WAPI access control flow process 34.
According to one embodiment of present invention, the shared WAPI certificate of a plurality of Lightweight AP equipment.In numerous AP of same AC management, according to service needed, multiple WAPI certificate operational mode is arranged simultaneously, for example an AP is with a WAPI certificate, shared same the WAPI certificate of a plurality of AP.Under the situation of the shared WAPI certificate of a plurality of AP, be convenient to AC administering and maintaining for AP.
For realizing the WAPI technology, AC equipment of the present invention is mainly realized following function: the WAPI ability information of configuration AP; The Installation of W API Credentials, and set up incidence relation with AP; Processing terminal is related/remove correlating event; Initiate the terminal identification flow, consult base key with the terminal; Initiate terminal unicast key agreement flow process; Initiate terminal broadcast key announce flow process; Business datum to mailing to/come self terminal is carried out encrypt/decrypt.Lightweight AP equipment of the present invention is mainly realized following function: the WAPI ability information of announcement AP; The WAPI at terminal is related; To the association of AC reporting terminal/go correlating event; Transmit the WAI agreement of AC and terminal room; The secure service data of self terminal are mail to/come in forwarding.Lightweight AP is divided into two logic ports: controlled ports, uncontrolled port.Before user WAPI authentication was passed through, the uncontrolled port of the message identifying that has only the user through Lightweight AP was sent to AC and handles; After user WAPI authentication was passed through, the controlled ports of Lightweight AP was opened, and the service message that allows the user is through the controlled ports transmission.
Fig. 4 illustrates the structure chart of an embodiment of AC equipment of the present invention.As shown in Figure 4, this AC equipment comprises memory module 41, access authentication module 42 and certificate authentication module 43.Wherein, memory module is used to store the WAPI certificate.Access authentication module 42 is used for the receiving terminal correlating event, sends to the terminal and differentiates the activation indication, receives the access of self terminal to differentiate request, inserts to the terminal transmission and differentiates response, thereby accomplish the access authentication flow process.Certificate authentication module 43 is used for sending request of certificate authentication to AS, comprises the WAPI certificate of storage in the memory module 41 in the request of certificate authentication, receives from the certificate of AS and differentiates that response and AS accomplish the certificate authorizing procedure.
Fig. 5 illustrates the structure chart of another embodiment of AC equipment of the present invention.Memory module 41, access authentication module 42 and the certificate authentication module 43 of the embodiment of Fig. 5 in comprising Fig. 4, also comprise unicast key agreement module 54, broadcast key announcement module 55 and service message processing module 56.Wherein, unicast key agreement module 54 is used for carrying out unicast key agreement with the terminal.Unicast key agreement module 54 is sent unicast key agreement request to the terminal, and this request is forwarded to the terminal through Lightweight AP.Unicast key agreement module 54 receives the unicast key agreement response of self terminal, and this response is forwarded to AC through Lightweight AP.Unicast key agreement module 54 is sent unicast key agreement to the terminal and is confirmed that this affirmation is forwarded to the terminal through Lightweight AP.Broadcast key announcement module 55 is used for to terminal announcement broadcasting key.Broadcast key announcement module 55 is sent multicast key/key announce between standing to the terminal; Multicast key/key response between standing that broadcast key announcement module 55 receiving terminals send to AC equipment.Service message processing module 56 is carried out encrypt/decrypt to the business datum that mails to/come self terminal.Service message processing module 56 receives the business datum of self terminal, obtains the key corresponding with this terminal according to the terminal context, to the deciphering of wireless encryption message, and verifies processing such as MIC according to the WPI agreement.Service message processing module 56 is obtained the context of the related Lightweight AP in terminal, makes up the wireless frame head of service message; Obtain key according to the terminal context; According to the WPI agreement wireless traffic message is made up MIC, and data such as are encrypted at processing; 56 pairs of service messages through the wireless encryption of WPI processing of service message processing module are forwarded to the related Lightweight AP in terminal.
WAPI implementation method of the present invention and AC equipment, WAPI certificate install rather than are being handed down on the Lightweight AP equipment through AC equipment on AC equipment; After terminal authentication passes through, consult the program request and the multicast key of generation, all be placed on the AC equipment, rather than on Lightweight AP equipment; Certificate is easy to maintenance, and can guarantee the fail safe of certificate.The encryption and decryption of user's blank-interface text is on AC equipment, to carry out, rather than on Lightweight AP equipment, carries out; Improve encryption and decryption efficient, improve customer service and experience.The encryption of user's blank-interface text to extending to the Lightweight AP equipment from the WAPI terminal to AC equipment, has further promoted Information Security professional between AP and AC from the WAPI terminal.It is corresponding one by one that Lightweight AP equipment and WAPI certificate do not need, and a plurality of AP equipment also can shared WAPI certificate; Be convenient to cert and AP equipment is managed.The function that on AP, has kept radio link layer in the prior art (for example; 802.11 agreement); The WAPI technology belongs to the encryption technology of radio link layer, so accomplished by AP in the prior art, the present invention has moved on to the WAPI function of radio link layer on the AC and accomplished; Realize the WAPI encryption equally, and brought aforesaid a plurality of beneficial effect.
Description of the invention provides for example with for the purpose of describing, and is not the disclosed form that exhaustively perhaps limit the invention to.A lot of modifications and variation are obvious for those of ordinary skill in the art.Selecting and describing embodiment is for better explanation principle of the present invention and practical application, thereby and makes those of ordinary skill in the art can understand the various embodiment that have various modifications that the present invention's design is suitable for special-purpose.
Claims (10)
1. WAPI WAPI implementation method; It is characterized in that; Storage WAPI certificate on concentrated access controller AC equipment, after lightweight access point AP equipment and said AC equipment were set up the tunnel, said AC equipment did not issue the WAPI certificate of said AP equipment to said AP equipment; The work of WAPI certificate authentication is accomplished through said AC equipment and WAPI certificate server AS in the terminal, and said method comprises:
The related said AP equipment in said terminal, said AP equipment is to said AC devices advertise terminal correlating event;
Access authentication is carried out at said AC equipment and said terminal;
Said AC equipment and said AS accomplish the certificate authentication;
The mutual access authentication message of said terminal and said AC equipment is by said AP device forwards.
2. WAPI implementation method according to claim 1 is characterized in that, also comprises:
Unicast key agreement is carried out at said AC equipment and said terminal, and the mutual unicast key agreement message of said terminal and said AC equipment is by said AP device forwards.
3. WAPI implementation method according to claim 2 is characterized in that, also comprises:
Said AC equipment is to said terminal announcement broadcasting key, and the mutual broadcast key notice message of said terminal and said AC is by said AP device forwards.
4. according to claim 2 or 3 described WAPI implementation methods, it is characterized in that, also comprise:
Said AC equipment to mail to/carry out encrypt/decrypt from the business datum at said terminal, realize the secure service forwarding of data of said AC equipment and said terminal room through said AP equipment.
5. WAPI implementation method according to claim 4 is characterized in that, the step that access authentication is carried out at said AC equipment and said terminal comprises;
Said AC equipment sends to said terminal through said AP and differentiates the activation indication;
Said terminal is sent the request of discriminating that inserts through said AP to said AC;
Said AC equipment returns to insert to said terminal through said AP differentiates response.
6. WAPI implementation method according to claim 1 is characterized in that, the shared WAPI certificate of a plurality of AP equipment.
7. concentrated access controller AC equipment; It is characterized in that; Storage WAPI certificate on said AC equipment, after lightweight access point AP equipment and said AC equipment were set up the tunnel, said AC equipment did not issue the WAPI certificate of said AP equipment to said AP equipment; The work of WAPI certificate authentication is accomplished through said AC equipment and AS in the terminal, and said AC equipment comprises:
Memory module is used to store WAPI WAPI certificate;
The access authentication module is used for the receiving terminal correlating event, sends to said terminal and differentiates the activation indication, receives from the access at said terminal and differentiates request, inserts to the transmission of said terminal and differentiates response;
The certificate authentication module is used for sending request of certificate authentication to WAPI certificate server AS, comprises the WAPI certificate of storing in the said memory module in the said request of certificate authentication, receives from the certificate of said AS and differentiates response.
8. AC equipment according to claim 7 is characterized in that, also comprises:
The unicast key agreement module is used for carrying out unicast key agreement with said terminal.
9. AC equipment according to claim 7 is characterized in that, also comprises:
The broadcast key announcement module is used for to said terminal announcement broadcasting key.
10. AC equipment according to claim 7 is characterized in that, also comprises:
The service message processing module, to mail to/carry out encrypt/decrypt from the business datum at said terminal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910177201A CN101662766B (en) | 2009-09-25 | 2009-09-25 | Method for realizing WAPI and centralized access controller device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910177201A CN101662766B (en) | 2009-09-25 | 2009-09-25 | Method for realizing WAPI and centralized access controller device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101662766A CN101662766A (en) | 2010-03-03 |
| CN101662766B true CN101662766B (en) | 2012-09-05 |
Family
ID=41790457
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200910177201A Active CN101662766B (en) | 2009-09-25 | 2009-09-25 | Method for realizing WAPI and centralized access controller device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101662766B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103281754B (en) * | 2013-04-25 | 2017-02-22 | 深信服网络科技(深圳)有限公司 | Local forwarding mode-based wireless access point information acquisition method and device |
| CN104243416B (en) * | 2013-06-17 | 2018-04-27 | 华为技术有限公司 | Encryption communication method, system and relevant device |
| CN103702366B (en) * | 2013-12-25 | 2018-03-13 | 上海寰创通信科技股份有限公司 | A kind of system and method for handling message information |
| CN104168554B (en) * | 2014-07-21 | 2018-08-24 | 新华三技术有限公司 | A kind of method and apparatus that AC is communicated with STA |
| CN106454826B (en) * | 2016-09-30 | 2020-04-07 | 新华三技术有限公司 | Method and device for AP to access AC |
| CN108966363B (en) * | 2018-08-17 | 2021-03-12 | 新华三技术有限公司 | Connection establishing method and device |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1996840A (en) * | 2006-12-29 | 2007-07-11 | 西安西电捷通无线网络通信有限公司 | WAPI-based wireless LAN operation method |
| CN101030908A (en) * | 2007-02-06 | 2007-09-05 | 西安西电捷通无线网络通信有限公司 | Method for applying for certificate in wireless LAN WAPI safety mechanism |
-
2009
- 2009-09-25 CN CN200910177201A patent/CN101662766B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1996840A (en) * | 2006-12-29 | 2007-07-11 | 西安西电捷通无线网络通信有限公司 | WAPI-based wireless LAN operation method |
| CN101030908A (en) * | 2007-02-06 | 2007-09-05 | 西安西电捷通无线网络通信有限公司 | Method for applying for certificate in wireless LAN WAPI safety mechanism |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101662766A (en) | 2010-03-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101662766B (en) | Method for realizing WAPI and centralized access controller device | |
| CN100463391C (en) | Network key management and session key updating method | |
| CN105554747B (en) | Wireless network connecting method, apparatus and system | |
| EP3410758B1 (en) | Wireless network connecting method and apparatus, and storage medium | |
| EP2418883B1 (en) | Wireless local area network terminal pre-authentication method and wireless local area network system | |
| CN108510270B (en) | Mobile transfer method with safe quantum | |
| CN100373843C (en) | Key consaltation method in radio LAN | |
| WO2004071006A1 (en) | Broadcast encryption key distribution system | |
| US20120170743A1 (en) | Methods for establishing a secure point-to-point call on a trunked network | |
| CN107690138A (en) | A kind of method for fast roaming, device, system, access point and movement station | |
| CN101610514B (en) | Authentication method, authentication system and authentication server | |
| WO2010020186A1 (en) | Multicast key distribution method, update method, and base station based on unicast conversation key | |
| CN102291680A (en) | Encrypted group calling method based on long term evolution (TD-LTE) trunking communication system | |
| CN101521881A (en) | Method and system for assessing wireless local area network | |
| WO2013134927A1 (en) | Transport layer security-based key delivery method, smart meter reading terminal and server | |
| CN102333309B (en) | Method, equipment system for key transmission in wireless local area network | |
| KR20200044117A (en) | Digital certificate management method and device | |
| CN101420686A (en) | Industrial wireless network security communication implementation method based on cipher key | |
| CN101610515A (en) | A kind of Verification System and method based on WAPI | |
| CN101552984B (en) | Base station secure accessing method of mobile communication system | |
| CN106031120A (en) | Key management | |
| CN100544253C (en) | The safe re-authentication method of mobile terminal of wireless local area network | |
| CN101562519B (en) | Digital certificate management method of user packet communication network and user terminal for accessing into user packet communication network | |
| CN101969639B (en) | Multi-certificate and multi-certification mode combined access authentication method and system | |
| CN101296107B (en) | Safe communication method and device based on identity identification encryption technique in communication network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |