CN101790877B - User terminal, network element, communication system, and method thereof - Google Patents
User terminal, network element, communication system, and method thereof Download PDFInfo
- Publication number
- CN101790877B CN101790877B CN200880100772.5A CN200880100772A CN101790877B CN 101790877 B CN101790877 B CN 101790877B CN 200880100772 A CN200880100772 A CN 200880100772A CN 101790877 B CN101790877 B CN 101790877B
- Authority
- CN
- China
- Prior art keywords
- subscriber identity
- user terminal
- message
- individual subscriber
- payload
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 66
- 238000004891 communication Methods 0.000 title claims description 19
- 238000012795 verification Methods 0.000 claims abstract description 18
- 238000012545 processing Methods 0.000 claims description 22
- 238000003860 storage Methods 0.000 claims description 14
- 238000012544 monitoring process Methods 0.000 claims description 11
- 230000004044 response Effects 0.000 claims description 6
- 230000008569 process Effects 0.000 description 20
- 238000007726 management method Methods 0.000 description 15
- 230000006870 function Effects 0.000 description 13
- 230000007246 mechanism Effects 0.000 description 10
- 230000005540 biological transmission Effects 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 6
- 230000002349 favourable effect Effects 0.000 description 5
- 238000013475 authorization Methods 0.000 description 4
- 230000008901 benefit Effects 0.000 description 4
- 230000008859 change Effects 0.000 description 3
- 238000007789 sealing Methods 0.000 description 3
- 238000004590 computer program Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 239000000284 extract Substances 0.000 description 2
- 239000013589 supplement Substances 0.000 description 2
- KLDZYURQCUYZBL-UHFFFAOYSA-N 2-[3-[(2-hydroxyphenyl)methylideneamino]propyliminomethyl]phenol Chemical compound OC1=CC=CC=C1C=NCCCN=CC1=CC=CC=C1O KLDZYURQCUYZBL-UHFFFAOYSA-N 0.000 description 1
- 201000001098 delayed sleep phase syndrome Diseases 0.000 description 1
- 208000033921 delayed sleep phase type circadian rhythm sleep disease Diseases 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000014759 maintenance of location Effects 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 230000011664 signaling Effects 0.000 description 1
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000005728 strengthening Methods 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/03—Protecting confidentiality, e.g. by encryption
- H04W12/033—Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/06—Selective distribution of broadcast services, e.g. multimedia broadcast multicast service [MBMS]; Services to user groups; One-way selective calling services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/12—Messaging; Mailboxes; Announcements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W52/00—Power management, e.g. TPC [Transmission Power Control], power saving or power classes
- H04W52/02—Power saving arrangements
- H04W52/0209—Power saving arrangements in terminal devices
- H04W52/0225—Power saving arrangements in terminal devices using monitoring of external events, e.g. the presence of a signal
- H04W52/0248—Power saving arrangements in terminal devices using monitoring of external events, e.g. the presence of a signal dependent on the time of the day, e.g. according to expected transmission activity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/22—Processing or transfer of terminal data, e.g. status or physical capabilities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/26—Network addressing or numbering for mobility support
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/02—Terminal devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
- H04W12/76—Group identity
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Databases & Information Systems (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Multimedia (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
A method for a telecommunication system. A user terminal is configured to receive messages addressed to a group subscriber identity. The user terminal receives an individual subscriber identity included in a payload of a message addressed to the group subscriber identity. The payload is provided with verification means for verifying the right of the user terminal to use the individual subscriber identity. If the verification succeeds, the user terminal adopts to use the individual subscriber identity. The solution allows quick and efficient deployment of subscriber identities without requiring essential changes to the existing radio interface.
Description
Technical field
The present invention relates to telecommunications, more particularly, relate to corresponding network element, user terminal and the computer program in the delivering method of subscriber identity information and telecommunication system.
Background technology
In order to access the service of telecommunication system, subscriber (subscriber) needs user terminal and reservation (subscription).For user, only have when the combination of the reservation of user terminal and user is effective by system validation, the service as two-way communication is only possible.
Depend on the technology of application, can implement in every way to take to subscribe at user terminal.In most Public Mobile Network, subscription data is configured in separable reservation identity module.The signaling procedure being combined through definition of user terminal and subscriber identity is delivered to exchange and management infrastructure (SwMI).In some other the technology of such as Terrestrial Trunked Radio (TETRA), subscriber identity information also can be stored in user terminal self.Typically, the process for come into operation by user terminal (commission a user terminal) is dual.User terminal generally provides privacy key and terminal equipment identity by manufacturer, and the combination of this key and terminal equipment identity is delivered to SwMI in a secured manner.Operator's receiving terminal apparatus identity of network, for it distributes body subscriber identity at least one by one, and is forwarded to SwMI by the combination of privacy key and subscriber identity in a secured manner.These two information combination are become complete subscriber data and activate to subscribe by SwMI, make it possible to this specific combined access service with user terminal and subscriber identity.
But, there is the problem that some are relevant with this layout.For some configurations of specifically forming into columns (fleet configurations), the scope of available number is inadequate for all possible users.Such as, when following the tracks of a large amount of vehicles with automatic vehicle location system, it is not enough that the scope of number easily becomes for this object.Will need to reuse number, but because the process for adopting and discharge individual subscriber identity is too slow and implement very labor intensive, therefore this is impossible.
Summary of the invention
Therefore, an object of the present invention is to provide the method for alleviating above problem and the device for realizing the method.Object of the present invention is realized by method, user terminal, network element, communication system and computer program.
The invention provides a kind of method for user terminal, comprising: receiving in described user terminal can by the message of use group subscriber identity access; Obtain individual subscriber identity from the payload of described message and use the verification tool of authority of described individual subscriber identity for authentication of users terminal; Verify that described user terminal uses the authority of described individual subscriber identity with the described verification tool be arranged in described message; The checking of response success, uses described individual subscriber identity in described user terminal.
The invention provides a kind of method for network element, comprise: producing user terminal can by the message of use group subscriber identity access, the payload of described message comprises individual subscriber identity, further, described message has for verifying that a user terminal uses the verification tool of the authority of described individual subscriber identity.
The invention provides a kind of user terminal, comprising: interface arrangement, can by the message of use group subscriber identity access for receiving; And processing unit, for obtaining individual subscriber identity from the payload of described message and for verifying that described user terminal uses the verification tool of the authority of described individual subscriber identity, this processing unit is also suitable for: verify that described user terminal uses the authority of described individual subscriber identity by the described verification tool be arranged in described message; With the checking of response success, use described individual subscriber identity.
The invention provides a kind of network element, comprising: processing unit, for generation of message, the payload of this message comprises individual subscriber identity and uses the verification tool of authority of described individual subscriber identity for authentication of users terminal; And interface arrangement, for the message of generation being sent to the group subscriber identity of restriction.
The invention provides a kind of communication system, this communication system comprises above-mentioned user terminal and above-mentioned network element.
The present invention also provides a kind of method for communication system, comprise: producing within network nodes can by the message of use group subscriber identity by user terminal access, the payload of this message comprises individual subscriber identity, further, this message has for verifying that a user terminal uses the verification tool of the authority of described individual subscriber identity; In described user terminal, described message is received by using described group of subscriber identity; Individual subscriber identity is obtained and for verifying that described user terminal uses the verification tool of the authority of described individual subscriber identity from the payload of described message in described user terminal; The authority of described individual subscriber identity is used by the verification tool checking arranged in the message; With the checking of response success, use individual subscriber identity in the user terminal
The present invention is based on and make it possible to dynamically send the thought of the subscriber identity be contained in the payload of message from exchange and management infrastructure to user terminal.Even if be appreciated that the user terminal being configured with group subscriber identity is not registered and therefore can not the service of access system completely, this user terminal also can monitor and receive some downlinlc message.Payload has been arranged a kind of like this mechanism, that is, by this mechanism, specific user terminal can be determined independently: the message received by group address is individually addressed to it.When this specific user terminal detects this message, this subscriber identity to be used in the use of himself and to be registered in system by it.Typically, registration needs successful certification (authentication), and this certification provides automatically additional safety measure for this process.Correspondingly can stop the use to received subscriber identity by the payload order be delivered in the short message of the individual subscriber address of user terminal.
The principal advantages of method of the present invention and layout is, it makes it possible to dispose subscriber identity rapidly, efficiently when not needing essence to change existing radio interface.Together with the description of favourable embodiment of the present invention, other advantage is discussed in further detail.
Accompanying drawing explanation
Below, in further detail the present invention is described by preferred embodiment with reference to the accompanying drawings, wherein,
Fig. 1 illustrates the main element of the radio system as embodiment;
Fig. 2 A and Fig. 2 B illustrate as embodiment user terminal and exchange and the reference hardware configuration of management infrastructure element;
Fig. 3 illustrates the method for user terminal as embodiment;
Fig. 4 illustrates another method for user terminal as embodiment;
Fig. 5 illustrates the favourable embodiment for stopping using individual subscriber identity;
Fig. 6 illustrate as embodiment for exchanging and the method for management infrastructure (SwMI) element;
Fig. 7 illustrate another as embodiment for exchanging and the method for management infrastructure (SwMI) element;
Fig. 8 illustrates another embodiment of the use for optimizing main channel resource; And
Fig. 9 illustrates another embodiment of the power consumption for optimizing user terminal.
Embodiment
Following embodiment is illustrative embodiments of the present invention.Although specification may mention " certain ", " one " or " some " embodiments, this may not refer to identical embodiment, and/or feature is not only applied to single embodiment.The single feature of the different embodiment of this specification can be combined to provide other embodiment.
Below, by being used in European Telecommunication Standards ETSIEN 300 392-2; European Standard (Telecommunications series); Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D); Part 2:Air Interface (AI) and ETSI EN 300 392-7; European Standard (Telecommunications series); Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D); Term and the element of the TETRA air interface specified in Part 7:Security describe the present invention, but, the invention is not restricted to so a kind of radio system technology.The present invention can be applicable to wherein by any communication system of the main body of individual subscriber identity (individualsubscriber identity) identification communication service operations.
Fig. 1 illustrates the simplification diagram of the main element of the radio system 100 as embodiment.Radio system 100 comprises exchange and management infrastructure (SwMI) 102 and mobile radio station (MS) 104.SwMI 102 is the equipment for voice plus data (V+D) network, and this equipment makes Subscriber terminals to intercom mutually.In FIG, SwMI comprises a digital switch (DXT) 106 and a base station (TBS) 108, but certainly, quantity and their the mutual interconnection of element can change according to realization.
In the middle of Subscriber terminals, mobile radio station (MS) 104 is arranged to accesses SwMI by air interface 110.The Subscriber terminals of another type, i.e. dispatching workstations (dispatch workstation) 112 communicates with SwMI 102 by dispatch interface 114, and this dispatch interface 114 provides connection by using such as E1, ISDN BA or IP agreement.In reality, radio system can comprise dissimilar multiple dispatching workstations 112 and corresponding interface 114.In addition, SwMI 102 comprises the interface 116 for other network interconnection with such as PSTN, GSM, WCDMA, conventional analog network, LAN and WAN etc.The agreement relevant from different interfaces is specifically arranging for realizing of knowing in prior art.
Block diagram in Fig. 2 A and Fig. 2 B illustrates the reference hardware configuration according to the user terminal as embodiment of the present invention and network element.User terminal is presented as the mobile radio station that can realize TETRA air interface specification here as embodiment.The mobile radio station 200 of Fig. 2 A comprises processing unit 202, described processing unit 202 for carry out to store and/or receive data operation systematicness perform.Processing unit 202 is the central member substantially comprising ALU, some special registers and control circuit.Such as, the function realized by processing unit 202 in transmitting procedure typically comprises: encode, sort, the multiplexing and burst sequence construct (burst building) of interweave (interleaving), scrambling (scrambling), Channel.
Mobile radio station also comprises memory cell 203, and this memory cell 203 is the data mediums that can store mechanized data or program or user data.Mobile radio station also comprises the transceiver unit 204 at least comprising reflector 205 and receiver 206.Reflector 205 receives bit stream from processing unit 202 and converts thereof into the radio signal for being transmitted by antenna 207.Correspondingly, be drawn towards receiver 206 by the radio signal that antenna 207 receives, this receiver 206 converts radio signal to bit stream, and this bit stream is forwarded to processing unit 202 for further process.
Mobile radio station can comprise interface unit 201, this interface unit 201 has at least one input unit 208 and output unit 209, described input unit 208 is for inputting the data for the inter-process in mobile radio station, and described output unit 209 exports data for the inter-process from mobile radio station.Described interface unit can cover the interface of hardware and software, and described hardware and software is integrated into, be attached to and maybe can be attached to described mobile radio station.Its example comprises automated vehicle control system and navigation system, and as the user interface element of keyboard, screen, touch-screen, microphone and loud speaker etc.
Processing unit 202, memory cell 203, interface unit 201 and transceiver unit 204 electric interconnection, with provide according to the process that is predefined, that be substantially programmed of mobile radio station carry out to receive and/or store data operation systematicness perform device (means).According in the solution of the present invention, operate and comprise the function of user terminal in individual subscriber identity is sent.With reference to Fig. 3 ~ 5, these operations are described in further detail.Fig. 2 A illustrates the logical block of user terminal, and the device mentioned can comprise the function of a unit in the unit presented, or can be implemented as the combination of function of the unit presented.
The network element of Fig. 2 B is embodied as the exchange and management infrastructure (SwMI) element that comprise processing unit 251 as embodiment, this processing unit 251 is the elements at least comprising arithmetical logic function, some special registers and control circuit.What be connected with processing unit is memory cell 252, and this memory cell 252 is the data mediums that can store mechanized data or program or user data.SwMI element also comprises interface block 253, and this interface block 253 has input unit 254 and output unit 255, and described input unit 254 is for inputting the data for inter-process in the component, and described output unit 255 exports data for the inter-process from element.The example of described input unit comprises the plug-in unit of the gateway being used as the information being delivered to its exterior connection point.The example of described output unit comprises the plug-in unit to the circuit fed information be connected with its exterior connection point.
Processing unit 251, memory cell 252 and interface block 253 electric interconnection, be provided for according to exchange and the process that is predefined, that be substantially programmed of element of management infrastructure carry out to receive and/or the device of the systematicness execution of the operation of data that stores.With reference to figure 6 ~ 7, these operations are described in further detail.Fig. 2 B illustrates the logical block of network element, and the device mentioned can comprise the function of a unit in the unit presented, or can be implemented as the combination of function of the unit presented.
Operation described below can be realized by using in every way disclosed element.Such as, the operation of user terminal and exchange and management infrastructure element can be realized with hardware (one or more device), firmware (one or more device), software (one or more module) or their combination.For hardware implementing, processing unit can realize in one or more application-specific integrated circuit (ASIC) (ASIC), digital signal processor (DSP), digital signal processor (DSPD), programmable logic device (PLD), field programmable gate array (FPGA), processor, controller, microcontroller, microprocessor, other electronic unit being designed to perform function described herein or their combination.For firmware or software, can be realized by the module (such as, process, function etc.) performing function described herein.Software code can be stored in the memory unit and processed unit performs.Memory cell can realize outward in processor or at processor, and in this case, memory cell is coupled with processor communication by various means known in the art.In addition, it will be understood to those of skill in the art that, the parts of system described herein can be re-arranged and/or be supplemented by other parts, to be conducive to the various aspects, target, advantage etc. that realize describing relatively with them, and are not limited to the exact configuration set forth in fig. 2.
The flow chart of Fig. 3 illustrates according to method of the present invention, and the step of the method corresponds to the embodiment of user terminal.This embodiment is described with TETRA user terminal, but, do not carry out limited field by the term in this example communication technology and mechanism.When user terminal is ready to use and be put into use for the operation in TETRA network, the method starts.In step 30, user terminal is configured with the element (element) of storage, user terminal can use the element of this storage to verify this user terminal by the specific subscriber number address messages received to this user terminal, and this user terminal has the authority of the content of this message of consumption.In the first basic embodiment, the element received realizes by using equipment identities.
In TETRA system, TETRA equipment identities (TEI) Electronic Serial Number typically, this Electronic Serial Number is forever connected with a TETRA equipment and identifies this part equipment uniquely, and this part equipment is a mobile terminal or a network terminal.Typically utilize TEI making it possible to forbid and enable the forbidding of user terminal/enable in process.The element of the storage of step 30 is represented as terminal equipment identity TEI
s, to imply that it is the specific terminal equipment of mark and the identifier be stored in the user terminal.
In step 31, user terminal is configured with group subscriber identity GSSI1, the message that described group of subscriber identity GSSI1 makes terminal can be defined by TETRA network reception.In TETRA system, subscriber identity exists with two kinds of sizes, that is, 48 long TETRA subscriber identities (TSI) and 24 long short subscriber identities (SSI).Typically, SSI is the intercepting part of TSI.TSI is unique in whole TETRA territory, and it is only unique that SSI needs in a TETRA subdomain.Typically, TETRA terminal comprises at least one race (family) of TSI.Each race comprises body TETRA subscriber identity (ITSI) one by one, and can have an alias TETRA subscriber identity (ATSI) and several groups of TETRA subscriber identities (GTSI).In the ongoing illustrated embodiment, user terminal is configured with the GTSI intercepting into GSSI.Be described referring to GSSI, but, for those skilled in the art it is clear that and can apply GTSI or GSSI in this scenario when not deviating from protection range.
Message by the access of use group subscriber identity comprises such as short message and broadcast.Below, the embodiment of the short data service of TETRA is openly utilized in further detail.Should point out, when not deviating from protection range, can use can by other information receiving and transmitting mechanism of group subscriber identity delivery of downlink message.
The short data service (SDS) of TETRA is the quick service making user can exchange short user defined message or short predefine message.Can send concurrently or receipt message with ongoing audio call.Serve fast to obtain, carrying or embedding SDS message in the single ul transmissions of a such as delivery unit.Usually, SDS delivery applications random access procedure.SDS services package containing point-to-point and point-to-multipoint ability, and can use short number addressing (SNA), completely TETRA subscriber identity (ITSI/GTSI) and (SSI) addressing of short subscriber identity or even outside telephone number.As in the scheme of embodiment, the addressing being used as destination-address with the SDS on down link is relatively SSI, is therefore GSSI here.
In order to can be registered to TETRA system and perform both up link and downlink communication, user terminal needs the individual subscriber identity had to SwMI successful registration.But in order to receive SDS message, user terminal does not need to be registered to TETRA system, it only needs the transmission of the associated control channel that can receive for SDS transmission.Therefore, in the example in figure 3, the user terminal being configured with GSSI1 enters monitoring mode, in this monitoring mode, it monitors (step 32) main control channel (MCCH) transmission, and can detect and receive the short message being addressed to GSSI1.This short message comprises the element received, and user terminal can use this element received to verify that this user terminal is addressed to by the message that GSSI1 receives the authority that this user terminal and this user terminal have the content of this message of consumption.In addition, this short message comprises individual subscriber identity ISSI2.
As in the example of embodiment, this element received is TEI
r, this TEI
rit is the Terminal Equipment Identifier symbol that SwMI comprises in the payload of the short message of GSSI1 addressing.Therefore, when short message received (step 33), user terminal read (step 34) it, and extract the element T EI received from this short message
r.In this basic embodiment, by comparing the element T EI that (step 35) stores
swith the element T EI received
rrealize the mechanism of the authority of the content of checking consumption message.If element does not mate (step 36), then user terminal is ignored this short message and is returned step 32, monitors the short message by GSSI1 further.If Match of elemental composition (step 36), so user terminal extracts individual subscriber identity ISSI2 from short message, and configures (step 37) ISSI2 to be used as the individual subscriber identity of himself.By doing like this, user terminal can be used as mobile radio station operation, and this mobile radio station comprises the reservation providing the equipment of the function required for access protocal operation and allow to be accessed by SwMI.In step 38, mobile radio station is registered to TETRA system in a conventional manner by using ISSI2, and thus can according to the service of the authority access TETRA network defined for ISSI2.Typically, registration packet is containing the certification providing an additional elements, and described additional elements is for verifying that individual subscriber identity is only used by the user terminal of proper authorization.
The another aspect of above embodiment is such layout, and namely user terminal is configured with some group addresss, and user terminal is configured to the reception (step 32,33) being monitored short message by the GSSI of all storages.
Above-mentioned process makes it possible to send rapidly individual subscriber identity when not changing any existing TETRA air interface definition in essence to TETRA user terminal.Not manually take user terminal to coming into operation center, but can aloft (over the air) and realize the function that is used for individual subscriber identity being applied to the necessity in system when the individual subscriber identity of previously having distributed, which save the time, even and if be also possible when available individual subscriber identity range limited.Required information is delivered in the payload of short message, makes it possible to the SwMI element beyond the subscriber management entity of user terminal and SwMI realizes this mechanism pellucidly.These subscriber management entities at least comprise the entity of the operational administrative realizing TETRA, as dispatching workstations and dispatch server system.
Should point out, even if embodiment describes send short message in TETRA main control channel, but the invention is not restricted to use main control channel.For those skilled in the art it is clear that under the condition not deviating from protection range, can send and there is variable payload and any physics of the short message that can be received by user terminal via group address or logic channel are all applicable.
Fig. 4 illustrates another embodiment of the scheme of Fig. 3.In the method for Fig. 4, by the fail safe using encryption raising individual subscriber identity to send.In step 40, user terminal is configured with Sealing mechanism, and described Sealing mechanism makes it possible to exchange encrypt message between the subscriber management entity and user terminal of SwMI.At Fig. 4 as in the example of embodiment, Sealing mechanism comprise for user terminal configuration cryptographic algorithm and encryption key.For those skilled in the art it is clear that, need in the respective subscriber management entity in SwMI, to apply corresponding cryptographic algorithm.In protection range, the encryption of application can be symmetrical or asymmetric.In the encryption of symmetry, the knowledge of the secret information that each side shows to share with each side but third party can not obtain or can not derive easily.In asymmetric encryption, use public-key-private key is to by data encryption and decryption.In the fig. 4 embodiment, symmetric cryptography is utilized.This means that user terminal is configured with cryptographic algorithm and secret key K.Secret key K can be such as the TETRA air interface authenticate key of user terminal.But sending of TETRA air interface authenticate key is subject to very strict control, therefore, in some applications, another key can be used such as to be exclusively used in the second key of this object, to make the operation of subscriber management simpler.
For the step 41, corresponding with step 31 ~ 33 of Fig. 3 for the step 42 and step 43 for the short message detecting reception that monitor the short message of GSSI1 of the configuration of GSSI1.In the present embodiment, the payload of short message is encrypted, makes to be deciphered with the combination of the encryption key stored in the user terminal and cryptographic algorithm.Substantially, encryption can be static, makes to use encryption key self in all encryptions between SwMI element and user terminal.In the fig. 4 embodiment, can be sure of by making user terminal to show that the information of described knowledge is not by record and the message of resetting from earlier communication produces, strengthening this process even further.This is that new random number R N1 realizes by aloft interface only being sent for each communication instance.
The SwMI entity sending message produces random number R N1, and is fed in cryptographic algorithm by the privacy key of user terminal.Algorithm obtains session key KS, uses this session key KS when encrypting and being regarded as the short message that must encrypt a part of.When user terminal detects the short message of reception at step 43, its extraction (step 44) may be included in the random number in the plaintext code (clear code) in short message, by using this random number, cryptographic algorithm and encryption key to obtain session key KS (step 45), and use this session key KS to decipher the encryption section of the payload of (step 46) short message.In the present embodiment, for verifying that the mechanism of authority of the content of consumption message is based on the success of decryption step or failure.User terminal checks that (step 47) deciphering is success or failure.In the event of a failure, process moves to the step 42 of the short message for GSSI1 for monitoring arrival.When using the session key KS successful decryption message produced by the individual privacy key of user terminal and random number, user terminal can acknowledge messages be consume this message for target according to predefined process with it.In the present embodiment, this process comprise configure user terminal using use individual subscriber identity ISSI2 (step 48) and as can two-way communication mobile radio station registration (step 49) to system.Registration packet is containing the certification providing an add ons, and a described add ons is for verifying that individual subscriber identity is only used by the user terminal of authorizing in good time.
The embodiment of Fig. 4 makes it possible to the advantage realizing the embodiment shown in Fig. 3, and also increases the fail safe of this process in addition.For those skilled in the art it is clear that, the key element of the embodiment of Fig. 3 and Fig. 4 can be used either individually or in combination.Such as, the individual process of sending in the air of subscribing can comprise with TEI identification recipient with by both verifying authorizations of assigning to the limited section of the individual privacy key decrypt stored in the user terminal.
Fig. 5 illustrates the favourable embodiment for stopping using individual subscriber identity.When user terminal be configured with ISSI2 and as mobile radio station operation in TETRA network, Fig. 5 as the process of Fig. 3 or Fig. 4 or the combination of their restriction continuation and start.During its normal running, user terminal monitors that (step 51) is addressed to the MCCH of the short message of ISSI2 routinely.When user terminal according to the present invention notices short message (step 52) of reception, it reads the payload (step 53) of message, and checks that it has the termination request (step 54) not used for stopping using ISSI2.If this message (step 55) do not detected, so process returns step 51 to monitor the short message arrived.When message (step 55) with the request of termination being detected, user terminal is stopped using ISSI2 (step 56), and enters monitored state to monitor the short message being addressed to the arrival being exclusively used in the individual group address GSSI1 sent subscribed in the air.
The flow chart of Fig. 6 illustrates according to method of the present invention, the method comprise with for the step exchanged and the embodiment of management infrastructure (SwMI) element is corresponding.Illustrate SwMI element with TETRA SwMI element, this TETRA SwMI element comprises for managing individual application of subscribing, being at least the individuality reservation that can send in the air.In a step 60, SwMI arrangements of components has at least one the group address GSSI1 that can be used for sending individual subscriber identity.In a step 61, individual subscriber identity request waited for by SwMI element.This request can such as by the operator of user interface from SwMI element, or by network interface from the remote operation point of authorizing.If this request (step 62) detected, so SwMI element produces and is addressed to GSSI1 and the message carrying individual subscriber identity ISSI2 in its payload.As in the embodiments of figure 3, in payload, also comprise terminal equipment identity TEI
r, this terminal equipment identity TEI
ruser terminal can be verified, and message is individually addressed to this user terminal, and the requested application of this user terminal is contained in the individual subscriber identity in this message.After transmission (step 63) message, SwMI element begins through ISSI2 that whether system monitoring (step 64) mobile radio station used this SwMI element to send in short message and is registered in system.This supervision can such as be implemented as from the repeat queries of local subscriber database or the notice from local subscriber database that sends when location registration request is received.Whenever SwMI element obtains the notice (step 65) about position registration or position registration trial, it just activates ISSI2 and makes it possible to thus by using ISSI2 to realize two-way communication.Registration packet is containing the certification providing an additional elements, and a described additional elements is for verifying that individual subscriber identity is only used by the user terminal of proper authorization.
The flow chart of Fig. 7 illustrates another embodiment of the scheme of Fig. 6.In the method for fig. 7, be also the fail safe of sending by using encryption to improve individual subscriber identity.For the step 700, corresponding with step 60 ~ 62 of Fig. 6 for the step 710 and step 720 for detecting request that monitor individual subscriber identity request of the configuration of GSSI1.As in the fig. 4 embodiment, in the present embodiment, the payload of short message is encrypted, makes to be deciphered with the combination of the encryption key stored in the user terminal and cryptographic algorithm.Equally, encrypt based on random number R N1, this random number R N1 is new for each communication instance, and can be delivered to user terminal by plaintext code with TETRA.
SwMI element can the privacy key of calling party terminal, or can access another SwMI of such as confidence side, and it sends payload by random encryption seed to this confidence side.Therefore, SwMI element produce random number R N1, and, himself or subcontract (subcontracted) to another element, by the privacy key of destination user terminal, RN1 is fed in cryptographic algorithm.This algorithm obtains session key KS (step 725).This session key is used for must the secret part of short message of sending being encrypted (step 730) being regarded as.This short message is addressed to GSSI1 by SwMI entity, and it can be used as conventional group addressing short message to carry out sending (step 735) by radio interface.When sending this short message, SwMI element also can start (step 740) timer TIM, and this timer TIM measures and sends SMS message and time between may the responding of user terminal to GSSI1.Therefore, as in the embodiment in fig 6, whether SwMI element begins through system monitoring (step 745) mobile radio station and is such as registered in system by carrying out position registration with ISSI2.If at user terminal by timer expiration (step 750) before using ISSI2 registration, so send and be regarded as unsuccessful, and SwMI element retracts step 710 to monitor other request.If receive the location registration request (step 755) using ISSI2 before the timer expiry, so SwMI actuating elements (step 760) ISSI2, this makes user terminal can be used as can with the mobile radio station of authority two-way communication distributing to ISSI2.
For those skilled in the art, very clear, also can use the key element of the embodiment of Fig. 6 and Fig. 7 either individually or in combination.Such as, the process of Fig. 6 can be timed device and supplements.Further, sending in the air of individual reservation can comprise by TEI identification recipient with by both the qualifying part verifying authorizations by the individual privacy key decrypt stored in the user terminal.In addition, TEI also can be used to supplement this process in another manner, such as, be provided for the School Affairs encrypted.When being embodied in user terminal, from the description to corresponding function, for those skilled in the art, the realization being addressed to the termination of the use of the individual subscriber identity in the payload of the short message of ISSI2 in SwMI element is clearly.
In the described embodiment, for receive the subscriber identity of short message be group identity.This is favourable layout in the use of main control channel capacity, because the payload with variable content can be delivered to several potential recipients with shared radio resource by this way.But, for those skilled in the art it is clear that, under the condition not departing from protection range, predefined individual subscriber identity also can being used for sending configurable individual subscriber identity.Such as, one group of user terminal may be configured with the first individual subscriber identity, and all such user terminals monitor the short message being addressed to this specific individual subscriber identity.When they receive this short message and adopt the second individual subscriber identity, their inactive first individual subscriber identity.
Fig. 8 illustrates another embodiment, and this another embodiment is for optimizing the use to the main control channel resource for sending individual subscriber identity.Total overlay area of system can be divided into more than one subregion (SA), and every sub regions is associated from different GSSIx, and new individual subscriber identity is delivered by this GSSIx.In the example of fig. 8, total overlay area 80 is divided into three sub regions SA181, SA282 and SA383, is GSSI1, GSSI2 and GSSI3 respectively for sending the group address of individual subscriber identity.As in the system of embodiment, be designed to use at least two that the user terminal of individual subscriber identity delivering method disclosed herein is configured with in above-mentioned group address GSSI1, GSSI2 and GSSI3, but preferred disposition there is whole above-mentioned group address.The operator managing assignable individual subscriber identity pond typically has certain understanding to the possibility that specific user terminal is arranged in specific subregion.Such as, operator can recognize that user terminal belongs to city and forms into columns, and therefore can suppose that the most probable subregion arriving user terminal is SA2 well, and it covers corresponding down town.According to the present invention, first operator attempts being addressed to corresponding GSSI2 and sending dynamic individual subscriber identity in the short message be only delivered in subregion SA2.As disclosed in the embodiment of Fig. 7, operator can wait for the position registration of target terminal user, such as until timer expiration, and then continue mobile to attempt sending dynamic individual subscriber identity being addressed in another group identity and the short message in another subregion.Advantageously, second selection arrives second largest subregion of the possibility of target terminal user.This process is continued, until user terminal is by being registered to system to respond or until all subregions are attempted by moving on to the smaller subregion of possibility.This subregion sends the use optimized main control channel resource.Main control channel is crucial but is very easy to the resource of obstruction, typically all must optimize it in the case of any possible and use.
Fig. 9 illustrates another embodiment of the present invention, in this embodiment, when do not damage of the present invention send the favourable operation of the method for dynamic individual subscriber identity, optimize the power consumption of the user terminal under monitoring mode.Fig. 9 illustrates continuous print descending chain circuit frame F1, F2, the F3 ... of the radio interface as embodiment, and the respective horizontal of power consumption in the receiver of user terminal.The power level illustrated is 0 and P, and here, 0 represents the sleep pattern that receiver is turned off substantially, and P represents the power level of the receiver be in receiving mode, and in this receiving mode, receiver to be in operation and can to receive transmission from SwMI.Each frame comprises time slot (being represented by X), is mapped to this time slot for the control channel sent realizing dynamic individual subscriber identity.In the example comparatively early of TETRA system, each TETRA air interface frame comprises the main control channel that user terminal is listened to.
Although one of object of method of the present invention is the rapid configuration realizing dynamic individual subscriber identity, but, there is the longer isolated period (standaloneperiod) in order to make user terminal, namely to the operation time period of battery charging, can not can accept certain delay of sending of individual subscriber identity.Have and point out, the circulation of TETRA frame is too fast, to such an extent as to some frames may be missed, but compared with the method for routine, Delivery time still improves greatly.Fig. 9 illustrates such layout, is wherein assigned to the predefined frame F1 of time slot, F4 ... to the sending of short message of the dynamic individual subscriber identity of carrying.In fig .9, distribute to control channel, be particularly allocated for the time slot sending the short message carrying dynamic individual subscriber identity and represented by the X with circle, further, be assigned to control channel but represented by simple X regardless of being used in the time slot sending the short message carrying dynamic individual subscriber identity.Correspondingly, to be in monitoring mode and to be only configured to operate receiver at power level P along the user terminal of down link direction operation.
It will be apparent to those skilled in the art that the progress along with technology, concept of the present invention can be realized in every way.The present invention and embodiment are not limited to example described above, and can change within the scope of the claims.
Claims (25)
1., for a method for user terminal, comprising:
The message that air interface sends is received in described user terminal, this message uses the group subscriber identity shared by described user terminal and other user terminal one or more and addressed, or this message is the broadcast with the content can accessed by means of only use described group of subscriber identity, and described user terminal is configured to have group subscriber identity;
Obtain individual subscriber identity from the payload of described message and use the verification tool of authority of described individual subscriber identity for authentication of users terminal;
Verify that described user terminal uses the authority of described individual subscriber identity with the described verification tool be arranged in described message;
The checking of response success, uses described individual subscriber identity in described user terminal.
2. method according to claim 1, is characterized in that,
The Terminal Equipment Identifier symbol be stored is stored in described user terminal;
The Terminal Equipment Identifier symbol be received is received in the payload of message;
When the Terminal Equipment Identifier symbol be stored and the Terminal Equipment Identifier symbol be received mate, good authentication uses the authority of described individual subscriber identity.
3. method according to claim 1, is characterized in that,
Receive described message, make the part comprising described individual subscriber identity of at least payload encrypted;
The encryption section of described payload is attempted to decipher;
When the successful decryption of the encryption section of described payload, good authentication uses the authority of described individual subscriber identity.
4. method according to claim 3, is characterized in that,
The cryptographic algorithm of storage and the encryption key of storage are stored into user terminal;
The encryption section of described payload is deciphered by the cryptographic algorithm of attempting by using the encryption key stored to store.
5. method according to claim 4, is characterized in that,
By the cryptographic algorithm of storage and the encryption key session key of storage;
Attempt by using the session key calculated to be deciphered by the encryption section of described payload.
6. the method according to claim 4 or 5, is characterized in that, uses the air-interface encryption key of user terminal as the encryption key stored.
7. the method according to claim 4 or 5, is characterized in that, uses the encryption key different from the air-interface encryption key of user terminal as the encryption key stored.
8. method according to claim 7, it is characterized in that, use the private key of user terminal as the encryption key stored, this private key can be applied to described user terminal and be responsible in the rivest, shamir, adelman between the exchange of described individual subscriber identity and management infrastructure.
9. method according to claim 1, is characterized in that,
Described message is received in the control channel sent in the time slot of the restriction of continuous air interface frame;
For the time period between the time slot limited, described user terminal is switched to sleep pattern.
10. method according to claim 1, is characterized in that,
The request of described individual subscriber identity of stopping using is received in the payload of short message being addressed to described individual subscriber identity; With
Inactive described individual subscriber identity in described user terminal.
11. methods according to claim 1, is characterized in that,
Configure described user terminal with monitoring mode, make in described monitoring mode, described user terminal by described group of subscriber identity receiving downlink message, but can not can communicate with management infrastructure along uplink direction with exchange.
12. methods according to claim 1, is characterized in that, described message is the broadcast that the short message being addressed to described group of subscriber identity maybe can be accessed by use described group of subscriber identity.
13. 1 kinds of user terminals, comprising:
Interface arrangement, for being received in the message that air interface sends, this message uses the group subscriber identity shared by described user terminal and other user terminal one or more and addressed, or this message is the broadcast with the content can accessed by means of only use described group of subscriber identity, and described user terminal is configured to have group subscriber identity; With
Processing unit, for obtaining individual subscriber identity from the payload of described message and for verifying that described user terminal uses the verification tool of the authority of described individual subscriber identity,
This processing unit is also suitable for:
Verify that described user terminal uses the authority of described individual subscriber identity by the described verification tool be arranged in described message; With
The checking of response success, uses described individual subscriber identity.
14. user terminals according to claim 13, is characterized in that:
Storage device, it comprises the Terminal Equipment Identifier symbol of storage; And
The Terminal Equipment Identifier that described processing unit is suitable for obtaining receiving from the payload of described message accords with, and good authentication uses the authority of described individual subscriber identity when the Terminal Equipment Identifier symbol stored and the Terminal Equipment Identifier symbol received mate.
15. user terminals according to claim 13, is characterized in that,
Described processing unit is suitable for:
Receipt message, makes the part comprising described individual subscriber identity of at least described payload encrypted;
The encryption section of payload is attempted to decipher;
When the successful decryption of the encryption section of described payload, good authentication uses the authority of described individual subscriber identity.
16. user terminals according to claim 15, is characterized in that:
Storage device, for storage encryption algorithm and encryption key;
Described processing unit is suitable for the encryption section that the cryptographic algorithm of attempting by using the encryption key stored to store deciphers described payload.
17. user terminals according to claim 16, is characterized in that,
Described processing unit is suitable for:
By the cryptographic algorithm of storage and the encryption key session key of storage;
Attempt the encryption section by using the session key calculated to decipher described payload.
18. user terminals according to claim 16, is characterized in that,
The encryption key stored is the air-interface encryption key of described user terminal.
19. user terminals according to claim 16, is characterized in that,
The encryption key stored is the encryption key different from the air-interface encryption key of described user terminal.
20. user terminals according to claim 19, is characterized in that,
The encryption key stored is the private key of user terminal, and this private key can be applied in the rivest, shamir, adelman between user terminal and the network element being responsible for described individual subscriber identity.
21. user terminals according to claim 13, is characterized in that,
Described interface arrangement is configured to receiving package in the control channel sent in the restriction time slot of continuous air interface frame and contains the message of described individual subscriber identity; And
For the time period limited between time slot, described interface arrangement is configured to sleep pattern.
22. user terminals according to claim 13, is characterized in that,
Described interface arrangement is suitable for the request receiving described individual subscriber identity of stopping using in the payload of the message being addressed to described individual subscriber identity; And
Described processing unit is suitable for responding the request inactive described individual subscriber identity in described user terminal received.
23. user terminals according to claim 13, is characterized in that,
Described user terminal is equipped with monitoring mode, makes in described monitoring mode, and described user terminal by described group of subscriber identity receiving downlink message, but can not can communicate with management infrastructure along uplink direction with exchange.
24. user terminals according to claim 13, is characterized in that,
Described message is the short message being addressed to described group of subscriber identity or the broadcast can accessed by use described group of subscriber identity.
25. 1 kinds, for the method for communication system, comprising:
Producing within network nodes can by the message of use group subscriber identity by user terminal access, the payload of this message comprises individual subscriber identity, further, this message has for verifying that a user terminal uses the verification tool of the authority of described individual subscriber identity;
In described user terminal, described message is received by using described group of subscriber identity;
Individual subscriber identity is obtained and for verifying that described user terminal uses the verification tool of the authority of described individual subscriber identity from the payload of described message in described user terminal;
The authority of described individual subscriber identity is used by the verification tool checking arranged in the message; With
The checking of response success, uses individual subscriber identity in the user terminal.
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| FI20075484 | 2007-06-25 | ||
| FI20075484A FI121256B (en) | 2007-06-25 | 2007-06-25 | Transport of subscriber identity information |
| PCT/FI2008/050382 WO2009000968A2 (en) | 2007-06-25 | 2008-06-23 | Delivery of subscriber identity information |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101790877A CN101790877A (en) | 2010-07-28 |
| CN101790877B true CN101790877B (en) | 2015-07-22 |
Family
ID=38212455
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200880100772.5A Expired - Fee Related CN101790877B (en) | 2007-06-25 | 2008-06-23 | User terminal, network element, communication system, and method thereof |
Country Status (6)
| Country | Link |
|---|---|
| EP (1) | EP2171962A2 (en) |
| KR (1) | KR101532401B1 (en) |
| CN (1) | CN101790877B (en) |
| FI (1) | FI121256B (en) |
| RU (1) | RU2010102222A (en) |
| WO (1) | WO2009000968A2 (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR101048017B1 (en) | 2009-08-17 | 2011-07-13 | 이화여자대학교 산학협력단 | How to restrict service delivery based on your users |
| FR2959087B1 (en) * | 2010-04-20 | 2012-09-21 | Eads Defence & Security Sys | METHOD FOR CONFIGURING IDENTIFICATION MODULES OF USERS OF A TELECOMMUNICATION NETWORK |
| US9179303B2 (en) | 2010-11-17 | 2015-11-03 | Qualcomm Incorporated | Methods and apparatus for transmitting and receiving secure and non-secure data |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1883180A (en) * | 2003-10-20 | 2006-12-20 | 诺基亚公司 | System, method and computer program product for downloading pushed content |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| FI114180B (en) * | 2001-06-12 | 2004-08-31 | Nokia Corp | Improved method and device arrangement for encrypting data transmission at the interface of the radio network terminal equipment and such terminal equipment |
| FI20020160A (en) * | 2002-01-29 | 2003-07-30 | Nokia Corp | Cell reselection in a cellular radio network |
| GB2393613B (en) * | 2002-09-30 | 2005-06-01 | Motorola Inc | Mobile communications methods systems processor and terminals |
| GB2416279B (en) * | 2004-07-16 | 2009-02-11 | Motorola Inc | A cellular communication system, a communication unit and a method of call initiation therefor |
| GB2423887B (en) * | 2005-03-01 | 2007-05-30 | Motorola Inc | Wireless communication systems and apparatus and methods and protocols for use therein |
-
2007
- 2007-06-25 FI FI20075484A patent/FI121256B/en not_active IP Right Cessation
-
2008
- 2008-06-23 CN CN200880100772.5A patent/CN101790877B/en not_active Expired - Fee Related
- 2008-06-23 WO PCT/FI2008/050382 patent/WO2009000968A2/en active Application Filing
- 2008-06-23 RU RU2010102222/09A patent/RU2010102222A/en not_active Application Discontinuation
- 2008-06-23 EP EP08775507A patent/EP2171962A2/en not_active Withdrawn
- 2008-06-23 KR KR1020107001711A patent/KR101532401B1/en not_active IP Right Cessation
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1883180A (en) * | 2003-10-20 | 2006-12-20 | 诺基亚公司 | System, method and computer program product for downloading pushed content |
Also Published As
| Publication number | Publication date |
|---|---|
| KR20100028651A (en) | 2010-03-12 |
| WO2009000968A2 (en) | 2008-12-31 |
| FI121256B (en) | 2010-08-31 |
| RU2010102222A (en) | 2011-08-10 |
| FI20075484A (en) | 2008-12-26 |
| EP2171962A2 (en) | 2010-04-07 |
| KR101532401B1 (en) | 2015-06-30 |
| WO2009000968A3 (en) | 2009-05-22 |
| CN101790877A (en) | 2010-07-28 |
| FI20075484A0 (en) | 2007-06-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP2578007B1 (en) | Securing group communication in a machine-to-machine communication environment | |
| KR0181566B1 (en) | Method and apparatus for efficient real-time authentication and encryption in a communication system | |
| FI116603B (en) | A method for handling a key for two-way communication | |
| US7079656B1 (en) | Method and communications system for ciphering information for a radio transmission and for authenticating subscribers | |
| CN108011715B (en) | Key distribution method, related equipment and system | |
| WO2011032605A1 (en) | Method and device for processing data in a wireless network | |
| US8230218B2 (en) | Mobile station authentication in tetra networks | |
| US9554280B2 (en) | Method for managing data communication between a communication device and another device and communication device | |
| JPH08195741A (en) | Identifier ciphering method in radio communication | |
| CN102291680A (en) | Encrypted group calling method based on long term evolution (TD-LTE) trunking communication system | |
| KR20100087023A (en) | End-to-end encrypted communication | |
| WO2012092418A1 (en) | Methods for establishing a secure point-to-point call on a trunked network | |
| CN102811422A (en) | Cluster scheduling system | |
| CN101790877B (en) | User terminal, network element, communication system, and method thereof | |
| CN101459875A (en) | A method for security handling in a wireless access system supporting multicast broadcast services | |
| CN101296107A (en) | Safe communication method and device based on identity identification encryption technique in communication network | |
| CN115996121B (en) | Quantum encryption trusted video communication system and method based on VOLTE network | |
| CN114765546A (en) | End-to-end hard encryption method, system, encryption equipment and key management server | |
| US20240187849A1 (en) | Multicast Broadcast Service Keys | |
| EP1359778A1 (en) | System, method and station for use in secure communication | |
| CN101529796B (en) | Mobile station authentication of TETRA network | |
| KR20080002095A (en) | System for safety using voip receiver call number and thereof | |
| CN100454798C (en) | CDMA system and method for implementing dynamic distribution of cipher key | |
| Murgatroyd | End to end encryption in public safety TETRA networks | |
| CN116321108A (en) | International mobile subscriber identification code transmission method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent of invention or patent application | ||
| CB02 | Change of applicant information |
Address after: Helsinki Applicant after: Cassidian Finland OY Address before: Helsinki Applicant before: Eads Secure Networks OY |
|
| COR | Change of bibliographic data |
Free format text: CORRECT: APPLICANT; FROM: EADS SECURE NETWORKS OY TO: CASSIDIAN FINLAND OY |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C56 | Change in the name or address of the patentee |
Owner name: AIRBUS DEFENCE AND SPACE OY Free format text: FORMER NAME: CASSIDIAN FINLAND OY |
|
| CP01 | Change in the name or title of a patent holder |
Address after: Helsinki Patentee after: EADS SECURE NETWORKS OY Address before: Helsinki Patentee before: Cassidian Finland OY |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20150722 Termination date: 20160623 |