CN101883359A - Method and device for accessing relay station to network - Google Patents
Method and device for accessing relay station to network Download PDFInfo
- Publication number
- CN101883359A CN101883359A CN2009101371031A CN200910137103A CN101883359A CN 101883359 A CN101883359 A CN 101883359A CN 2009101371031 A CN2009101371031 A CN 2009101371031A CN 200910137103 A CN200910137103 A CN 200910137103A CN 101883359 A CN101883359 A CN 101883359A
- Authority
- CN
- China
- Prior art keywords
- relay station
- request
- message
- relay
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W60/00—Affiliation to network, e.g. registration; Terminating affiliation with the network, e.g. de-registration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/047—Key management, e.g. using generic bootstrapping architecture [GBA] without using a trusted network node as an anchor
- H04W12/0471—Key exchange
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/02—Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
- H04W84/04—Large scale networks; Deep hierarchical networks
- H04W84/042—Public Land Mobile systems, e.g. cellular systems
- H04W84/047—Public Land Mobile systems, e.g. cellular systems using dedicated repeater stations
Abstract
The invention provides a method and a device for accessing a relay station to a network. The method comprises the following steps of: receiving a distance-measuring request from the relay station and sending a distance-measuring response to the relay station; receiving a basic capacity request from the relay station and sending a basic capacity response to the relay station; receiving a security association transmission encryption key request from the relay station and sending a security association transmission encryption key response to the relay station; and receiving a registration request from the relay station, registering the relay station and sending a registration response to the relay station after the registration is finished, wherein the distance-measuring request, the basic capacity request, the security association transmission encryption key request or the registration request carries safe area capacity information and/or data generation capacity information of the relay station.
Description
Technical field
The present invention relates to wireless communication technology, especially relate to method and device that a kind of relay station networks.
Background technology
WiMAX (Worldwide Interoperability for Microwave Access, the microwave interoperability is inserted in the whole world) is a kind of wireless metropolitan area network technology based on IEEE 802.16 standards.In IEEE 802.16 standards, IEEE 802.16d is the standard of fixed wireless access, can be applied to 2~11GHz non line of sight (NLOS) transmission and 10~66GHz sighting distance (LOS) transmission.IEEE 802.16e has added the ambulant new features of support on the basis of IEEE 802.16d.IEEE 802.16j is the air protocol that realizes relaying (relay) ability on the 16e basis that IEEE organizes to set up.In relaying technique, relay station (RS, Relay Station) is the website of data between transfer base station and the terminal, makes wireless signal promptly to arrive the destination through multi-hop through repeatedly transmission.In multihop network basic framework based on relaying technique, comprise following three essential parts: multi-hop relay base station (MRBS, Multi-hop Relay Base Station), RS and user terminal, user terminal comprises subscriber station (SS, Subscriber Station) and travelling carriage (MS, Mobile Station).Wherein:
MRBS a kind ofly is connected for relay station provides with user terminal, the equipment of management and control.
RS is a kind of MRBS of depending on, and the equipment of connection is provided for other RS or user terminal.The RS that has also can provide management and control for subordinate RS or user terminal.Between RS and user terminal eat dishes without rice or wine with MRBS and user terminal between to eat dishes without rice or wine be identical.RS can produce data, also can be restricted to only to transmit data, can not produce data.
In the prior art, as long as the networking of having finished of RS success authenticates, just can be selected to add place of safety (Security Zone) by MRBS, whether the MRBS decision issues the key of place of safety, as issue SZK (Security Zone Key, place of safety key) and SZKEK (Security Zone Key Encryption Key, the encryption key of place of safety key) and give corresponding RS, RS after receiving the key of place of safety, even if successful adding the place of safety.If RS has left the place of safety, do not need to authenticate again and issue key again.
In realizing process of the present invention, the inventor finds that there are the following problems at least in the prior art: defined when relay station networks under the WiMAX network idiographic flow of the side of eating dishes without rice or wine, the flow process that does not have the define grid side specifically should carry out among the IEEE802.16j.Though existing NWG Stage3 has defined the network side detailed process that terminal networks and should carry out, this networking effluent journey networks at terminal, some message is arranged and be not suitable for the scene that RS networks.In addition, the place of safety is not essential realization, and just suggestion realizes, does not support the situation of place of safety to take place so may have RS.But existing protocol does not define the capability negotiation process whether RS supports the place of safety.If there is not corresponding capability negotiation process, may produce MRBS and issue SZK, SZKEK, but RS do not support the situation of place of safety, and cause the waste of key and unnecessary security threat to RS.
Summary of the invention
The main purpose of the embodiment of the invention is to provide a kind of relay station method of network entry and device, when networking to provide relay station, and the flow process of the side of eating dishes without rice or wine and network side.
The present invention provides a kind of relay station method of network entry and device in addition, to realize the negotiation of place of safety ability.
To achieve these goals, the embodiment of the invention provides a kind of relay station method of network entry, and this method comprises:
Reception is from the distance measurement request of relay station, and sends ranging response to described relay station;
Reception is from the basic capacity request of described relay station, and sends the basic capacity response to relay station;
Reception is from the Security Association traffic encryption key request of relay station, and sends the response of Security Association traffic encryption key to relay station;
Reception is carried out the registration of relay station from the register requirement of described relay station, and sends the registration response to relay station after registration is finished;
Wherein, carry the place of safety ability information and/or the data generative capacity information of relay station in described distance measurement request, basic capacity request, the request of Security Association traffic encryption key or the register requirement.
The embodiment of the invention also provides a kind of relay station method of network entry, comprising:
Reception is from the basic capacity request of relay station;
Send relay station to certificate server and adhere to request in advance, this relay station adheres to the basic capacity information of carrying relay station in the request in advance;
Reception is adhered to response in advance from the relay station of certificate server;
After receiving the register requirement from described relay station, send relay station to certificate server and adhere to request, this relay station adheres to the log-on message that carries relay station in the request and the serving BS information of relay station;
Reception from described certificate server be used to confirm that the relay station of serving BS information of the log-on message of relay station and relay station adheres to response message.
The embodiment of the invention also provides a kind of relay station, comprise: transmitting element, this transmitting element is used to send distance measurement request, basic capacity request, the request of Security Association traffic encryption key or register requirement, carries the place of safety ability information and/or the data generative capacity information of this relay station in this distance measurement request, basic capacity request, the request of Security Association traffic encryption key or the register requirement.
The embodiment of the invention also provides a kind of relay base station, comprising:
Basic capacity request receiving element is used to receive the basic capacity request from described relay station;
Report the unit, be used for sending relay station and adhere to request in advance, report the basic capacity information of relay station, and the relay station that receives from certificate server adheres to response in advance to certificate server; The register requirement receiving element is used to receive the register requirement from described relay station;
Relay station adheres to request unit, is used for sending relay station to certificate server and adheres to request, and this relay station adheres to the log-on message that carries relay station in the request and the serving BS information of relay station;
Relay station adheres to response unit, be used to receive from described certificate server be used to confirm that the relay station of serving BS information of the log-on message of relay station and relay station adheres to response message in advance.
The embodiment of the invention has provided the flow process of relay station networking space-time oral-lateral and network side, and has realized the negotiation of relay station and relay base station place of safety ability.
Description of drawings
Accompanying drawing described herein is used to provide further understanding of the present invention, constitutes the application's a part, does not constitute limitation of the invention.In the accompanying drawings:
The effluent journey of eating dishes without rice or wine when Fig. 1 networks for relay station;
Fig. 2 is the flow chart that the relay station of one embodiment of the invention networks;
Fig. 3 is the structured flowchart of the relay station of one embodiment of the invention;
Fig. 4 is the structured flowchart of the relay base station of one embodiment of the invention;
Fig. 5 is the structured flowchart of the relay base station of another embodiment of the present invention.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, specific embodiments of the invention are elaborated below in conjunction with accompanying drawing.At this, illustrative examples of the present invention and explanation thereof are used to explain the present invention, but not as a limitation of the invention.
In the IEEE 802.16j standard, have the flow process of relay station networking space-time oral-lateral under a kind of WiMAX network, as shown in Figure 1, this flow process comprises the steps:
In this step, RS obtains the synchronizing information of MRBS, as UCD (Uplink Channel Descriptor, upstream channel descriptor), DCD (Downlink Channel Descriptor, down channel descriptor), UL_MAP (uplink map), DL_MAP (downlink map) etc.
RS sends distance measurement request (RNG-REQ) message to MRBS, after MRBS receives RNG-REQ, to RS feedback ranging response (RNG-RSP) message, carry in this RNG-RSP message the frequency deviation that is used to regulate RS, the time inclined to one side information.
Carry the basic capacity parameter that relay station is supported in this SBC-REQ message, as private cipher key management (PKM, privacy Key Management) protocol version, delegated strategy (Authorization Policy) and message authentication code modes (Message Authentication Code mode) etc.
After MRBS received SBC-REQ message, the ability parameter of supporting with self compared, and the ability parameter that both sides are supported is included in the basic capacity response message and sends to RS.
In this step, described upper strata certification entity is meant certificate server.
Herein, so-called three-way handshake is with the pattern of challenge, request, response, guarantees that the key that two ends comprise is identical, just guarantees the synchronous of key.
Being simply described as follows of three-way handshake process:
MRBS sends Security Association traffic encryption key challenge (SA-TEK-Challenge) message to RS, information such as the random number that portability MRBS produces in this message, authorization key sequence number, authorization key sign and cipher key lifetimes; This SA-TEK-Challenge message can be encapsulated in eating dishes without rice or wine in private cipher key managing response (PKMv2-RSP) message to be transmitted, and can be expressed as PKMv2-RSP/SA-TEK-Challenge or PKMv2SA-TEK-Challenge this moment.
After RS receives SA-TEK-Challenge, send Security Association traffic encryption key request (SA-TEK-Request) message to MRBS, the random number that portability RS produces in the message, information such as the random number that MRBS comprises in Security Association traffic encryption key challenge message, authorization key sequence number, authorization key sign, security capabilities, security negotiation variable; SA-TEK-Request message can be encapsulated in the PKMv2-REQ message in eating dishes without rice or wine to be transmitted, and can be expressed as PKMv2-REQ/SA-TEK-Request or PKMv2SA-TEK-Request this moment.
After MRBS receives SA-TEK-Request, send Security Association traffic encryption key response (SA-TEK-Response) message to RS.MRBS can issue SZK (Security Zone Key, place of safety key) and the SZKEK (Security ZoneKey Encryption Key, place of safety key-encrypting key) that is used for the RS place of safety in the SA-TEK-Response that sends to RS.If this RS is the RS of first networking, then MRBS can generate the SZK and the SZKEK that are used for the RS place of safety before sending SA-TEK-Response.SA-TEK-Response message can be encapsulated in the PKMv2-RSP message in eating dishes without rice or wine to be transmitted, and can be expressed as PKMv2-RSP/SA-TEK-Response or PKMv2SA-TEK-Request this moment.
Table 1.MRBS and RS MAC (media interviews control) ability are supported TLV (type-length-letter)
Step 113, MRBS sends relay station configuration order (RS_Config-CMD) message and gives RS, and the concrete parameter of RS is configured.The parameter of configuration can comprise the operator scheme of RS, the sign of RS, and preamble index, or the like.
In the flow process that as above networks, do not define the capability negotiation process whether RS supports the place of safety, if there is not corresponding place of safety capability negotiation process, issued SZK, SZKEK though may produce MRBS to RS, thereby because RS does not support safety to cause the waste of key and unnecessary problems such as security threat.
The flow process that equally, as above networks does not define the negotiations process whether RS supports to produce data capability yet.Because can different operator produce the Capability Requirement difference of data to RS, the RS that thinks that has can independently produce data, and the RS that thinks that has only can transmit data, can not produce data.If do not have RS can produce the capability negotiation of data, then can not satisfy the demand of multiple operator.Following embodiments of the invention will solve as above problem.
Embodiment 1
The embodiment of the invention provides relay station method of network entry in a kind of wireless relay network.
The method of present embodiment is on the basis of flow process shown in Figure 1, district safe to carry ability and/or generation data capability information in PKMv2SA-TEK-Request message in distance measurement request (RNG-REQ) message, SBC-REQ message, three-way handshake process or the REG-REQ message.Particularly, following mode is for example arranged:
(1) can in distance measurement request (RNG-REQ) message, SBC-REQ or PKMv2-REQ/SA-TEK-Request message, add correspondingly field, for example in message, add the RS place of safety and support TLV field and/or data to produce the support field, concrete form such as table 2, table 3 or table 4:
Table 2.RS supports TLV in the place of safety
Table 3.RS data produce supports TLV
Table 4. place of safety is supported and data produce support TLV
Perhaps:
(2) MRBS and the RS MAC ability of REG-REQ message are supported that TLV makes amendment, add the negotiation of RS place of safety tenability and the negotiation that data produce tenability.Amended MRBS and RSMAC ability support that TLV is as shown in table 5:
Table 5.MRBS and RS MAC ability are supported TLV
Correspondingly, in embodiments of the present invention, in ranging response, basic capacity response, PKMv2-RSP/SA-TEK-Reponse or registration response, can correspondingly carry the data generative capacity information and/or the place of safety tenability information of the relay station that relay base station supports.
Because when the RS initial network entry, MRBS generally can issue the initial key SZK and the SZKEK of place of safety in PKMv2-RSP/SA-TEK-Reponse message.So the capability negotiation of place of safety was just carried out in embodiment of the invention suggestion before PKMv2-RSP/SA-TEK-Reponse message, therefore preferably at ranging process, add the capability negotiation of whether relay station being supported the place of safety in SBC process or the PKMv2SA-TEK-Request process.
By as upper type, when relay station networks, just add RS and supported the negotiations process of place of safety ability and/or the capability negotiation process that can RS produce data, thereby can avoid the waste of key and unnecessary security threat, and can satisfy the demand of multiple operator.
Embodiment 2
The embodiment of the invention also provides relay station method of network entry in a kind of wireless relay network.This method has provided the flow process of relay station networking space-time oral-lateral and network side.As shown in Figure 2, this method comprises following flow process:
Step 201, the down-going synchronous flow process is carried out down-going synchronous with MRBS.
This step is with aforementioned step 101.
Step 202, initial ranging (Ranging) process.
This step can be with aforementioned step 102, and promptly RS sends distance measurement request (RNG-REQ) message to MRBS, after MRBS receives RNG-REQ, to RS feedback RNG-RSP.
Described certificate server for example can be authenticator (Authenticator) or access service network gateway (ASN-GW).
In this step, MRBS sends relay station to certificate server and adheres to request (RS-PreAttachment-REQ) message in advance, and this RS-PreAttachment-REQ carries the basic capacity information of relay station.Herein, message RS-PreAttachment-REQ is the predefined message of the embodiment of the invention, be used for reporting the basic capacity of relay station to the certificate server of network side, the security history (RS SecurityHistory) that has wherein comprised RS, the essential information of SBC information (SBC Context) and serving BS broadcasts (Serving BS Info) etc., and optionally, go back portability and identify the indication information that this message belongs to a RS rather than MS.
After step 205, certificate server are received the message of MRBS, return relay station to MRBS and adhere to response (RS-PreAttachment-RSP) message in advance, to confirm the basic capacity information of relay station.
The certificate server indication (Failure Indication) that whether portability fails in the RS-PreAttachment-RSP message of MRBS feedback, the related context (RS Info) of RS, the security history (RSSecurity History) of RS, and the essential information of serving BS broadcasts (Serving BS Info) etc.
This RS management server is used for RS is managed, and described management comprises authentication, aspects such as mandate.Described authentication will be passed through AAA (Authentication, Authorization, and Accounting) server and finish.This RS management server can be positioned at same entity with aaa server, also can be positioned at different entities.
If in the preceding step 204, RS-PreAttachment-REQ message does not comprise the indication that sign RS-PreAttachment-REQ belongs to a RS, because in the process of RS authentication, aaa server can obtain the information substrate of RS, comprise identity information, therefore AAA is after the EAP of RS authentication, the essential information of this RS can be handed down to certificate server (Authenticator/ASN-GW), the identity information of the certificate server RS that can provide by aaa server learns that this goes into the website is a RS rather than MS like this; Also can be behind authentication success, by RS management server notice Authenticator/ASN-GW, this goes into the website is a RS rather than MS.
Step 209, the AK Context information that calculates RS of certificate server success, and this information sent to MRBS by cipher key interaction indication (Key_change-Direction) message.
Step 211~213, MRBS and RS carry out three-way handshake process, guarantee that AK (Authorization Key, authorization key) context is synchronous.
This step can be identical with abovementioned steps 106~108.
Step 214, RS sends PKMv2Key-Request message to MRBS, to MRBS request TEK (traffic encryption key).
Can not realize that in order to solve prior art RS supports the negotiation of place of safety ability and/or the negotiation problem that can RS produce the ability of data, as another embodiment of the present invention, can " the MR-BSand RS MAC feature support TLV " of REG_REQ message be made amendment, add the negotiation of RS place of safety ability support and the negotiation that RS produces data capability.Amended " MR-BS and RS MAC feature support TLV " can be shown in table 5 among the embodiment 1.
The log-on message that has comprised RS in this RS-Attachment-RSP message.
Step 221-222, RS management server or certificate server send RS_Config-CMD message to MRBS alternatively, and how notice MRBS disposes the essential information of RS.
Step 223, MRBS sends relay station configuration order (RS_Config-CMD) message and gives RS, and the concrete parameter of RS is configured.
In the embodiment of the invention, provide the flow process of relay station networking space-time oral-lateral and network side, and realized the negotiation that relay station place of safety ability and data produce ability.
Embodiment 3
Network side flow process and embodiment 2 when the relay station of present embodiment networks are identical, do not do detailed description at this.The position that present embodiment is primarily aimed at newly-increased place of safety capability negotiation of the side of eating dishes without rice or wine and data generation capability negotiation is described.
Different with embodiment 2 RS place of safety ability is placed in the REG_REQ message, in the embodiment of the invention RS place of safety ability is placed in initial ranging message, SBC message or the PKMv2 SA-TEK-Request message.Need add corresponding negotiation field this moment in above message, for example can be in the following way: add the RS place of safety and support the TLV field in initial ranging message, SBC message or PKMv2 SA-TEK-Request message, concrete form can be shown in table 2 among the embodiment 1.
Because when the RS initial network entry, MRBS generally can issue the initial key SZK and the SZKEK of place of safety in PKMv2 SA-TEK-Reponse message.So the embodiment of the invention was just carried out the capability negotiation of place of safety before PKMv2 SA-TEK-Reponse message, just, add the capability negotiation of whether relay station being supported the place of safety in SBC process or the PKMv2SA-TEK-Request process at ranging process.
Be placed in the REG_REQ message differently with ability that the RS of embodiment 2 produces data, the data generation ability of RS can be placed in initial ranging message, SBC message or the PKMv2SA-TEK-Request message equally in the embodiment of the invention.Need in initial ranging message, SBC message or PKMv2SA-TEK-Request message, add the corresponding field of consulting this moment, for example can be in the following way: add the RS data and produce and support the TLV field in initial ranging message, SBC message or PKMv2SA-TEK-Request, concrete form can be shown in table 3 among the embodiment 1.
When adding RS place of safety support TLV field and RS data generation support TLV field simultaneously in initial ranging message, SBC message or PKMv2SA-TEK-Request message, concrete form can be shown in table 4 among the embodiment 1.
Correspondingly, in embodiments of the present invention, also carry the data generative capacity information and/or the place of safety tenability information of the relay station that relay base station supports in described ranging response, basic capacity response, PKMv2SA-TEK-Reponse or the registration response.
In the embodiment of the invention, provide the flow process of relay station networking space-time oral-lateral and network side, and realized the negotiation that relay station place of safety ability and data produce ability.
One of ordinary skill in the art will appreciate that all or part of step that realizes in the foregoing description method can instruct relevant hardware to finish by program, this program can be stored in the computer read/write memory medium, such as ROM/RAM, magnetic disc, CD etc.
Embodiment 4
The embodiment of the invention provides the relay station 300 in a kind of wireless relay network, this relay station comprises: transmitting element 310, be used for sending distance measurement request, basic capacity request, the request of Security Association traffic encryption key or register requirement, the place of safety ability information and/or the data generative capacity information of carrying this relay station in this distance measurement request, basic capacity request, the request of Security Association traffic encryption key or the register requirement to relay base station.In another embodiment of the present invention, as shown in Figure 3, described relay station also comprises receiving element 320, be used to receive response message, carry the place of safety ability information and/or the data generative capacity information of the relay station that relay base station supports in the described response message from distance measurement request, basic capacity request, the request of Security Association traffic encryption key or the register requirement that described transmitting element is sent of relay base station.
In the embodiment of the invention when relay station networks, add RS and supported the negotiations process of place of safety ability and/or the capability negotiation process that can RS produce data, thereby can avoid the waste of key and unnecessary security threat, and can satisfy the demand of multiple operator.
Embodiment 5
Present embodiment provides the relay base station in a kind of wireless relay network, and as shown in Figure 4, this relay base station 400 comprises:
Basic capacity request receiving element 410 is used to receive the basic capacity request from described relay station;
Register requirement receiving element 430 is used to receive the register requirement from described relay station;
Relay station adheres to request unit 440, is used for sending relay station to certificate server and adheres to request, and this relay station adheres to the log-on message that carries relay station in the request and the serving BS information of relay station;
Relay station adheres to response unit 450, be used to receive from described certificate server be used to confirm that the relay station of serving BS information of the log-on message of relay station and relay station adheres to response message.
In another embodiment of the present invention, as shown in Figure 5, described relay base station also comprises:
Authorization key receiving element 470 is used to receive the authorization key context from certificate server;
The 3rd confirmation unit 490 is used for sending relay station to certificate server and adheres to acknowledge message.
Relay station dispensing unit 500 is used to receive the relay station configuration order from certificate server or relay station management server, and sends the relay station configuration order according to the configuration control information of carrying in this relay station configuration order relay station to described relay station.
In the embodiment of the invention, a unit can be merged in above-mentioned each unit of relay base station, also can further split into a plurality of subelements.
Above-described specific embodiment; purpose of the present invention, technical scheme and beneficial effect are further described; institute is understood that; the above only is specific embodiments of the invention; and be not intended to limit the scope of the invention; within the spirit and principles in the present invention all, any modification of being made, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (18)
1. a relay station method of network entry is characterized in that, comprising:
Reception is from the distance measurement request of relay station, and sends ranging response to described relay station;
Reception is from the basic capacity request of described relay station, and sends the basic capacity response to relay station;
Reception is from the Security Association traffic encryption key request of relay station, and sends the response of Security Association traffic encryption key to relay station;
Reception is carried out the registration of relay station from the register requirement of described relay station, and sends the registration response to relay station after registration is finished;
Wherein, carry the place of safety ability information and/or the data generative capacity information of relay station in described distance measurement request, basic capacity request, the request of Security Association traffic encryption key or the register requirement.
2. method according to claim 1 is characterized in that:
Correspondingly carry the place of safety ability information and/or the data generative capacity information of the relay station that relay base station supports in described ranging response, basic capacity response, the response of Security Association traffic encryption key or the registration response.
3. a relay station method of network entry is characterized in that, comprising:
Reception is from the basic capacity request of relay station;
Send relay station to certificate server and adhere to request in advance, this relay station adheres to the basic capacity information of carrying relay station in the request in advance;
Reception is adhered to response in advance from the relay station of certificate server;
After receiving the register requirement from described relay station, send relay station to certificate server and adhere to request, this relay station adheres to the log-on message that carries relay station in the request and the serving BS information of relay station;
Reception from described certificate server be used to confirm that the relay station of serving BS information of the log-on message of relay station and relay station adheres to response message.
4. method according to claim 3 is characterized in that, the basic capacity information that described relay station adheres to the relay station that carries in the request in advance comprises: the security history of relay station, basic capacity information context and service base station information.
5. method according to claim 4 is characterized in that, the basic capacity information that described relay station adheres to the relay station that carries in the request in advance also comprises: indicate described relay station to adhere to the indication information that request belongs to relay station in advance.
6. method according to claim 3 is characterized in that, also comprises:
Reception is from the distance measurement request of relay station, and sends ranging response to described relay station;
Reception is from the Security Association traffic encryption key request of relay station, and sends the response of Security Association traffic encryption key to relay station.
7. method according to claim 6 is characterized in that:
Carry the place of safety ability information and/or the data generative capacity information of described relay station in described distance measurement request, basic capacity request, the request of Security Association traffic encryption key or the register requirement.
8. method according to claim 3 is characterized in that, also comprises:
Send relay station to certificate server and adhere to acknowledge message in advance.
9. method according to claim 3 is characterized in that, also comprises:
Reception is returned acknowledge message from the authorization key context of certificate server to described certificate server.
10. method according to claim 3 is characterized in that, also comprises:
Send relay station to certificate server and adhere to acknowledge message.
11. method according to claim 3 is characterized in that, also comprises:
Reception is from the relay station configuration order of certificate server or relay station management server, and sends the relay station configuration order according to the configuration control information of carrying in this relay station configuration order relay station to described relay station.
12. a relay station comprises transmitting element, it is characterized in that:
Transmitting element is used for sending distance measurement request, basic capacity request, the request of Security Association traffic encryption key or register requirement, the place of safety ability information and/or the data generative capacity information of carrying this relay station in this distance measurement request, basic capacity request, the request of Security Association traffic encryption key or the register requirement to relay base station.
13. relay station according to claim 12 is characterized in that, also comprises:
Receiving element, be used to receive response message, carry the place of safety ability information and/or the data generative capacity information of the relay station that relay base station supports in the described response message from distance measurement request, basic capacity request, the request of Security Association traffic encryption key or the register requirement that described transmitting element is sent of relay base station.
14. a relay base station is characterized in that, comprising:
Basic capacity request receiving element is used to receive the basic capacity request from described relay station;
Report the unit, be used for sending relay station and adhere to request in advance, report the basic capacity information of relay station, and the relay station that receives from certificate server adheres to response in advance to certificate server;
The register requirement receiving element is used to receive the register requirement from described relay station;
Relay station adheres to request unit, is used for sending relay station to certificate server and adheres to request, and this relay station adheres to the log-on message that carries relay station in the request and the serving BS information of relay station;
Relay station adheres to response unit, be used to receive from described certificate server be used to confirm that the relay station of serving BS information of the log-on message of relay station and relay station adheres to response message.
15. relay base station according to claim 14 is characterized in that, also comprises:
First confirmation unit is used for sending relay station to certificate server and adheres to acknowledge message in advance.
16. relay base station according to claim 14 is characterized in that, also comprises:
The authorization key receiving element is used to receive the authorization key context from certificate server;
Second confirmation unit is used for returning acknowledge message to described certificate server.
17. relay base station according to claim 14 is characterized in that, also comprises:
The 3rd confirmation unit is used for sending relay station to certificate server and adheres to acknowledge message.
18. relay base station according to claim 14 is characterized in that, also comprises:
The relay station dispensing unit is used to receive the relay station configuration order from certificate server or relay station management server, and sends the relay station configuration order according to the configuration control information of carrying in this relay station configuration order relay station to described relay station.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2009101371031A CN101883359A (en) | 2009-05-04 | 2009-05-04 | Method and device for accessing relay station to network |
PCT/CN2010/072405 WO2010127605A1 (en) | 2009-05-04 | 2010-05-04 | Method and device for relay station to access network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2009101371031A CN101883359A (en) | 2009-05-04 | 2009-05-04 | Method and device for accessing relay station to network |
Publications (1)
Publication Number | Publication Date |
---|---|
CN101883359A true CN101883359A (en) | 2010-11-10 |
Family
ID=43049973
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2009101371031A Pending CN101883359A (en) | 2009-05-04 | 2009-05-04 | Method and device for accessing relay station to network |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN101883359A (en) |
WO (1) | WO2010127605A1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9232404B2 (en) | 2009-09-28 | 2016-01-05 | Huawei Technologies Co., Ltd. | Method, apparatus, and system for data transmission |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2013069170A1 (en) * | 2011-11-07 | 2013-05-16 | パナソニック株式会社 | Relay station, base station, and band frequency allocation method |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070070929A1 (en) * | 2005-09-28 | 2007-03-29 | Samsung Electronics Co., Ltd. | Apparatus and method for negotiating relay station capability in a multi-hop relay broadband wireless access communication system |
CN101351021B (en) * | 2007-07-16 | 2011-11-30 | 中兴通讯股份有限公司 | Microwave access global interconnection system and implementing method thereof |
-
2009
- 2009-05-04 CN CN2009101371031A patent/CN101883359A/en active Pending
-
2010
- 2010-05-04 WO PCT/CN2010/072405 patent/WO2010127605A1/en active Application Filing
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9232404B2 (en) | 2009-09-28 | 2016-01-05 | Huawei Technologies Co., Ltd. | Method, apparatus, and system for data transmission |
Also Published As
Publication number | Publication date |
---|---|
WO2010127605A1 (en) | 2010-11-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR101455721B1 (en) | Method and Apparatus for switching an internet network for a portable terminal | |
CN102111766B (en) | Network accessing method, device and system | |
US20090116647A1 (en) | Method for providing fast secure handoff in a wireless mesh network | |
US9258705B2 (en) | Apparatus, method and system for creating and maintaining multicast data encryption key in machine to machine communication system | |
US7561551B2 (en) | Method and system for propagating mutual authentication data in wireless communication networks | |
CN104168669A (en) | Method and system for use of cellular infrastructure to manage small cell access | |
US20080031155A1 (en) | Managing establishment and removal of security associations in a wireless mesh network | |
US20120005727A1 (en) | Method for user terminal authentication and authentication server and user terminal thereof | |
CN101888630B (en) | Authentication Method, system and device for switching access networks | |
CN106961682B (en) | It is a kind of based on the group of mobile relay to path mobile handoff authentication method | |
CN102450056A (en) | Methods and apparatus for use in facilitating the communication of neighboring network information to a mobile terminal with use of a radius compatible protocol | |
US20090031398A1 (en) | Role determination for meshed node authentication | |
US20100023752A1 (en) | Method and device for transmitting groupcast data in a wireless mesh communication network | |
US20080220799A1 (en) | Communication system and handshake method thereof | |
US20080057906A1 (en) | Dual authentication method in mobile networks | |
CN100558187C (en) | A kind of radio switch-in method and access controller | |
CN101150472A (en) | Authentication method, authentication server and terminal in WIMAX | |
CN101977378B (en) | Information transferring method, network side and via node | |
CN101888631B (en) | Method, system and equipment for switching access network | |
CN102111809B (en) | Distributed control architecture for relays in broadband wireless networks | |
CN101990207B (en) | Access control method, home base station (HBS) and HBS authorization server | |
CN101883359A (en) | Method and device for accessing relay station to network | |
KR20090024655A (en) | Methods and devices for establishing security associations and performing handoff authentication in communication systems | |
CN102958094A (en) | System and method for implementation of femtocell wireless access network sharing | |
KR101171311B1 (en) | Method of authenticating relay station in broadband wireless access system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20101110 |