CN101883362B - A kind of method and apparatus realizing authentication - Google Patents
A kind of method and apparatus realizing authentication Download PDFInfo
- Publication number
- CN101883362B CN101883362B CN201010221243.XA CN201010221243A CN101883362B CN 101883362 B CN101883362 B CN 101883362B CN 201010221243 A CN201010221243 A CN 201010221243A CN 101883362 B CN101883362 B CN 101883362B
- Authority
- CN
- China
- Prior art keywords
- authentication vector
- terminal
- authentication
- mark
- level network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
Abstract
The invention discloses a kind of method and apparatus realizing authentication, all for the terminal being assigned with inferior grade authentication vector, authentication vector can be added for this terminal and obtain mark; When described terminal accesses high-level network, obtain mark according to the authentication vector of this terminal and obtain the high-grade authentication vector being applicable to high-level network.The present invention realizes the method and apparatus of authentication, all can avoid meaningless failed authentication, is conducive to the proper communication of terminal, improves user satisfaction.
Description
Technical field
The present invention relates to the communications field, be specifically related to a kind of method and apparatus realizing authentication.
Background technology
Although 3G network is being popularized gradually; but operator is for the consideration of market and cost; usually can adopt the strategy of progressively transition, thus occur the situation of mobile switching centre/Visited Location Registor (MSC/VLR) common networking of 2G & 3G.In the mobile communication network being in transition stage, usually there will be the situation of original 2G MSC/VLR and newly-built 2G & 3G MSC/VLR mixed networking.
Under above-mentioned network condition, terminal can roam into 2G & 3G MSC/VLR from 2G MSC/VLR, equally also can from 2G netsurfing to 3G network in 2G & 3G MSC/VLR.In roam procedure, MSC/VLR needs to process authentication process.Process authentication process has two key points: first is obtain and preserve authentication vector, and second is choose correct authentication vector to initiate authentication process.
For the acquisition of authentication vector, MSC/VLR obtains mainly through two channels:
Attaching position register/AUC (HLR/Auc) is responsible for the authentication vector generating terminal, and MSC/VLR then can obtain authentication vector and preserve from HLR/Auc.Certainly, in order to avoid repeatedly obtaining authentication vector, HLR/Auc disposablely can provide and organize authentication vector more.
Except obtaining except authentication vector from HLR/Auc, MSC/VLR, when processing position updating process across VLR, can obtain authentication vector by the MAP-SEND-IDENTIFICATION message in 3GPP TS 29.002 agreement from previous MSC/VLR and preserve.
For 2G terminal, the tlv triple that the authentication vector that HLR/Auc generates is made up of random parameter RAND, Expected Response XRES, encryption key CK; For 3G terminal, the five-tuple that the authentication vector that HLR/Auc generates then is made up of RAND, XRES, CK, Integrity Key IK, authentication-tokens AUTN.
When obtaining authentication vector to previous MSC/VLR, if adopt lower MAP version to be connected between MSC/VLR, being so subject to the restriction of version, in MAP-SEND-IDENTIFICATION message, can only tlv triple being transmitted.Certainly, for MSC/VLR, tlv triple can be derived by five-tuple, otherwise but cannot.Therefore, even if a 3G terminal, the tlv triple after conversion also can only be supplied to 2G & 3G MSC/VLR and use by 2G MSC/VLR.Further, after obtaining authentication vector, MSC/VLR needs to select suitable authentication vector according to the current wireless access type of terminal and terminal type before initiating authentication process, the success of guarantee authentication.
As previously mentioned, terminal roams into after 2G & 3G MSC/VLR from 2G MSC/VLR, and 2G & 3GMSC/VLR can only be tlv triple from the authentication vector that 2G MSC/VLR gets.
2G & 3G MSC/VLR can be connected with the radio network controller (RNC) of 3G with the base station controller (BSC) of 2G simultaneously, if terminal is now accessed by BSC, so according to the definition of 3GPP TS 33.102 agreement, use tlv triple to carry out successful authentication, 2G & 3G MSC/VLR is available from the authentication vector that 2GMSC/VLR obtains.But, if terminal roams into RNC from the BSC 2G & 3G MSC/VLR again, if then the follow-up tlv triple of preservation that still uses carries out authentication, so will failed authentication be caused.Or terminal directly roams into the RNC 2G & 3G MSC/VLR from 2G MSC/VLR, also by the same token can cause failed authentication.
In another kind of situation, if adopt lower MAP version to be connected between MSC/VLR or between HLR and 2G M SC/VLR, so be subject to the restriction of version, tlv triple can only be transmitted in MAP-SEND-IDENTIFICATION message, so no matter first terminal accesses the network of which level, as long as roam into high-level network (as the RNC under 3G network, or the RNC under 2G & 3G network), the MSC/VLR of so high-level network can only obtain tlv triple.Once employ triplet authentication vector, so result is also failed authentication.
In a word, if MAP version is highest version, if then terminal by low level netsurfing to high-level network, when the MSC/VLR of high-level network obtains the authentication vector of this terminal from the MSC/VLR of previous network, all can only get triplet authentication vector.If MAP version is lowest version, then no matter terminal roams into high-level network wherefrom, when the MSC/VLR of high-level network obtains the authentication vector of this terminal from the MSC/VLR of previous network, all can only get triplet authentication vector.
Relate to the networking scene of above-mentioned authentication process at present as shown in Figure 1.In Fig. 1,2G MSC/VLR 100 only supports to be connected with BSC 120, and 2G & 3G MSC/VLR 110 then supports BSC 121 and RNC122 access simultaneously.Connection S220 between 2G MSC/VLR 100 and 2G & 3G MSC/VLR 110, is subject to the restriction of capacity of equipment, and the MAP that version is lower can only be adopted to carry out communication; Further, 2G & 3GMSC/VLR 110 can get the authentication vector of terminal from 2G MSC/VLR 100 by this connection.
2G MSC/VLR 100 is connected respectively by S200, S222 and HLR/Auc with 2G & 3G MSC/VLR 110, employing be also MAP.Certainly, S200 also may, because being subject to the restriction of capacity of equipment, can only adopt the MAP that version is lower to carry out communication.2G MSC/VLR 100 and 2G & 3GMSC/VLR 110 can obtain the authentication vector of terminal from HLR/Auc by respective connection.
When terminal 000 roams into 2G & 3G MSC/VLR 110 from 2G MSC/VLR 100, as shown in Figure 2, shown in Fig. 2, flow process comprises the following steps concrete application scenarios:
Step 201:3G terminal roams into 2G & 3G MSC/VLR, by RNC access network from 2G MSC/VLR.Terminal launch position renewal process, provides the information of previous lane place.
Step 202:2G & 3G MSC/VLR, according to described location area information, obtains the address of 2G MSC/VLR, and sends MAP-SEND-IDENTIFICATION request message, obtains user ID and authentication vector to 2G MSC/VLR.
Step 203: owing to adopting the MAP of lowest version to be connected between 2G & 3G MSC/VLR and 2G MSC/VLR, the authentication vector that therefore 2G MSC/VLR returns is triplet information.
Step 204:2G & 3G MSC/VLR judges to be 3G terminal and is RNC access, if authentication vector is triplet information, then do not preserve this authentication vector, but directly abandon, and obtain new authentication vector by MAP message to HLR/Auc.
Step 205:HLR/Auc returns the authentication vector of terminal.
Step 206:2G & 3G MSC/VLR uses the authentication vector obtained from HLR/Auc to initiate authentication process.
Visible, in scene shown in Fig. 2, in terminal authentication procedure, meaningless failed authentication can be caused once because not obtaining suitable authentication vector.This is obviously unfavorable for the proper communication of terminal, reduces user satisfaction.
Summary of the invention
In view of this, main purpose of the present invention is to provide a kind of method and apparatus realizing authentication, avoids occurring meaningless failed authentication.
For achieving the above object, technical scheme of the present invention is achieved in that
Realize a method for authentication, the method comprises:
For the terminal being assigned with inferior grade authentication vector, add authentication vector for this terminal and obtain mark; When described terminal accesses high-level network, obtain mark according to the authentication vector of this terminal and obtain the high-grade authentication vector being applicable to high-level network.
The process obtaining the described authentication vector of mark acquisition according to described authentication vector comprises:
Judge that described terminal is the terminal of corresponding high-level network, the authentication vector look for set by this terminal obtains mark, when finding this authentication vector and obtaining mark, obtains the high-grade authentication vector being applicable to high-level network.
The method comprises further:
Delete the inferior grade authentication vector of preserving for described terminal, remove the authentication vector of adding for this terminal and obtain and mark.
After obtaining the described authentication vector of mark acquisition according to described authentication vector, this authentication vector of application initiates authentication process further.
Described terminal is 3G terminal, and described high-level network is 2G & 3G network.
Realize a device for authentication, this device comprises authentication vector and obtains mark maintenance unit, authentication vector processing unit; Wherein,
Described authentication vector obtains mark maintenance unit, for for the terminal being assigned with inferior grade authentication vector, adds authentication vector obtain mark for this terminal;
Described authentication vector processing unit, for when described terminal accesses high-level network, the authentication vector obtaining this terminal of adding in mark maintenance unit according to described authentication vector obtains mark, obtains the high-grade authentication vector being applicable to high-level network.
Described authentication vector processing unit, for judging that described terminal is the terminal of corresponding high-level network, the authentication vector look for set by this terminal obtains mark, when finding this authentication vector and obtaining mark, obtains the high-grade authentication vector being applicable to high-level network.
Described authentication vector processing unit is further used for:
The inferior grade authentication vector that deletion is preserved for described terminal, and notify that the authentication vector acquisition that the removing of authentication vector acquisition mark maintenance unit is added for this terminal marks.
This device comprises authenticating unit further, initiates authentication process for the high-grade authentication vector being applicable to high-level network obtained according to described authentication vector processing unit.
Described device be arranged at comprise mobile switching centre/Visited Location Registor MSC/VLR can carry out in the functional entity of authentication management process to terminal;
Described terminal is 3G terminal, and described high-level network is 2G & 3G network.
The present invention realizes the method and apparatus of authentication, all can avoid meaningless failed authentication, is conducive to the proper communication of terminal, improves user satisfaction.
Accompanying drawing explanation
Fig. 1 is the mixed networking Organization Chart of prior art;
Fig. 2 is the authorizing procedure figure of prior art;
Fig. 3 is the authorizing procedure figure of one embodiment of the invention;
Fig. 4 is authorizing procedure sketch of the present invention;
Fig. 5 is the authentication device figure of one embodiment of the invention.
Embodiment
In actual applications, under the condition of mixed networking, if 2G & 3G MSC/VLR is tlv triple from the authentication vector that 2GMSC/VLR gets, in order to reduce the probability of subsequent authentication failure, 2G & 3GMSC/VLR can process authentication vector according to following principle:
When terminal is 3G terminal, and during by 2G network insertion, 2G & 3G MSC/VLR can be arranged and this user-dependent authentication vector obtains mark, to show that this terminal preserves authentication vector because of 2G network insertion.When terminal roaming is to 3G network and when accessing 2G & 3G MSC/VLR, can judge whether terminal is equipped with authentication vector and obtains mark, if, then being illustrated as the authentication vector that this terminal preserves is inapplicable tlv triple, thus this authentication vector is directly deleted, and this authentication vector acquisition mark can be removed, more again arrive the authentication vector that HLR/Auc acquisition is applicable to 3G network.
Owing to obtaining the authentication vector being applicable to 3G network of quintuple form, thus the meaningless failed authentication shown in Fig. 2 can be avoided.
More than operate thinking can represent as shown in Figure 3.After describing terminal roaming to 2G & 3G MSC/VLR see Fig. 3, Fig. 3, first from the authorizing procedure of 2G network insertion.Wherein most crucial main points are: 2G & 3G MSC/VLR arranges authentication vector according to terminal type and access style and obtains mark, and when terminal roams into 3G network again, by obtaining the judgement of mark to this authentication vector, delete the authentication vector not being suitable for 3G network of preserving, then obtain the authentication vector being applicable to 3G network to HLR/Auc, thus avoid failed authentication.Shown in Fig. 3, flow process comprises the following steps:
Step 301: terminal is 3G terminal, roams into 2G & 3G MSC/VLR, by BSC access network from 2G MSC/VLR.Terminal launch position renewal process, provides the information of previous lane place.
Step 302:2G & 3G MSC/VLR, according to described location area information, obtains the address of 2G MSC/VLR, and sends MAP-SEND-IDENTIFICATION request message, obtains user ID and authentication vector to 2G MSC/VLR.
Step 303: owing to adopting the MAP of lowest version to be connected between 2G & 3G MSC/VLR and 2G MSC/VLR, the authentication vector that therefore 2G MSC/VLR returns is triplet information.
Step 304:2G & 3G MSC/VLR judges that terminal is 3G terminal, and be accessed by BSC, therefore while conventionally preserving authentication vector, mark is obtained, to show that this terminal preserves authentication vector because of 2G network insertion for this terminal arranges authentication vector in self record.
Step 305:2G & 3G MSC/VLR initiates authentication process.
Step 306: terminal continues from the 2G netsurfing of 2G & 3G MSC/VLR to 3G network, and initiates position updating process.
Step 307:2G & 3G MSC/VLR judges that terminal is 3G terminal, and accessed by RNC, therefore the authentication vector look in self record set by this terminal obtains mark, when finding this authentication vector and obtaining mark, the authentication vector of preserving for this terminal before explanation is inapplicable tlv triple, thus can directly delete this authentication vector, and this authentication vector acquisition mark can be removed.
Step 308:2G & 3G MSC/VLR obtains the authentication vector being applicable to 3G network to HLR/Auc by MAP message.
Step 309:HLR/Auc returns the authentication vector of user.
Step 310:2G & 3G MSC/VLR uses the authentication vector being applicable to 3G network obtained from HLR/Auc to initiate authentication process.
As seen from the above description, when the terminals such as the 3G terminal of the contour hierarchical network of corresponding 2G & 3G are by low level network insertions such as 2G, authentication vector can be added for this terminal and obtain mark; And when described terminal accesses high-level network, obtain mark according to the authentication vector of this terminal and obtain the authentication vector being applicable to high-level network.
It should be noted that, if MAP version is lowest version, then no matter terminal roams into high-level network wherefrom, when the MSC/VLR of high-level network obtains the authentication vector of this terminal from the MSC/VLR of previous network, all can only get the triplet authentication vector as inferior grade authentication vector, and the high-grade authentication vector being applicable to high-level network being presented as five-tuple authentication vector cannot be obtained.In this case, authentication vector can be added for this terminal equally and obtain mark; And when described terminal accesses high-level network, obtain mark according to the authentication vector of this terminal and obtain the authentication vector being applicable to high-level network.
Aforesaid operations thinking can represent flow process as shown in Figure 4, and shown in Fig. 4, flow process comprises the following steps:
Step 410: for the terminal being assigned with inferior grade authentication vector, adds authentication vector for this terminal and obtains mark.As: when the terminal of the high-level network of correspondence is by low level network insertion, adds authentication vector for this terminal and obtain mark; Or, for once by the terminal that lowest version MAP communicates, add authentication vector for this terminal and obtain mark.
Step 420: when described terminal accesses high-level network, obtains mark according to the authentication vector of this terminal and obtains the high-grade authentication vector being applicable to high-level network.
In order to ensure that above operation can be carried out smoothly, device as shown in Figure 5 can be set.See the authentication device figure that Fig. 5, Fig. 5 are one embodiment of the invention, this device comprises connected authentication vector and obtains mark maintenance unit, authentication vector processing unit, can also comprise authenticating unit further.Described device can be arranged at MSC/VLR etc. can carry out in the functional entity of the process such as authentication management terminal.
During embody rule, authentication vector obtains mark maintenance unit, for the terminal being assigned with inferior grade authentication vector, can add authentication vector obtain mark for this terminal.Authentication vector processing unit, can when described terminal accesses high-level network, and the authentication vector look for set by described terminal to authentication vector acquisition mark maintenance unit obtains mark; And when finding authentication vector and obtaining mark, obtain mark according to this authentication vector and obtain the high-grade authentication vector being applicable to high-level network.
Furthermore, the obtained high-grade authentication vector being applicable to high-level network can also be sent to authenticating unit, initiate the authentication process to described terminal by authenticating unit.
In addition, when authentication vector processing unit determine to need to obtain be applicable to the high-grade authentication vector of high-level network time, be inferior grade authentication vector that terminal is preserved before can deleting; And can notify that authentication vector obtains the authentication vector acquisition mark marking maintenance unit removing and add for this terminal, be obtained the authentication vector acquisition mark marking maintenance unit and add for this terminal according to the notice removing received by authentication vector.
Operation achieved by above-mentioned each unit discloses in detail in aforementioned techniques describes, and does not repeat them here.
Visible in sum, no matter be method or device, the present invention realizes the technology of authentication, all can avoid the meaningless failed authentication shown in Fig. 2, be conducive to the proper communication of terminal, improve user satisfaction.
The above, be only preferred embodiment of the present invention, be not intended to limit protection scope of the present invention, and all any amendments done within the spirit and principles in the present invention, equivalent replacement and improvement etc., all should be included within protection scope of the present invention.
Claims (8)
1. realize a method for authentication, it is characterized in that, the method comprises:
For the terminal being assigned with inferior grade authentication vector, add for this terminal the authentication vector arranged according to terminal type and access style and obtain mark; When described terminal accesses high-level network, obtain mark according to the authentication vector of this terminal and obtain the high-grade authentication vector being applicable to high-level network;
Wherein, obtain according to described authentication vector the process marking the described authentication vector of acquisition to comprise:
Judge that described terminal is the terminal of corresponding high-level network, the authentication vector look for set by this terminal obtains mark, when finding this authentication vector and obtaining mark, obtains the high-grade authentication vector being applicable to high-level network.
2. method according to claim 1, is characterized in that, the method comprises further:
Delete the inferior grade authentication vector of preserving for described terminal, remove the authentication vector of adding for this terminal and obtain and mark.
3. method according to claim 1, is characterized in that, after obtaining the described authentication vector of mark acquisition according to described authentication vector, this authentication vector of application initiates authentication process further.
4. the method according to any one of claims 1 to 3, is characterized in that, described terminal is 3G terminal, and described high-level network is 2G & 3G network.
5. realize a device for authentication, it is characterized in that, this device comprises authentication vector and obtains mark maintenance unit, authentication vector processing unit; Wherein,
Described authentication vector obtains mark maintenance unit, for for the terminal being assigned with inferior grade authentication vector, adds the authentication vector arranged according to terminal type and access style obtain mark for this terminal;
Described authentication vector processing unit, for when described terminal accesses high-level network, the authentication vector obtaining this terminal of adding in mark maintenance unit according to described authentication vector obtains mark, obtains the high-grade authentication vector being applicable to high-level network;
Wherein, described authentication vector processing unit, for judging that described terminal is the terminal of corresponding high-level network, the authentication vector look for set by this terminal obtains mark, when finding this authentication vector and obtaining mark, obtain the high-grade authentication vector being applicable to high-level network.
6. device according to claim 5, is characterized in that, described authentication vector processing unit is further used for:
The inferior grade authentication vector that deletion is preserved for described terminal, and notify that the authentication vector acquisition that the removing of authentication vector acquisition mark maintenance unit is added for this terminal marks.
7. device according to claim 5, is characterized in that, this device comprises authenticating unit further, initiates authentication process for the high-grade authentication vector being applicable to high-level network obtained according to described authentication vector processing unit.
8. the device according to any one of claim 5 to 7, is characterized in that, described device be arranged at comprise mobile switching centre/Visited Location Registor MSC/VLR can carry out in the functional entity of authentication management process to terminal;
Described terminal is 3G terminal, and described high-level network is 2G & 3G network.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010221243.XA CN101883362B (en) | 2010-06-29 | 2010-06-29 | A kind of method and apparatus realizing authentication |
| PCT/CN2011/071783 WO2012000327A1 (en) | 2010-06-29 | 2011-03-14 | Method and device for realizing authentication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010221243.XA CN101883362B (en) | 2010-06-29 | 2010-06-29 | A kind of method and apparatus realizing authentication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101883362A CN101883362A (en) | 2010-11-10 |
| CN101883362B true CN101883362B (en) | 2015-09-16 |
Family
ID=43055212
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010221243.XA Expired - Fee Related CN101883362B (en) | 2010-06-29 | 2010-06-29 | A kind of method and apparatus realizing authentication |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN101883362B (en) |
| WO (1) | WO2012000327A1 (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101883362B (en) * | 2010-06-29 | 2015-09-16 | 中兴通讯股份有限公司 | A kind of method and apparatus realizing authentication |
| CN102137459B (en) * | 2011-02-21 | 2013-12-04 | 华为技术有限公司 | Method as well as related system and device for ensuring CS (circuit-switched) domain of one-card double-standby terminal to reside in two networks simultaneously |
| CN111405557B (en) * | 2020-03-19 | 2022-03-15 | 中国电子科技集团公司第三十研究所 | Method and system for enabling 5G network to flexibly support multiple main authentication algorithms |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6671507B1 (en) * | 2000-06-16 | 2003-12-30 | Siemens Aktiengesellschaft | Authentication method for inter-system handover between at least two radio communications systems |
| CN1642083A (en) * | 2004-09-23 | 2005-07-20 | 华为技术有限公司 | Network side anthority-discrimination-mode selecting method |
| CN101132279A (en) * | 2006-08-24 | 2008-02-27 | 华为技术有限公司 | Authentication method and authentication system |
| CN101426233A (en) * | 2007-11-02 | 2009-05-06 | 华为技术有限公司 | Roaming user equipment gradation controlling method and gateway equipment for access service network |
| CN101645901A (en) * | 2009-09-03 | 2010-02-10 | 烽火通信科技股份有限公司 | Method for deciding user authentication mode by IMS network based on terminal capabilities |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101883362B (en) * | 2010-06-29 | 2015-09-16 | 中兴通讯股份有限公司 | A kind of method and apparatus realizing authentication |
-
2010
- 2010-06-29 CN CN201010221243.XA patent/CN101883362B/en not_active Expired - Fee Related
-
2011
- 2011-03-14 WO PCT/CN2011/071783 patent/WO2012000327A1/en active Application Filing
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6671507B1 (en) * | 2000-06-16 | 2003-12-30 | Siemens Aktiengesellschaft | Authentication method for inter-system handover between at least two radio communications systems |
| CN1642083A (en) * | 2004-09-23 | 2005-07-20 | 华为技术有限公司 | Network side anthority-discrimination-mode selecting method |
| CN101132279A (en) * | 2006-08-24 | 2008-02-27 | 华为技术有限公司 | Authentication method and authentication system |
| CN101426233A (en) * | 2007-11-02 | 2009-05-06 | 华为技术有限公司 | Roaming user equipment gradation controlling method and gateway equipment for access service network |
| CN101645901A (en) * | 2009-09-03 | 2010-02-10 | 烽火通信科技股份有限公司 | Method for deciding user authentication mode by IMS network based on terminal capabilities |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2012000327A1 (en) | 2012-01-05 |
| CN101883362A (en) | 2010-11-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9729523B2 (en) | Method, network element, and mobile station for negotiating encryption algorithms | |
| US7065340B1 (en) | Arranging authentication and ciphering in mobile communication system | |
| US9713001B2 (en) | Method and system for generating an identifier of a key | |
| US8706085B2 (en) | Method and apparatus for authenticating communication device | |
| TWI606740B (en) | An Electronic Device, System and Method for Registering Network | |
| KR101700448B1 (en) | Method and system for managing security in mobile communication system | |
| US20170099601A1 (en) | Identity module with interchangeable unique identifiers | |
| EP2521387A2 (en) | Method and system for supporting security in a mobile communication system | |
| JP2022101688A (en) | Communication terminal, core network node, and key derivation method | |
| CN101521873B (en) | Method for enabling local security context | |
| JP2008504759A (en) | Reuse method of identification data from user equipment identification module by peripheral device | |
| CN102457844B (en) | Group key management method and system in the certification of a kind of M2M group | |
| CN104412633B (en) | The method and apparatus of long-distance intelligent card personalization | |
| CN102905265A (en) | Mobile equipment (ME) attaching method and device | |
| CN108347728B (en) | Information processing method and device | |
| CN111147421A (en) | Authentication method based on General Bootstrapping Architecture (GBA) and related equipment | |
| BRPI0418929B1 (en) | A method as claimed in claim 1, characterized in that the first group of subscribers for use of said first mobile telephone service and said second group of subscribers for use of said second mobile telephone service in the mobile network to request routing information to complete a call TO SUBSCRIBE, AND DELIVER MESSAGE TO SUBSCRIBE | |
| EP3767983A1 (en) | Network slice authentication | |
| CN101883362B (en) | A kind of method and apparatus realizing authentication | |
| CN101938746B (en) | Anti-cloning method and device of user identification module | |
| CN102970678B (en) | Cryptographic algorithm negotiating method, network element and mobile station | |
| CN103607709A (en) | Method and device for managing user data | |
| US20100304713A1 (en) | Technique for restricting access to a wireless communication service | |
| KR101434750B1 (en) | Geography-based pre-authentication for wlan data offloading in umts-wlan networks | |
| KR20100021690A (en) | Method and system for supporting authentication and security protected non-access stratum protocol in mobile telecommunication system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20150916 Termination date: 20170629 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |