CN101909052A - Home gateway authentication method and system - Google Patents
Home gateway authentication method and system Download PDFInfo
- Publication number
- CN101909052A CN101909052A CN2010102112412A CN201010211241A CN101909052A CN 101909052 A CN101909052 A CN 101909052A CN 2010102112412 A CN2010102112412 A CN 2010102112412A CN 201010211241 A CN201010211241 A CN 201010211241A CN 101909052 A CN101909052 A CN 101909052A
- Authority
- CN
- China
- Prior art keywords
- home gateway
- authentication
- management platform
- functional entity
- guide service
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/061—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying further key derivation, e.g. deriving traffic keys from a pair-wise master key
Abstract
The invention discloses a home gateway authentication method and a home gateway authentication system. The method comprises the following steps that: a home network management platform performing authentication of a general bootstrapping architecture GBA on a home gateway, and the home gateway calculates a shared authentication key Ks between the bootstrapping service function entity BSF and the home gateway; and the home gateway is subjected to HttpDigest authentication of the home gateway management platform according to the shared authentication key Ks, if the home gateway passes the authentication, the home gateway management platform allows the access of the home gateway, otherwise, the home gateway management platform refuses the access of the home gateway. Compared with the prior art, the method applies the GBA authentication and the Httpdigset authentication to the legal authentication of the network home gateway, prevents illegal users from maliciously attacking the management platform and non-managed equipment from being accessed, and improves the security of the system.
Description
Technical field
The invention belongs to communication technical field, be specifically related to a kind of home gateway authentication method and system.
Background technology
Along with carrying out of third generation mobile technical development and numerous business, operator and user need reliable authentication mechanism to guarantee legal business use and correct charging.
Especially in the 3G business, the wireless network bandwidth fast lifting becomes possibility for the user provides data except that basic businesses such as voice, note, home theater etc. to the business that bandwidth has requirements at the higher level on wireless network.Mobile operator is these business of develop actively also.Home gateway based on wide area network management agreement (tr069) is exactly as a kind of key equipment that these business functions are provided, a lot of terminal equipments based on the tr069 agreement are arranged on the market, and how these equipment of safe and effective management become the problem that operator pays close attention to.
Summary of the invention
The purpose of this invention is to provide a kind of home gateway authentication method and system, prevent that the disabled user is to the malicious attack of management platform and the access of non-managed device, the fail safe that has improved system.
For achieving the above object, the present invention has adopted following technical scheme: a kind of home gateway authentication method comprises step:
Home gateway carries out the GBA authentication to the request of home gateway management platform, and home gateway calculates the shared authenticate key Ks between guide service functional entity BSF and the home gateway;
Home gateway carries out the HttpDigest authentication according to sharing authenticate key Ks to the home gateway management platform;
If authentication is passed through, then the family network management platform allows the access of home gateway, otherwise the access of refusal home gateway.
A kind of home gateway Verification System, comprise home gateway, home gateway management platform and guide service functional entity BSF, home gateway is connected with the home gateway management platform, the home gateway management platform is connected with guide service functional entity BSF, home gateway is carried out the GBA authentication to the key that described home gateway management platform is used for providing according to consumer premise business and guide service functional entity and HttpDigest authenticates, if by GBA authentication and HttpDigest authentication, then allow the access of home gateway, otherwise the access of refusal home gateway.
Compared with prior art, present embodiment by with GBA authentication and HttpDigest authentication application in network family's gateway, use GBA authentication and HttpDigest authentication method that home gateway is carried out the legitimacy authentication, prevent that the disabled user is to the malicious attack of management platform and the access of non-managed device, the fail safe that has improved system.
Description of drawings
Fig. 1 is the disclosed a kind of home gateway authentication method flow chart of the embodiment of the invention;
Fig. 2 is the disclosed a kind of home gateway GBA authentication method flow chart of the embodiment of the invention;
Fig. 3 is the disclosed a kind of home gateway HttpDigest authentication method flow chart of the embodiment of the invention;
Fig. 4 is the disclosed a kind of home gateway Verification System block diagram of the embodiment of the invention.
Embodiment
In conjunction with the accompanying drawings the present invention is described in further detail below by embodiment.
Purport of the present invention is that home gateway access-in management platform is before earlier through GBA (GenericBootstrapping Architecture, the universal guiding authentication) authentication, advanced the HttpDigest authentication again, prevent that the disabled user is to the malicious attack of management platform and the access of non-managed device, the fail safe that has improved system.
See also shown in Figure 1ly, a kind of home gateway authentication method comprises step:
S101: the family network management platform carries out common authentication mechanism GBA authentication to home gateway, and home gateway calculates the shared authenticate key Ks between guide service functional entity (BSF, Bootstrapping Server Function) and the home gateway.
S102: home gateway carries out the HttpDigest authentication according to sharing authenticate key Ks to the home gateway management platform.
S103: if authentication is passed through, then enter step S104, otherwise, enter step S105.
S104: the family network management platform allows the access of home gateway.
S105: otherwise the access of refusal home gateway.
See also shown in Figure 2ly, Fig. 2 comprises the steps: for the flow chart of GBA authentication
S201: after home gateway powers on, according to past WAP (the Wireless ApplicationProtocol of concrete network, WAP (wireless application protocol)) gateway sends guiding request to create (Bootstrapping_Initiation.REQ), wherein guide and have IMEI (International Mobile EquipmentIdentity among the request to create Bootstrapping_Initiation.REQ, the International Mobile Equipment Identity sign indicating number) and IMSI (International Mobile SubscriberIdentity, international mobile subscriber identity) information.
S202: behind the WAP (wireless application protocol) WAP gateway coupling MSISDN (Mobile Station ISDNNumber, mobile subscriber's international number), device identification is transmitted to the home gateway management platform.
S203: the home gateway management platform is judged whether order business of user, if do not order, then enters step S104-S105, if order, then enters step S106.
S204: return failed authentication information and give WAP gateway.
The S205:WAP gateway returns failed authentication information and gives home gateway, and flow process finishes.
S206: the home gateway management platform is returned guiding to WAP gateway and is created response message (Bootstrapping_Initiation.RES), this message comprises IMPI (IMS Private Identity, the IP Multimedia System private cipher key) and BSF (Bootstrapping Server Function, guide service function) physical address.
The S207:WAP gateway returns guiding and creates response message (Bootstrapping_Initiation.RES) to home gateway.
S208: home gateway sends guiding register requirement (Bootstrapping_Register.REQ) according to guide service functional entity address to the guide service functional entity.
S209: the guide service functional entity calculates authentication tuple (AV, Authentication Vector).
S210: the guide service functional entity returns guiding registration reply message (Bootstrapping_Register.RES), and this message comprises authentication tuple vector information: random number RA ND, can also comprise authentication sign AUTN.
S211: home gateway is according to random number RA ND calculated response RES, and concrete (T-key, " 3gpp-gba-res " SRES) calculate according to formula KDF.
S212: home gateway sends guiding authorization requests (Bootstrapping_Authorization.REQ) to the guide service functional entity.
S213: the guide service functional entity returns guiding authorization response message (Bootstrapping_Authorization.RES), and this message comprises the life cycle of B-TID (BootstrappingTransaction Identifier, guiding things sign), Ks.
S214: home gateway calculates the shared authenticate key Ks of guide service functional entity and home gateway, and wherein KS is according to formula KDF (Ks, " gba-me ", RAND, IMPI, NAF_Id) calculating.
The GBA identifying procedure finishes.
In the present embodiment, end of home gateway GBA identifying procedure or home gateway need carry out the HttpDigest authentication when initiating management expectancy.
See also shown in Figure 3ly, Fig. 3 comprises the steps: for the flow chart of HttpDigest authentication
S301: home gateway sends the HttpDigest request message to the home gateway management platform.
S302: home gateway management platform production random number nounce.
S303: the home gateway management platform is returned Authorization.Info message, comprises the mass parameter qop of random parameter nounce, algorithm parameter algorithm and protection.
S304: home gateway search with NAF (Network Application Function, Network Application Function) between shared authenticate key Ks_ext_NAF, if find then enter step S210.If do not find, then enter step S205.
S305: home gateway sends the HttpDigest_Retrieve_Authorization_Request request to the home gateway management platform, and this request comprises B-TID, IMSI and IMEI information.
S306: the home gateway management platform sends the Authentication request by B-TID and NAF-ID (NAF sign) to the guide service functional entity.
S307: the guide service functional entity returns the Authentication response message, and this message comprises shares authenticate key Ks_ext_NAF, Ks_int_NAF and the Ks term of validity or error message.If the guide service functional entity returns error message, home gateway management platform execution in step S308 then; Otherwise execution in step S309.
S308: the home gateway management platform is returned the HttpDigest response message to home gateway, HTTP 401 failed authentications, and the HttpDigest flow process finishes.
S309: the home gateway management platform is returned the HttpDigest_Retrieve_Authorization response message to home gateway, and this message comprises NAF-ID and IMPI.
S310: home gateway calculates the HTTP digest authentication.
S311: home gateway sends HttpDigest report request to the home gateway management platform.
S312: the home gateway management platform is returned the HttpDigest response message to home gateway.
See also shown in Figure 4, present embodiment also discloses a kind of home gateway Verification System, the home gateway Verification System comprises home gateway 401, Wireless Application Protocol Gateway 402, home gateway management platform 403 and guide service functional entity 404, home gateway 401 is carried out the GBA authentication to the shared authenticate key that described home gateway management platform 403 provides according to consumer premise business and guide service functional entity 404 and HttpDigest authenticates, if by GBA and HttpDigest authentication, then allow home gateway 301 to insert home gateway management platform 403.
The GBA authentication: home gateway sends the Bootstrapping_Initiation request according to concrete network to Wireless Application Protocol Gateway, this request has IMEI and IMSI information, behind the Wireless Application Protocol Gateway coupling MSISDN, relevant information is transmitted to the home gateway management platform;
The home gateway management platform is judged whether order business of user, if do not order, then returns failed authentication information and gives Wireless Application Protocol Gateway, and Wireless Application Protocol Gateway returns failed authentication information and gives home gateway, and flow process finishes; If order is arranged, then return the Bootstrapping_Initiation response message to Wireless Application Protocol Gateway, this message comprises IMPI and guide service functional entity address, and Wireless Application Protocol Gateway returns the Bootstrapping_Initiation response message and gives home gateway;
Home gateway is according to guide service functional entity address, send the Bootstrapping_Register request to the guide service functional entity, the guide service functional entity calculates the authentication tuple, the guide service functional entity returns the Bootstrapping_Register response message and gives home gateway, this message comprises random number BAND, can also comprise authentication sign AUTH.
Home gateway is according to random number BAND calculated response RES, home gateway sends the Bootstrapping_Authorization request to the guide service functional entity, the guide service functional entity returns the Bootstrapping_Authorization response message, and this message comprises the life cycle of B-TID, Ks.
Home gateway calculates the shared authenticate key Ks of guide service functional entity and home gateway, and the GBA identifying procedure finishes.
The HttpDigest authentication: home gateway sends the HttpDigest request to the home gateway management platform; home gateway management platform production random number nounce; the home gateway management platform is returned Authorization.Info information, comprises the mass parameter qop of random number nounce, algorithm parameter algorithm and protection.
Home gateway is searched Ks_ext_NAF, if find then home gateway calculating digest authentication; If do not find then home gateway sends the HttpDigest_Retrieve_Authorization_Request request to the home gateway management platform, this request B-TID, IMSI and IMEI information.
The home gateway management platform sends the Authentication request by B-TID and NAF-ID to the guide service functional entity, the guide service functional entity returns the Authentication response message, this message comprises shares authenticate key Ks_ext_NAF, Ks_int_NAF and the Ks term of validity or error message, if the guide service functional entity returns error message, then returning HttpDigest to home gateway replys, HTTP 401 failed authentications, the HttpDigest flow process finishes; If the guide service functional entity returns the authenticate key KS information of sharing, then return the HttpDigest_Retrieve_Authorization response message to home gateway, this message comprises NAF-ID and IMPI, home gateway calculates the HTTP digest authentication, home gateway sends HttpDigest report request to the home gateway management platform, and the home gateway management platform is returned the HttpDigest response message to home gateway.
In the present embodiment, the authentication message between described home gateway and the home gateway management platform has increased the fail safe of system by md5 encryption.
Present embodiment after starting for the first time or powering on, is initiatively initiated identifying procedure by family gateway equipment.The home gateway management platform is carried out the legitimacy authentication according to the key that consumer premise business and guide service functional entity provide to home gateway, prevents that the disabled user is to the malicious attack of management platform and the access of non-managed device, the fail safe that has improved system.
Above content be in conjunction with concrete execution mode to further describing that the present invention did, can not assert that concrete enforcement of the present invention is confined to these explanations.For the general technical staff of the technical field of the invention, without departing from the inventive concept of the premise, can also make some simple deduction or replace, all should be considered as belonging to protection scope of the present invention.
Claims (15)
1. a home gateway authentication method is characterized in that, comprises step:
Home gateway carries out the GBA authentication to the request of home gateway management platform, and home gateway calculates the shared authenticate key Ks between guide service functional entity BSF and the home gateway;
Home gateway carries out the HttpDigest authentication according to sharing authenticate key Ks to the home gateway management platform;
If authentication is passed through, then the family network management platform allows the access of home gateway, otherwise the access of refusal home gateway.
2. the method for claim 1 is characterized in that, described common authentication mechanism GBA authentication specifically comprises step:
Home gateway obtains the address of guide service functional entity, send the guiding register requirement to the guide service functional entity then, the guide service functional entity calculates the authentication tuple, the guide service functional entity returns guiding registration reply message and gives home gateway, and described guiding registration reply message comprises random number RA ND;
Home gateway is according to random number RA ND calculated response RES, and home gateway sends the guiding authorization requests to the guide service functional entity, and the guide service functional entity returns guiding authorization response message, and this message comprises the life cycle of guiding things sign B-TID, Ks;
Home gateway calculates the shared authenticate key Ks of guide service functional entity and home gateway, and the GBA identifying procedure finishes.
3. method as claimed in claim 2 is characterized in that, the address that home gateway obtains the guide service functional entity specifically comprises step:
Home gateway sends the guiding request to create to Wireless Application Protocol Gateway, described guiding request to create has International Mobile Equipment Identity sign indicating number IMSI and international mobile subscriber identity IMEI information, behind the Wireless Application Protocol Gateway coupling mobile subscriber international number MSISDN, device identification is transmitted to the home gateway management platform;
The home gateway management platform is returned guiding to Wireless Application Protocol Gateway and is created response message, and described guiding is created response message and comprised IP Multimedia System private cipher key and guide service functional entity BSF address;
Wireless Application Protocol Gateway sends to home gateway with IP Multimedia System private cipher key IMPI and guide service functional entity BSF address.
4. method as claimed in claim 3 is characterized in that, the home gateway management platform also further comprised step before Wireless Application Protocol Gateway returns guiding establishment response message:
The home gateway management platform is judged whether order business of home gateway;
If do not order, then return failed authentication information and give Wireless Application Protocol Gateway, Wireless Application Protocol Gateway returns failed authentication information and gives home gateway, and flow process finishes;
If order is arranged, then the home gateway management platform is returned guiding to Wireless Application Protocol Gateway and is created response message.
5. the method for claim 1 is characterized in that, described HttpDigest authentication specifically comprises step:
Home gateway judge oneself whether had and the Network Application Function between shared authenticate key Ks_ext_NAF, shared key K s_ext_NAF sent to the home gateway management platform carry out HttpDigest authentication if having.
If do not find, then home gateway sends to home gateway management platform request authentication with device identification.
6. method as claimed in claim 5 is characterized in that, described home gateway sends to home gateway management platform request authentication with device identification and specifically comprises step:
Home gateway sends the HttpDigest_Retrieve_Authorization_Request request to the home gateway management platform, and this request comprises guiding things sign B-TID, International Mobile Equipment Identity sign indicating number IMSI and international mobile subscriber identity IMEI information;
The home gateway management platform sends the Authentication.REQ request by B-TID and NAF-ID to BSF, the guide service functional entity returns the Authentication response message, and this message comprises Ks_ext_NAF, Ks_int_NAF and the Ks term of validity or error message.
7. method as claimed in claim 6, it is characterized in that, if returning, the guide service functional entity shares authenticate key KS, then return the HttpDigest_Retrieve_Authorization response message to home gateway, this message comprises NAF-ID and IMPI, and home gateway calculates the HTTP digest authentication according to NAF-ID and IMPI.
8. method as claimed in claim 6 is characterized in that, home gateway judge oneself whether had and the Network Application Function between shared key K s_ext_NAF before also comprise step:
Home gateway sends the HttpDigest request to the home gateway management platform; the home gateway management platform generates random parameter nounce; the home gateway management platform is returned Authorization information, comprises the mass parameter qop of random parameter nounce, algorithm parameter algorithm and protection.
9. home gateway Verification System, it is characterized in that, comprise home gateway, home gateway management platform and guide service functional entity BSF, home gateway is connected with the home gateway management platform, the home gateway management platform is connected with guide service functional entity BSF, home gateway is carried out the GBA authentication to the key that described home gateway management platform is used for providing according to consumer premise business and guide service functional entity and HttpDigest authenticates, if by GBA authentication and HttpDigest authentication, then allow the access of home gateway, otherwise the access of refusal home gateway.
10. system according to claim 9, it is characterized in that, described home gateway management platform is carried out the GBA authentication and is specially: the home gateway management platform sends to home gateway with the address of guide service functional entity, home gateway sends the guiding register requirement according to the address of guide service functional entity to the guide service functional entity, the guide service functional entity calculates the authentication tuple, and the guide service functional entity returns guiding registration reply message and gives home gateway; Home gateway calculated response RES, home gateway sends the guiding authorization requests to the guide service functional entity, and the guide service functional entity returns guiding authorization response message, and this message comprises the life cycle of guiding things sign B-TID, Ks; Home gateway calculates the shared key K s of guide service functional entity and home gateway, and the GBA identifying procedure finishes.
11. system according to claim 10, it is characterized in that, also comprise Wireless Application Protocol Gateway, home gateway sends the guiding request to create to Wireless Application Protocol Gateway, described guiding request to create has International Mobile Equipment Identity sign indicating number IMSI and international mobile subscriber identity IMEI information, behind the Wireless Application Protocol Gateway coupling mobile subscriber international number MSISDN, relevant information is transmitted to the home gateway management platform;
The home gateway management platform is returned guiding to Wireless Application Protocol Gateway and is created response message, and described guiding is created response message and comprised IP Multimedia System private cipher key and guide service functional entity BSF address;
Wireless Application Protocol Gateway sends to home gateway with IP Multimedia System private cipher key and guide service functional entity BSF address.
12. system according to claim 9, it is characterized in that, home gateway also is further used for, after carrying out the GBA authentication, judge oneself whether had and the Network Application Function between shared key K s_ext_NAF, shared key K s_ext_NAF sent to the home gateway management platform carry out HttpDigest authentication if having.
13. system according to claim 12, it is characterized in that, described home gateway, if also be used for not finding shared key K s_ext_NAF, then home gateway sends to home gateway management platform request authentication with device identification, the home gateway management platform sends the Authentication request by B-TID and NAF-ID to BSF, the guide service functional entity returns the Authentication response message, and this message comprises Ks_ext_NAF, Ks_int_NAF and the Ks term of validity or error message.
14. system according to claim 14, it is characterized in that, described home gateway also is used for, if the guide service functional entity returns KS information, then return the HttpDigest_Retrieve_Authorization response message to home gateway, this message comprises NAF-ID and IMPI, and home gateway calculates the HTTP digest authentication according to NAF-ID and IMPI.
15. according to claim 11 as for 13 each described systems; it is characterized in that; the home gateway management platform also is used for; the HTTPDigest request back that receives home gateway generates random parameter nounce; the home gateway management platform is returned Authorization information, and described Authorization information comprises the mass parameter qop of random number nounce, algorithm parameter algorithm and protection.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102112412A CN101909052A (en) | 2010-06-28 | 2010-06-28 | Home gateway authentication method and system |
| PCT/CN2011/070535 WO2012000313A1 (en) | 2010-06-28 | 2011-01-24 | Method and system for home gateway certification |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102112412A CN101909052A (en) | 2010-06-28 | 2010-06-28 | Home gateway authentication method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101909052A true CN101909052A (en) | 2010-12-08 |
Family
ID=43264371
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010102112412A Pending CN101909052A (en) | 2010-06-28 | 2010-06-28 | Home gateway authentication method and system |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN101909052A (en) |
| WO (1) | WO2012000313A1 (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2012000313A1 (en) * | 2010-06-28 | 2012-01-05 | 中兴通讯股份有限公司 | Method and system for home gateway certification |
| CN108370369A (en) * | 2015-09-11 | 2018-08-03 | 瑞典爱立信有限公司 | Use gateway, client device and the method for redirecting secure communication between promotion client device and application server |
| CN110571922A (en) * | 2019-05-14 | 2019-12-13 | 江苏恒宝智能系统技术有限公司 | internet of things equipment authentication method based on shared key |
| WO2022183427A1 (en) * | 2021-03-04 | 2022-09-09 | Zte Corporation | Method, device, and system for protecting sequence number in wireless network |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1929371A (en) * | 2005-09-05 | 2007-03-14 | 华为技术有限公司 | Method for negotiating key share between user and peripheral apparatus |
| CN101166259A (en) * | 2006-10-16 | 2008-04-23 | 华为技术有限公司 | Mobile phone TV service protection method, system, mobile phone TV server and terminal |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1958118A4 (en) * | 2005-12-05 | 2011-06-01 | Nokia Corp | Computer program product, apparatus and method for secure http digest response verification and integrity protection in a mobile terminal |
| CN101022651B (en) * | 2006-02-13 | 2012-05-02 | 华为技术有限公司 | Combined right-discriminating construction and realizing method thereof |
| CN101909052A (en) * | 2010-06-28 | 2010-12-08 | 中兴通讯股份有限公司 | Home gateway authentication method and system |
-
2010
- 2010-06-28 CN CN2010102112412A patent/CN101909052A/en active Pending
-
2011
- 2011-01-24 WO PCT/CN2011/070535 patent/WO2012000313A1/en active Application Filing
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1929371A (en) * | 2005-09-05 | 2007-03-14 | 华为技术有限公司 | Method for negotiating key share between user and peripheral apparatus |
| CN101166259A (en) * | 2006-10-16 | 2008-04-23 | 华为技术有限公司 | Mobile phone TV service protection method, system, mobile phone TV server and terminal |
Non-Patent Citations (2)
| Title |
|---|
| 3GPP: "Technical Specification Group Services and System Aspects; Generic Authentication Architecture (GAA);Generic bootstrapping architecture", 《3RD GENERATION PARTNERSHIP PROJECT》, 23 June 2006 (2006-06-23) * |
| 顾晓辉等: "SIP的安全机制及其HTTP摘要认证的改进", 《东华大学学报》, vol. 36, no. 2, 30 April 2010 (2010-04-30) * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2012000313A1 (en) * | 2010-06-28 | 2012-01-05 | 中兴通讯股份有限公司 | Method and system for home gateway certification |
| CN108370369A (en) * | 2015-09-11 | 2018-08-03 | 瑞典爱立信有限公司 | Use gateway, client device and the method for redirecting secure communication between promotion client device and application server |
| CN108370369B (en) * | 2015-09-11 | 2021-02-09 | 瑞典爱立信有限公司 | Gateway, client device and method for facilitating secure communication between a client device and an application server using redirection |
| CN110571922A (en) * | 2019-05-14 | 2019-12-13 | 江苏恒宝智能系统技术有限公司 | internet of things equipment authentication method based on shared key |
| CN110571922B (en) * | 2019-05-14 | 2022-04-15 | 恒宝股份有限公司 | Internet of things equipment authentication method based on shared key |
| WO2022183427A1 (en) * | 2021-03-04 | 2022-09-09 | Zte Corporation | Method, device, and system for protecting sequence number in wireless network |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2012000313A1 (en) | 2012-01-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103596173B (en) | Wireless network authentication method, client and service end wireless network authentication device | |
| CN1764107B (en) | Method of authenticating a mobile network node in establishing a peer-to-peer secure context | |
| Lai et al. | A novel group access authentication and key agreement protocol for machine‐type communication | |
| CN105491070B (en) | Secure user plane positions authentication method and device in (SUPL) system | |
| US20180199205A1 (en) | Wireless network connection method and apparatus, and storage medium | |
| CN108880813B (en) | Method and device for realizing attachment process | |
| CA3124977A1 (en) | Protecting a telecommunications network using network components as blockchain nodes | |
| US20090029677A1 (en) | Mobile authentication through strengthened mutual authentication and handover security | |
| KR20140066230A (en) | Systems and methods for encoding exchanges with a set of shared ephemeral key data | |
| CN103597799A (en) | Service access authentication method and system | |
| CN101969638A (en) | Method for protecting international mobile subscriber identity (IMSI) in mobile communication | |
| Hwang et al. | Provably secure mutual authentication and key exchange scheme for expeditious mobile communication through synchronously one-time secrets | |
| WO2013185709A1 (en) | Call authentication method, device, and system | |
| Yadav et al. | An EAP-based mutual authentication protocol for WLAN-connected IoT devices | |
| CN101272241B (en) | Cryptographic key distribution and management method | |
| Lee et al. | An efficient authentication protocol for mobile communications | |
| CN101909052A (en) | Home gateway authentication method and system | |
| WO2012134789A1 (en) | Using a dynamically-generated symmetric key to establish internet protocol security for communications between a mobile subscriber and a supporting wireless communications network | |
| Haddad et al. | Secure and efficient AKA scheme and uniform handover protocol for 5G network using blockchain | |
| WO2006079953A1 (en) | Authentication method and device for use in wireless communication system | |
| CN104168566A (en) | Network accessing method and device | |
| KR101435399B1 (en) | Secure anonymous authentication scheme of security management system within cloud data center in wireless network environment | |
| Lin et al. | A fast iterative localized re-authentication protocol for heterogeneous mobile networks | |
| CN102256252A (en) | Method for realizing safety model of access authentication in mobile internet | |
| CN213938340U (en) | 5G application access authentication network architecture |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20101208 |