CN101958898A - Quick EAP authentication switching method in mobile WiMax network - Google Patents
Quick EAP authentication switching method in mobile WiMax network Download PDFInfo
- Publication number
- CN101958898A CN101958898A CN2010102946927A CN201010294692A CN101958898A CN 101958898 A CN101958898 A CN 101958898A CN 2010102946927 A CN2010102946927 A CN 2010102946927A CN 201010294692 A CN201010294692 A CN 201010294692A CN 101958898 A CN101958898 A CN 101958898A
- Authority
- CN
- China
- Prior art keywords
- authentication
- target
- msid
- gid
- thr
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/162—Implementing security features at a particular protocol layer at the data link layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W36/00—Hand-off or reselection arrangements
- H04W36/0005—Control or signalling for completing the hand-off
- H04W36/0011—Control or signalling for completing the hand-off for data sessions of end-to-end connection
- H04W36/0033—Control or signalling for completing the hand-off for data sessions of end-to-end connection with transfer of context information
- H04W36/0038—Control or signalling for completing the hand-off for data sessions of end-to-end connection with transfer of context information of security context information
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a quick extensible authentication protocol (EAP) authentication switching method in a mobile worldwide interoperability for microwave access (WiMax) network, and belongs to the technical field of mobile WiMax network switching authentication. The method comprises the following steps that: when a mobile station (MS) accesses the mobile WiMax network for the first time and successfully finishes EAP authentication with an authentication, authorization and accounting (AAA) server, the MS accesses a base station (BS) and a credit instrument is generated for the MS by a multicast BS group key; and when the MS is switched to a new BS for the mobile requirement, the MS can pass the identity authentication of a target BS only by providing the credit instrument so as to avoid performing EAP authentication again and realize safe and quick switching.
Description
Technical field
The present invention relates generally to mobile WiMAX network and switches the authentication techniques field, specially refers to a kind of method of supporting quick EAP (Extensible Authentication Protocol, extendible authentication protocol) switching authentication under high-speed mobile environment.
Background technology
WiMAX (World Interoperability for Microwave Access, worldwide interoperability for microwave inserts) be an emerging wireless access wide band technology based on IEEE 802.16 standards, can provide towards the high speed of the Internet to connect, data transmission distance can reach 50km farthest.WiMAX also has QoS guarantee, transmission rate height, professional advantage such as rich and varied.The technology starting point of WiMAX is higher, has adopted advanced technologies such as the OFDM/OFDMA, the AAS that represent the future communications technological development direction, MIMO, and along with the development of technical standard, WiMAX will progressively realize the mobile of broadband services.
The development of IEEE 802.16 series standards starts from calendar year 2001, but the formal issue of its first version is in 2002.Be a revision version of 802.16 standard series by the IEEE 802.16d standard of IEEE official approval in June, 2004, is a Standard Edition relatively ripe and that have practicality most.In order to provide high-speed data service to make the user have ambulant broadband wireless access solution again, IEEE working group has issued the 802.16e standard.This standard code can support system fixing and that mobile broadband wireless inserts simultaneously, it is operated in<6GHz is suitable for ambulant licensed band, can supports that user terminal moves with car speed.In order to satisfy the demand of global 4G wireless communication standard IMT-advanced, since 2007, IEEE802.16 working group begins to formulate 802.16 new standards (802.16m just), and has issued first IEEE 802.16m draft standard in July, 2009.Particularly in October, 2009, IEEE 802.16m has been submitted to the ITU of International Telecommunications Union and formally has been accepted as one of 4G candidate standard.
Authentication and key agreement are a kind of important safety mechanism among the WiMAX, and it is the important assurance that realizes secure communication, protection user and operator's interests.Before IEEE 802.16m, in the release criteria, support two kinds of identification authentication mode of EAP and RSA simultaneously, but in IEEE 802.16m standard, only support authentication, no longer support authentication mode based on RSA based on the EAP mode.
EAP is a kind of authentication protocol of definition in RFC 3748, and it specifically comprises multiple EAP authentication methods such as EAP-SIM, EAP-TLS, EAP-AKA.This agreement comprises three kinds of roles: client, authenticator and certificate server.In mobile WiMAX, MS (mobile station, portable terminal) is the EAP client, BS (base station, the base station) is the authenticator, aaa server in the territory, local (Authentication, Authorization, Accounting, checking, authorization and accounting server) is the EAP certificate server.EAP client and certificate server come exchange message by carrying out the EAP method, are in authenticator between them and are used for transmission information.If the EAP server allows EAP client access network, the client and server end can generate the cipher key shared material: master session key MSK (master session key) and extended master session key EMSK (extended MSK).The MSK shared session key that generates between MS and the BS.
Mobile WiMAX need be supported the mobile communication business of vehicular speeds, in the MS moving process, unavoidably need switch between BS, and the length of switching time is having a strong impact on the communication quality of MS.Network authentication when Fig. 1 switches for the mobile WiMAX user and mandate schematic diagram.Whole handoff procedure relates to five entities: mobile terminal MS, current service BS, target BS, ASN-GW (Access Service Networks-Gateway, access service network gateway) and aaa server.The method of the authentication of IEEE 802.16m switching at present is: before MS switches, re-execute once complete EAP authentication by serving BS broadcasts and target BS, and the session key material that negotiation makes new advances between MS and target BS, as PMK (PairwiseMaster Key, pairwise master key), AK (Authorization Key, authorization key), CMAC key (Cipher-basedMessage Authentication Code, authentication code key based on ciphertext) and TEK (Transmission EncryptionKey, traffic encryption key) etc., carry out switching then.But EAP verification process itself is very consuming time, this has increased time delay, reduced efficient, cause communication service quality to be subjected in various degree influence, particularly require more intense business for real-time, as VoIP, multimedia service etc., influence even more seriously, the user can feel pause, quality of service such as the interrupted problem that obviously descends.
Therefore,, reduce handover delay, be necessary for mobile WiMAX network a kind of quick switching authentication mechanism is provided in order to guarantee the mobile WiMAX network quality of service.
Summary of the invention
The objective of the invention is for mobile WiMAX network provides a kind of EAP switching authentication method based on bill, can under the high-speed motion scene, support to switch fast.
For achieving the above object, technical solution of the present invention is: insert mobile WiMAX network first at MS, and after completing successfully EAP authentication with aaa server, inserting BS, to utilize multicast BS group key be that MS generates credit instruments that are similar to resident identification card; Owing to move when need switch to a new BS, it only need provide its credit instruments just can be by the authentication of target BS, thereby can avoid carrying out again the EAP authentication, and then realizes switching safely and fast as MS.
The present invention specifically comprises use two parts of the establishment of MS credit instruments and distribution, MS credit instruments.
The establishment of MS credit instruments and the purpose of distribution are to insert mobile WiMAX network first at MS, and after completing successfully EAP authentication with aaa server, utilizing its multicast BS group key by access BS is that MS creates credit instruments that are similar to resident identification card, and be distributed to MS, make MS when switching, only need provide its credit instruments to target BS, just can be fast by authentication.The establishment of MS credit instruments is as follows with the distribution concrete grammar:
1) after receiving 256 next bit MSK of aaa server transmission, insert BS and extract back 128 bits of MSK as TCK (Temporary Cipher-based message authentication code Key, interim authentication code key) based on ciphertext; Insert BS and also can extract 128 bits of preceding 128 bits of MSK or other positions as TCK;
2) insert BS and use MAC (Media AccessControl, medium access control) address MSID, MSK and the bill term of validity T of MGK (multi-BS group key, multicast BS group key) MS
ExpGenerate credit instruments T Deng information encryption
MS, i.e. formula (1)
T
MS=ENC
MGK(MSID,MSK,T
exp) (1)
3) inserting BS utilizes TCK to message (GID, MSID, T
Exp, T
MS, N
BS) encrypt the message authentication code CMAC of generation based on ciphertext, then the CMAC sign indicating number that generates is added on (GID, MSID, T
Exp, T
MS, N
BS) after together as bill notification message Ticket_iss, as formula (2)
Ticket_iss={(GID,MSID,T
exp,T
MS,N
BS)(CMAC
TCK)} (2)
Wherein GID is a multicast BS group indications, N
BSIt is the random number that BS produces;
4) insert BS bill notification message Ticket_iss is directly sent to MS;
5) after MS receives Ticket_iss, generate TCK (being that MS also is that back 128 bits that extract among the MSK generate TCK) as inserting BS, verify the CMAC value among the Ticket_iss then, if checking is correct, MS gives and inserts acknowledge message ACK of BS transmission, if verify incorrectly, then give to insert BS and send a repeat requests.The application target of MS credit instruments is when new target BS inserts mobile WiMAX network in MS need switch to a multicast BS group, only need send a handoff request that has its credit instruments to target BS, authentication that just can very fast acquisition target BS, thereby can avoid re-executing time-consuming EAP authentication, and then realize switching fast.If when the target BS that MS need switch to was not BS in the multicast BS group, then MS need carry out the EAP authentication again.
The use concrete grammar of MS credit instruments is as follows:
1) MS utilizes TCK to message (GID, MSID, BSID, T
MS, N
MS) encrypt the message authentication code CMAC of generation based on ciphertext, then the CMAC sign indicating number that generates is added on (GID, MSID, BSID, T
MS, N
MS) after together as switching authentication request information THR_req, as formula (3)
THR_req={(GID,MSID,BSID,T
MS,N
MS)(CMAC
TCK)} (3)
Wherein BSID is the MAC Address of BS, N
MSIt is the random number that MS produces;
2) MS will switch authentication request information THR_req and send to target BS;
3) after target BS receives THR_req, utilize MGK to verify the validity of this switching authentication request.If effectively, target BS thinks that this MS is legal, allow that it inserts mobile WiMAX network, otherwise, refuse its access.Further, target BS specifically uses the following steps checking to switch the validity of authentication request information THR_req:
1) target BS is checked GID, BSID and the N among the THR_req
MS, see this GID and BSID whether with self consistent and N
MSWhether with the N of its record
MSIdentical;
2) if consistent with self of this GID and BSID, and N
MSN with its record
MSDifference, target BS are used MGK deciphering T
MSThereby, can obtain MSID, MSK and T
ExpEtc. information;
3) target BS is successfully deciphered T
MSAfter, at first whether the MSID that carries among the MSID that obtains of check deciphering and the THR_req is consistent, if consistent, just T is checked in continuation
ExpThereby, judge the credit instruments T of this MS
MSWhether expired;
4) if the credit instruments T of MS
MSDo not have expiredly, target BS is extracted back 128 bits as TCK from the MSK that deciphering obtains, and uses TCK to (GID, MSID, BSID, T in the THR_req message
MS, N
MS) encrypt the message authentication code CMAC of generation based on ciphertext, then with THR_req message after subsidiary CMAC value compare, see its whether unanimity;
5) if the CMAC value is consistent, target BS thinks that MS is a legal users, and accepts the switching authentication request of MS, allows that it inserts mobile WiMAX network.
Compared with prior art, good effect of the present invention is:
1) the switching authentication framework is simple
Quick EAP switching authentication method based on bill of the present invention only needs target BS to use the credit instruments of its multicast BS group key MGK checking MS, just can realize the two-way authentication between MS and the BS, whole switching verification process does not need other any third-party participation (such as before serving BS broadcasts, aaa server etc.).
2) switching authentication speed is fast
When switching to a new BS, original method requires to re-execute the EAP authentication, and EAP verification process itself is very consuming time, and this has increased handover delay.Adopt quick switching authentication method of the present invention can avoid EAP authentication consuming time, and the checking to the MS credit instruments does not need to relate to any third party, can accelerate to switch authentication processes greatly, satisfy the quick switching requirement under the speed of a motor vehicle situation of movement, the quality of real-time service is unaffected.
Description of drawings
Fig. 1 be the mobile WiMAX user when switching network authentication and authorize schematic diagram;
Fig. 2 is the enforcement basic flow sheet of the quick EAP switching authentication method based on bill of the present invention;
Fig. 3 is the exemplifying embodiment of the quick EAP switching authentication method based on bill of the present invention.
Embodiment
Below in conjunction with accompanying drawing and exemplifying embodiment the present invention is described in further detail.
As shown in Figure 2, the basic flow sheet of implementing based on the quick EAP switching authentication method of bill of the present invention comprises following steps:
When step 201:MS inserts mobile WiMAX network first, authenticate by the EAP that inserts BS and aaa server complete, and set up shared master session key MSK with aaa server;
Step 202: insert BS after receiving the MSK that aaa server transmits, utilizing MGK is that MS creates credit instruments T
MS, create bill notification message Ticket_iss then, and Ticket_iss sent to MS; After MS receives bill notification message Ticket_iss, the CMAC value of checking among the Ticket_iss, if checking is correct, MS gives and inserts BS and send an acknowledge message ACK, if verify incorrectly, then gives and inserts repeat requests of BS transmission;
Step 203: insert BS with credit instruments T
MSAfter successfully being transferred to MS, use the session key agreement agreement and the MS that define in IEEE 802.16 standards to consult session keys such as PMK, AK, CMAC key and TEK;
Step 204: owing to move, in the time of need switching to new BS access mobile WiMAX network, MS judges by GID number of the broadcasting of inspection target BS whether target BS is the interior BS of multicast BS group as MS.If target BS is the BS in the multicast group, then can use credit instruments T
MSCarry out fast and switch, otherwise need carry out the EAP authentication again;
Step 205: if target BS is the BS in the multicast group, MS sends one to target BS and comprises credit instruments T
MSQuick switching authentication request, after target BS receives the quick switching authentication request of MS, use the credit instruments of its corresponding MGK deciphering and checking MS, if the verification passes, target BS thinks that MS is a legal users;
Step 206: after the switching authentication request of target BS good authentication MS, use the session key agreement agreement and the MS that define in IEEE 802.16 standards to consult session keys such as PMK, AK, CMAC key and TEK.
The present invention can be applied to mobile WiMAX network, concrete mobile WiMAX of future generation (the being IEEE802.16m) network formulated of not being only applicable to also is applicable to all mobile WiMAX networks such as IEEE 802.16e-2005, IEEE 802.16j-2009 of having issued.
Fig. 3 is the concrete exemplifying embodiment of quick EAP switching authentication method under IEEE 802.16m network environment based on bill of the present invention.The course of work of this exemplifying embodiment is described below:
When step 301:MS inserts IEEE 802.16m network first, pass through BS
1Authenticate with the EAP of aaa server complete, and set up shared master session key MSK with aaa server;
Step 302:AAA server is given BS by access service network gateway ASN-GW with the MSK safe transmission
1
Step 303:BS
1Utilize MGK to create credit instruments T for MS
MS
Step 304:BS
1To comprise credit instruments T
MSNotification message Ticket_iss send to MS;
After step 305:MS receives Ticket_iss, use the correctness of TCK checking message, if the verification passes, then give BS
1Send an acknowledge message ACK (this message can be omitted);
Step 306:BS
1Send challenge message (NONCE_BS) to MS, wherein NONCE_BS is BS
1The random number of creating;
Step 307:MS utilizes the method for IEEE 802.16m definition to produce PMK, AK and CMAC key;
Step 308:MS gives BS
1(MSID sends a request message
*, NONCE_BS, NONCE_MS) (CMAC), wherein MSID
*Be a conversion of the MAC Address of MS, NONCE_MS is the random number that MS creates;
Step 309:BS
1Utilize the method for IEEE 802.16m definition to produce PMK, AK and CMAC key, use the validity of CMAC key checking request message then;
Step 310:BS
1Send response message (NONCE_BS, NONCE_MS) (CMAC) to MS;
Step 311:MS utilizes the method for IEEE 802.16m definition to produce TEK;
Step 312:BS
1Utilize the method for IEEE 802.16m definition to produce TEK;
Step 313: owing to move, in the time of need switching to new BS access mobile WiMAX network, MS judges by GID number of the broadcasting of inspection target BS whether target BS is the interior BS of multicast BS group as MS.If target BS is not the BS in the multicast group, need carry out the EAP authentication again, switch otherwise just continue to use following step to carry out fast;
Step 314:MS is to BS
2Send one and switch authentication request message THR_req fast, this message comprises the credit instruments T of MS
MS
Step 315:BS
2Use its multicast BS group key MGK deciphering T
MSAnd the validity of checking THR_req, if the verification passes, think that then MS is legal users and accepts it and insert request;
Step 316:BS
2Send challenge message (NONCE_BS) to MS, wherein NONCE_BS is BS
2The random number of creating;
Step 317:MS utilizes the method for IEEE 802.16m definition to produce PMK, AK and CMAC key;
Step 318:MS gives BS
2(MSID sends a request message
*, NONCE_BS, NONCE_MS) (CMAC), wherein MSID
*Be a conversion of the MAC Address of MS, NONCE_MS is the random number that MS creates;
Step 319:BS
2Utilize the method for IEEE 802.16m definition to produce PMK, AK and CMAC key, use the validity of CMAC key checking request message then;
Step 320:BS
2Send response message (NONCE_BS, NONCE_MS) (CMAC) to MS;
Step 321:MS utilizes the method for IEEE 802.16m definition to produce TEK;
Step 322:BS
2Utilize the method for IEEE 802.16m definition to produce TEK.
Claims (9)
1. EAP authentication fast switch over method in the mobile WiMAX network the steps include:
When 1) client MS inserts mobile WiMAX network first, carry out the EAP authentication and set up master session key MSK with the EAP certificate server;
2) access authentication person BS utilizes its multicast BS group key MGK to create a credit instruments T for this MS
MS, and be distributed to this MS; Described credit instruments comprise: the MAC Address MSID of MS, MSK, bill term of validity T
Exp
3) in this MS switches to multicast BS group during a target BS, to handoff request THR_req who has its credit instruments of this target BS transmission; Described handoff request THR_req comprises: the random number N that the MAC Address BSID of target BS, the MAC Address MSID of MS, MS produce
MS, multicast BS group indications GID, credit instruments T
MS
4) after target BS receives THR_req, utilize MGK to verify the validity of this switching authentication request; If effectively, target BS thinks that this MS is legal, allow that it inserts mobile WiMAX network, otherwise, refuse its access.
2. the method for claim 1, person BS encrypts described credit instruments to it is characterized in that the access authentication, generates a bill notification message Ticket_iss and sends to this MS; Wherein, described bill notification message is: Ticket_iss={ (GID, MSID, T
Exp, T
MS, N
BS) (CMAC
TCK), CMAC
TCKFor utilizing cipher key T CK to message (GID, MSID, T
Exp, T
MS, N
BS) encrypt the message authentication code based on ciphertext of generation.
3. method as claimed in claim 2 is characterized in that the generation method of described cipher key T CK is: back 128 bits that extract master session key MSK are as the interim authentication code key TCK based on ciphertext.
4. method as claimed in claim 2 is characterized in that the generation method of described cipher key T CK is: preceding 128 bits that extract master session key MSK are as the interim authentication code key TCK based on ciphertext.
5. as claim 2 or 3 or 4 described methods, after it is characterized in that MS receives Ticket_iss, the described cipher key T CK that utilization generates verifies the CMAC value among the described Ticket_iss, if checking is correct, MS gives and inserts acknowledge message ACK of BS transmission, if verify incorrectly, then give to insert BS and send a repeat requests.
6. as claim 2 or 3 or 4 described methods, it is characterized in that the generation method of described handoff request THR_req is: MS utilizes cipher key T CK to message (GID, MSID, BSID, T
MS, N
MS) encrypt the message authentication code CMAC of generation based on ciphertext, then the CMAC sign indicating number that generates is added on (GID, MSID, BSID, T
MS, N
MS) after together as switching authentication request information THR_req.
7. method as claimed in claim 6, it is characterized in that target BS receives THR_req after, utilize MGK to verify that the method for the validity of this switching authentication request is:
1) target BS is checked GID, BSID and the N among the THR_req
MSWhether with self GID, BSID and N
MSCorresponding consistent;
2) if this GID, BSID are consistent with self GID, BSID, and N
MSN with its record
MSDifference, target BS are used MGK deciphering T
MS, obtain MSID, MSK, T
ExpInformation;
3) target BS decrypts T
MSAfter, at first whether the MSID that carries among the MSID that obtains of check deciphering and the THR_req is consistent, if consistent, just T is checked in continuation
Exp, judge the credit instruments T of this MS
MSWhether expired;
4) if the credit instruments T of MS
MSDo not have expiredly, target BS generates cipher key T CK, and uses TCK to (GID, MSID, BSID, T in the THR_req message
MS, N
MS) encrypt the message authentication code CMAC of generation based on ciphertext, then with THR_req message after subsidiary CMAC value compare, see its whether unanimity;
5) if the CMAC value is consistent, target BS is accepted the switching authentication request of MS, otherwise it is invalid to switch authentication request.
8. as claim 1 or 2 or 3 or 4 described methods, it is characterized in that described EAP certificate server gives described access authentication person BS by access service network gateway with the MSK safe transmission.
9. as claim 1 or 2 or 3 or 4 described methods, it is characterized in that described mobile WiMAX network comprises: IEEE802.16m mobile WiMAX network, IEEE 802.16e-2005 mobile WiMAX network, IEEE 802.16j-2009 mobile WiMAX network.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2010102946927A CN101958898B (en) | 2010-09-28 | 2010-09-28 | Quick EAP authentication switching method in mobile WiMax network |
PCT/CN2010/078490 WO2012040949A1 (en) | 2010-09-28 | 2010-11-08 | Method for fast handing over extensible authentication protocol (eap) authentication in mobile worldwide interoperability for microwave access (wimax) network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2010102946927A CN101958898B (en) | 2010-09-28 | 2010-09-28 | Quick EAP authentication switching method in mobile WiMax network |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101958898A true CN101958898A (en) | 2011-01-26 |
CN101958898B CN101958898B (en) | 2013-10-30 |
Family
ID=43486004
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2010102946927A Expired - Fee Related CN101958898B (en) | 2010-09-28 | 2010-09-28 | Quick EAP authentication switching method in mobile WiMax network |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN101958898B (en) |
WO (1) | WO2012040949A1 (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103200162A (en) * | 2012-01-04 | 2013-07-10 | 株式会社野村综合研究所 | Server system, service delivery server and control method |
CN103918014A (en) * | 2011-11-11 | 2014-07-09 | 奥迪股份公司 | Method and system for enabling technical apparatus |
CN103781067B (en) * | 2014-03-03 | 2017-03-29 | 南京理工大学 | Switching authentication method with secret protection in LTE/LTE A networks |
CN108513296A (en) * | 2018-02-23 | 2018-09-07 | 北京信息科技大学 | A kind of switching authentication method and system of MTC frameworks |
CN110798454A (en) * | 2019-10-18 | 2020-02-14 | 中国科学院信息工程研究所 | Method for defending attack based on attack organization capability evaluation |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103595527B (en) * | 2012-08-13 | 2016-12-21 | 西安西电捷通无线网络通信股份有限公司 | The changing method of a kind of two-way key and realize device |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101233734A (en) * | 2005-06-30 | 2008-07-30 | 朗迅科技公司 | Method for distributing security keys during hand-off in a wireless communication system |
CN101635923A (en) * | 2009-08-05 | 2010-01-27 | 中兴通讯股份有限公司 | EAP authentication method and system supporting fast switching |
US20100208690A1 (en) * | 2009-02-13 | 2010-08-19 | Jianlin Guo | Fast Handover Protocols for Wimax Networks |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101510825B (en) * | 2009-02-25 | 2014-04-30 | 中兴通讯股份有限公司 | Protection method and system for management message |
CN101742492B (en) * | 2009-12-11 | 2015-07-22 | 中兴通讯股份有限公司 | Key processing method and system |
-
2010
- 2010-09-28 CN CN2010102946927A patent/CN101958898B/en not_active Expired - Fee Related
- 2010-11-08 WO PCT/CN2010/078490 patent/WO2012040949A1/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101233734A (en) * | 2005-06-30 | 2008-07-30 | 朗迅科技公司 | Method for distributing security keys during hand-off in a wireless communication system |
US20100208690A1 (en) * | 2009-02-13 | 2010-08-19 | Jianlin Guo | Fast Handover Protocols for Wimax Networks |
CN101635923A (en) * | 2009-08-05 | 2010-01-27 | 中兴通讯股份有限公司 | EAP authentication method and system supporting fast switching |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103918014A (en) * | 2011-11-11 | 2014-07-09 | 奥迪股份公司 | Method and system for enabling technical apparatus |
CN103200162A (en) * | 2012-01-04 | 2013-07-10 | 株式会社野村综合研究所 | Server system, service delivery server and control method |
CN103200162B (en) * | 2012-01-04 | 2016-04-27 | 株式会社野村综合研究所 | server system, service providing server and control method |
CN103781067B (en) * | 2014-03-03 | 2017-03-29 | 南京理工大学 | Switching authentication method with secret protection in LTE/LTE A networks |
CN108513296A (en) * | 2018-02-23 | 2018-09-07 | 北京信息科技大学 | A kind of switching authentication method and system of MTC frameworks |
CN110798454A (en) * | 2019-10-18 | 2020-02-14 | 中国科学院信息工程研究所 | Method for defending attack based on attack organization capability evaluation |
Also Published As
Publication number | Publication date |
---|---|
CN101958898B (en) | 2013-10-30 |
WO2012040949A1 (en) | 2012-04-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101056177B (en) | Radio mesh re-authentication method based on the WLAN secure standard WAPI | |
EP1739903B1 (en) | Authentication system and method thereof in a communication system | |
CN101106452B (en) | Generation and distribution method and system for mobile IP secret key | |
US20110320802A1 (en) | Authentication method, key distribution method and authentication and key distribution method | |
US9264900B2 (en) | Fast authentication for inter-domain handovers | |
CN101958898B (en) | Quick EAP authentication switching method in mobile WiMax network | |
CN1298194C (en) | Radio LAN security access method based on roaming key exchange authentication protocal | |
US20110107087A1 (en) | Apparatus and method for refreshing master session key in wireless communication system | |
Fu et al. | A fast handover authentication mechanism based on ticket for IEEE 802.16 m | |
KR20060067263A (en) | Fast re-authentication method when handoff in wlan-umts interworking network | |
CN103688563A (en) | Performing a group authentication and key agreement procedure | |
CN101951590B (en) | Authentication method, device and system | |
CN106961682B (en) | It is a kind of based on the group of mobile relay to path mobile handoff authentication method | |
CN109768861B (en) | Massive D2D anonymous discovery authentication and key agreement method | |
KR20070051233A (en) | System and method for re-authenticating using twice extensible authentication protocol scheme in a broadband wireless access communication system | |
CN101854629A (en) | Method of access authentication and recertification in home NodeB system of user terminal | |
WO2011015060A1 (en) | Extensible authentication protocol authentication method, base station and authentication server thereof | |
US8407474B2 (en) | Pre-authentication method, authentication system and authentication apparatus | |
CN101420695B (en) | 3G customer fast roaming authentication method based on wireless LAN | |
CN101610507A (en) | A kind of method that inserts the 3G-WLAN internet | |
Sun et al. | Secure and fast handover scheme based on pre-authentication method for 802.16/WiMAX infrastructure networks | |
El Bouabidi et al. | Secure handoff protocol in 3GPP LTE networks | |
KR101445459B1 (en) | Authenticator relocation method for wimax system | |
CN101707769A (en) | Method and system for WAPI reauthentication in wireless local area network | |
CN101742492B (en) | Key processing method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20131030 Termination date: 20200928 |