CN102547701A - Authentication method and wireless access point as well as authentication server - Google Patents
Authentication method and wireless access point as well as authentication server Download PDFInfo
- Publication number
- CN102547701A CN102547701A CN2010106211474A CN201010621147A CN102547701A CN 102547701 A CN102547701 A CN 102547701A CN 2010106211474 A CN2010106211474 A CN 2010106211474A CN 201010621147 A CN201010621147 A CN 201010621147A CN 102547701 A CN102547701 A CN 102547701A
- Authority
- CN
- China
- Prior art keywords
- authentication
- sends
- nonce
- request
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses an authentication method and device; the authentication method comprises the following steps: a user terminal (UE) sends an access request to a per se corresponding wireless access point (AP); the AP sends an authentication request to an authentication server (AS) through the UE; the AS requests and receives authentication information returned by the UE, authenticates the authentication information and sends an authentication result to the AP through the UE; and the AP sends the authentication result to the UE. In addition, on the basis, a shared key can also be adopted for ensuring the safety of coming and going information. By adopting the technical scheme of the invention, the authentication can be better finished when an authentication channel does not exist between the AP and the AS.
Description
Technical field
The present invention relates to the wireless lan (wlan) technology, particularly authentication method, WAP and certificate server.
Background technology
In the existing wlan network, certificate server (AS) is responsible for user terminal (UE) is carried out authentication, and after authentication was passed through, UE can be linked into the Internet through WAP (AP).
Fig. 1 is the sketch map that concerns between existing AS, AP and the UE.As shown in Figure 1, the up of AP inserts the Internet through wired bandwidth, is connected based on wired bandwidth equally between descending employing WLAN authentication and privacy infrastructure (WAPI) or the UE such as connection such as Wireless Fidelity (WIFI) wireless mode of etc.ing, AP and AS; UE both can be connected to AS through AP, also can be directly connected to AS.
As a rule, AP be operator all, be operator's equipment trusty, be laid in hot zones more, and can guarantee reliable connection the between AP and the AS.
Fig. 2 is the realization flow figure of existing authentication mode.As shown in Figure 2, may further comprise the steps:
Step 21~22:UE (the WEB browser need be installed) is sent the request of access to AP, and AP sends authentication request to AS.
Said access request is generally HTTP (Http) request.
Step 23:AS adopts the mode of WEB to push the Portal page to UE, requires user's input authentication information, is generally username and password.
Step 24~25:UE receives the username and password of user's input, and sends to AS.
Usually, UE can carry out certain processing such as encryption to the username and password that receives, and generates digest authentication information, and this digest authentication information is sent to AS, and correspondingly, follow-up AS such as need decipher at processing, to obtain username and password.
Step 26~27:AS carries out authentication to the username and password that receives, and authentication result is sent to AP and UE.
In practical application, the corresponding a plurality of AP of AS possibility, the AP described in Fig. 2 is the AP corresponding with UE.
The realization prerequisite of aforesaid way is: AP is operator's equipment trusty, exists between AP and the AS reliably to be connected.In this case, AP is the via node of data channel, also is the via node in the identifying procedure.
But, in practical application, owing to there are multi-form focus construction modes such as self-built, that it is built, build together; AP differ be decided to be operator all; Such as can being positioned in the subscriber household, a kind of as subscriber household equipment links to each other with AS through the Internet or other third party's network.In this case, will be connected for unreliable between AP and the AS, when the authentication passage between AP and the AS does not exist, aforesaid way just will be no longer suitable.And, also do not have a kind of effective processing mode in the prior art to this situation.
Summary of the invention
In view of this, main purpose of the present invention is to provide two kinds of authentication methods, can guarantee when not having the authentication passage between AP and the AS, can not accomplish authentication preferably.
Another object of the present invention is to provide two kinds of WAPs and two kinds of certificate servers, can guarantee when not having the authentication passage between AP and the AS, can not accomplish authentication preferably.
For achieving the above object, technical scheme of the present invention is achieved in that
A kind of authentication method, this method comprises:
User terminal UE is to self corresponding wireless access point AP transmission access request;
Said AP sends authentication request through said UE to certificate server AS;
Said AS request also receives the authentication information that said UE returns, and said authentication information is carried out authentication, and authentication result is sent to said AP through said UE;
Said AP sends to said UE with said authentication result.
A kind of authentication method is provided with a shared key A P_key in advance respectively on each wireless access point AP, and will all be arranged on the certificate server AS for the AP_key that each AP is provided with; This method comprises:
User terminal UE is to self corresponding AP APx transmission access request;
Said APx is that said UE distributes a random number nonce, said nonce is preserved, and said nonce is carried in the authentication request sends to said AS through said UE; Said nonce is used to identify the identity of said UE;
Said AS request also receives the authentication information that said UE returns; Said authentication information is carried out authentication; And according to authentication result, said nonce and be that the AP_key that said APx is provided with generates a confirm value, said confirm value is sent to said APx through said UE;
Said APx is according to the authentication result of acquiescence, said nonce and the confirm value of AP_key generation for self being provided with; The authentication result of said acquiescence is successfully, and whether the confirm value that relatively self generates is consistent with the confirm value that receives, if consistent; Then think authentication success; Otherwise, think authentification failure authentication result to be sent to said UE.
A kind of WAP comprises:
First processing unit is used to receive the access request that user terminal UE sends;
Second processing unit; Be used for after definite said first processing unit receives said access request; Send authentication request through said UE to certificate server AS, and receive the authentication result that said AS sends through said UE, said authentication result is sent to said UE.
A kind of certificate server comprises:
The 3rd processing unit is used to receive wireless access point AP through the authentication request that user terminal UE sends, and asks and receives the authentication information that said UE returns, and sends to and manages the unit everywhere;
Said manages the unit everywhere, is used for said authentication information is carried out authentication, and authentication result is sent to said AP through said UE.
A kind of WAP comprises:
First processing unit is used to receive the access request that user terminal UE sends;
Second processing unit; Be used for after definite said first processing unit receives said access request; For said UE distributes a random number nonce; Said nonce is preserved, and said nonce is carried in the authentication request sends to certificate server AS through said UE, said nonce is used to identify the identity of said UE; Receive the confirm value that said AS sends through said UE, and generate a confirm value according to the AP_key of the authentication result of acquiescence, said nonce and setting in advance, the authentication result of said acquiescence is successfully; Whether the confirm value that relatively self generates is consistent with the confirm value that receives; If consistent, then think authentication success, otherwise; Think authentification failure, and authentication result is sent to said UE.
A kind of certificate server comprises:
The 3rd processing unit; Be used to receive the authentication request that carries random number nonce that wireless access point AP is sent through user terminal UE; Said nonce is used to identify the identity of said UE, asks and receives the authentication information that said UE returns, and sends to and manages the unit everywhere;
Said the manages the unit everywhere, is used for said authentication information is carried out authentication, and according to authentication result, said nonce and what preserve in advance be confirm value of AP_key generation that said AP is provided with, said confirm value is sent said AP through said UE.
It is thus clear that, adopt technical scheme of the present invention, utilize UE to carry out the forwarding of contact information between AP and the AS, thereby need not directly to carry out information interaction between AP and the AS, and then guaranteed when not having the authentication passage between AP and the AS, can not accomplish authentication preferably; In addition, also can adopt shared key to wait the fail safe of guaranteeing the information of coming and going; Have, the method for the invention implements simple and convenient again, is convenient to popularize.
Description of drawings
Fig. 1 is the sketch map that concerns between existing AS, AP and the UE.
Fig. 2 is the realization flow figure of existing authentication mode.
Fig. 3 is the realization flow figure of authentication method first embodiment of the present invention.
Fig. 4 is the realization flow figure of authentication method second embodiment of the present invention.
Fig. 5 is the composition structural representation of WAP embodiment of the present invention.
Fig. 6 is the composition structural representation of certificate server embodiment of the present invention.
Embodiment
To the problem that exists in the prior art, the certificate scheme among the present invention after a kind of improvement of proposition can be guaranteed when not having the authentication passage between AP and the AS, can not accomplish authentication preferably.
For make technical scheme of the present invention clearer, understand, below with reference to the accompanying drawing embodiment that develops simultaneously, scheme according to the invention is done to specify further.
Fig. 3 is the realization flow figure of authentication method first embodiment of the present invention.As shown in Figure 3, may further comprise the steps:
Step 31:UE is to self corresponding AP transmission access request.
Said authentication request can be the Http request.
Step 32:AP sends authentication request through UE to AS.
Step 33:AS request also receives the authentication information that UE returns.
Said authentication information is generally username and password.In this step, the mode that AS can adopt WEB pushes the Portal page to UE, requires the user to import username and password, and receives the username and password of user's input that UE returns.
Step 34:AS carries out authentication to the authentication information that receives, and authentication result is sent to AP through UE.
Step 35:AP sends to UE with authentication result.
If authentication success can return the page that comprises authentication success information, timing window and the button that rolls off the production line to UE, if authentification failure can return the page that only comprises the authentification failure information.
Fig. 4 is the realization flow figure of authentication method second embodiment of the present invention.In the present embodiment, need on each AP, to be provided with respectively in advance a shared key A P_key, and will all be arranged on the AS for the AP_key that each AP is provided with, AP_key is not in transmission over networks.As shown in Figure 4, may further comprise the steps:
Step 41:UE is to self corresponding AP APx (owing to related to a plurality of AP in the present embodiment, for distinguishing, the AP that UE is corresponding is called APx) transmission access request.
Step 42:APx is that UE distributes a random number nonce, nonce is preserved, and nonce is carried in the authentication request sends to AS through UE.
For each AP, the AP_key that is provided with on it can be identical, also can be different, if identical, can only carry nonce in the authentication request that this step is sent, and if different, then need further carry the AP_key corresponding identification AP_ID that is provided with into APx.
Nonce is used for identifying the identity of this identifying procedure UE.
Step 43:AS request also receives the authentication information that UE returns.
Said authentication information is generally username and password.
Step 44:AS carries out authentication to the authentication information that receives, and generates a confirm value according to authentication result, nonce and the AP_key that is provided with for APx.
If the AP_key that is provided with for each AP is different, can preserve the corresponding respectively AP_ID of different AP_key so among the AS, in this step, AS finds required AP_key according to the AP_ID that receives.
In addition, AS ashed information authentication code capable of using (HMAC) algorithm generates the confirm value, promptly confirm=HMAC (AP_key, success/failure, nonce), hmac algorithm specifically be embodied as prior art.
Step 45:AS sends to APx with the confirm value that generates through UE.
Step 46:APx is according to authentication result, nonce and the confirm value of AP_key generation for self being provided with of acquiescence, and the authentication result of acquiescence is successfully.
Equally, APx hmac algorithm capable of using generates the confirm value, promptly confirm=HMAC (AP_key, the success, nonce).
Whether the confirm value that step 47:APx relatively self generates is consistent with the confirm value that receives, if unanimity is then thought authentication success, otherwise, think authentification failure.
Step 48:APx sends to UE with authentication result.
Can find out, embodiment illustrated in fig. 4 more guaranteed aspect fail safe than embodiment illustrated in fig. 3, can prevent that the information of coming and going between AP and the AS from being distorted by UE.
Among above-mentioned two embodiment, the address that UE need obtain AP is that the address of AP_IP and AS is AS_IP, so that carry out information interaction with both, how to obtain and does not do restriction.
Have again, if authentication pass through, AP need for UE provide the service and charge; Specifically, promptly generate bill, and bill is sent to AS; Accomplish subsequent treatment by AS, in order to charge, AP also need obtain the corresponding user name of UE; How to obtain and do not do restriction, such as can in step 45, sending to AP together with the confirm value by AS.
Based on above-mentioned introduction, Fig. 5 is the composition structural representation of WAP embodiment of the present invention.As shown in Figure 5, comprising:
First processing unit 51 is used to receive the access request that UE sends;
Perhaps,
First processing unit 51 is used to receive the access request that UE sends;
Wherein, second processing unit 52 can be further used for, and the AP_key corresponding identification AP_ID that is provided with in advance is carried in the authentication request sends to AS through UE.
Fig. 6 is the composition structural representation of certificate server embodiment of the present invention.As shown in Figure 6, comprising:
The 3rd processing unit 61 is used to receive the authentication request that AP sends through UE, and request also receives the authentication information that UE returns, and sends to the and manages unit 62 everywhere;
Manages unit 62 everywhere, is used for said authentication information is carried out authentication, and authentication result is sent to AP through UE.
Perhaps,
The 3rd processing unit 61 is used to receive the authentication request that carries random number nonce that AP sends through UE, and nonce is used to identify the identity of UE, and request also receives the authentication information that UE returns, and sends to the and manages unit 62 everywhere;
The manages unit 62 everywhere, is used for said authentication information is carried out authentication, and generates a confirm value according to authentication result, nonce and the AP_key that is provided with for AP that preserves in advance, and this confirm value is passed through UE transmission AP.
Can further carry the AP_key corresponding identification that promising AP is provided with in the above-mentioned authentication request; Correspondingly, the manages unit 62 everywhere can be further used for, and finds the AP_key that is provided with into AP according to AP_ID.
The concrete workflow of Fig. 5 and 6 shown device embodiment please with reference to the respective description among the method embodiment shown in Fig. 3 and 4, repeats no more.
In addition, need to prove that when having the authentication passage between AP and the AS, scheme according to the invention will be suitable equally.
The above is merely preferred embodiment of the present invention, and is in order to restriction the present invention, not all within spirit of the present invention and principle, any modification of being made, is equal to replacement, improvement etc., all should be included within the scope that the present invention protects.
Claims (10)
1. an authentication method is characterized in that, this method comprises:
User terminal UE is to self corresponding wireless access point AP transmission access request;
Said AP sends authentication request through said UE to certificate server AS;
Said AS request also receives the authentication information that said UE returns, and said authentication information is carried out authentication, and authentication result is sent to said AP through said UE;
Said AP sends to said UE with said authentication result.
2. an authentication method is characterized in that, a shared key A P_key is set respectively on each wireless access point AP in advance, and will all be arranged on the certificate server AS for the AP_key that each AP is provided with; This method comprises:
User terminal UE is to self corresponding AP APx transmission access request;
Said APx is that said UE distributes a random number nonce, said nonce is preserved, and said nonce is carried in the authentication request sends to said AS through said UE; Said nonce is used to identify the identity of said UE;
Said AS request also receives the authentication information that said UE returns; Said authentication information is carried out authentication; And according to authentication result, said nonce and be that the AP_key that said APx is provided with generates a confirm value, said confirm value is sent to said APx through said UE;
Said APx is according to the authentication result of acquiescence, said nonce and the confirm value of AP_key generation for self being provided with; The authentication result of said acquiescence is successfully, and whether the confirm value that relatively self generates is consistent with the confirm value that receives, if consistent; Then think authentication success; Otherwise, think authentification failure authentication result to be sent to said UE.
3. method according to claim 2 is characterized in that, said AP_key for each AP setting is identical or different; If different, then said APx will further be carried in the said authentication request for the AP_key corresponding identification AP_ID that self is provided with and send to said AS through said UE;
Said AS generates before the confirm value, further comprises: find the AP_key that is provided with into said APx according to said AP_ID.
4. according to claim 2 or 3 described methods, it is characterized in that confirm value of said generation comprises: utilize ashed information authentication code hmac algorithm to generate a confirm value.
5. a WAP is characterized in that, comprising:
First processing unit is used to receive the access request that user terminal UE sends;
Second processing unit; Be used for after definite said first processing unit receives said access request; Send authentication request through said UE to certificate server AS, and receive the authentication result that said AS sends through said UE, said authentication result is sent to said UE.
6. a certificate server is characterized in that, comprising:
The 3rd processing unit is used to receive wireless access point AP through the authentication request that user terminal UE sends, and asks and receives the authentication information that said UE returns, and sends to and manages the unit everywhere;
Said manages the unit everywhere, is used for said authentication information is carried out authentication, and authentication result is sent to said AP through said UE.
7. a WAP is characterized in that, comprising:
First processing unit is used to receive the access request that user terminal UE sends;
Second processing unit; Be used for after definite said first processing unit receives said access request; For said UE distributes a random number nonce; Said nonce is preserved, and said nonce is carried in the authentication request sends to certificate server AS through said UE, said nonce is used to identify the identity of said UE; Receive the confirm value that said AS sends through said UE, and generate a confirm value according to the AP_key of the authentication result of acquiescence, said nonce and setting in advance, the authentication result of said acquiescence is successfully; Whether the confirm value that relatively self generates is consistent with the confirm value that receives; If consistent, then think authentication success, otherwise; Think authentification failure, and authentication result is sent to said UE.
8. WAP according to claim 7 is characterized in that, said second processing unit is further used for, and the AP_key corresponding identification AP_ID that is provided with in advance is carried in the said authentication request sends to said AS through said UE.
9. a certificate server is characterized in that, comprising:
The 3rd processing unit; Be used to receive the authentication request that carries random number nonce that wireless access point AP is sent through user terminal UE; Said nonce is used to identify the identity of said UE, asks and receives the authentication information that said UE returns, and sends to and manages the unit everywhere;
Said the manages the unit everywhere, is used for said authentication information is carried out authentication, and according to authentication result, said nonce and what preserve in advance be confirm value of AP_key generation that said AP is provided with, said confirm value is sent said AP through said UE.
10. certificate server according to claim 9 is characterized in that, further carries the AP_key corresponding identification AP_ID that promising said AP is provided with in the said authentication request;
Said the manages the unit everywhere is further used for, and finds the AP_key that is provided with into said AP according to said AP_ID.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2010106211474A CN102547701A (en) | 2010-12-24 | 2010-12-24 | Authentication method and wireless access point as well as authentication server |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2010106211474A CN102547701A (en) | 2010-12-24 | 2010-12-24 | Authentication method and wireless access point as well as authentication server |
Publications (1)
Publication Number | Publication Date |
---|---|
CN102547701A true CN102547701A (en) | 2012-07-04 |
Family
ID=46353408
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2010106211474A Pending CN102547701A (en) | 2010-12-24 | 2010-12-24 | Authentication method and wireless access point as well as authentication server |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102547701A (en) |
Cited By (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103108037A (en) * | 2013-01-22 | 2013-05-15 | 华为技术有限公司 | Communication method, Web server and Web communication system |
CN103581904A (en) * | 2012-07-25 | 2014-02-12 | 中国移动通信集团公司 | Network access method and device |
CN103987042A (en) * | 2014-05-08 | 2014-08-13 | 中国联合网络通信集团有限公司 | Access authentication method of terminals and access gateway |
CN104683343A (en) * | 2015-03-03 | 2015-06-03 | 中山大学 | Method for rapidly logging WiFi hotspot by terminal |
WO2016090578A1 (en) * | 2014-12-10 | 2016-06-16 | 华为技术有限公司 | Authentication processing method, apparatus and terminal |
CN105743657A (en) * | 2016-04-07 | 2016-07-06 | 福州市鼓楼区智成商标事务所有限公司 | Method for preventing hot spot from being illegally used |
CN105848142A (en) * | 2016-04-21 | 2016-08-10 | 林碧琴 | Bus mobile WIFI authentication method |
CN105873035A (en) * | 2016-05-19 | 2016-08-17 | 福州市协成智慧科技有限公司 | Safe AP (access point) information processing method |
CN105873032A (en) * | 2016-04-21 | 2016-08-17 | 林碧琴 | Bus mobile hotspot authentication method |
CN105873034A (en) * | 2016-05-19 | 2016-08-17 | 徐美琴 | Safe hot spot information processing method |
CN105898739A (en) * | 2016-05-19 | 2016-08-24 | 郑建钦 | Method for preventing hot spot from being illegally simulated |
CN106028327A (en) * | 2016-05-19 | 2016-10-12 | 徐美琴 | Method for realizing hotspot security through authentication server |
CN106060804A (en) * | 2016-05-19 | 2016-10-26 | 福州市协成智慧科技有限公司 | Wireless distance triangulation location method |
CN106101058A (en) * | 2016-05-19 | 2016-11-09 | 郑建钦 | A kind of hot information processing method based on Quick Response Code |
CN107248998A (en) * | 2017-07-04 | 2017-10-13 | 上海斐讯数据通信技术有限公司 | The authentication method and device of a kind of application client of terminal device |
CN107735998A (en) * | 2015-06-19 | 2018-02-23 | 西门子公司 | The structure of network instrument and method of data network are accessed for networking component |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1567859A (en) * | 2003-06-23 | 2005-01-19 | 华为技术有限公司 | A method of access authentication for WLAN |
CN1830190A (en) * | 2003-07-29 | 2006-09-06 | 汤姆森特许公司 | Controlling access to a network using redirection |
-
2010
- 2010-12-24 CN CN2010106211474A patent/CN102547701A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1567859A (en) * | 2003-06-23 | 2005-01-19 | 华为技术有限公司 | A method of access authentication for WLAN |
CN1830190A (en) * | 2003-07-29 | 2006-09-06 | 汤姆森特许公司 | Controlling access to a network using redirection |
Cited By (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103581904A (en) * | 2012-07-25 | 2014-02-12 | 中国移动通信集团公司 | Network access method and device |
CN103581904B (en) * | 2012-07-25 | 2017-05-03 | 中国移动通信集团公司 | Network access method and device |
CN103108037B (en) * | 2013-01-22 | 2015-12-02 | 华为技术有限公司 | A kind of communication means, Web server and Web communication system |
CN103108037A (en) * | 2013-01-22 | 2013-05-15 | 华为技术有限公司 | Communication method, Web server and Web communication system |
CN103987042A (en) * | 2014-05-08 | 2014-08-13 | 中国联合网络通信集团有限公司 | Access authentication method of terminals and access gateway |
CN105874831B (en) * | 2014-12-10 | 2019-05-10 | 华为技术有限公司 | Processing method, device and the terminal of certification |
WO2016090578A1 (en) * | 2014-12-10 | 2016-06-16 | 华为技术有限公司 | Authentication processing method, apparatus and terminal |
CN105874831A (en) * | 2014-12-10 | 2016-08-17 | 华为技术有限公司 | Authentication processing method, apparatus and terminal |
CN104683343A (en) * | 2015-03-03 | 2015-06-03 | 中山大学 | Method for rapidly logging WiFi hotspot by terminal |
CN104683343B (en) * | 2015-03-03 | 2018-03-16 | 中山大学 | A kind of method of terminal quick registration Wi-Fi hotspot |
US11165773B2 (en) | 2015-06-19 | 2021-11-02 | Siemens Aktiengesellschaft | Network device and method for accessing a data network from a network component |
CN107735998A (en) * | 2015-06-19 | 2018-02-23 | 西门子公司 | The structure of network instrument and method of data network are accessed for networking component |
CN105743657A (en) * | 2016-04-07 | 2016-07-06 | 福州市鼓楼区智成商标事务所有限公司 | Method for preventing hot spot from being illegally used |
CN105873032A (en) * | 2016-04-21 | 2016-08-17 | 林碧琴 | Bus mobile hotspot authentication method |
CN105848142A (en) * | 2016-04-21 | 2016-08-10 | 林碧琴 | Bus mobile WIFI authentication method |
CN106060804A (en) * | 2016-05-19 | 2016-10-26 | 福州市协成智慧科技有限公司 | Wireless distance triangulation location method |
CN106101058A (en) * | 2016-05-19 | 2016-11-09 | 郑建钦 | A kind of hot information processing method based on Quick Response Code |
CN106028327A (en) * | 2016-05-19 | 2016-10-12 | 徐美琴 | Method for realizing hotspot security through authentication server |
CN105898739A (en) * | 2016-05-19 | 2016-08-24 | 郑建钦 | Method for preventing hot spot from being illegally simulated |
CN105873034A (en) * | 2016-05-19 | 2016-08-17 | 徐美琴 | Safe hot spot information processing method |
CN105873035A (en) * | 2016-05-19 | 2016-08-17 | 福州市协成智慧科技有限公司 | Safe AP (access point) information processing method |
CN107248998A (en) * | 2017-07-04 | 2017-10-13 | 上海斐讯数据通信技术有限公司 | The authentication method and device of a kind of application client of terminal device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102547701A (en) | Authentication method and wireless access point as well as authentication server | |
EP3752941B1 (en) | Security management for service authorization in communication systems with service-based architecture | |
Chen et al. | Lightweight and provably secure user authentication with anonymity for the global mobility network | |
KR101438243B1 (en) | Sim based authentication | |
US10003965B2 (en) | Subscriber profile transfer method, subscriber profile transfer system, and user equipment | |
JP4965671B2 (en) | Distribution of user profiles, policies and PMIP keys in wireless communication networks | |
CN105027529B (en) | Method and apparatus for verifying user's access to Internet resources | |
EP3065334A1 (en) | Key configuration method, system and apparatus | |
US20110320802A1 (en) | Authentication method, key distribution method and authentication and key distribution method | |
EP2590356A1 (en) | Method, device and system for authenticating gateway, node and server | |
RU2008146960A (en) | METHOD AND SYSTEM OF PROVIDING PROTECTED COMMUNICATION USING A CELLULAR NETWORK FOR MANY PERSONALIZED COMMUNICATION DEVICES | |
CN101371491A (en) | Method and arrangement for the creation of a wireless mesh network | |
CN101496387A (en) | System and method for access authentication in a mobile wireless network | |
WO2012174959A1 (en) | Group authentication method, system and gateway in machine-to-machine communication | |
CN108964896B (en) | Kerberos identity authentication system and method based on group key pool | |
CN101616017A (en) | Method, equipment and system that network application apparatus is configured | |
CN101785343A (en) | Fast transitioning resource negotiation | |
CN102143492B (en) | Method for establishing virtual private network (VPN) connection, mobile terminal and server | |
CN104901940A (en) | 802.1X network access method based on combined public key cryptosystem (CPK) identity authentication | |
EP3284232B1 (en) | Wireless communications | |
CN108880799B (en) | Multi-time identity authentication system and method based on group key pool | |
CN108964895B (en) | User-to-User identity authentication system and method based on group key pool and improved Kerberos | |
JP2021522757A (en) | Non-3GPP device access to core network | |
BR112021003448A2 (en) | device without subscriber identity, subscriber identity device, method for use on a device without subscriber identity, method for use on a device with subscriber identity, and downloadable computer program product | |
CN104683343A (en) | Method for rapidly logging WiFi hotspot by terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C12 | Rejection of a patent application after its publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20120704 |