CN102687537B - 媒体无关切换协议的安全 - Google Patents

媒体无关切换协议的安全 Download PDF

Info

Publication number
CN102687537B
CN102687537B CN201080029205.2A CN201080029205A CN102687537B CN 102687537 B CN102687537 B CN 102687537B CN 201080029205 A CN201080029205 A CN 201080029205A CN 102687537 B CN102687537 B CN 102687537B
Authority
CN
China
Prior art keywords
media
service
authentication
access network
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201080029205.2A
Other languages
English (en)
Chinese (zh)
Other versions
CN102687537A (zh
Inventor
S·达斯
A·杜塔
大场义洋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Trachia Legaci Co ltd
Toshiba Corp
Original Assignee
Toshiba Corp
Telcordia Technologies Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Toshiba Corp, Telcordia Technologies Inc filed Critical Toshiba Corp
Publication of CN102687537A publication Critical patent/CN102687537A/zh
Application granted granted Critical
Publication of CN102687537B publication Critical patent/CN102687537B/zh
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3273Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/0005Control or signalling for completing the hand-off
    • H04W36/005Control or signalling for completing the hand-off involving radio access media independent information, e.g. MIH [Media independent Hand-off]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/16Gateway arrangements

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
CN201080029205.2A 2009-05-03 2010-05-03 媒体无关切换协议的安全 Expired - Fee Related CN102687537B (zh)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US17501609P 2009-05-03 2009-05-03
US61/175,016 2009-05-03
US22155109P 2009-06-29 2009-06-29
US61/221,551 2009-06-29
PCT/US2010/033404 WO2010129475A2 (en) 2009-05-03 2010-05-03 Media independent handover protocol security

Publications (2)

Publication Number Publication Date
CN102687537A CN102687537A (zh) 2012-09-19
CN102687537B true CN102687537B (zh) 2016-03-09

Family

ID=43031277

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201080029205.2A Expired - Fee Related CN102687537B (zh) 2009-05-03 2010-05-03 媒体无关切换协议的安全
CN201080029325.2A Expired - Fee Related CN102461062B (zh) 2009-05-03 2010-05-03 用于主动验证的系统和设备

Family Applications After (1)

Application Number Title Priority Date Filing Date
CN201080029325.2A Expired - Fee Related CN102461062B (zh) 2009-05-03 2010-05-03 用于主动验证的系统和设备

Country Status (6)

Country Link
US (2) US8341395B2 (enExample)
EP (2) EP2428019A4 (enExample)
JP (2) JP5694296B2 (enExample)
CN (2) CN102687537B (enExample)
CA (2) CA2760522C (enExample)
WO (2) WO2010129475A2 (enExample)

Families Citing this family (43)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100115624A1 (en) * 2008-11-05 2010-05-06 Appsware Wireless, Llc Method and system for securing data from a point of sale device over a lan
US8966610B2 (en) * 2008-11-05 2015-02-24 Apriva, Llc Method and system for securing data from a non-point of sale device over an external network
US20100115127A1 (en) * 2008-11-05 2010-05-06 Appsware Wireless, Llc Method and system for securing data from a non-point of sale device over a lan
US20100115600A1 (en) * 2008-11-05 2010-05-06 Appsware Wireless, Llc Method and system for securing data from an external network to a point of sale device
US8732813B2 (en) * 2008-11-05 2014-05-20 Apriva, Llc Method and system for securing data from an external network to a non point of sale device
US20100115599A1 (en) * 2008-11-05 2010-05-06 Appsware Wireless, Llc Method and system for securing data from a point of sale device over an external network
US20100114723A1 (en) * 2008-11-05 2010-05-06 Appsware Wireless, Llc Method and system for providing a point of sale network within a lan
EP2428019A4 (en) * 2009-05-03 2015-01-28 Toshiba Kk MEDIA-INDEPENDENT TRANSFER PROTOCOL SECURITY
ES2957533T3 (es) * 2009-06-04 2024-01-22 Blackberry Ltd Métodos y aparato para su uso para facilitar la comunicación de información de redes vecinas a un terminal móvil con la utilización de una solicitud relacionada con un protocolo compatible con RADIUS
KR101622174B1 (ko) * 2010-05-20 2016-06-02 삼성전자주식회사 컨텐츠 공유를 위한 가상 그룹에서의 단말, 홈 허브 및 방문 허브의 제어 방법
US8745695B2 (en) * 2011-03-14 2014-06-03 Qualcomm Incorporated Hybrid networking master passphrase
US9369448B2 (en) * 2011-06-01 2016-06-14 Broadcom Corporation Network security parameter generation and distribution
US8819435B2 (en) * 2011-09-12 2014-08-26 Qualcomm Incorporated Generating protocol-specific keys for a mixed communication network
EP2754312B1 (en) 2011-12-12 2018-07-11 Siemens Aktiengesellschaft Method and devices for running push-button configuration sessions
SG11201407253PA (en) 2012-05-08 2014-12-30 Serentic Ltd Method and system for authentication of communication and operation
US9307470B2 (en) * 2012-07-10 2016-04-05 Futurewei Technologies, Inc. System and method for single radio handover
CN103596161B (zh) * 2012-08-14 2016-06-08 杭州华三通信技术有限公司 一种无线漫游方法和接入控制器
US9232531B2 (en) 2012-10-22 2016-01-05 Qualcomm Incorporated Prioritization of users for switching between co-existence wireless systems
JP5898121B2 (ja) * 2013-04-24 2016-04-06 京セラ株式会社 無線通信装置、プロセッサ、及び通信制御方法
CN105934956A (zh) 2013-08-30 2016-09-07 交互数字专利控股公司 用于应用特定的接入控制的方法
US20150237554A1 (en) * 2014-02-19 2015-08-20 Qualcomm Incorporated Systems, methods and apparatus for seamless handoff at the application layer between disparate networks for interactive applications
US20160380999A1 (en) * 2014-03-17 2016-12-29 Telefonaktiebolaget L M Ericsson (Publ) User Identifier Based Device, Identity and Activity Management System
EP4167615B1 (en) * 2014-03-21 2025-10-08 Sun Patent Trust Security key derivation in dual connectivity
CN104954327B (zh) * 2014-03-27 2019-02-22 东华软件股份公司 用于终端连接控制的服务器及方法、终端及方法、和系统
CN106104551B (zh) * 2014-03-28 2019-10-11 索尼公司 信息处理装置和信息处理方法
US9998449B2 (en) * 2014-09-26 2018-06-12 Qualcomm Incorporated On-demand serving network authentication
US9491618B2 (en) * 2014-09-26 2016-11-08 Qualcomm Incorporated Serving network authentication
US10057766B2 (en) * 2014-10-21 2018-08-21 Qualcomm Incorporated Methods and systems for authentication interoperability
CN107005562B (zh) * 2014-12-08 2020-04-07 皇家飞利浦有限公司 网络中的设备的调试
US10229262B2 (en) 2015-04-20 2019-03-12 Bomgar Corporation Systems, methods, and apparatuses for credential handling
US10397233B2 (en) 2015-04-20 2019-08-27 Bomgar Corporation Method and apparatus for credential handling
US9961112B2 (en) * 2015-04-20 2018-05-01 Bomgar Corporation Method and apparatus for enforcing realtime access controls for endpoints
CN105871539B (zh) * 2016-03-18 2020-02-14 华为技术有限公司 一种密钥处理方法及装置
US10433163B2 (en) * 2016-09-19 2019-10-01 Qualcomm Incorporated Techniques for deriving security keys for a cellular network based on performance of an extensible authentication protocol (EAP) procedure
US12016064B2 (en) * 2016-12-09 2024-06-18 Huawei Technologies Co., Ltd. Method for establishing hotspot connection and terminal device
JP2020501458A (ja) * 2016-12-21 2020-01-16 日本電気株式会社 Imsのサービスドメイン集約化をサポートするネットワークのためのインバウンドローマー検出方法
WO2019133769A1 (en) * 2017-12-29 2019-07-04 Idee Limited Single sign on (sso) using continuous authentication
JP7040632B2 (ja) * 2018-04-06 2022-03-23 日本電気株式会社 次世代ネットワークにおける共通apiフレームワークのセキュリティ手順
US10992474B2 (en) 2018-10-30 2021-04-27 EMC IP Holding Company LLC Proactive user authentication for facilitating subsequent resource access across multiple devices
US10887799B2 (en) * 2019-01-10 2021-01-05 Cisco Technology, Inc. SRv6 user-plane-based triggering methods and apparatus for session or flow migration in mobile networks
JP7273523B2 (ja) * 2019-01-25 2023-05-15 株式会社東芝 通信制御装置および通信制御システム
US11310273B2 (en) 2020-01-23 2022-04-19 Rockwell Collins, Inc. Secure network aggregation protocol
CN112492597B (zh) * 2020-12-14 2023-03-24 中国联合网络通信集团有限公司 一种认证方法及装置

Family Cites Families (36)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7114175B2 (en) * 2001-08-03 2006-09-26 Nokia Corporation System and method for managing network service access and enrollment
US7738871B2 (en) * 2004-11-05 2010-06-15 Interdigital Technology Corporation Wireless communication method and system for implementing media independent handover between technologically diversified access networks
US7496364B2 (en) * 2004-11-05 2009-02-24 Freescale Semiconductor, Inc. Media-independent handover (MIH) method featuring a simplified beacon
JP4713881B2 (ja) * 2004-12-16 2011-06-29 パナソニック電工株式会社 トンネル自動設定装置、トンネル自動設定方法及びトンネル自動設定プログラム
US7813319B2 (en) * 2005-02-04 2010-10-12 Toshiba America Research, Inc. Framework of media-independent pre-authentication
US20060221899A1 (en) * 2005-03-31 2006-10-05 Feder Peretz M Triggers for media independent handover
US8565185B2 (en) * 2005-04-13 2013-10-22 Toshiba America Research, Inc. Framework of media-independent pre-authentication support for PANA
EP1869937B1 (en) * 2005-04-14 2018-03-28 LG Electronics Inc. -1- A method of reconfiguring an internet protocol address in handover between heterogeneous networks
US7738882B2 (en) 2005-06-13 2010-06-15 Toshiba America Research, Inc. Framework of media-independent pre-authentication improvements: including considerations for failed switching and switchback
US20060285519A1 (en) * 2005-06-15 2006-12-21 Vidya Narayanan Method and apparatus to facilitate handover key derivation
CN102065507A (zh) * 2005-07-14 2011-05-18 株式会社东芝 独立于介质的预验证改进的框架
US7716721B2 (en) 2005-10-18 2010-05-11 Cisco Technology, Inc. Method and apparatus for re-authentication of a computing device using cached state
CN101001460A (zh) * 2006-01-11 2007-07-18 华为技术有限公司 异构网络中实现切换处理的方法
WO2007088451A2 (en) * 2006-02-03 2007-08-09 Nokia Corporation Encapsulation techniques for handling media independent handover (mih) information services messages
US20070189218A1 (en) * 2006-02-11 2007-08-16 Yoshihiro Oba Mpa with mobile ip foreign agent care-of address mode
KR20090017609A (ko) * 2006-05-19 2009-02-18 인터디지탈 테크날러지 코포레이션 인터넷을 통한 매체 독립 메세징을 위한 방법 및 장치
KR20080007289A (ko) * 2006-07-15 2008-01-18 엘지전자 주식회사 이기종망간 핸드오버를 위한 정보 획득 방법
JP4864797B2 (ja) * 2006-09-11 2012-02-01 Kddi株式会社 P−cscf高速ハンドオフシステム及びp−cscf高速ハンドオフ方法
JP5018315B2 (ja) * 2006-09-14 2012-09-05 ソニー株式会社 無線通信システム、無線通信装置、無線通信装置の認証方法、および、プログラム
US20080095114A1 (en) * 2006-10-21 2008-04-24 Toshiba America Research, Inc. Key Caching, QoS and Multicast Extensions to Media-Independent Pre-Authentication
CN101179839A (zh) * 2006-11-07 2008-05-14 华为技术有限公司 异构网络切换方法、系统、终端及网络
US8583923B2 (en) * 2006-12-08 2013-11-12 Toshiba America Research, Inc. EAP method for EAP extension (EAP-EXT)
CN101212393B (zh) * 2006-12-29 2010-10-13 华为技术有限公司 介质无关切换消息的传输方法、系统及设备
US8817990B2 (en) * 2007-03-01 2014-08-26 Toshiba America Research, Inc. Kerberized handover keying improvements
WO2008107766A2 (en) * 2007-03-07 2008-09-12 Nokia Corporation Neighbor network advertisement
US8005224B2 (en) * 2007-03-14 2011-08-23 Futurewei Technologies, Inc. Token-based dynamic key distribution method for roaming environments
US8666414B2 (en) * 2007-04-27 2014-03-04 Panasonic Corporation Mobile communication terminal and communication device
TW200849921A (en) * 2007-05-25 2008-12-16 Interdigital Tech Corp Protocol architecture for access mobility in wireless communications
US8036176B2 (en) * 2007-06-08 2011-10-11 Toshiba America Research, Inc. MIH pre-authentication
KR101061899B1 (ko) * 2007-09-12 2011-09-02 삼성전자주식회사 이종망간 핸드오버를 위한 빠른 인증 방법 및 장치
CN101400089A (zh) * 2007-09-29 2009-04-01 华为技术有限公司 一种异构无线网络之间进行切换的方法、网络实体及终端
KR101467780B1 (ko) * 2007-10-17 2014-12-03 엘지전자 주식회사 이기종 무선접속망간 핸드오버 방법
WO2009126814A1 (en) * 2008-04-11 2009-10-15 Interdigital Patent Holdings, Inc. Method and apparatus for handover between a network supporting proxy mobile ip and a network supporting mobile ip
US8145195B2 (en) * 2008-04-14 2012-03-27 Nokia Corporation Mobility related control signalling authentication in mobile communications system
US8228861B1 (en) * 2008-09-12 2012-07-24 Nix John A Efficient handover of media communications in heterogeneous IP networks using handover procedure rules and media handover relays
EP2428019A4 (en) * 2009-05-03 2015-01-28 Toshiba Kk MEDIA-INDEPENDENT TRANSFER PROTOCOL SECURITY

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Realization of IEEE 802.21 services and preauthentication framework;Tauil.M;《IEEE international conference on TridentCom 2009》;20090408;参见第2至4节 *

Also Published As

Publication number Publication date
CN102461062B (zh) 2015-09-02
US20100281519A1 (en) 2010-11-04
US8341395B2 (en) 2012-12-25
WO2010129475A3 (en) 2012-04-05
US8505076B2 (en) 2013-08-06
JP2012526455A (ja) 2012-10-25
JP5771603B2 (ja) 2015-09-02
CN102687537A (zh) 2012-09-19
CA2760531A1 (en) 2010-11-11
US20100281249A1 (en) 2010-11-04
WO2010129479A1 (en) 2010-11-11
EP2427995A4 (en) 2015-07-01
EP2428019A2 (en) 2012-03-14
CN102461062A (zh) 2012-05-16
CA2760522C (en) 2015-07-14
JP5694296B2 (ja) 2015-04-01
EP2428019A4 (en) 2015-01-28
JP2012526454A (ja) 2012-10-25
EP2427995A1 (en) 2012-03-14
CA2760531C (en) 2016-06-28
CA2760522A1 (en) 2010-11-11
WO2010129475A2 (en) 2010-11-11
EP2427995B1 (en) 2018-07-11

Similar Documents

Publication Publication Date Title
CN102687537B (zh) 媒体无关切换协议的安全
CN101848508B (zh) 使用预认证、预配置和/或虚拟软切换的移动体系结构
CN101542967B (zh) Mih预先认证
JP5043117B2 (ja) ケルベロス化ハンドオーバキーイング
CA2679378C (en) Kerberized handover keying optimized for reactive operation
US20080175208A1 (en) Solving pana boostrapping timing problem
WO2024145946A1 (en) Apparatus, method, and computer program
Ramezani Coordinated Robust Authentication In Wireless Networks

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20210804

Address after: Tokyo, Japan

Patentee after: Toshiba Corp.

Patentee after: Trachia Legaci Co.,Ltd.

Address before: Tokyo, Japan

Patentee before: Toshiba Corp.

Patentee before: TELCORDIA TECH Inc.

Effective date of registration: 20210804

Address after: Tokyo, Japan

Patentee after: Toshiba Corp.

Address before: Tokyo, Japan

Patentee before: Toshiba Corp.

Patentee before: Trachia Legaci Co.,Ltd.

TR01 Transfer of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20160309

CF01 Termination of patent right due to non-payment of annual fee