CN103975643B - authentication method and device - Google Patents

authentication method and device Download PDF

Info

Publication number
CN103975643B
CN103975643B CN201280018424.XA CN201280018424A CN103975643B CN 103975643 B CN103975643 B CN 103975643B CN 201280018424 A CN201280018424 A CN 201280018424A CN 103975643 B CN103975643 B CN 103975643B
Authority
CN
China
Prior art keywords
sender
mtc device
triggering message
hss
sent
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201280018424.XA
Other languages
Chinese (zh)
Other versions
CN103975643A (en
Inventor
郭雅莉
弗兰克·马德曼
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Publication of CN103975643A publication Critical patent/CN103975643A/en
Application granted granted Critical
Publication of CN103975643B publication Critical patent/CN103975643B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Databases & Information Systems (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The present invention relates to a kind of authentication method and device.The described method includes:Triggering message is received positioned at the short message router of MTC device home network;Transmitting side marking in the short message router extraction triggering message, and it is sent to the home subscriber server HSS positioned at the MTC device home network;Receive the described sender ID authentication information that the HSS is sent, when the authentication information for certification by when the short message router triggering message is sent to the MTC device.The embodiment of the present invention prevents false triggering by triggering triggering message of the HSS verifications from sender's home network positioned at the SMS router of MTC device home network;The sender of message can also be triggered come certification by sender's list for locally preserving, prevents signaling congestion.

Description

Authentication method and device
Technical field
The present invention relates to moving communicating field, more particularly to a kind of authentication method and device.
Background technology
Machine type communication(Machine Type Communications, MTC)Refer to one or more network element it Between network communication is carried out in the case where need not artificially participate in, such as traffic control and management, remote meter reading, remote monitoring, shifting The applications such as dynamic payment, locating and tracking, medical monitoring.
MTC terminal is connected by mobile communications network with application server, and MTC terminal supports setting for MTC application servers Standby triggering, such as MTC terminal have been attached to mobile communications network, but do not register on the application server, and application server leads to Cross mobile communications network triggering MTC terminal and initiate communication connection to application server.
MTC server can send triggering instruction by short message to MTC device, so that MTC device is built with network side Vertical Packet Data Network(Packet Data Network, PDN)Connection/PDP Context.
First way is to be transmitted directly to Short Message Service after MTC server generation triggering message(Short Message Service, SMS)- service centre(Service Centre, SC), SMS-SC by trigger message be sent to accordingly SMS-GMSC, short message service gateway mobile switching centre(SMS Gateway Mobile Switching Center, GMSC) From home subscriber server(Home Subscriber Server, HSS/ attaching position registers(Home Location Register, HLR)Middle inquiry obtains the current mobile switching centre that service is provided for MTC device(Mobile Switching Center, MSC)/ VLR Visitor Location Register(Visited Location Register, VLR)/ service universal grouping wireless takes Business technical support node(Serving General Packet Radio Service Support Node, Serving GPRS Support Node, SGSN), GMSC simultaneously will triggering message be sent to corresponding MSC/SGSN/ mobility management entity (Mobility Management Entity, MME), then MTC device is transmitted to by MSC/VLR/SGSN;Or according to operator Configuration, GMSC inquires about the address for the SMS router for acquiring MTC device home network from HSS/HLR, and GMSC will be triggered Short message sends SMS routers(router), then it is sent to by SMS router the MSC/SGSN/ of network where MTC device MME, is last transmitted to MTC device.
The second way is, by MTC- interworking function entities after MTC server generation triggering message(Inter Working Function, IWF)SMS-SC is sent to, SMS-SC is sent to corresponding SMS-GMSC by message is triggered.
Under first way, SMS-SC is sent to SMS-GMSC by message is triggered, including sender(MTC server) Mark or address.The mark of sender is sent to HSS and carries out verifying whether to allow the sender to this MTC by SMS-GMSC Equipment sends triggering message.
Under the second way, SMS-SC is sent to corresponding MTC-IWF by message is triggered, including the mark of sender Or address.The mark of sender is sent to HSS and carries out verifying whether to allow the sender to send out to this MTC device by MTC-IWF Send triggering message.
Therefore, whether the prior art can only be allowed to send from the triggering message of from GMSC and MTC-IWF to HSS verification senders To MTC device, then MTC device can be sent to by message is triggered by SMS router.If trigger message sender and MTC Equipment is not belonging to same home network, and GMSC is located at the home network of sender, and triggering short message is sent to by GMSC to be located at The SMS router of MTC device home network, the home network of MTC device can not judge to trigger whether message allows to be sent to MTC device, can only be sent to MTC device, the sender's triggering for causing MTC device not allowed by triggering message.
Further, since can only be verified for the certification for triggering message by HSS, receive triggering message every time, GMSC or MTC-IWF will be interacted with HSS to verify whether sender allows to send triggering message, and caused signaling consumption is very big , cause network signal congestion.
The content of the invention
The embodiment of the present invention can be by coming from sender positioned at the SMS router of MTC device home network to trigger verification The triggering message of home network, prevents false triggering;Message can also be triggered come certification by the sender's list locally preserved Sender, prevents signaling congestion.
In a first aspect, an embodiment of the present invention provides a kind of authentication method, the described method includes:
Triggering message is received positioned at the short message router of MTC device home network;
Transmitting side marking in the short message router extraction triggering message, and be sent to and set positioned at the MTC The home subscriber server HSS of standby home network;
The described sender ID authentication information that the HSS is sent is received, when the authentication information passes through when institute for certification State short message router and the triggering message is sent to the MTC device.
Second aspect, the embodiment of the present invention additionally provide a kind of authentication method, the described method includes:
Receive triggering message;
Sender address or mark are extracted from the triggering message;
Whether allowed to MTC using described sender address or identity verification described sender according to sender's list Equipment sends triggering message;
If certification by the triggering message by being sent to the MTC device.
Optionally, whether the verification described sender is to allow to include to MTC device transmission triggering message:Short message road Whether it is to allow by device, short message service gateway, mobile switching centre or MTC- interworking function entities verification described sender Triggering message is sent to MTC device.
Optionally, it is described according to sender's list, verify whether described sender is to allow to disappear to MTC device transmission triggering Breath includes:According to the sender's list locally preserved, whether verification described sender is to allow to disappear to MTC device transmission triggering Breath.
Optionally, it is described according to sender's list, verify whether described sender is to allow to disappear to MTC device transmission triggering Breath includes:To the HSS transmission list solicited messages positioned at MTC device home network;Receive sender's row that the HSS is returned Table;According to the described sender list received, whether verification described sender is to allow to send triggering message to MTC device.
The third aspect, the embodiment of the present invention additionally provide a kind of authentication device, and described device includes:
Receiving unit, for receiving triggering message positioned at the short message router of MTC device home network;
Extraction unit, for the transmitting side marking in the short message router extraction triggering message, and is sent to Positioned at the home subscriber server HSS of the MTC device home network;
Transmitting element, the described sender ID authentication information sent for receiving the HSS, when the authentication information is Certification by when the short message router by it is described triggering message be sent to the MTC device.
Fourth aspect, the embodiment of the present invention additionally provide a kind of authentication device, and described device includes:
Receiving unit, message is triggered for receiving;
Extraction unit, for extracting transmitting side marking or address from the triggering message;
Authentication unit, for according to sender's list, being using described sender address or identity verification described sender No is to allow to send triggering message to MTC device;
Transmitting element, if for certification by the way that the triggering message is sent to the MTC device.
Optionally, the authentication unit be specifically used for short message router, short message service gateway, mobile switching centre or Whether person MTC- interworking function entities verification described sender is to allow to send triggering message to MTC device.
Optionally, the authentication unit is specifically used for according to the sender's list locally preserved, verifies that described sender is No is to allow to send triggering message to MTC device.
Optionally, the transmitting element is additionally operable to the HSS transmission list solicited messages positioned at MTC device home network; The receiving unit is additionally operable to receive sender's list that the HSS is returned;The authentication unit is specifically used for basis and receives Described sender list, verification described sender whether be allow to MTC device send triggering message.
5th aspect, the embodiment of the present invention additionally provide a kind of authentication device, and described device includes:
Network interface;
Processor;
Memory;
Application program of the physical store in the memory, the application program include can be used for make the processor and Described device performs the instruction of procedure below:
Triggering message is received positioned at the short message router of machine type communication MTC device home network;
Transmitting side marking in the short message router extraction triggering message, and be sent to and set positioned at the MTC The home subscriber server HSS of standby home network;
The described sender ID authentication information that the HSS is sent is received, when the authentication information passes through when institute for certification State short message router and the triggering message is sent to the MTC device.
6th aspect, the embodiment of the present invention additionally provide a kind of authentication device, and described device includes:
Network interface;
Processor;
Memory;
Application program of the physical store in the memory, the application program include can be used for make the processor and Described device performs the instruction of procedure below:
Receive triggering message;
Transmitting side marking or address are extracted from the triggering message;
Whether allowed to MTC using described sender address or identity verification described sender according to sender's list Equipment sends triggering message;
If certification by the triggering message by being sent to the MTC device.
Optionally, the application program can be used for making whether the processor and the system perform verification described sender It is that the instruction for allowing to send triggering message to MTC device is:Short message router, short message service gateway, mobile switching centre Or whether MTC- interworking function entities verification described sender is to allow to send triggering message to MTC device.
Optionally, the application program can be used for making whether the processor and the system perform verification described sender It is that the instruction for allowing to send triggering message to MTC device is:According to the sender's list locally preserved, verification described sender is No is to allow to send triggering message to MTC device.
Optionally, the application program can be used for making whether the processor and the system perform verification described sender It is that the instruction for allowing to send triggering message to MTC device is:Letter is asked to the HSS transmission lists positioned at MTC device home network Breath;Receive sender's list that the HSS is returned;According to the described sender list received, whether verification described sender It is to allow to send triggering message to MTC device.
The embodiment of the present invention to trigger HSS verifications positioned at the SMS router of MTC device home network by coming from sender The triggering message of home network, prevents false triggering;Message can also be triggered come certification by the sender's list locally preserved Sender, prevents signaling congestion.
Brief description of the drawings
Fig. 1 is the flow chart of first embodiment of the invention authentication method;
Fig. 2 is the signaling diagram of second embodiment of the invention authentication method;
Fig. 3 is the flow chart of third embodiment of the invention authentication method;
Fig. 4 is the signaling diagram of fourth embodiment of the invention authentication method;
Fig. 5 is the signaling diagram of fifth embodiment of the invention authentication method;
Fig. 6 is the schematic diagram of first embodiment of the invention authentication device;
Fig. 7 is the schematic diagram of second embodiment of the invention authentication device;
Fig. 8 is the schematic diagram of third embodiment of the invention authentication device;
Fig. 9 is the schematic diagram of fourth embodiment of the invention authentication device.
Embodiment
Below by drawings and examples, technical scheme is described in further detail.
The embodiment of the present invention, can utilize with the short message router of MTC device home network from HSS verifications from transmission The triggering message of square home network, the sender's list either locally preserved using short message router, GMSC or MTC-IWF To verify whether sender is to allow to send triggering message to MTC device.
Fig. 1 is the flow chart of first embodiment of the invention authentication method, as shown in the figure, the present embodiment specifically includes:
Step 101, the short message router positioned at MTC device home network receives the triggering that sender's home network is sent Message;
Sender(MTC server)It is located at different home networks from MTC device, so being located at MTC device home network Short message router be not aware that triggering message whether pass through sender's home network verification;
Step 102, the transmitting side marking in short message router extraction triggering message, and be sent to positioned at MTC device man The HSS of township's network;
The main body of verification is the HSS positioned at MTC device home network, and short message router extracts the transmission of triggering message Side's mark, is then sent to HSS and is authenticated.
Step 103, receive HSS send transmitting side marking authentication information, when authentication information for certification by when short message Router is sent to MTC device by message is triggered.
, can be with if triggering message will not be sent to MTC device by certification message for certification by, short message router Abandon processing.
Fig. 2 is the signaling diagram of second embodiment of the invention authentication method, in the present embodiment, triggers message sender and MTC Equipment belongs to different home networks, and SMS-SC, GMSC are positioned at the home network of triggering message sender, HLR, SMS router In the home network of target MTC device.As shown in the figure, the present embodiment specifically includes:
Step 201, GMSC receives the triggering message that sender sends;
Sender can be MTC server(Server)Or SMS-SC;
Step 202, query messages are transmitted to SMS router by GMSC to HSS query routing information, HSS;
Step 203, SMS router are to HSS query routing information;
Step 204, HSS returns to the service node information for serving the MTC device, such as MSC/SGSN/MME;
Step 205, routing iinformation is sent to GMSC by SMS router by HSS;
Step 206, GMSC is sent to SMS router by message is triggered;
Step 207, SMS router judge whether received message is triggering message, such as SMS router are according to message The port number information in packet header judges that the received message of institute is triggering message.The received triggering message of SMS router parsings institute obtains Transmitting side marking, and transmitting side marking is sent to HSS, HSS according to transmitting side marking judge the sender whether have permission to The MTC device sends triggering message.If sender does not allow transmission, triggering message gives the MTC device, and SMS router are abandoned The message.
Step 208, if sender allows to send the MTC device triggering message, SMS router will trigger message and turn Issue the service node of the corresponding MTC device of service node message.
Step 209, service node is sent to MTC device by message is triggered.
Authentication method of the embodiment of the present invention, can be disappeared by the SMS router extraction triggerings positioned at MTC device home network The transmitting side marking of breath, is authenticated using the HSS for being in MTC device home network together.Because triggering message is to send the Fan family Township's network is sent to SMS router's, can thus allow MTC device home network to be authenticated triggering message, If sender's home network does not have certification to triggering message, and the sender cannot give the MTC device to send triggering message, Then it is authenticated, is avoided because sender's home network is not to triggering using the SMS router of MTC device home network Message authentication, cause cannot to MTC device send triggering message MTC server to MTC device have sent triggering message and by Triggering.
Fig. 3 is the flow chart of third embodiment of the invention authentication method, as shown in the figure, the present embodiment specifically includes:
Step 301, triggering message is received;
The main body for receiving triggering message can be SMS router, GMSC or MTC-IWF.
Step 302, sender address or mark are extracted from triggering message;
Because certification is local authentication, it is not necessary to HSS certifications is sent to, so needing to extract hair from triggering message first The side of sending address;
Step 303, whether allowed to MTC using sender address or identity verification sender according to sender's list Equipment sends triggering message;
There is sender's list in SMS router, GMSC or MTC-IWF local maintenances or arranged from HSS request senders Table, inquiry sender address whether in sender's list, if if certification by if do not passed through in certification.
Step 304, if certification by triggering message by being sent to MTC device.
Fig. 4 is the signaling diagram of fourth embodiment of the invention authentication method, in the present embodiment, triggers message sender and MTC Equipment belongs to different home networks, and SMS-SC, GMSC are positioned at the home network of triggering message sender, HLR, SMS router In the home network of target MTC device.As shown in the figure, the present embodiment specifically includes:
Step 401, GMSC receives the triggering message that sender sends;
Sender can be MTC server(Server)Or SMS-SC;
Step 402, query messages are transmitted to SMS router by GMSC to HSS query routing information, HSS;
Step 403, SMS router are to HSS query routing information;
Step 404, HSS returns to the service node information for serving the MTC device, such as MSC/SGSN/MME.
Step 405, SMS router by itself routing iinformation by HSS response to GMSC.
Step 406, GMSC is sent to SMS router by message is triggered.SMS router judge that received message is triggering Message, such as SMS router judge that the received message of institute is to trigger message, SMS according to the port number information in message packet header The received triggering message of router parsings is so as to obtain transmitting side marking.
SMS router can send sender's list of triggering message according to the permission locally preserved to the MTC device, The transmitting side marking is inquired about whether in sender's list, so as to determine whether that the sending direction of the triggering message should MTC device sends triggering message.Moreover, when the sender's list safeguarded in HSS has renewal, then HSS is sent to SMS router Renewal after sender's list, SMS router using renewal after sender's list, update locally preserve sender row Table.
Another way is that in step 403, SMS router carry permission into HSS query routing information to the MTC Equipment sends the request message of sender's list of triggering message;In step 404, HSS according to the request of step 403 to SMS Router sends the sender's list for allowing that triggering message is sent to the MTC device.
If SMS router do not inquire the transmitting side marking from sender's list, i.e. sender does not allow to send Triggering message gives the MTC device, and SMS router abandon the message.
Step 407, if inquiring the transmitting side marking from sender's list, i.e. sender allows to the MTC device Triggering message is sent, SMS router are transmitted to the corresponding service node of service node information by message is triggered.
Step 408, service node is sent to MTC device by message is triggered.
The present embodiment authentication method, SMS router will trigger the transmitting side marking of message, with locally preserve or HSS Sender's list that the permission for asking to obtain sends triggering message to the MTC device is compared, and determines whether the triggering message The sending direction MTC device send triggering message.Reduce the expense and signaling impact of signaling, so as to reduce signaling congestion.
Fig. 5 is the signaling diagram of fifth embodiment of the invention authentication method, in the present embodiment, triggers message sender and MTC No matter equipment, which belongs to unified home network or belong to different home networks, is all suitable for, as shown in the figure, the present embodiment specifically includes:
Step 501, GMSC/MTC-IWF receives the triggering message that sender sends;
Sender can be MTC server(Server)Or SMS-SC;
Step 502, GMSC/MTC-IWF is to HSS query routing information;
Step 503, HSS returns to the service node information for serving the MTC device, such as MSC/SGSN/MME;
Step 504, the received triggering message of GMSC/MTC-IWF parsings is so as to obtain sender address.
The sender that GMSC/MTC-IWF can send triggering message according to the permission locally preserved to the MTC device arranges Table, inquires about the sender address whether in sender's list, so as to determine whether the sending direction of the triggering message The MTC device sends triggering message.Moreover, when the sender's list safeguarded in HSS has renewal, then HSS is to GMSC/MTC-IWF Sender's list after the renewal of transmission, GMSC/MTC-IWF update the hair locally preserved using sender's list after renewal The side's of sending list.
Another way is that in step 502, GMSC/MTC-IWF is carried into HSS query routing information to be allowed to this MTC device sends the request message of sender's list of triggering message;In step 503, HSS according to the request of step 502 to GMSC/MTC-IWF sends the sender's list for allowing that triggering message is sent to the MTC device.
If GMSC/MTC-IWF does not inquire the sender address from sender's list, i.e. sender does not allow to send out Triggering message is sent to abandon the message to the MTC device, GMSC/MTC-IWF.
If sender is allowed to send the MTC device triggering message, GMSC/MTC-IWF is transmitted to message is triggered The service node of MTC device.
Step 505, service node is sent to MTC device by message is triggered.
The present embodiment authentication method, no matter whether sender belongs to identical or different home network from MTC device. GMSC/MTC-IWF will trigger the sender address of message, be set with permission locally preserve or that HSS is asked to the MTC Preparation send sender's list of triggering message to compare, and determines whether that the sending direction of the triggering message MTC device is sent Trigger message.Triggering information is received every time without GMSC/MTC-IWF to be required for, to HSS certifications, reducing opening for signaling Pin and signaling impact, so as to reduce signaling congestion.
Fig. 6 is the schematic diagram of first embodiment of the invention authentication device, as shown in the figure, the authentication device bag of the present embodiment Include:Receiving unit 11, extraction unit 12, transmitting element 13.
Receiving unit 11, which is used to receive positioned at the short message router SMS router of MTC device home network, sends the Fan family The triggering message that township's network is sent;Extraction unit 12 is used for the transmitting side marking in short message router extraction triggering message, and It is sent to the home subscriber server HSS positioned at MTC device home network;Transmitting element 13 is used for the transmission for receiving HSS transmissions Square ID authentication information, when authentication information for certification by when short message router by trigger message be sent to MTC device.
Optionally, transmitting element 13 is additionally operable to short message router and sends routing iinformation to HSS;Receiving unit 12 is additionally operable to Receive the service node information for the service MTC device that HSS is returned.
Optionally, transmitting element 13 will trigger message specifically for short message router and be sent to service node information correspondence Service node, MTC device is transmitted to by service node.
Authentication device of the embodiment of the present invention, can be disappeared by the SMS router extraction triggerings positioned at MTC device home network The transmitting side marking of breath, is authenticated using the HSS for being in MTC device home network together.Because triggering message is to send the Fan family Township's network is sent to SMS router's, can thus allow MTC device home network to be authenticated triggering message, If sender's home network does not have certification to triggering message, and the sender cannot give the MTC device to send triggering message, Then it is authenticated, is avoided because sender's home network is not to triggering using the SMS router of MTC device home network Message authentication, cause cannot to MTC device send triggering message MTC server to MTC device have sent triggering message and by Triggering.
Fig. 7 is the schematic diagram of second embodiment of the invention authentication device, as shown in the figure, the authentication device bag of the present embodiment Include:Receiving unit 21, extraction unit 22, authentication unit 23 and transmitting element 24.
Receiving unit 21 is used to receive triggering message;Extraction unit 22 be used for from triggering message in extract sender address or Mark;Authentication unit 23 is used for according to sender's list, using sender address or identity verification sender whether be allow to MTC device sends triggering message;If transmitting element 24 is used for certification by the way that triggering message is sent to MTC device.
Optionally, authentication unit 23 be specifically used for short message router, GMSC or MTC-IWF verification sender whether be Allow to send triggering message to MTC device.
Optionally, authentication unit 23 is specifically used for according to the sender's list locally preserved, verifies whether sender is fair Perhaps triggering message is sent to MTC device.Receiving unit 21 is additionally operable to receive sender's list after the renewal that HSS is sent;Device Updating block 25 is further included, for using sender's list after updating, updating the sender's list locally preserved.
Optionally, transmitting element 24 is additionally operable to the HSS transmission list solicited messages positioned at MTC device home network;Connect Unit 21 is received to be additionally operable to receive sender's list that HSS is returned;Authentication unit 23 is specifically used for according to the sender's row received Table, verifies whether sender is to allow to send triggering message to MTC device.
Optionally, transmitting element 24 is additionally operable to send routing iinformation to HSS;Receiving unit 21 is additionally operable to receive HSS returns Service MTC device service node information.Transmitting element 24 is specifically used for triggering message being sent to service node information pair The service node answered, MTC device is transmitted to by service node.
The present embodiment authentication device, SMS router/GMSC/MTC-IWF will trigger transmitting side marking or the address of message, Compared with sending sender's list of triggering message to the MTC device with permission locally preserve or that HSS is asked, judge The sending direction of the triggering message MTC device whether is allowed to send triggering message.Without receiving triggering letter every time Breath is required for, to HSS certifications, reducing the expense and signaling impact of signaling, so as to reduce signaling congestion.
Fig. 8 is the schematic diagram of third embodiment of the invention authentication device;As shown in the figure, the present embodiment includes network interface 31st, processor 32 and memory 33.System bus 34 is used to connect network interface 31, processor 32 and memory 33.
Network interface 31 is used to communicate with other equipment.
Memory 33 can be permanent memory, such as hard disk drive and flash memory, have software module in memory 33 And device driver.Software module is able to carry out the various functions module of the above method of the present invention;Device driver can be with It is network and interface drive program.
On startup, these component softwares are loaded into memory 33, are then accessed and are performed as follows by processor 32 Instruction:
Triggering message is received positioned at the short message router of machine type communication MTC device home network;
Transmitting side marking in the short message router extraction triggering message, and be sent to and set positioned at the MTC The home subscriber server HSS of standby home network;
The described sender ID authentication information that the HSS is sent is received, when the authentication information passes through when institute for certification State short message router and the triggering message is sent to the MTC device.
Further, after the processor accesses the component software of memory 33, the instruction of procedure below is performed:
The short message router is to the HSS query routings information;
Receive the service node information for the service MTC device that the HSS is returned.
Fig. 9 is the schematic diagram of fourth embodiment of the invention authentication device;As shown in the figure, the present embodiment includes network interface 41st, processor 42 and memory 43.System bus 44 is used to connect network interface 41, processor 42 and memory 43.
Network interface 41 is used to communicate with other equipment.
Memory 43 can be permanent memory, such as hard disk drive and flash memory, have software module in memory 43 And device driver.Software module is able to carry out the various functions module of the above method of the present invention;Device driver can be with It is network and interface drive program.
On startup, these component softwares are loaded into memory 43, are then accessed and are performed as follows by processor 42 Instruction:
Receive triggering message;
Transmitting side marking or address are extracted from the triggering message;
Whether allowed to MTC using described sender address or identity verification described sender according to sender's list Equipment sends triggering message;
If certification by the triggering message by being sent to the MTC device.
Specifically, after the processor accesses the component software of memory 63, the application program can be used for making the place Reason device and the system perform whether verification described sender is that the instruction for allowing to send triggering message to MTC device is:It is short to disappear Breath router, short message service gateway, mobile switching centre or MTC- interworking function entities verification described sender whether be Allow to send triggering message to MTC device.
Optionally, the application program can be used for making whether the processor and the system perform verification described sender It is that the instruction for allowing to send triggering message to MTC device is:According to the sender's list locally preserved, verification described sender is No is to allow to send triggering message to MTC device.
Optionally, the application program can be used for making whether the processor and the system perform verification described sender It is that the instruction for allowing to send triggering message to MTC device is:Letter is asked to the HSS transmission lists positioned at MTC device home network Breath;Receive sender's list that the HSS is returned;According to the described sender list received, whether verification described sender It is to allow to send triggering message to MTC device.
Further, after the processor accesses the component software of memory 63, the instruction of procedure below is performed:
The routing iinformation is sent to the HSS;
Receive the service node information for the service MTC device that the HSS is returned.
Professional should further appreciate that, be described with reference to the embodiments described herein each exemplary Unit and algorithm steps, can be realized with electronic hardware, computer software or the combination of the two, hard in order to clearly demonstrate The interchangeability of part and software, generally describes each exemplary composition and step according to function in the above description. These functions are performed with hardware or software mode actually, application-specific and design constraint depending on technical solution. Professional technician can realize described function to each specific application using distinct methods, but this realization It is it is not considered that beyond the scope of this invention.
The step of method or algorithm for being described with reference to the embodiments described herein, can use hardware, processor to perform Software module, or the two combination are implemented.Software module can be placed in random access memory(RAM), memory, read-only storage (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technical field In any other form of storage medium well known to interior.
Above-described embodiment, has carried out the purpose of the present invention, technical solution and beneficial effect further Describe in detail, it should be understood that the foregoing is merely the embodiment of the present invention, be not intended to limit the present invention Protection domain, within the spirit and principles of the invention, any modification, equivalent substitution, improvement and etc. done, should all include Within protection scope of the present invention.

Claims (28)

  1. A kind of 1. authentication method, it is characterised in that the described method includes:
    Triggering message is received positioned at the short message router of machine type communication MTC device home network;
    Transmitting side marking in the short message router extraction triggering message, and be sent to positioned at the MTC device man The home subscriber server HSS of township's network;
    Receive the described sender ID authentication information that the HSS is sent, when the authentication information for certification by when it is described short The triggering message is sent to the MTC device by message router.
  2. 2. according to the method described in claim 1, it is characterized in that, before the short message router reception triggering message Further include:
    The short message router is to the HSS query routings information;
    Receive the service node information for the service MTC device that the HSS is returned.
  3. 3. according to the method described in claim 2, it is characterized in that, the triggering message is sent to by the short message router The MTC device includes:The triggering message is sent to the corresponding clothes of the service node information by the short message router Business node, the MTC device is transmitted to by the service node.
  4. 4. according to the method described in claim 3, it is characterized in that, described sender is MTC server, the service node is Mobile switching centre/service universal grouping wireless service technology supporting node/mobility management entity.
  5. A kind of 5. authentication method, it is characterised in that the described method includes:
    Receive triggering message;
    Transmitting side marking or address are extracted from the triggering message;
    Whether allowed to MTC device using described sender address or identity verification described sender according to sender's list Send triggering message;
    If certification by the triggering message by being sent to the MTC device.
  6. 6. according to the method described in claim 5, it is characterized in that, whether the verification described sender is to allow to set to MTC Preparation send triggering message to include:Short message router, short message service gateway, mobile switching centre or MTC- interworking function are real Whether experience card described sender is to allow to send triggering message to MTC device.
  7. 7. the method according to claim 5 or 6, it is characterised in that it is described according to sender's list, verify described sender Whether it is to allow to include to MTC device transmission triggering message:According to the sender's list locally preserved, verification described sender is No is to allow to send triggering message to MTC device.
  8. 8. the method according to the description of claim 7 is characterized in that the method further includes:
    Receive sender's list after the renewal that HSS is sent;
    Using sender's list after the renewal, the described sender list locally preserved is updated.
  9. 9. the method according to claim 5 or 6, it is characterised in that it is described according to sender's list, verify described sender Whether it is to allow to include to MTC device transmission triggering message:
    To the HSS transmission list solicited messages positioned at MTC device home network;
    Receive sender's list that the HSS is returned;
    According to the described sender list received, whether verification described sender is to allow to send triggering message to MTC device.
  10. 10. the method according to claim 5 or 6, it is characterised in that the method further includes:
    Routing iinformation is sent to HSS;
    Receive the service node information for the service MTC device that the HSS is returned.
  11. 11. according to the method described in claim 10, it is characterized in that, described be sent to the triggering message MTC and set It is standby to include:The triggering message is sent to the corresponding service node of the service node information, is forwarded by the service node To the MTC device.
  12. 12. a kind of authentication device, it is characterised in that described device includes:Receiving unit, extraction unit and transmitting element;
    Receiving unit, for receiving triggering message positioned at the short message router of MTC device home network, and is sent to described carry Take unit;
    Extraction unit, for the transmitting side marking in the short message router extraction triggering message, and is sent to and is located at The home subscriber server HSS of the MTC device home network, and it is sent to the transmitting element;
    Transmitting element, the described sender ID authentication information sent for receiving the HSS, when the authentication information is certification By when the short message router by it is described triggering message be sent to the MTC device.
  13. 13. device according to claim 12, it is characterised in that:
    The transmitting element is additionally operable to the short message router and sends routing iinformation to the HSS;
    The receiving unit is additionally operable to receive the service node information for the service MTC device that the HSS is returned.
  14. 14. device according to claim 13, it is characterised in that the transmitting element is route specifically for the short message The triggering message is sent to the corresponding service node of the service node information by device, is transmitted to by the service node described MTC device.
  15. 15. a kind of authentication device, it is characterised in that described device includes:Receiving unit, extraction unit, authentication unit and transmission Unit;
    Receiving unit, message is triggered for receiving, and is sent to the extraction unit;
    Extraction unit, for extracting transmitting side marking or address from the triggering message, and is sent to the authentication unit;
    Authentication unit, for according to sender's list, using described sender address or identity verification described sender whether be Allow to send triggering message to MTC device, and be sent to the transmitting element;
    Transmitting element, if for certification by the way that the triggering message is sent to the MTC device.
  16. 16. device according to claim 15, it is characterised in that the authentication unit be specifically used for short message router, Whether short message service gateway, mobile switching centre or MTC- interworking function entities verification described sender are to allow to MTC Equipment sends triggering message.
  17. 17. the device according to claim 15 or 16, it is characterised in that the authentication unit is specifically used for according to local guarantor Whether the sender's list deposited, verification described sender are to allow to send triggering message to MTC device.
  18. 18. device according to claim 17, it is characterised in that:
    The receiving unit is additionally operable to receive sender's list after the renewal that HSS is sent;
    Described device further includes updating block, for locally preserving described using sender's list after the renewal, renewal Sender's list.
  19. 19. the device according to claim 15 or 16, it is characterised in that:
    The transmitting element is additionally operable to the HSS transmission list solicited messages positioned at MTC device home network;
    The receiving unit is additionally operable to receive sender's list that the HSS is returned;
    The authentication unit is specifically used for according to the described sender list that receives, verification described sender whether be allow to MTC device sends triggering message.
  20. 20. the device according to claim 15 or 16, it is characterised in that:
    The transmitting element is additionally operable to send routing iinformation to HSS;
    The receiving unit is additionally operable to receive the service node information for the service MTC device that the HSS is returned.
  21. 21. device according to claim 20, it is characterised in that the transmitting element is specifically used for the triggering message The corresponding service node of the service node information is sent to, the MTC device is transmitted to by the service node.
  22. 22. a kind of authentication device, it is characterised in that described device includes:
    Network interface;
    Processor;
    Memory;
    Application program of the physical store in the memory, the application program include can be used for making the processor and described Device performs the instruction of procedure below:
    Triggering message is received positioned at the short message router of machine type communication MTC device home network;
    Transmitting side marking in the short message router extraction triggering message, and be sent to positioned at the MTC device man The home subscriber server HSS of township's network;
    Receive the described sender ID authentication information that the HSS is sent, when the authentication information for certification by when it is described short The triggering message is sent to the MTC device by message router.
  23. 23. device according to claim 22, it is characterised in that the application program, which further includes, can be used for making the processing Device and described device perform the instruction of procedure below:
    The short message router is to the HSS query routings information;
    Receive the service node information for the service MTC device that the HSS is returned.
  24. 24. a kind of authentication device, it is characterised in that described device includes:
    Network interface;
    Processor;
    Memory;
    Application program of the physical store in the memory, the application program include can be used for making the processor and described Device performs the instruction of procedure below:
    Receive triggering message;
    Transmitting side marking or address are extracted from the triggering message;
    Whether allowed to MTC device using described sender address or identity verification described sender according to sender's list Send triggering message;
    If certification by the triggering message by being sent to the MTC device.
  25. 25. device according to claim 24, it is characterised in that the application program can be used for making the processor and institute State device and perform whether verification described sender is that the instruction for allowing to send triggering message to MTC device is:Short message router, Whether short message service gateway, mobile switching centre or MTC- interworking function entities verification described sender are to allow to MTC Equipment sends triggering message.
  26. 26. the device according to claim 24 or 25, it is characterised in that the application program can be used for making the processor Perform whether verification described sender is that the instruction for allowing to send triggering message to MTC device is with described device:According to local Whether sender's list of preservation, verification described sender are to allow to send triggering message to MTC device.
  27. 27. the device according to claim 24 or 25, it is characterised in that the application program can be used for making the processor Perform whether verification described sender is that the instruction for allowing to send triggering message to MTC device is with described device:
    To the HSS transmission list solicited messages positioned at MTC device home network;
    Receive sender's list that the HSS is returned;
    According to the described sender list received, whether verification described sender is to allow to send triggering message to MTC device.
  28. 28. according to any device of claim 24 or 25, it is characterised in that the application program, which further includes, can be used for making The processor and described device perform the instruction of procedure below:
    Routing iinformation is sent to HSS;
    Receive the service node information for the service MTC device that the HSS is returned.
CN201280018424.XA 2012-11-30 2012-11-30 authentication method and device Active CN103975643B (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2012/085691 WO2014082311A1 (en) 2012-11-30 2012-11-30 Authentication method and apparatus

Publications (2)

Publication Number Publication Date
CN103975643A CN103975643A (en) 2014-08-06
CN103975643B true CN103975643B (en) 2018-05-11

Family

ID=50827096

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201280018424.XA Active CN103975643B (en) 2012-11-30 2012-11-30 authentication method and device

Country Status (2)

Country Link
CN (1) CN103975643B (en)
WO (1) WO2014082311A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1691812A (en) * 2004-04-28 2005-11-02 株式会社Ntt都科摩 Mobile station and communication control method
CN102047629A (en) * 2008-01-18 2011-05-04 交互数字专利控股公司 Method and apparatus for enabling machine to machine communication
CN102143491A (en) * 2010-01-29 2011-08-03 华为技术有限公司 MTC (machine type communication) equipment authentication method, MTC gateway and relevant equipment
WO2012151981A1 (en) * 2011-08-24 2012-11-15 中兴通讯股份有限公司 Method, system, target user equipment for transmitting mtc device trigger information

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102595373B (en) * 2011-01-14 2017-11-28 中兴通讯股份有限公司 A kind of method and system to MTC terminal moving property management
WO2012103954A1 (en) * 2011-02-04 2012-08-09 Telefonaktiebolaget L M Ericsson (Publ) Arrangement and method for a mobile access network
US20120252481A1 (en) * 2011-04-01 2012-10-04 Cisco Technology, Inc. Machine to machine communication in a communication network
CN102740452B (en) * 2011-04-02 2017-05-10 中兴通讯股份有限公司 Machine-type communication (MTC) terminal triggering method and device
CN102263793A (en) * 2011-08-12 2011-11-30 电信科学技术研究院 Method, system and device for verifying and controlling permission of MTC (machine type communication) server

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1691812A (en) * 2004-04-28 2005-11-02 株式会社Ntt都科摩 Mobile station and communication control method
CN102047629A (en) * 2008-01-18 2011-05-04 交互数字专利控股公司 Method and apparatus for enabling machine to machine communication
CN102143491A (en) * 2010-01-29 2011-08-03 华为技术有限公司 MTC (machine type communication) equipment authentication method, MTC gateway and relevant equipment
WO2012151981A1 (en) * 2011-08-24 2012-11-15 中兴通讯股份有限公司 Method, system, target user equipment for transmitting mtc device trigger information

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
R11 MTC trigger security solution analysis;Huawei,HiSilicon;《3GPP TSG SA WG3(Security) Meeting #68》;20120713;第三节7.1.4 *

Also Published As

Publication number Publication date
WO2014082311A1 (en) 2014-06-05
CN103975643A (en) 2014-08-06

Similar Documents

Publication Publication Date Title
CN112567779B (en) Method, system and computer readable medium for performing time distance security countermeasures for outbound roamers using DIAMETER edge proxy
CN110800267B (en) Methods, systems, and computer readable media for Mobility Management Entity (MME) authentication of outbound roaming subscribers using Diameter edge proxy (DEA)
US9369378B2 (en) Enabling IP-communication with a machine to machine unit
EP4085676B1 (en) Methods, systems, and computer readable media for implementing indirect general packet radio service (gprs) tunneling protocol (gtp) firewall filtering using diameter agent and signal transfer point (stp)
US9313759B2 (en) Methods, systems, and computer readable media for providing triggerless equipment identity register (EIR) service in a diameter network
Holtmanns et al. User location tracking attacks for LTE networks using the interworking functionality
JP2014506052A5 (en) Method and system for modifying a Diameter signaling message directed to a charging function node, and program for causing a computer to execute the method
KR102116307B1 (en) Method and apparatus for detecting diameter protocol idr message spoofing attack on mobile communication network
CN107006052A (en) Set up using the OTT connections of the D2D based on infrastructure serviced
CN105848083A (en) Method, terminal and system for realizing communication
CN102918877B (en) A kind of method of lower short-message sending, system and SMS service center
CN103975643B (en) authentication method and device
WO2013110224A1 (en) Method, device, and system for triggering mtc device
EP2725830B1 (en) Method and system for triggering response of terminal, terminal and network side
Mashukov Diameter Security: An Auditor's Viewpoint
CN106470408B (en) A kind of international roaming short message protecting method, device and system
EP2865199A1 (en) Machine type communication interworking function
CN102857899B (en) A kind of connection control method and system of MTC device
WO2021017805A1 (en) Communication information transmission method and apparatus, storage medium, and electronic device
EP3011771B1 (en) Managing a subscriber device using a proxy eir
EP2827661B1 (en) System, apparatus, and method for triggering roaming mtc device
CN103249012B (en) Trigger sending method, the apparatus and system of message
CN104640089A (en) Method, device and system for realizing short message service disaster recovery in LTE network
KR20130139160A (en) An apparatus and method for delivering messages to a plurality of devices in mobile communication networks

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant