CN103975643B - authentication method and device - Google Patents
authentication method and device Download PDFInfo
- Publication number
- CN103975643B CN103975643B CN201280018424.XA CN201280018424A CN103975643B CN 103975643 B CN103975643 B CN 103975643B CN 201280018424 A CN201280018424 A CN 201280018424A CN 103975643 B CN103975643 B CN 103975643B
- Authority
- CN
- China
- Prior art keywords
- sender
- mtc device
- triggering message
- hss
- sent
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Databases & Information Systems (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
The present invention relates to a kind of authentication method and device.The described method includes:Triggering message is received positioned at the short message router of MTC device home network;Transmitting side marking in the short message router extraction triggering message, and it is sent to the home subscriber server HSS positioned at the MTC device home network;Receive the described sender ID authentication information that the HSS is sent, when the authentication information for certification by when the short message router triggering message is sent to the MTC device.The embodiment of the present invention prevents false triggering by triggering triggering message of the HSS verifications from sender's home network positioned at the SMS router of MTC device home network;The sender of message can also be triggered come certification by sender's list for locally preserving, prevents signaling congestion.
Description
Technical field
The present invention relates to moving communicating field, more particularly to a kind of authentication method and device.
Background technology
Machine type communication(Machine Type Communications, MTC)Refer to one or more network element it
Between network communication is carried out in the case where need not artificially participate in, such as traffic control and management, remote meter reading, remote monitoring, shifting
The applications such as dynamic payment, locating and tracking, medical monitoring.
MTC terminal is connected by mobile communications network with application server, and MTC terminal supports setting for MTC application servers
Standby triggering, such as MTC terminal have been attached to mobile communications network, but do not register on the application server, and application server leads to
Cross mobile communications network triggering MTC terminal and initiate communication connection to application server.
MTC server can send triggering instruction by short message to MTC device, so that MTC device is built with network side
Vertical Packet Data Network(Packet Data Network, PDN)Connection/PDP Context.
First way is to be transmitted directly to Short Message Service after MTC server generation triggering message(Short
Message Service, SMS)- service centre(Service Centre, SC), SMS-SC by trigger message be sent to accordingly
SMS-GMSC, short message service gateway mobile switching centre(SMS Gateway Mobile Switching Center, GMSC)
From home subscriber server(Home Subscriber Server, HSS/ attaching position registers(Home Location
Register, HLR)Middle inquiry obtains the current mobile switching centre that service is provided for MTC device(Mobile Switching
Center, MSC)/ VLR Visitor Location Register(Visited Location Register, VLR)/ service universal grouping wireless takes
Business technical support node(Serving General Packet Radio Service Support Node, Serving GPRS
Support Node, SGSN), GMSC simultaneously will triggering message be sent to corresponding MSC/SGSN/ mobility management entity
(Mobility Management Entity, MME), then MTC device is transmitted to by MSC/VLR/SGSN;Or according to operator
Configuration, GMSC inquires about the address for the SMS router for acquiring MTC device home network from HSS/HLR, and GMSC will be triggered
Short message sends SMS routers(router), then it is sent to by SMS router the MSC/SGSN/ of network where MTC device
MME, is last transmitted to MTC device.
The second way is, by MTC- interworking function entities after MTC server generation triggering message(Inter
Working Function, IWF)SMS-SC is sent to, SMS-SC is sent to corresponding SMS-GMSC by message is triggered.
Under first way, SMS-SC is sent to SMS-GMSC by message is triggered, including sender(MTC server)
Mark or address.The mark of sender is sent to HSS and carries out verifying whether to allow the sender to this MTC by SMS-GMSC
Equipment sends triggering message.
Under the second way, SMS-SC is sent to corresponding MTC-IWF by message is triggered, including the mark of sender
Or address.The mark of sender is sent to HSS and carries out verifying whether to allow the sender to send out to this MTC device by MTC-IWF
Send triggering message.
Therefore, whether the prior art can only be allowed to send from the triggering message of from GMSC and MTC-IWF to HSS verification senders
To MTC device, then MTC device can be sent to by message is triggered by SMS router.If trigger message sender and MTC
Equipment is not belonging to same home network, and GMSC is located at the home network of sender, and triggering short message is sent to by GMSC to be located at
The SMS router of MTC device home network, the home network of MTC device can not judge to trigger whether message allows to be sent to
MTC device, can only be sent to MTC device, the sender's triggering for causing MTC device not allowed by triggering message.
Further, since can only be verified for the certification for triggering message by HSS, receive triggering message every time, GMSC or
MTC-IWF will be interacted with HSS to verify whether sender allows to send triggering message, and caused signaling consumption is very big
, cause network signal congestion.
The content of the invention
The embodiment of the present invention can be by coming from sender positioned at the SMS router of MTC device home network to trigger verification
The triggering message of home network, prevents false triggering;Message can also be triggered come certification by the sender's list locally preserved
Sender, prevents signaling congestion.
In a first aspect, an embodiment of the present invention provides a kind of authentication method, the described method includes:
Triggering message is received positioned at the short message router of MTC device home network;
Transmitting side marking in the short message router extraction triggering message, and be sent to and set positioned at the MTC
The home subscriber server HSS of standby home network;
The described sender ID authentication information that the HSS is sent is received, when the authentication information passes through when institute for certification
State short message router and the triggering message is sent to the MTC device.
Second aspect, the embodiment of the present invention additionally provide a kind of authentication method, the described method includes:
Receive triggering message;
Sender address or mark are extracted from the triggering message;
Whether allowed to MTC using described sender address or identity verification described sender according to sender's list
Equipment sends triggering message;
If certification by the triggering message by being sent to the MTC device.
Optionally, whether the verification described sender is to allow to include to MTC device transmission triggering message:Short message road
Whether it is to allow by device, short message service gateway, mobile switching centre or MTC- interworking function entities verification described sender
Triggering message is sent to MTC device.
Optionally, it is described according to sender's list, verify whether described sender is to allow to disappear to MTC device transmission triggering
Breath includes:According to the sender's list locally preserved, whether verification described sender is to allow to disappear to MTC device transmission triggering
Breath.
Optionally, it is described according to sender's list, verify whether described sender is to allow to disappear to MTC device transmission triggering
Breath includes:To the HSS transmission list solicited messages positioned at MTC device home network;Receive sender's row that the HSS is returned
Table;According to the described sender list received, whether verification described sender is to allow to send triggering message to MTC device.
The third aspect, the embodiment of the present invention additionally provide a kind of authentication device, and described device includes:
Receiving unit, for receiving triggering message positioned at the short message router of MTC device home network;
Extraction unit, for the transmitting side marking in the short message router extraction triggering message, and is sent to
Positioned at the home subscriber server HSS of the MTC device home network;
Transmitting element, the described sender ID authentication information sent for receiving the HSS, when the authentication information is
Certification by when the short message router by it is described triggering message be sent to the MTC device.
Fourth aspect, the embodiment of the present invention additionally provide a kind of authentication device, and described device includes:
Receiving unit, message is triggered for receiving;
Extraction unit, for extracting transmitting side marking or address from the triggering message;
Authentication unit, for according to sender's list, being using described sender address or identity verification described sender
No is to allow to send triggering message to MTC device;
Transmitting element, if for certification by the way that the triggering message is sent to the MTC device.
Optionally, the authentication unit be specifically used for short message router, short message service gateway, mobile switching centre or
Whether person MTC- interworking function entities verification described sender is to allow to send triggering message to MTC device.
Optionally, the authentication unit is specifically used for according to the sender's list locally preserved, verifies that described sender is
No is to allow to send triggering message to MTC device.
Optionally, the transmitting element is additionally operable to the HSS transmission list solicited messages positioned at MTC device home network;
The receiving unit is additionally operable to receive sender's list that the HSS is returned;The authentication unit is specifically used for basis and receives
Described sender list, verification described sender whether be allow to MTC device send triggering message.
5th aspect, the embodiment of the present invention additionally provide a kind of authentication device, and described device includes:
Network interface;
Processor;
Memory;
Application program of the physical store in the memory, the application program include can be used for make the processor and
Described device performs the instruction of procedure below:
Triggering message is received positioned at the short message router of machine type communication MTC device home network;
Transmitting side marking in the short message router extraction triggering message, and be sent to and set positioned at the MTC
The home subscriber server HSS of standby home network;
The described sender ID authentication information that the HSS is sent is received, when the authentication information passes through when institute for certification
State short message router and the triggering message is sent to the MTC device.
6th aspect, the embodiment of the present invention additionally provide a kind of authentication device, and described device includes:
Network interface;
Processor;
Memory;
Application program of the physical store in the memory, the application program include can be used for make the processor and
Described device performs the instruction of procedure below:
Receive triggering message;
Transmitting side marking or address are extracted from the triggering message;
Whether allowed to MTC using described sender address or identity verification described sender according to sender's list
Equipment sends triggering message;
If certification by the triggering message by being sent to the MTC device.
Optionally, the application program can be used for making whether the processor and the system perform verification described sender
It is that the instruction for allowing to send triggering message to MTC device is:Short message router, short message service gateway, mobile switching centre
Or whether MTC- interworking function entities verification described sender is to allow to send triggering message to MTC device.
Optionally, the application program can be used for making whether the processor and the system perform verification described sender
It is that the instruction for allowing to send triggering message to MTC device is:According to the sender's list locally preserved, verification described sender is
No is to allow to send triggering message to MTC device.
Optionally, the application program can be used for making whether the processor and the system perform verification described sender
It is that the instruction for allowing to send triggering message to MTC device is:Letter is asked to the HSS transmission lists positioned at MTC device home network
Breath;Receive sender's list that the HSS is returned;According to the described sender list received, whether verification described sender
It is to allow to send triggering message to MTC device.
The embodiment of the present invention to trigger HSS verifications positioned at the SMS router of MTC device home network by coming from sender
The triggering message of home network, prevents false triggering;Message can also be triggered come certification by the sender's list locally preserved
Sender, prevents signaling congestion.
Brief description of the drawings
Fig. 1 is the flow chart of first embodiment of the invention authentication method;
Fig. 2 is the signaling diagram of second embodiment of the invention authentication method;
Fig. 3 is the flow chart of third embodiment of the invention authentication method;
Fig. 4 is the signaling diagram of fourth embodiment of the invention authentication method;
Fig. 5 is the signaling diagram of fifth embodiment of the invention authentication method;
Fig. 6 is the schematic diagram of first embodiment of the invention authentication device;
Fig. 7 is the schematic diagram of second embodiment of the invention authentication device;
Fig. 8 is the schematic diagram of third embodiment of the invention authentication device;
Fig. 9 is the schematic diagram of fourth embodiment of the invention authentication device.
Embodiment
Below by drawings and examples, technical scheme is described in further detail.
The embodiment of the present invention, can utilize with the short message router of MTC device home network from HSS verifications from transmission
The triggering message of square home network, the sender's list either locally preserved using short message router, GMSC or MTC-IWF
To verify whether sender is to allow to send triggering message to MTC device.
Fig. 1 is the flow chart of first embodiment of the invention authentication method, as shown in the figure, the present embodiment specifically includes:
Step 101, the short message router positioned at MTC device home network receives the triggering that sender's home network is sent
Message;
Sender(MTC server)It is located at different home networks from MTC device, so being located at MTC device home network
Short message router be not aware that triggering message whether pass through sender's home network verification;
Step 102, the transmitting side marking in short message router extraction triggering message, and be sent to positioned at MTC device man
The HSS of township's network;
The main body of verification is the HSS positioned at MTC device home network, and short message router extracts the transmission of triggering message
Side's mark, is then sent to HSS and is authenticated.
Step 103, receive HSS send transmitting side marking authentication information, when authentication information for certification by when short message
Router is sent to MTC device by message is triggered.
, can be with if triggering message will not be sent to MTC device by certification message for certification by, short message router
Abandon processing.
Fig. 2 is the signaling diagram of second embodiment of the invention authentication method, in the present embodiment, triggers message sender and MTC
Equipment belongs to different home networks, and SMS-SC, GMSC are positioned at the home network of triggering message sender, HLR, SMS router
In the home network of target MTC device.As shown in the figure, the present embodiment specifically includes:
Step 201, GMSC receives the triggering message that sender sends;
Sender can be MTC server(Server)Or SMS-SC;
Step 202, query messages are transmitted to SMS router by GMSC to HSS query routing information, HSS;
Step 203, SMS router are to HSS query routing information;
Step 204, HSS returns to the service node information for serving the MTC device, such as MSC/SGSN/MME;
Step 205, routing iinformation is sent to GMSC by SMS router by HSS;
Step 206, GMSC is sent to SMS router by message is triggered;
Step 207, SMS router judge whether received message is triggering message, such as SMS router are according to message
The port number information in packet header judges that the received message of institute is triggering message.The received triggering message of SMS router parsings institute obtains
Transmitting side marking, and transmitting side marking is sent to HSS, HSS according to transmitting side marking judge the sender whether have permission to
The MTC device sends triggering message.If sender does not allow transmission, triggering message gives the MTC device, and SMS router are abandoned
The message.
Step 208, if sender allows to send the MTC device triggering message, SMS router will trigger message and turn
Issue the service node of the corresponding MTC device of service node message.
Step 209, service node is sent to MTC device by message is triggered.
Authentication method of the embodiment of the present invention, can be disappeared by the SMS router extraction triggerings positioned at MTC device home network
The transmitting side marking of breath, is authenticated using the HSS for being in MTC device home network together.Because triggering message is to send the Fan family
Township's network is sent to SMS router's, can thus allow MTC device home network to be authenticated triggering message,
If sender's home network does not have certification to triggering message, and the sender cannot give the MTC device to send triggering message,
Then it is authenticated, is avoided because sender's home network is not to triggering using the SMS router of MTC device home network
Message authentication, cause cannot to MTC device send triggering message MTC server to MTC device have sent triggering message and by
Triggering.
Fig. 3 is the flow chart of third embodiment of the invention authentication method, as shown in the figure, the present embodiment specifically includes:
Step 301, triggering message is received;
The main body for receiving triggering message can be SMS router, GMSC or MTC-IWF.
Step 302, sender address or mark are extracted from triggering message;
Because certification is local authentication, it is not necessary to HSS certifications is sent to, so needing to extract hair from triggering message first
The side of sending address;
Step 303, whether allowed to MTC using sender address or identity verification sender according to sender's list
Equipment sends triggering message;
There is sender's list in SMS router, GMSC or MTC-IWF local maintenances or arranged from HSS request senders
Table, inquiry sender address whether in sender's list, if if certification by if do not passed through in certification.
Step 304, if certification by triggering message by being sent to MTC device.
Fig. 4 is the signaling diagram of fourth embodiment of the invention authentication method, in the present embodiment, triggers message sender and MTC
Equipment belongs to different home networks, and SMS-SC, GMSC are positioned at the home network of triggering message sender, HLR, SMS router
In the home network of target MTC device.As shown in the figure, the present embodiment specifically includes:
Step 401, GMSC receives the triggering message that sender sends;
Sender can be MTC server(Server)Or SMS-SC;
Step 402, query messages are transmitted to SMS router by GMSC to HSS query routing information, HSS;
Step 403, SMS router are to HSS query routing information;
Step 404, HSS returns to the service node information for serving the MTC device, such as MSC/SGSN/MME.
Step 405, SMS router by itself routing iinformation by HSS response to GMSC.
Step 406, GMSC is sent to SMS router by message is triggered.SMS router judge that received message is triggering
Message, such as SMS router judge that the received message of institute is to trigger message, SMS according to the port number information in message packet header
The received triggering message of router parsings is so as to obtain transmitting side marking.
SMS router can send sender's list of triggering message according to the permission locally preserved to the MTC device,
The transmitting side marking is inquired about whether in sender's list, so as to determine whether that the sending direction of the triggering message should
MTC device sends triggering message.Moreover, when the sender's list safeguarded in HSS has renewal, then HSS is sent to SMS router
Renewal after sender's list, SMS router using renewal after sender's list, update locally preserve sender row
Table.
Another way is that in step 403, SMS router carry permission into HSS query routing information to the MTC
Equipment sends the request message of sender's list of triggering message;In step 404, HSS according to the request of step 403 to SMS
Router sends the sender's list for allowing that triggering message is sent to the MTC device.
If SMS router do not inquire the transmitting side marking from sender's list, i.e. sender does not allow to send
Triggering message gives the MTC device, and SMS router abandon the message.
Step 407, if inquiring the transmitting side marking from sender's list, i.e. sender allows to the MTC device
Triggering message is sent, SMS router are transmitted to the corresponding service node of service node information by message is triggered.
Step 408, service node is sent to MTC device by message is triggered.
The present embodiment authentication method, SMS router will trigger the transmitting side marking of message, with locally preserve or HSS
Sender's list that the permission for asking to obtain sends triggering message to the MTC device is compared, and determines whether the triggering message
The sending direction MTC device send triggering message.Reduce the expense and signaling impact of signaling, so as to reduce signaling congestion.
Fig. 5 is the signaling diagram of fifth embodiment of the invention authentication method, in the present embodiment, triggers message sender and MTC
No matter equipment, which belongs to unified home network or belong to different home networks, is all suitable for, as shown in the figure, the present embodiment specifically includes:
Step 501, GMSC/MTC-IWF receives the triggering message that sender sends;
Sender can be MTC server(Server)Or SMS-SC;
Step 502, GMSC/MTC-IWF is to HSS query routing information;
Step 503, HSS returns to the service node information for serving the MTC device, such as MSC/SGSN/MME;
Step 504, the received triggering message of GMSC/MTC-IWF parsings is so as to obtain sender address.
The sender that GMSC/MTC-IWF can send triggering message according to the permission locally preserved to the MTC device arranges
Table, inquires about the sender address whether in sender's list, so as to determine whether the sending direction of the triggering message
The MTC device sends triggering message.Moreover, when the sender's list safeguarded in HSS has renewal, then HSS is to GMSC/MTC-IWF
Sender's list after the renewal of transmission, GMSC/MTC-IWF update the hair locally preserved using sender's list after renewal
The side's of sending list.
Another way is that in step 502, GMSC/MTC-IWF is carried into HSS query routing information to be allowed to this
MTC device sends the request message of sender's list of triggering message;In step 503, HSS according to the request of step 502 to
GMSC/MTC-IWF sends the sender's list for allowing that triggering message is sent to the MTC device.
If GMSC/MTC-IWF does not inquire the sender address from sender's list, i.e. sender does not allow to send out
Triggering message is sent to abandon the message to the MTC device, GMSC/MTC-IWF.
If sender is allowed to send the MTC device triggering message, GMSC/MTC-IWF is transmitted to message is triggered
The service node of MTC device.
Step 505, service node is sent to MTC device by message is triggered.
The present embodiment authentication method, no matter whether sender belongs to identical or different home network from MTC device.
GMSC/MTC-IWF will trigger the sender address of message, be set with permission locally preserve or that HSS is asked to the MTC
Preparation send sender's list of triggering message to compare, and determines whether that the sending direction of the triggering message MTC device is sent
Trigger message.Triggering information is received every time without GMSC/MTC-IWF to be required for, to HSS certifications, reducing opening for signaling
Pin and signaling impact, so as to reduce signaling congestion.
Fig. 6 is the schematic diagram of first embodiment of the invention authentication device, as shown in the figure, the authentication device bag of the present embodiment
Include:Receiving unit 11, extraction unit 12, transmitting element 13.
Receiving unit 11, which is used to receive positioned at the short message router SMS router of MTC device home network, sends the Fan family
The triggering message that township's network is sent;Extraction unit 12 is used for the transmitting side marking in short message router extraction triggering message, and
It is sent to the home subscriber server HSS positioned at MTC device home network;Transmitting element 13 is used for the transmission for receiving HSS transmissions
Square ID authentication information, when authentication information for certification by when short message router by trigger message be sent to MTC device.
Optionally, transmitting element 13 is additionally operable to short message router and sends routing iinformation to HSS;Receiving unit 12 is additionally operable to
Receive the service node information for the service MTC device that HSS is returned.
Optionally, transmitting element 13 will trigger message specifically for short message router and be sent to service node information correspondence
Service node, MTC device is transmitted to by service node.
Authentication device of the embodiment of the present invention, can be disappeared by the SMS router extraction triggerings positioned at MTC device home network
The transmitting side marking of breath, is authenticated using the HSS for being in MTC device home network together.Because triggering message is to send the Fan family
Township's network is sent to SMS router's, can thus allow MTC device home network to be authenticated triggering message,
If sender's home network does not have certification to triggering message, and the sender cannot give the MTC device to send triggering message,
Then it is authenticated, is avoided because sender's home network is not to triggering using the SMS router of MTC device home network
Message authentication, cause cannot to MTC device send triggering message MTC server to MTC device have sent triggering message and by
Triggering.
Fig. 7 is the schematic diagram of second embodiment of the invention authentication device, as shown in the figure, the authentication device bag of the present embodiment
Include:Receiving unit 21, extraction unit 22, authentication unit 23 and transmitting element 24.
Receiving unit 21 is used to receive triggering message;Extraction unit 22 be used for from triggering message in extract sender address or
Mark;Authentication unit 23 is used for according to sender's list, using sender address or identity verification sender whether be allow to
MTC device sends triggering message;If transmitting element 24 is used for certification by the way that triggering message is sent to MTC device.
Optionally, authentication unit 23 be specifically used for short message router, GMSC or MTC-IWF verification sender whether be
Allow to send triggering message to MTC device.
Optionally, authentication unit 23 is specifically used for according to the sender's list locally preserved, verifies whether sender is fair
Perhaps triggering message is sent to MTC device.Receiving unit 21 is additionally operable to receive sender's list after the renewal that HSS is sent;Device
Updating block 25 is further included, for using sender's list after updating, updating the sender's list locally preserved.
Optionally, transmitting element 24 is additionally operable to the HSS transmission list solicited messages positioned at MTC device home network;Connect
Unit 21 is received to be additionally operable to receive sender's list that HSS is returned;Authentication unit 23 is specifically used for according to the sender's row received
Table, verifies whether sender is to allow to send triggering message to MTC device.
Optionally, transmitting element 24 is additionally operable to send routing iinformation to HSS;Receiving unit 21 is additionally operable to receive HSS returns
Service MTC device service node information.Transmitting element 24 is specifically used for triggering message being sent to service node information pair
The service node answered, MTC device is transmitted to by service node.
The present embodiment authentication device, SMS router/GMSC/MTC-IWF will trigger transmitting side marking or the address of message,
Compared with sending sender's list of triggering message to the MTC device with permission locally preserve or that HSS is asked, judge
The sending direction of the triggering message MTC device whether is allowed to send triggering message.Without receiving triggering letter every time
Breath is required for, to HSS certifications, reducing the expense and signaling impact of signaling, so as to reduce signaling congestion.
Fig. 8 is the schematic diagram of third embodiment of the invention authentication device;As shown in the figure, the present embodiment includes network interface
31st, processor 32 and memory 33.System bus 34 is used to connect network interface 31, processor 32 and memory 33.
Network interface 31 is used to communicate with other equipment.
Memory 33 can be permanent memory, such as hard disk drive and flash memory, have software module in memory 33
And device driver.Software module is able to carry out the various functions module of the above method of the present invention;Device driver can be with
It is network and interface drive program.
On startup, these component softwares are loaded into memory 33, are then accessed and are performed as follows by processor 32
Instruction:
Triggering message is received positioned at the short message router of machine type communication MTC device home network;
Transmitting side marking in the short message router extraction triggering message, and be sent to and set positioned at the MTC
The home subscriber server HSS of standby home network;
The described sender ID authentication information that the HSS is sent is received, when the authentication information passes through when institute for certification
State short message router and the triggering message is sent to the MTC device.
Further, after the processor accesses the component software of memory 33, the instruction of procedure below is performed:
The short message router is to the HSS query routings information;
Receive the service node information for the service MTC device that the HSS is returned.
Fig. 9 is the schematic diagram of fourth embodiment of the invention authentication device;As shown in the figure, the present embodiment includes network interface
41st, processor 42 and memory 43.System bus 44 is used to connect network interface 41, processor 42 and memory 43.
Network interface 41 is used to communicate with other equipment.
Memory 43 can be permanent memory, such as hard disk drive and flash memory, have software module in memory 43
And device driver.Software module is able to carry out the various functions module of the above method of the present invention;Device driver can be with
It is network and interface drive program.
On startup, these component softwares are loaded into memory 43, are then accessed and are performed as follows by processor 42
Instruction:
Receive triggering message;
Transmitting side marking or address are extracted from the triggering message;
Whether allowed to MTC using described sender address or identity verification described sender according to sender's list
Equipment sends triggering message;
If certification by the triggering message by being sent to the MTC device.
Specifically, after the processor accesses the component software of memory 63, the application program can be used for making the place
Reason device and the system perform whether verification described sender is that the instruction for allowing to send triggering message to MTC device is:It is short to disappear
Breath router, short message service gateway, mobile switching centre or MTC- interworking function entities verification described sender whether be
Allow to send triggering message to MTC device.
Optionally, the application program can be used for making whether the processor and the system perform verification described sender
It is that the instruction for allowing to send triggering message to MTC device is:According to the sender's list locally preserved, verification described sender is
No is to allow to send triggering message to MTC device.
Optionally, the application program can be used for making whether the processor and the system perform verification described sender
It is that the instruction for allowing to send triggering message to MTC device is:Letter is asked to the HSS transmission lists positioned at MTC device home network
Breath;Receive sender's list that the HSS is returned;According to the described sender list received, whether verification described sender
It is to allow to send triggering message to MTC device.
Further, after the processor accesses the component software of memory 63, the instruction of procedure below is performed:
The routing iinformation is sent to the HSS;
Receive the service node information for the service MTC device that the HSS is returned.
Professional should further appreciate that, be described with reference to the embodiments described herein each exemplary
Unit and algorithm steps, can be realized with electronic hardware, computer software or the combination of the two, hard in order to clearly demonstrate
The interchangeability of part and software, generally describes each exemplary composition and step according to function in the above description.
These functions are performed with hardware or software mode actually, application-specific and design constraint depending on technical solution.
Professional technician can realize described function to each specific application using distinct methods, but this realization
It is it is not considered that beyond the scope of this invention.
The step of method or algorithm for being described with reference to the embodiments described herein, can use hardware, processor to perform
Software module, or the two combination are implemented.Software module can be placed in random access memory(RAM), memory, read-only storage
(ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technical field
In any other form of storage medium well known to interior.
Above-described embodiment, has carried out the purpose of the present invention, technical solution and beneficial effect further
Describe in detail, it should be understood that the foregoing is merely the embodiment of the present invention, be not intended to limit the present invention
Protection domain, within the spirit and principles of the invention, any modification, equivalent substitution, improvement and etc. done, should all include
Within protection scope of the present invention.
Claims (28)
- A kind of 1. authentication method, it is characterised in that the described method includes:Triggering message is received positioned at the short message router of machine type communication MTC device home network;Transmitting side marking in the short message router extraction triggering message, and be sent to positioned at the MTC device man The home subscriber server HSS of township's network;Receive the described sender ID authentication information that the HSS is sent, when the authentication information for certification by when it is described short The triggering message is sent to the MTC device by message router.
- 2. according to the method described in claim 1, it is characterized in that, before the short message router reception triggering message Further include:The short message router is to the HSS query routings information;Receive the service node information for the service MTC device that the HSS is returned.
- 3. according to the method described in claim 2, it is characterized in that, the triggering message is sent to by the short message router The MTC device includes:The triggering message is sent to the corresponding clothes of the service node information by the short message router Business node, the MTC device is transmitted to by the service node.
- 4. according to the method described in claim 3, it is characterized in that, described sender is MTC server, the service node is Mobile switching centre/service universal grouping wireless service technology supporting node/mobility management entity.
- A kind of 5. authentication method, it is characterised in that the described method includes:Receive triggering message;Transmitting side marking or address are extracted from the triggering message;Whether allowed to MTC device using described sender address or identity verification described sender according to sender's list Send triggering message;If certification by the triggering message by being sent to the MTC device.
- 6. according to the method described in claim 5, it is characterized in that, whether the verification described sender is to allow to set to MTC Preparation send triggering message to include:Short message router, short message service gateway, mobile switching centre or MTC- interworking function are real Whether experience card described sender is to allow to send triggering message to MTC device.
- 7. the method according to claim 5 or 6, it is characterised in that it is described according to sender's list, verify described sender Whether it is to allow to include to MTC device transmission triggering message:According to the sender's list locally preserved, verification described sender is No is to allow to send triggering message to MTC device.
- 8. the method according to the description of claim 7 is characterized in that the method further includes:Receive sender's list after the renewal that HSS is sent;Using sender's list after the renewal, the described sender list locally preserved is updated.
- 9. the method according to claim 5 or 6, it is characterised in that it is described according to sender's list, verify described sender Whether it is to allow to include to MTC device transmission triggering message:To the HSS transmission list solicited messages positioned at MTC device home network;Receive sender's list that the HSS is returned;According to the described sender list received, whether verification described sender is to allow to send triggering message to MTC device.
- 10. the method according to claim 5 or 6, it is characterised in that the method further includes:Routing iinformation is sent to HSS;Receive the service node information for the service MTC device that the HSS is returned.
- 11. according to the method described in claim 10, it is characterized in that, described be sent to the triggering message MTC and set It is standby to include:The triggering message is sent to the corresponding service node of the service node information, is forwarded by the service node To the MTC device.
- 12. a kind of authentication device, it is characterised in that described device includes:Receiving unit, extraction unit and transmitting element;Receiving unit, for receiving triggering message positioned at the short message router of MTC device home network, and is sent to described carry Take unit;Extraction unit, for the transmitting side marking in the short message router extraction triggering message, and is sent to and is located at The home subscriber server HSS of the MTC device home network, and it is sent to the transmitting element;Transmitting element, the described sender ID authentication information sent for receiving the HSS, when the authentication information is certification By when the short message router by it is described triggering message be sent to the MTC device.
- 13. device according to claim 12, it is characterised in that:The transmitting element is additionally operable to the short message router and sends routing iinformation to the HSS;The receiving unit is additionally operable to receive the service node information for the service MTC device that the HSS is returned.
- 14. device according to claim 13, it is characterised in that the transmitting element is route specifically for the short message The triggering message is sent to the corresponding service node of the service node information by device, is transmitted to by the service node described MTC device.
- 15. a kind of authentication device, it is characterised in that described device includes:Receiving unit, extraction unit, authentication unit and transmission Unit;Receiving unit, message is triggered for receiving, and is sent to the extraction unit;Extraction unit, for extracting transmitting side marking or address from the triggering message, and is sent to the authentication unit;Authentication unit, for according to sender's list, using described sender address or identity verification described sender whether be Allow to send triggering message to MTC device, and be sent to the transmitting element;Transmitting element, if for certification by the way that the triggering message is sent to the MTC device.
- 16. device according to claim 15, it is characterised in that the authentication unit be specifically used for short message router, Whether short message service gateway, mobile switching centre or MTC- interworking function entities verification described sender are to allow to MTC Equipment sends triggering message.
- 17. the device according to claim 15 or 16, it is characterised in that the authentication unit is specifically used for according to local guarantor Whether the sender's list deposited, verification described sender are to allow to send triggering message to MTC device.
- 18. device according to claim 17, it is characterised in that:The receiving unit is additionally operable to receive sender's list after the renewal that HSS is sent;Described device further includes updating block, for locally preserving described using sender's list after the renewal, renewal Sender's list.
- 19. the device according to claim 15 or 16, it is characterised in that:The transmitting element is additionally operable to the HSS transmission list solicited messages positioned at MTC device home network;The receiving unit is additionally operable to receive sender's list that the HSS is returned;The authentication unit is specifically used for according to the described sender list that receives, verification described sender whether be allow to MTC device sends triggering message.
- 20. the device according to claim 15 or 16, it is characterised in that:The transmitting element is additionally operable to send routing iinformation to HSS;The receiving unit is additionally operable to receive the service node information for the service MTC device that the HSS is returned.
- 21. device according to claim 20, it is characterised in that the transmitting element is specifically used for the triggering message The corresponding service node of the service node information is sent to, the MTC device is transmitted to by the service node.
- 22. a kind of authentication device, it is characterised in that described device includes:Network interface;Processor;Memory;Application program of the physical store in the memory, the application program include can be used for making the processor and described Device performs the instruction of procedure below:Triggering message is received positioned at the short message router of machine type communication MTC device home network;Transmitting side marking in the short message router extraction triggering message, and be sent to positioned at the MTC device man The home subscriber server HSS of township's network;Receive the described sender ID authentication information that the HSS is sent, when the authentication information for certification by when it is described short The triggering message is sent to the MTC device by message router.
- 23. device according to claim 22, it is characterised in that the application program, which further includes, can be used for making the processing Device and described device perform the instruction of procedure below:The short message router is to the HSS query routings information;Receive the service node information for the service MTC device that the HSS is returned.
- 24. a kind of authentication device, it is characterised in that described device includes:Network interface;Processor;Memory;Application program of the physical store in the memory, the application program include can be used for making the processor and described Device performs the instruction of procedure below:Receive triggering message;Transmitting side marking or address are extracted from the triggering message;Whether allowed to MTC device using described sender address or identity verification described sender according to sender's list Send triggering message;If certification by the triggering message by being sent to the MTC device.
- 25. device according to claim 24, it is characterised in that the application program can be used for making the processor and institute State device and perform whether verification described sender is that the instruction for allowing to send triggering message to MTC device is:Short message router, Whether short message service gateway, mobile switching centre or MTC- interworking function entities verification described sender are to allow to MTC Equipment sends triggering message.
- 26. the device according to claim 24 or 25, it is characterised in that the application program can be used for making the processor Perform whether verification described sender is that the instruction for allowing to send triggering message to MTC device is with described device:According to local Whether sender's list of preservation, verification described sender are to allow to send triggering message to MTC device.
- 27. the device according to claim 24 or 25, it is characterised in that the application program can be used for making the processor Perform whether verification described sender is that the instruction for allowing to send triggering message to MTC device is with described device:To the HSS transmission list solicited messages positioned at MTC device home network;Receive sender's list that the HSS is returned;According to the described sender list received, whether verification described sender is to allow to send triggering message to MTC device.
- 28. according to any device of claim 24 or 25, it is characterised in that the application program, which further includes, can be used for making The processor and described device perform the instruction of procedure below:Routing iinformation is sent to HSS;Receive the service node information for the service MTC device that the HSS is returned.
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2012/085691 WO2014082311A1 (en) | 2012-11-30 | 2012-11-30 | Authentication method and apparatus |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103975643A CN103975643A (en) | 2014-08-06 |
CN103975643B true CN103975643B (en) | 2018-05-11 |
Family
ID=50827096
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201280018424.XA Active CN103975643B (en) | 2012-11-30 | 2012-11-30 | authentication method and device |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN103975643B (en) |
WO (1) | WO2014082311A1 (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1691812A (en) * | 2004-04-28 | 2005-11-02 | 株式会社Ntt都科摩 | Mobile station and communication control method |
CN102047629A (en) * | 2008-01-18 | 2011-05-04 | 交互数字专利控股公司 | Method and apparatus for enabling machine to machine communication |
CN102143491A (en) * | 2010-01-29 | 2011-08-03 | 华为技术有限公司 | MTC (machine type communication) equipment authentication method, MTC gateway and relevant equipment |
WO2012151981A1 (en) * | 2011-08-24 | 2012-11-15 | 中兴通讯股份有限公司 | Method, system, target user equipment for transmitting mtc device trigger information |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102595373B (en) * | 2011-01-14 | 2017-11-28 | 中兴通讯股份有限公司 | A kind of method and system to MTC terminal moving property management |
WO2012103954A1 (en) * | 2011-02-04 | 2012-08-09 | Telefonaktiebolaget L M Ericsson (Publ) | Arrangement and method for a mobile access network |
US20120252481A1 (en) * | 2011-04-01 | 2012-10-04 | Cisco Technology, Inc. | Machine to machine communication in a communication network |
CN102740452B (en) * | 2011-04-02 | 2017-05-10 | 中兴通讯股份有限公司 | Machine-type communication (MTC) terminal triggering method and device |
CN102263793A (en) * | 2011-08-12 | 2011-11-30 | 电信科学技术研究院 | Method, system and device for verifying and controlling permission of MTC (machine type communication) server |
-
2012
- 2012-11-30 CN CN201280018424.XA patent/CN103975643B/en active Active
- 2012-11-30 WO PCT/CN2012/085691 patent/WO2014082311A1/en active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1691812A (en) * | 2004-04-28 | 2005-11-02 | 株式会社Ntt都科摩 | Mobile station and communication control method |
CN102047629A (en) * | 2008-01-18 | 2011-05-04 | 交互数字专利控股公司 | Method and apparatus for enabling machine to machine communication |
CN102143491A (en) * | 2010-01-29 | 2011-08-03 | 华为技术有限公司 | MTC (machine type communication) equipment authentication method, MTC gateway and relevant equipment |
WO2012151981A1 (en) * | 2011-08-24 | 2012-11-15 | 中兴通讯股份有限公司 | Method, system, target user equipment for transmitting mtc device trigger information |
Non-Patent Citations (1)
Title |
---|
R11 MTC trigger security solution analysis;Huawei,HiSilicon;《3GPP TSG SA WG3(Security) Meeting #68》;20120713;第三节7.1.4 * |
Also Published As
Publication number | Publication date |
---|---|
WO2014082311A1 (en) | 2014-06-05 |
CN103975643A (en) | 2014-08-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112567779B (en) | Method, system and computer readable medium for performing time distance security countermeasures for outbound roamers using DIAMETER edge proxy | |
CN110800267B (en) | Methods, systems, and computer readable media for Mobility Management Entity (MME) authentication of outbound roaming subscribers using Diameter edge proxy (DEA) | |
US9369378B2 (en) | Enabling IP-communication with a machine to machine unit | |
EP4085676B1 (en) | Methods, systems, and computer readable media for implementing indirect general packet radio service (gprs) tunneling protocol (gtp) firewall filtering using diameter agent and signal transfer point (stp) | |
US9313759B2 (en) | Methods, systems, and computer readable media for providing triggerless equipment identity register (EIR) service in a diameter network | |
Holtmanns et al. | User location tracking attacks for LTE networks using the interworking functionality | |
JP2014506052A5 (en) | Method and system for modifying a Diameter signaling message directed to a charging function node, and program for causing a computer to execute the method | |
KR102116307B1 (en) | Method and apparatus for detecting diameter protocol idr message spoofing attack on mobile communication network | |
CN107006052A (en) | Set up using the OTT connections of the D2D based on infrastructure serviced | |
CN105848083A (en) | Method, terminal and system for realizing communication | |
CN102918877B (en) | A kind of method of lower short-message sending, system and SMS service center | |
CN103975643B (en) | authentication method and device | |
WO2013110224A1 (en) | Method, device, and system for triggering mtc device | |
EP2725830B1 (en) | Method and system for triggering response of terminal, terminal and network side | |
Mashukov | Diameter Security: An Auditor's Viewpoint | |
CN106470408B (en) | A kind of international roaming short message protecting method, device and system | |
EP2865199A1 (en) | Machine type communication interworking function | |
CN102857899B (en) | A kind of connection control method and system of MTC device | |
WO2021017805A1 (en) | Communication information transmission method and apparatus, storage medium, and electronic device | |
EP3011771B1 (en) | Managing a subscriber device using a proxy eir | |
EP2827661B1 (en) | System, apparatus, and method for triggering roaming mtc device | |
CN103249012B (en) | Trigger sending method, the apparatus and system of message | |
CN104640089A (en) | Method, device and system for realizing short message service disaster recovery in LTE network | |
KR20130139160A (en) | An apparatus and method for delivering messages to a plurality of devices in mobile communication networks |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |