CN104883339B - A kind of method, apparatus and system of privacy of user protection - Google Patents
A kind of method, apparatus and system of privacy of user protection Download PDFInfo
- Publication number
- CN104883339B CN104883339B CN201410070160.3A CN201410070160A CN104883339B CN 104883339 B CN104883339 B CN 104883339B CN 201410070160 A CN201410070160 A CN 201410070160A CN 104883339 B CN104883339 B CN 104883339B
- Authority
- CN
- China
- Prior art keywords
- location server
- user
- random value
- subscriber identity
- router
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/42—Anonymization, e.g. involving pseudonyms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
- H04W12/75—Temporary identity
Abstract
The embodiment of the present invention discloses a kind of method, apparatus and system of privacy of user protection, is related to communication network application technology, by hiding the true ID of user using random user ID, solves the problems, such as privacy of user exposure, improves the sense of security of user network experience.This method comprises: user equipment (UE) sends login request message to location server by router;The UE receives the random value that the location server is sent by the router;The UE is according to the shared key, the user identifier of the UE, and the identifier of the random value and the location server obtained in advance generates the interim subscriber identity, and the common key is corresponding with the user identifier of the UE.The embodiment of the present invention is applied to hide the true ID of user equipment.
Description
Technical field
The present invention relates to the method, apparatus and system that communication network application technology more particularly to a kind of privacy of user are protected.
Background technique
With network security increasingly by the whole world it is of interest, IP (Internet Protocol, Internet Protocol) address
The safety of safety and User ID has obtained extensive concern, wherein since IP address is both that identifier is (i.e. main for a long time
Identity mark), and be finger URL (i.e. network location identifier), this makes the separation of transport layer and network layer not thorough enough.This
So that conventional TCP/IP network can not support the more host's scenes of host, i.e., multiple network interface cards of same host access network simultaneously, cut
Draping card will lead to IP variation, service disconnection.
In a mobile network, it may cause IP address reassignment when terminal is mobile, although in the same use of the same terminal
Under the use of family, but the four-tuple (<local IP, far-end IP, local port, remote port>) of transport layer is but changed, this will
Lead to disconnecting and rebuilds.If occur user's multiple devices scene, it is desirable that service traffics need in multiple devices
Between seamless switching, and traditional TCP/IP network can not be supported.
In existing solution technology, in user identity agreement UIP(User Identity Protocol) the network architecture
In, user identifier UserID is distributed by operator, permanent;Device identifier DeviceID is by device manufacturer or operation
Quotient's distribution, a UserID can be associated with multiple DeviceID;Finger URL Locator is usually IP address, is distributed by operator
Or user is specified, a DeviceID can be associated with multiple Locator.But about network security, attacker probably will
The location information of user is tracked according to User ID, wherein since the User ID of certain countries may take certain coding rule,
Such as the prefix of the user of different regions its ID is different.Therefore attacker can believe according to its privacy of the prefix guessing of User ID
Breath, such as geographical location.If attacker will obtain a large amount of privacy information of user according to the business that User ID obtains its subscription,
Privacy of user safety and property safety are threatened.
Summary of the invention
The embodiment of the present invention provides a kind of method, apparatus and system of privacy of user protection, by utilizing random user
ID hides the true ID of user, solves the problems, such as privacy of user exposure, improves the sense of security of user network experience.
In order to achieve the above objectives, the embodiment of the present invention adopts the following technical scheme that
In a first aspect, a kind of method of privacy of user protection, comprising:
User equipment (UE) sends login request message to location server by router, so that the location server
Random value is generated when receiving the login request message of the UE, and the random value is sent to the UE, the registration
It include the user identifier of the UE in request message, so that the location server is according to the random value, common key, institute
The identifier of the user identifier and the location server of stating UE generates interim subscriber identity, and saves casual user's mark
The corresponding relationship of the mark of knowledge, the user identifier of the UE, UE mark and the location server, so that the position takes
Business device identifies the message comprising the interim subscriber identity of the transmission of the UE, the common key according to the corresponding relationship
It is corresponding with the user identifier of the UE;
The UE receives the random value that the location server is sent by the router;
The UE is according to the shared key, the user identifier of the UE, the random value and obtains in advance described
The identifier of location server generates the interim subscriber identity, and the common key is corresponding with the user identifier of the UE.
With reference to first aspect, it specifically includes in the first possible implementation, the UE is connect by the router
Receiving the random value that the location server is sent includes:
The UE receives the authentication request message that the location server is sent, the certification request by the router
It include the random value in message.
With reference to first aspect, it specifically includes in the second possible implementation, the UE is connect by the router
Receiving the random value that the location server is sent includes:
The UE receives the registration reply message that the location server is sent, the registration response by the router
It include the random value in message.
Second aspect, a kind of method of privacy of user protection, comprising:
Location server receives the login request message that user equipment (UE) is sent, the login request message by router
In include the UE user identifier, wherein when the location server receives the login request message that the UE is sent, institute
It states location server and generates random value;
The random value is sent to the UE by the router by the location server so that the UE according to
The shared key, the user identifier of the UE, the identifier of the random value and the location server obtained in advance
Generate interim subscriber identity;
The location server obtains common key according to the user identifier of the UE, and according to the shared key, institute
State the user identifier of UE, the identifier generation interim subscriber identity of the random value and the location server;
The location server saves the interim subscriber identity, the user identifier of the UE, UE mark and institute
State the corresponding relationship of the mark of location server, and by the corresponding relationship identify that the UE sends comprising the interim use
The message of family mark.
It in conjunction with second aspect, specifically includes in the first possible implementation, the location server passes through described
The random value is sent to the UE by router
The location server sends authentication request message, the authentication request message to the UE by the router
In include random value so that the UE is according to the shared key, the user identifier of the UE, the random value and in advance
The identifier of the location server obtained generates interim subscriber identity, the user identifier pair of the common key and the UE
It answers.
It in conjunction with second aspect, specifically includes in the second possible implementation, the location server passes through described
The random value is sent to the UE by router
The location server forwards registration reply message, the registration reply message to the UE by the router
In include random value so that the UE is according to the shared key, the user identifier of the UE, the random value and in advance
The identifier of the location server obtained generates interim subscriber identity, the user identifier pair of the common key and the UE
It answers.
The third aspect, a kind of method of privacy of user protection, comprising:
User equipment (UE) sends login request message to location server by router, wraps in the login request message
User identifier containing the UE, so that the location server generates at random when receiving the login request message of the UE
Value, and casual user's mark is generated according to the identifier of the random value, the user identifier of the UE and the location server
Know, and saves pair of the mark of the interim subscriber identity, the user identifier of the UE, UE mark and the location server
Should be related to so that the location server according to the corresponding relationship identify the UE transmission comprising the casual user
The message of mark;
The UE receives the interim subscriber identity by the router.
It in conjunction with the third aspect, specifically includes in the first possible implementation, the UE is connect by the router
Receiving the interim subscriber identity includes:
The UE receives the registration reply message that the location server is sent, the registration response by the router
It include the interim subscriber identity in message.
Fourth aspect, a kind of method of privacy of user protection, comprising:
Location server receives the login request message that user equipment (UE) is sent, the login request message by router
In include the UE user identifier, wherein when the location server receives the registration request that the user equipment (UE) is sent
When message, the location server generates random value;
The location server is according to the mark of the random value, the user identifier of the UE and the location server
Symbol generates interim subscriber identity;
The location server saves the interim subscriber identity, the user identifier of the UE, UE mark and institute's rheme
The corresponding relationship of the mark of server is set, so that the location server identifies the transmission of the UE according to the corresponding relationship
The message comprising the interim subscriber identity;
The interim subscriber identity is forwarded to the UE by the router by the location server.
In conjunction with fourth aspect, specifically included in the first mode in the cards, the location server is according to
The identifier of random value, the user identifier of the UE and the location server generates interim subscriber identity
The location server takes according to the random value, shared key, the user identifier of the UE and the position
The identifier of business device generates interim subscriber identity, and the common key is corresponding with the user identifier of the UE.
It in conjunction with fourth aspect, is specifically included in second of mode in the cards, the location server passes through described
The interim subscriber identity is forwarded to the UE by router, comprising:
The location server forwards registration reply message to the UE, the registration reply message by the router
In include the interim subscriber identity.
5th aspect, a kind of user equipment, comprising:
Communication unit, for sending login request message to location server by router, so that the position takes
Business device generates random value when receiving the login request message of the UE, and the random value is sent to the UE, described
It include the user identifier of the UE in login request message, so that the location server is according to the random value, common close
The identifier of key, the user identifier of the UE and the location server generates interim subscriber identity, and saves described interim
User identifier, the user identifier of the UE, UE are identified and the corresponding relationship of the mark of the location server, so that described
Location server identifies the message comprising the interim subscriber identity of the transmission of the UE according to the corresponding relationship, described total
It is corresponding with the user identifier of the UE with key;
The communication unit is also used to receive the random value that the location server is sent by the router;
Generation unit, for according to the shared key, the user identifier of the UE, the random value and in advance acquisition
The identifier of the location server generate the interim subscriber identity, the user identifier pair of the common key and the UE
It answers.
In conjunction with the 5th aspect, specifically included in the first mode in the cards, the communication unit is specifically also used
In:
The authentication request message that the location server is sent is received by the router, in the authentication request message
Including the random value.
In conjunction with the 5th aspect, specifically include in the second possible implementation, the communication unit is specifically also used
In:
The registration reply message that the location server is sent is received by the router, in the registration reply message
Including the random value.
6th aspect, a kind of location server, comprising:
Communication unit, for receiving the login request message that user equipment (UE) is sent, the registration request by router
It include the user identifier of the UE in message, wherein when the location server receives the login request message that the UE is sent
When, the location server generates random value;
The communication unit is also used to that the random value is sent to the UE by the router, so that described
UE is according to the shared key, the user identifier of the UE, the random value and the location server obtained in advance
Identifier generates interim subscriber identity;
Generation unit, it is described for obtaining common key according to the user identifier of the UE, and according to the shared key
The identifier of the user identifier of UE, the random value and the location server generates the interim subscriber identity;
Storage unit, for save the interim subscriber identity, the UE that the generation unit generates user identifier,
The corresponding relationship of the UE mark and the mark of the location server, and identify that the UE is sent by the corresponding relationship
The message comprising the interim subscriber identity.
In conjunction with the 6th aspect, specifically include in the first possible implementation, the communication unit is specifically also used
In:
Authentication request message is sent to the UE by the router, includes random value in the authentication request message,
So that the UE is according to the shared key, the user identifier of the UE, the random value and the institute's rheme obtained in advance
The identifier for setting server generates interim subscriber identity, and the common key is corresponding with the user identifier of the UE.
In conjunction with the 6th aspect, specifically include in the second possible implementation, the communication unit is specifically also used
In:
Registration reply message is forwarded to the UE by the router, includes random value in the registration reply message,
So that the UE is according to the shared key, the user identifier of the UE, the random value and the institute's rheme obtained in advance
The identifier for setting server generates interim subscriber identity, and the common key is corresponding with the user identifier of the UE.
7th aspect, a kind of user equipment, comprising:
Transmission unit, for sending login request message, the login request message to location server by router
In include the UE user identifier so that location server generation when receiving the login request message of the UE
Random value, and interim use is generated according to the identifier of the random value, the user identifier of the UE and the location server
Family mark, and save the mark of the interim subscriber identity, the user identifier of the UE, UE mark and the location server
Corresponding relationship so that the location server according to the corresponding relationship identify the UE transmission comprising described interim
The message of user identifier;
Receiving unit, for receiving the interim subscriber identity by the router.
In conjunction with the 7th aspect, specifically included in the first mode in the cards, the receiving unit is specifically also used
In:
The registration reply message that the location server is sent is received by the router, in the registration reply message
Including the interim subscriber identity.
Eighth aspect, a kind of location server, comprising:
Communication unit, for receiving the login request message that user equipment (UE) is sent, the registration request by router
It include the user identifier of the UE in message, wherein when the location server receives the registration that the user equipment (UE) is sent
When request message, the location server generates random value;
Generation unit, for according to the user identifier of the random value, the UE and the mark of the location server
Symbol generates interim subscriber identity;
Storage unit, for save the interim subscriber identity, the UE that the generation unit generates user identifier,
The corresponding relationship of UE mark and the mark of the location server, so that the location server is according to the corresponding relationship
Identify the message comprising the interim subscriber identity of the transmission of the UE;
The communication unit is also used to the interim subscriber identity for generating the generation unit by the router
It is forwarded to the UE.
It in conjunction with eighth aspect, is specifically included in the first mode in the cards, the generation unit is specifically also used
In:
It is raw according to the identifier of the random value, shared key, the user identifier of the UE and the location server
At interim subscriber identity, the common key is corresponding with the user identifier of the UE.
It in conjunction with eighth aspect, specifically includes in the second possible implementation, the communication unit is specifically also used
In:
It include described interim by router forwarding registration reply message to the UE, in the registration reply message
User identifier.
9th aspect, a kind of communication system, comprising: location server, router and the use being connected to the router
Family equipment UE, wherein
The location server is position clothes described in any possible implementation in the 6th aspect or the 6th aspect
Business device;
The user equipment (UE) is that user described in any possible implementation sets in the 5th aspect or the 5th aspect
It is standby;
Alternatively,
The location server is the clothes of position described in any possible implementation in eighth aspect or eighth aspect
Business device;
The user equipment (UE) is that user described in any possible implementation sets in the 7th aspect or the 7th aspect
It is standby.
The method, apparatus and system of privacy of user protection provided in an embodiment of the present invention, user equipment (UE) are asked by registration
Ask message that the user identifier of user equipment is sent to location server, and according to the user identifier of the UE obtain it is described share it is close
Key, the user identifier of user equipment, the mark and shared key for the location server being obtained ahead of time generate interim subscriber identity,
By hiding the true ID of user using random user ID, solves the problems, such as privacy of user exposure, improve user network experience
The sense of security.
Detailed description of the invention
To describe the technical solutions in the embodiments of the present invention more clearly, make required in being described below to embodiment
Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for
For those of ordinary skill in the art, without creative efforts, it can also be obtained according to these attached drawings other
Attached drawing.
Fig. 1 is a kind of UIP(User Identity Protocol provided in an embodiment of the present invention, user identity agreement)
Network topology structure schematic diagram;
Fig. 2 is a kind of flow diagram of the method for privacy of user protection provided in an embodiment of the present invention;
Fig. 3 is the flow diagram of the method for another privacy of user protection provided in an embodiment of the present invention;
Fig. 4 be another embodiment of the present invention provides a kind of privacy of user protection method flow diagram;
Fig. 5 be another embodiment of the present invention provides another privacy of user protection method flow diagram;
Fig. 6 is a kind of flow diagram of the method for privacy of user protection that further embodiment of this invention provides;
Fig. 7 is the flow diagram of the method for another privacy of user protection that further embodiment of this invention provides;
Fig. 8 is the flow diagram of the method for another privacy of user protection that further embodiment of this invention provides;
Fig. 9 is a kind of structural schematic diagram of user equipment provided in an embodiment of the present invention;
Figure 10 is a kind of structural schematic diagram of location server provided in an embodiment of the present invention;
Figure 11 be another embodiment of the present invention provides a kind of user equipment structural schematic diagram;
Figure 12 be another embodiment of the present invention provides a kind of location server structural schematic diagram;
Figure 13 is a kind of structural schematic diagram for user equipment that further embodiment of this invention provides;
Figure 14 is a kind of structural schematic diagram for location server that further embodiment of this invention provides;
Figure 15 is a kind of structural schematic diagram for user equipment that yet another embodiment of the invention provides;
Figure 16 is a kind of structural schematic diagram for location server that yet another embodiment of the invention provides;
Figure 17 is a kind of structural schematic diagram of communication system provided in an embodiment of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
The present invention is suitable for user identity agreement UIP(User Identity Protocol) network architecture, wherein such as Fig. 1
Shown, UIP network is made of one or more domains UIP, and a domain UIP is by a location server SLS(Subscriber
Location Server), one or more domain router DR(Domain Router), one or more gateway GW(Gate
Way it) forms.Wherein, DR is used to save mapping relations, the user of user identifier UserID and the finger URL Locator of the user
Data forwarding and message address convert, and the DR in domain, between domain is interconnected.SLS is for saving user identifier UserID and use
The mapping relations of the current DR in family.UE accesses the domain UIP by wireless access network.And the present invention provides a kind of side of privacy of user protection
Method, referring to shown in Fig. 2, in user equipment side, it is described that specific step is as follows:
101, user equipment (UE) sends login request message to location server by router, so that the location-based service
Device generates random value in the login request message for receiving UE, and the random value is sent to the UE.
It wherein, include the user identifier of the UE in login request message, so that the location server is according to
Random value, common key, the user identifier of the UE and the location server identifier generate interim subscriber identity, and
The corresponding of mark for saving the interim subscriber identity, the user identifier of the UE, UE mark and the location server is closed
System so that the location server according to the corresponding relationship identify the UE transmission comprising the interim subscriber identity
Message, the common key is corresponding with the user identifier of the UE.
Here the method for obtaining shared key can be certifiede-mail protocol AKA (Authentication and Key
) or other cryptographic key negotiation methods Agreement.
Here user equipment (UE) (User Equipment) can pass through domain router DR(Domain Router) forwarding note
Volume request message, by the essential information of UE itself, such as user identifier UserID, device identifier Device ID and finger URL
Locator is sent to subscriber location servers SLS(Subscriber Location Server), so that SLS is according to the note of UE
Volume request message obtains the essential information (i.e. underlying parameter) of UE.
Wherein, login request message further include: the finger URL of device identifier and/or UE.
102, UE receives the random value of location server transmission by router.
103, UE is according to shared key, the user identifier of UE, the mark of random value and the location server obtained in advance
Symbol generates interim subscriber identity.
Wherein, the common key is corresponding with the user identifier of the UE.
Here UE can negotiate the authentication request message received before obtaining shared key SKey according to SLS, obtain
The random value nonce generated by SLS, and according to the nonce, the SLS ID's, SKey and UE itself of the SLS obtained in advance
UserID generates interim subscriber identity TempUser ID;
Alternatively,
Negotiate after obtaining shared key SKey according to SLS, obtains random value in received registration reply message
Nonce, and interim subscriber identity TempUser is generated according to the nonce, the UserID of the SLS ID, SKey and UE itself of SLS
ID;
Alternatively,
In addition to the nonce that UE itself is sent according to SLS generates TempUser ID, optionally, UE is sent by receiving SLS
Registration reply message receive the interim subscriber identity TempUser ID that has generated of SLS.
The present invention provides a kind of method of privacy of user protection, referring to shown in Fig. 3, in position server side, specific steps
It is as described below:
201, location server receives the login request message that user equipment (UE) is sent by router.
It here include the user identifier of the UE in login request message, wherein when location server receives the note that UE is sent
When volume request message, location server generates random value.
Wherein, which further includes the finger URL of user equipment identifiers Device ID and/or UE
Locator。
202, random value is sent to UE by router by location server, so that the UE is according to shared key, UE's
The identifier of user identifier, random value and the location server obtained in advance generates interim subscriber identity.
203, location server is according to the shared key, the user identifier of UE, the mark of random value and location server
Symbol generates interim subscriber identity.
Wherein, the method for obtaining shared key can be certifiede-mail protocol AKA (Authentication and Key
) or other cryptographic key negotiation methods Agreement.
Here subscriber location servers SLS(Subscriber Location Server) it can negotiate to obtain according to UE
Before shared key SKey, the random value nonce that SLS is generated, and according to the nonce, SLS ID, SKey and the UE of SLS itself
UserID generate interim subscriber identity TempUser ID;
Alternatively,
Negotiate after obtaining shared key SKey according to UE, SLS generates random value nonce, and carries nonce sending
Registration reply message before SLS according to the nonce, the UserID of the SLS ID, SKey and UE itself of SLS generates casual user
Identify TempUser ID;
Alternatively,
For SLS after the authentication response message for receiving UE transmission, SLS generates nonce, and is generated according to nonce
The TempUser ID of generation is sent to UE by sending registration reply message by TempUser ID.
204, location server saves the mark of interim subscriber identity, the user identifier of UE, UE mark and location server
The corresponding relationship of knowledge, and the message comprising interim subscriber identity that UE is sent is identified by the corresponding relationship.
Wherein, optionally, which saves is the user identifier User of interim subscriber identity TempUser ID and UE
The mapping relations of ID, device identifier Device ID and finger URL Locator.
The method of privacy of user protection provided in an embodiment of the present invention, user equipment (UE) pass through login request message for user
The user identifier of equipment is sent to location server, and obtains the shared key, user equipment according to the user identifier of the UE
User identifier, the mark and shared key of the location server being obtained ahead of time generate interim subscriber identity, by using with
Machine User ID hides the true ID of user, solves the problems, such as privacy of user exposure, improves the sense of security of user network experience.
The present invention provides the method for another privacy of user protection, referring to shown in Fig. 4, in user equipment side, specific steps
It is as described below:
301, user equipment (UE) sends login request message to location server by router.
It wherein, include the user identifier of the UE in login request message, so that the location server is receiving
Random value is generated when the login request message of the UE, and according to the random value, the user identifier of the UE and institute's rheme
The identifier for setting server generates interim subscriber identity, and saves the interim subscriber identity, the user identifier of the UE, UE mark
The corresponding relationship of the mark of knowledge and the location server, so that the location server is identified according to the corresponding relationship
The message comprising the interim subscriber identity of the transmission of the UE.
302, UE receives interim subscriber identity by router.
Wherein, UE receives the registration reply message that the location server is sent by the router, and the registration is rung
Answering includes the interim subscriber identity in message.
The present invention provides the method for another privacy of user protection, referring to Figure 5, specific to walk in position server side
It is rapid as described below:
401, location server receives the login request message that user equipment (UE) is sent by router.
It here include the user identifier of the UE in login request message, wherein described in being received when the location server
When the login request message that user equipment (UE) is sent, the location server generates random value.
402, location server generates interim use according to the identifier of random value, the user identifier of UE and location server
Family mark.
403, location server saves the interim subscriber identity, the user identifier of UE, UE mark and location server
The corresponding relationship of mark so that the location server according to the corresponding relationship identify UE transmission include interim subscriber identity
Message.
Wherein, optionally, which saves is the user identifier User of interim subscriber identity TempUser ID and UE
The mapping relations of ID, device identifier Device ID and finger URL Locator.
404, the interim subscriber identity is forwarded to UE by router by location server.
Wherein, location server forwards registration reply message to the UE by the router, and the registration response disappears
It include the interim subscriber identity in breath.
The method of privacy of user protection provided in an embodiment of the present invention, location server are raw according to the random value generated at random
At interim subscriber identity, and interim subscriber identity is carried by registration reply message and is sent to user equipment (UE) via router,
And then by hiding the true ID of user using random user ID, solves the problems, such as privacy of user exposure, improve user network
The sense of security of experience.
Router in the embodiment of the present invention is with domain router DR, and location server is by taking subscriber location servers SLS as an example
It is illustrated, is subject to the method for realizing privacy of user provided in an embodiment of the present invention protection, be not especially limited.
Specifically, being illustrated below in conjunction with specific embodiment.
Embodiment one
Can be on the basis of Fig. 2 or embodiment shown in Fig. 3, referring to shown in Fig. 6, the embodiment provides one
The method of kind privacy of user protection generates for subscriber location servers SLS with user equipment (UE) through consultation referring to shown in Fig. 6
Shared key SKey, and according to the process of the ID of SKey, SLS and/or UE generation interim subscriber identity TempUserID, it is specific to walk
It is rapid as follows:
501, user equipment (UE) sends login request message to location server by router, so that changing location-based service
Device generates random value in the login request message for receiving UE, and the random value is sent to the UE.
It wherein, include the user identifier of the UE in login request message, so that the location server is according to
Random value, common key, the user identifier of the UE and the location server identifier generate interim subscriber identity, and
The corresponding of mark for saving the interim subscriber identity, the user identifier of the UE, UE mark and the location server is closed
System so that the location server according to the corresponding relationship identify the UE transmission comprising the interim subscriber identity
Message, the common key is corresponding with the user identifier of the UE.
Here the method for obtaining shared key can be certifiede-mail protocol AKA (Authentication and Key
) or other cryptographic key negotiation methods Agreement.
Optionally, login request message further include: the finger URL of device identifier and/or UE.
Here user equipment (UE) (User Equipment) can pass through domain router DR(Domain Router) forwarding note
Volume request message, by the essential information of UE itself, such as user identifier UserID, device identifier Device ID and finger URL
Locator is sent to subscriber location servers SLS(Subscriber Location Server), so that SLS is according to the note of UE
Volume request message obtains the essential information (i.e. underlying parameter) of UE.
502, location server receives the login request message that user equipment (UE) is sent by router.
It here include the user identifier of the UE in login request message, wherein when location server receives the note that UE is sent
When volume request message, location server generates random value.
Wherein, which further includes the finger URL of user equipment identifiers Device ID and/or UE
Locator。
Here router DR in domain is used to undertake the function of Signalling exchange message between forwarding UE and SLS.
503, random value is sent to UE by router by location server, so that the UE is according to shared key, UE's
The identifier of user identifier, random value and the location server obtained in advance generates interim subscriber identity.
Wherein random value can be indicated with nonce.To realize a kind of privacy of user protection provided in an embodiment of the present invention
Subject to method, specifically without limitation.
Here location server carries random value in authentication request message, and is sent to UE by router.
504, UE receives the random value of location server transmission by router.
Wherein UE receives the authentication request message that the location server is sent, the certification request by the router
It include the random value in message.
505, UE sends authentication response message to location server by router according to the authentication request message.
506, location server receives the authentication response message that UE is sent by router.
507, location server is according to the shared key, the user identifier of UE, the mark of random value and location server
Symbol generates interim subscriber identity.
Wherein, the method for obtaining shared key can be certifiede-mail protocol AKA (Authentication and Key
) or other cryptographic key negotiation methods Agreement.
Here interim subscriber identity is by taking interim subscriber identity TempUser ID as an example:
Wherein, the generation method of TempUser ID may be expressed as:
TempUser ID=KDF(SKey,UserID,SLS ID,nonce)
That is interim subscriber identity TempUser ID be SLS according to negotiation obtained SKey, the UserID of UE, SLS ID with
And the nonce that SLS is generated is generated;
Wherein:
SKey is some shared key of SLS and UE;
SLS ID(SLS mark) be SLS ID, such as UUID (Universally Unique Identifier) form
Identifier;
Nonce is the random value that SLS is generated.
508, UE is according to shared key, the user identifier of UE, the mark of random value and the location server obtained in advance
Symbol generates interim subscriber identity.
Wherein, the common key is corresponding with the user identifier of the UE.
Here UE is according to the random value nonce got in authentication request message, the SKey negotiated with SLS, in advance
The UserID of the ID and UE itself of the SLS of acquisition generates interim subscriber identity TempUser ID.
509, location server saves the mark of interim subscriber identity, the user identifier of UE, UE mark and location server
The corresponding relationship of knowledge, and the message comprising interim subscriber identity that UE is sent is identified by the corresponding relationship.
Wherein, optionally, which saves is the user identifier User of interim subscriber identity TempUser ID and UE
The mapping relations of ID, device identifier Device ID and finger URL Locator.
510, location server sends registration reply message to UE by router.
511, UE receives the registration reply message that location server is sent by router.
The method of privacy of user protection provided in an embodiment of the present invention, user equipment (UE) pass through login request message for user
The user identifier of equipment is sent to location server, and obtains the shared key, user equipment according to the user identifier of the UE
User identifier, the mark and shared key of the location server being obtained ahead of time generate interim subscriber identity, by using with
Machine User ID hides the true ID of user, solves the problems, such as privacy of user exposure, improves the sense of security of user network experience.
Embodiment two
Can be on the basis of Fig. 2 or embodiment shown in Fig. 3, referring to shown in Fig. 7, the embodiment provides one
The method of kind privacy of user protection generates for subscriber location servers SLS with user equipment (UE) through consultation referring to shown in Fig. 7
Shared key SKey, wherein SLS generates random value nonce after UE and SLS negotiates to generate SKey, SLS is according to SKey, SLS
And/or the ID of UE generates interim subscriber identity TempUserID, then nonce is sent to UE via DR forwarding registration reply message,
So that UE is according to the process of nonce generation TempUserID, the specific steps are as follows:
601 user equipment (UE)s send login request message to location server by router, so that changing location-based service
Device generates random value in the login request message for receiving UE, and the random value is sent to the UE.
It wherein, include the user identifier of the UE in login request message, so that the location server is according to
Random value, common key, the user identifier of the UE and the location server identifier generate interim subscriber identity, and
The corresponding of mark for saving the interim subscriber identity, the user identifier of the UE, UE mark and the location server is closed
System so that the location server according to the corresponding relationship identify the UE transmission comprising the interim subscriber identity
Message, the common key is corresponding with the user identifier of the UE.
Optionally, login request message further include: the finger URL of device identifier and/or UE.
Here user equipment (UE) (User Equipment) can pass through domain router DR(Domain Router) forwarding note
Volume request message, by the essential information of UE itself, such as user identifier UserID, device identifier Device ID and finger URL
Locator is sent to subscriber location servers SLS(Subscriber Location Server), so that SLS is according to the note of UE
Volume request message obtains the essential information (i.e. underlying parameter) of UE.
602, location server receives the login request message that user equipment (UE) is sent by router.
It here include the user identifier of the UE in login request message, wherein when location server receives the note that UE is sent
When volume request message, location server generates random value.
Wherein, which further includes the finger URL of user equipment identifiers Device ID and/or UE
Locator。
Here router DR in domain is used to undertake the function of Signalling exchange message between forwarding UE and SLS.
603, random value is sent to UE by router by location server, so that the UE is according to shared key, UE's
The identifier of user identifier, random value and the location server obtained in advance generates interim subscriber identity.
Wherein random value can be indicated with nonce.To realize a kind of privacy of user protection provided in an embodiment of the present invention
Subject to method, specifically without limitation.
Here location server carries random value in authentication request message, and is sent to UE by router.
Location server sends authentication request message to UE by router.
Here it is not limited to whether random value nonce is generation in the authentication request message that SLS is sent by DR to UE
Random value nonce needed for TempUser ID.It is in the embodiment of the present invention with the difference in embodiment one for generating
The random value nonce of TempUser ID can be the new nonce that SLS is regenerated, it can not reuse in this step
The nonce in authentication request message sent to UE.
604, UE receives the random value of location server transmission by router.
Wherein UE receives the authentication request message that the location server is sent, the certification request by the router
It include the random value in message.
605, UE sends authentication response message to location server by router according to the authentication request message.
606, location server receives the authentication response message that UE is sent by router.
607, location server is according to the shared key, the user identifier of UE, the mark of random value and location server
Symbol generates interim subscriber identity.
Wherein, the method for obtaining shared key can be certifiede-mail protocol AKA (Authentication and Key
) or other cryptographic key negotiation methods Agreement.
Here interim subscriber identity is by taking interim subscriber identity TempUser ID as an example:
Wherein, the generation method of TempUser ID may be expressed as:
TempUser ID=KDF(SKey,UserID,SLS ID,nonce)
That is interim subscriber identity TempUser ID be SLS according to negotiation obtained SKey, the UserID of UE, SLS ID with
And the nonce that SLS is generated is generated;
Wherein:
SKey is some shared key of SLS and UE;
SLS ID(SLS mark) be SLS ID, such as UUID (Universally Unique Identifier) form
Identifier;
Nonce is the random value that SLS is generated.
608, random value is sent to UE by router by location server.
Wherein, registration reply message, further includes: the random value nonce that SLS is generated, so that UE is raw according to random value nonce
At the TempUser ID.
Location server forwards registration reply message to the UE by the router, wraps in the registration reply message
Random value is included, so that the UE is according to the shared key, the user identifier of the UE, the random value and in advance acquisition
The location server identifier generate interim subscriber identity, the UE according to the user identifier of the UE obtain it is described total
Enjoy key.
609, location server saves the mark of interim subscriber identity, the user identifier of UE, UE mark and location server
The corresponding relationship of knowledge, and the message comprising interim subscriber identity that UE is sent is identified by the corresponding relationship.
Here specifically, SLS save be user identifier User ID of interim subscriber identity TempUser ID and UE, set
The mapping relations of standby identifier Device ID and finger URL Locator.
610, UE receives the random value that location server is sent by router.
Wherein, UE receives the registration reply message that the location server is sent by the router, and the registration is rung
Answering includes the random value in message.
611, UE is according to shared key, the user identifier of UE, the mark of random value and the location server obtained in advance
Symbol generates interim subscriber identity.
Wherein, UE obtains the shared key according to the user identifier of the UE
Here UE is according to the random value nonce got in authentication request message, the SKey negotiated with SLS, in advance
The UserID of the ID and UE itself of the SLS of acquisition generates interim subscriber identity TempUser ID.
The method of privacy of user protection provided in an embodiment of the present invention, user equipment (UE) pass through login request message for user
The user identifier of equipment is sent to location server, and by negotiating to obtain shared key with location server, further according to user
The user identifier of equipment, the mark and shared key for the location server being obtained ahead of time generate interim subscriber identity, pass through benefit
The true ID of user is hidden with random user ID, privacy of user exposure is solved the problems, such as, improves the safety of user network experience
Sense.
The difference of the embodiment of the present invention and embodiment one is that random value nonce of the SLS for generating TempUser ID is
After negotiating to obtain shared key SKey with UE, and the random of TempUser ID will be generated after generating TempUser ID
Value nonce is sent to UE by DR by registration reply message.Wherein, the random value nonce for generating TempUser ID is
It can be different from nonce entrained when transmission authentication request message.
Embodiment three
Can be on the basis of Fig. 4 or embodiment shown in fig. 5, referring to shown in Fig. 8, the embodiment provides one
The method of kind privacy of user protection generates for subscriber location servers SLS with user equipment (UE) through consultation referring to shown in Fig. 8
Shared key SKey, SLS generate interim subscriber identity TempUserID according to the ID of SKey, SLS and UE, then forward via DR
The process of TempUserID to UE, the specific steps are as follows:
701, user equipment (UE) sends login request message to location server by router.
It wherein, include the user identifier of the UE in login request message, so that the location server is receiving
Random value is generated when the login request message of the UE, and according to the random value, the user identifier of the UE and institute's rheme
The identifier for setting server generates interim subscriber identity, and saves the interim subscriber identity, the user identifier of the UE, UE mark
The corresponding relationship of the mark of knowledge and the location server, so that the location server is identified according to the corresponding relationship
The message comprising the interim subscriber identity of the transmission of the UE.
Wherein, login request message further include: the finger URL of device identifier and/or UE.
Here user equipment (UE) (User Equipment) can pass through domain router DR(Domain Router) forwarding note
Volume request message, by the essential information of UE itself, such as user identifier UserID, device identifier Device ID and finger URL
Locator is sent to subscriber location servers SLS(Subscriber Location Server), so that SLS is according to the note of UE
Volume request message obtains the essential information (i.e. underlying parameter) of UE.
702, location server receives the login request message that user equipment (UE) is sent by router.
It wherein, include the user identifier of the UE in login request message, wherein described in being received when the location server
When the login request message that user equipment (UE) is sent, the location server generates random value;
Here router DR in domain is used to undertake the function of Signalling exchange message between forwarding UE and SLS.
703, location server sends authentication request message to UE by router.
704, UE receives the authentication request message that location server is sent by router.
705, UE sends authentication response message to location server by router according to the authentication request message.
706, location server receives the authentication response message that UE is sent by router.
707, location server generates interim use according to the identifier of random value, the user identifier of UE and location server
Family mark.
Wherein, which includes at least the random value, the user identifier of the UE and the location server
Identifier;
Optionally, which further includes common key, and location server is according to the random value, shared key, institute
The identifier of the user identifier and the location server of stating UE generates interim subscriber identity.
Wherein, which obtains common key according to the user identifier of the UE.
Here SLS as described above can be if method described in embodiment one and embodiment two be according to SKey, and UE's is basic
The identifier SLS ID of information, random value nonce and SLS generates interim subscriber identity TempUser ID.
SLS can also generate TempUser ID according to random value nonce in the present embodiment.
708, location server saves the mark of interim subscriber identity, the user identifier of UE, UE mark and location server
The corresponding relationship of knowledge so that the location server according to the corresponding relationship identify UE transmission comprising interim subscriber identity
Message.
Here specifically, SLS save be user identifier User ID of interim subscriber identity TempUser ID and UE, set
The mapping relations of standby identifier Device ID and finger URL Locator.
709, interim subscriber identity is forwarded to UE by router by location server.
Wherein, location server forwards registration reply message to the UE by the router, and the registration response disappears
It include the interim subscriber identity in breath.
710, UE receives interim subscriber identity by router.
Wherein, UE receives the registration reply message that the location server is sent by the router, and the registration is rung
Answering includes the interim subscriber identity in message.
The method of privacy of user protection provided in an embodiment of the present invention, location server are raw according to the random value generated at random
At interim subscriber identity, and interim subscriber identity is carried by registration reply message and is sent to user equipment (UE) via router,
And then by hiding the true ID of user using random user ID, solves the problems, such as privacy of user exposure, improve user network
The sense of security of experience.
The present invention provides a kind of user equipment (UE) 8, which is provided so that the embodiment of the present invention may be implemented
Any user secret protection method subject to, referring to shown in Fig. 9, comprising:
Communication unit 81, for sending login request message to location server by router, so that the position
Server generates random value when receiving the login request message of the UE, and the random value is sent to the UE, institute
State include in login request message the UE user identifier so that the location server is according to the random value, common
The identifier of key, the user identifier of the UE and the location server generates interim subscriber identity, and faces described in preservation
When user identifier, the user identifier of the UE, UE mark and the location server mark corresponding relationship so that institute
The message comprising the interim subscriber identity that location server identifies the transmission of the UE according to the corresponding relationship is stated, it is described
Common key is corresponding with the user identifier of the UE;
Communication unit 81 is also used to receive the random value that the location server is sent by the router;
Generation unit 82, for according to the shared key, the user identifier of the UE and obtains the random value in advance
The identifier of the location server taken generates the interim subscriber identity, the user identifier of the common key and the UE
It is corresponding.
User equipment provided in an embodiment of the present invention, user equipment (UE) pass through login request message for the user of user equipment
Mark is sent to location server, and obtains the shared key according to the user identifier of the UE, the user identifier of user equipment,
The mark and shared key for the location server being obtained ahead of time generate interim subscriber identity, by being hidden using random user ID
The true ID of user solves the problems, such as privacy of user exposure, improves the sense of security of user network experience.
Optionally, communication unit 81 are specifically also used to: receiving recognizing for the location server transmission by the router
Request message is demonstrate,proved, includes the random value in the authentication request message.
Optionally, communication unit 81 are specifically also used to: receiving the note that the location server is sent by the router
Volume response message includes the random value in the registration reply message.
User equipment provided in an embodiment of the present invention, user equipment (UE) pass through login request message for the user of user equipment
Mark is sent to location server, and obtains the shared key according to the user identifier of the UE, the user identifier of user equipment,
The mark and shared key for the location server being obtained ahead of time generate interim subscriber identity, by being hidden using random user ID
The true ID of user solves the problems, such as privacy of user exposure, improves the sense of security of user network experience.
The present invention provides a kind of location server SLS9, and location server SLS9 is may be implemented the embodiment of the present invention
Subject to the method for provided any user secret protection, referring to Fig.1 shown in 0, comprising:
Communication unit 91, for receiving the login request message that user equipment (UE) is sent by router, the registration is asked
Seek the user identifier in message comprising the UE, wherein disappear when the location server receives the registration request that the UE is sent
When breath, the location server generates random value;
Communication unit 91 is also used to that the random value is sent to the UE by the router, so that the UE
According to the shared key, the user identifier of the UE, the mark of the random value and the location server obtained in advance
Know symbol and generates interim subscriber identity;
Generation unit 92, for obtaining common key according to the user identifier of the UE, and according to the shared key, institute
State the user identifier of UE, the identifier generation interim subscriber identity of the random value and the location server;
Storage unit 93, for saving the interim subscriber identity of the generation unit generation, user's mark of the UE
The corresponding relationship of the mark of knowledge, UE mark and the location server, and the UE is identified by the corresponding relationship
The message comprising the interim subscriber identity sent.
Location server provided in an embodiment of the present invention, user equipment (UE) pass through login request message for the use of user equipment
Family mark is sent to location server, and obtains the shared key, user's mark of user equipment according to the user identifier of the UE
Know, the mark and shared key for the location server being obtained ahead of time generate interim subscriber identity, by utilizing random user ID
The true ID of user is hidden, privacy of user exposure is solved the problems, such as, improves the sense of security of user network experience.
Optionally, communication unit 91 are specifically also used to: authentication request message is sent to the UE by the router,
It include random value in the authentication request message, so that the UE is according to the shared key, the user identifier of the UE, institute
The identifier for the location server stating random value and obtaining in advance generates interim subscriber identity, the common key and institute
The user identifier for stating UE is corresponding.
Optionally, communication unit 91 are specifically also used to: registration reply message is forwarded to the UE by the router,
It include random value in the registration reply message, so that the UE is according to the shared key, the user identifier of the UE, institute
The identifier for the location server stating random value and obtaining in advance generates interim subscriber identity, the common key and institute
The user identifier for stating UE is corresponding.
Location server provided in an embodiment of the present invention, user equipment (UE) pass through login request message for the use of user equipment
Family mark is sent to location server, and obtains the shared key, user's mark of user equipment according to the user identifier of the UE
Know, the mark and shared key for the location server being obtained ahead of time generate interim subscriber identity, by utilizing random user ID
The true ID of user is hidden, privacy of user exposure is solved the problems, such as, improves the sense of security of user network experience.
The present invention provides a kind of user equipment (UE) 10, which is mentioned so that the embodiment of the present invention may be implemented
Subject to the method for any user secret protection of confession, referring to Fig.1 shown in 1, comprising:
Transmission unit 1001, for sending login request message, the registration request to location server by router
It include the user identifier of the UE in message, so that the location server is when receiving the login request message of the UE
Random value is generated, and is faced according to the generation of the identifier of the random value, the user identifier of the UE and the location server
When user identifier, and save the interim subscriber identity, the user identifier of the UE, UE mark and the location server
The corresponding relationship of mark so that the location server according to the corresponding relationship identify the UE transmission comprising described
The message of interim subscriber identity;
Receiving unit 1002, for receiving the interim subscriber identity by the router.
User equipment provided in an embodiment of the present invention, user equipment (UE) pass through login request message for the user of user equipment
Mark is sent to location server, and obtains the shared key according to the user identifier of the UE, the user identifier of user equipment,
The mark and shared key for the location server being obtained ahead of time generate interim subscriber identity, by being hidden using random user ID
The true ID of user solves the problems, such as privacy of user exposure, improves the sense of security of user network experience.
Further, receiving unit 1002 are specifically also used to: being received the location server by the router and sent
Registration reply message, include the interim subscriber identity in the registration reply message.
User equipment provided in an embodiment of the present invention, location server generate casual user according to the random value generated at random
Mark, and interim subscriber identity is carried by registration reply message and is sent to user equipment (UE) via router, and then passes through benefit
The true ID of user is hidden with random user ID, privacy of user exposure is solved the problems, such as, improves the safety of user network experience
Sense.
The present invention provides a kind of location server SLS11, and location server SLS11 is may be implemented implementation of the invention
Subject to the method for any user secret protection provided by example, referring to Fig.1 shown in 2, comprising:
Communication unit 1101, for receiving the login request message that user equipment (UE) is sent, the registration by router
It include the user identifier of the UE in request message, wherein when the location server receives what the user equipment (UE) was sent
When login request message, the location server generates random value;
Generation unit 1102, for according to the user identifier of the random value, the UE and the location server
Identifier generates interim subscriber identity;
Storage unit 1103, for saving the interim subscriber identity of the generation unit generation, the user of the UE
The corresponding relationship of the mark of mark, UE mark and the location server, so that the location server is according to described right
Answer the message comprising the interim subscriber identity of the transmission of UE described in relation recognition;
Communication unit 1101 is also used to the interim subscriber identity for generating the generation unit by the router
It is forwarded to the UE.
Location server provided in an embodiment of the present invention, user equipment (UE) pass through login request message for the use of user equipment
Family mark is sent to location server, and obtains the shared key, user's mark of user equipment according to the user identifier of the UE
Know, the mark and shared key for the location server being obtained ahead of time generate interim subscriber identity, by utilizing random user ID
The true ID of user is hidden, privacy of user exposure is solved the problems, such as, improves the sense of security of user network experience.
Optionally, generation unit 1102 are specifically also used to: being marked according to the user of the random value, shared key, the UE
Know and the identifier of the location server generates interim subscriber identity, the user identifier pair of the common key and the UE
It answers.
Optionally, communication unit 1101 are specifically also used to: forwarding registration reply message to described by the router
UE includes the interim subscriber identity in the registration reply message.
Location server provided in an embodiment of the present invention, location server generate interim use according to the random value generated at random
Family mark, and interim subscriber identity is carried by registration reply message and is sent to user equipment (UE) via router, and then is passed through
The true ID of user is hidden using random user ID, privacy of user exposure is solved the problems, such as, improves the peace of user network experience
Full sense.
The embodiment of the present invention provides a kind of user equipment (UE) 12, referring to Fig.1 shown in 3, the user equipment (UE) 12 include: to
A few processor 1201, memory 1202, communication port 1203 and bus 1204, at least one processor 1201, storage
Device 1202 and communication interface 1203 connect by bus 1204 and complete mutual communication.
The bus 1204 can be industry standard architecture (Industry Standard Architecture, abbreviation
For ISA) bus, external equipment interconnection (Peripheral Component, referred to as PCI) bus or extension Industry Standard Architecture
Structure (Extended Industry Standard Architecture, referred to as EISA) bus etc..The bus 1304 can be with
It is divided into address bus, data/address bus, control bus etc..Only to be indicated with a thick line in Figure 13 convenient for indicating, it is not intended that
Only a bus or a type of bus.Wherein:
For memory 1202 for storing executable program code, which includes computer operation instruction.Memory
1202 may include high-speed RAM (Random Access Memory, random access memory), it is also possible to further include non-volatile memories
Device (non-volatile memory), for example, at least a magnetic disk storage.
Processor 1201 may be a central processing unit (Central Processing Unit, referred to as CPU), or
Person is specific integrated circuit (Application Specific Integrated Circuit, referred to as ASIC) or quilt
It is configured to implement one or more integrated circuits of the embodiment of the present invention.
Communication interface 1203 is mainly used for realizing the communication between the device in the present embodiment.
Wherein, processor 1201, for being sent out by router to location server by least one communication interface 1203
Login request message is sent, so that the location server generates random value when receiving the login request message of the UE,
And the random value is sent to the UE, it include the user identifier of the UE in the login request message, so that described
Location server is according to the identifier of the random value, common key, the user identifier of the UE and the location server
Interim subscriber identity is generated, and saves the interim subscriber identity, the user identifier of the UE, UE mark and position clothes
The corresponding relationship of the mark of business device, so that the location server identifies the packet of the transmission of the UE according to the corresponding relationship
Message containing the interim subscriber identity, the common key are corresponding with the user identifier of the UE;
Processor 1201 is also used to receive the position clothes by the router by least one communication interface 1203
The random value that business device is sent;
Processor 1201 is also used to according to the shared key, the user identifier of the UE, the random value and in advance
The identifier of the location server obtained generates the interim subscriber identity, user's mark of the common key and the UE
Know and corresponds to.
User equipment provided in an embodiment of the present invention, user equipment (UE) pass through login request message for the user of user equipment
Mark is sent to location server, and obtains the shared key according to the user identifier of the UE, the user identifier of user equipment,
The mark and shared key for the location server being obtained ahead of time generate interim subscriber identity, by being hidden using random user ID
The true ID of user solves the problems, such as privacy of user exposure, improves the sense of security of user network experience.
Optionally, processor 1201 are specifically also used to: being connect by least one communication interface 1203 by the router
The authentication request message that the location server is sent is received, includes the random value in the authentication request message.
Optionally, processor 1201 are specifically also used to: being connect by least one communication interface 1203 by the router
The registration reply message that the location server is sent is received, includes the random value in the registration reply message.
User equipment provided in an embodiment of the present invention, user equipment (UE) pass through login request message for the user of user equipment
Mark is sent to location server, and obtains the shared key according to the user identifier of the UE, the user identifier of user equipment,
The mark and shared key for the location server being obtained ahead of time generate interim subscriber identity, by being hidden using random user ID
The true ID of user solves the problems, such as privacy of user exposure, improves the sense of security of user network experience.
The embodiment of the present invention provides a kind of location server SLS13, referring to Fig.1 shown in 4, location server SLS13
It include: at least one processor 1301, memory 1302, communication port 1303 and bus 1304, at least one processor
1301, memory 1302 and communication interface 1303 connect by bus 1304 and complete mutual communication.
The bus 1304 can be industry standard architecture (Industry Standard Architecture, abbreviation
For ISA) bus, external equipment interconnection (Peripheral Component, referred to as PCI) bus or extension Industry Standard Architecture
Structure (Extended Industry Standard Architecture, referred to as EISA) bus etc..The bus 1304 can be with
It is divided into address bus, data/address bus, control bus etc..Only to be indicated with a thick line in Figure 14 convenient for indicating, it is not intended that
Only a bus or a type of bus.Wherein:
For memory 1302 for storing executable program code, which includes computer operation instruction.Memory
1302 may include high speed RAM memory, it is also possible to further include nonvolatile memory (non-volatile memory), example
Such as at least one magnetic disk storage.
Processor 1301 may be a central processing unit (Central Processing Unit, referred to as CPU), or
Person is specific integrated circuit (Application Specific Integrated Circuit, referred to as ASIC) or quilt
It is configured to implement one or more integrated circuits of the embodiment of the present invention.
Communication interface 1303 is mainly used for realizing the communication between the device in the present embodiment.
Wherein, processor 1301, for receiving user equipment (UE) by router by least one communication interface 1303
The login request message of transmission includes the user identifier of the UE in the login request message, wherein when the location-based service
When device receives the login request message that the UE is sent, the location server generates random value;
Processor 1301 is also used to send out the random value by the router by least one communication interface 1303
The UE is given, so that the UE is according to the shared key, the user identifier of the UE and obtains the random value in advance
The identifier of the location server taken generates interim subscriber identity;
Processor 1301 is also used to obtain common key according to the user identifier of the UE, and according to the shared key,
The identifier of the user identifier of the UE, the random value and the location server generates the interim subscriber identity;
Memory 1302, for saving the interim subscriber identity of the generation unit generation, user's mark of the UE
The corresponding relationship of the mark of knowledge, UE mark and the location server, and the UE is identified by the corresponding relationship
The message comprising the interim subscriber identity sent.
Location server provided in an embodiment of the present invention, user equipment (UE) pass through login request message for the use of user equipment
Family mark is sent to location server, and obtains the shared key, user's mark of user equipment according to the user identifier of the UE
Know, the mark and shared key for the location server being obtained ahead of time generate interim subscriber identity, by utilizing random user ID
The true ID of user is hidden, privacy of user exposure is solved the problems, such as, improves the sense of security of user network experience.
Optionally, processor 1301 are specifically also used to: by least one communication interface 1303 by the router to
The UE sends authentication request message, includes random value in the authentication request message, so that the UE is according to described shared
The identifier of key, the user identifier of the UE, the random value and the location server obtained in advance generates interim
User identifier, the common key are corresponding with the user identifier of the UE.
Optionally, processor 1301 are specifically also used to: by least one communication interface 1303 by the router to
The UE forwards registration reply message, includes random value in the registration reply message, so that the UE is according to described shared
The identifier of key, the user identifier of the UE, the random value and the location server obtained in advance generates interim
User identifier, the common key are corresponding with the user identifier of the UE.
Location server provided in an embodiment of the present invention, user equipment (UE) pass through login request message for the use of user equipment
Family mark is sent to location server, and obtains the shared key, user's mark of user equipment according to the user identifier of the UE
Know, the mark and shared key for the location server being obtained ahead of time generate interim subscriber identity, by utilizing random user ID
The true ID of user is hidden, privacy of user exposure is solved the problems, such as, improves the sense of security of user network experience.
The embodiment of the present invention provides a kind of user equipment (UE) 14, referring to Fig.1 shown in 5, the user equipment (UE) 14 include: to
A few processor 1401, memory 1402, communication port 1403 and bus 1404, at least one processor 1401, storage
Device 1402 and communication interface 1403 connect by bus 1404 and complete mutual communication.
The bus 1404 can be industry standard architecture (Industry Standard Architecture, abbreviation
For ISA) bus, external equipment interconnection (Peripheral Component, referred to as PCI) bus or extension Industry Standard Architecture
Structure (Extended Industry Standard Architecture, referred to as EISA) bus etc..The bus 1404 can be with
It is divided into address bus, data/address bus, control bus etc..Only to be indicated with a thick line in Figure 15 convenient for indicating, it is not intended that
Only a bus or a type of bus.Wherein:
For memory 1402 for storing executable program code, which includes computer operation instruction.Memory
1402 may include high speed RAM memory, it is also possible to further include nonvolatile memory (non-volatile memory), example
Such as at least one magnetic disk storage.
Processor 1401 may be a central processing unit (Central Processing Unit, referred to as CPU), or
Person is specific integrated circuit (Application Specific Integrated Circuit, referred to as ASIC) or quilt
It is configured to implement one or more integrated circuits of the embodiment of the present invention.
Communication interface 1403 is mainly used for realizing the communication between the device in the present embodiment.
Wherein, processor 1401, for being sent out by router to location server by least one communication interface 1403
Login request message is sent, includes the user identifier of the UE in the login request message, so that the location server exists
Generate random value when receiving the login request message of the UE, and according to the random value, the UE user identifier and
The identifier of the location server generates interim subscriber identity, and saves user's mark of the interim subscriber identity, the UE
The corresponding relationship of the mark of knowledge, UE mark and the location server, so that the location server is according to the correspondence
The message comprising the interim subscriber identity of the transmission of UE described in relation recognition;
Processor 1401 is also used to receive the interim use by the router by least one communication interface 1403
Family mark.
User equipment provided in an embodiment of the present invention, user equipment (UE) pass through login request message for the user of user equipment
Mark is sent to location server, and obtains the shared key according to the user identifier of the UE, the user identifier of user equipment,
The mark and shared key for the location server being obtained ahead of time generate interim subscriber identity, by being hidden using random user ID
The true ID of user solves the problems, such as privacy of user exposure, improves the sense of security of user network experience.
Further, processor 1401 are specifically also used to pass through the router by least one communication interface 1403
The registration reply message that the location server is sent is received, includes the interim subscriber identity in the registration reply message.
User equipment provided in an embodiment of the present invention, location server generate casual user according to the random value generated at random
Mark, and interim subscriber identity is carried by registration reply message and is sent to user equipment (UE) via router, and then passes through benefit
The true ID of user is hidden with random user ID, privacy of user exposure is solved the problems, such as, improves the safety of user network experience
Sense.
The embodiment of the present invention provides a kind of location server SLS15, referring to Fig.1 shown in 6, location server SLS15
It include: at least one processor 1501, memory 1502, communication port 1503 and bus 1504, at least one processor
1501, memory 1502 and communication interface 1503 connect by bus 1504 and complete mutual communication.
The bus 1504 can be industry standard architecture (Industry Standard Architecture, abbreviation
For ISA) bus, external equipment interconnection (Peripheral Component, referred to as PCI) bus or extension Industry Standard Architecture
Structure (Extended Industry Standard Architecture, referred to as EISA) bus etc..The bus 1504 can be with
It is divided into address bus, data/address bus, control bus etc..Only to be indicated with a thick line in Figure 16 convenient for indicating, it is not intended that
Only a bus or a type of bus.Wherein:
For memory 1502 for storing executable program code, which includes computer operation instruction.Memory
1502 may include high speed RAM memory, it is also possible to further include nonvolatile memory (non-volatile memory), example
Such as at least one magnetic disk storage.
Processor 1501 may be a central processing unit (Central Processing Unit, referred to as CPU), or
Person is specific integrated circuit (Application Specific Integrated Circuit, referred to as ASIC) or quilt
It is configured to implement one or more integrated circuits of the embodiment of the present invention.
Communication interface 1503 is mainly used for realizing the communication between the device in the present embodiment.
Wherein, processor 1501, for receiving user equipment (UE) by router by least one communication interface 1503
The login request message of transmission includes the user identifier of the UE in the login request message, wherein when the location-based service
When device receives the login request message that the user equipment (UE) is sent, the location server generates random value;
Processor 1501 is also used to according to the random value, the user identifier of the UE and the location server
Identifier generates interim subscriber identity;
Memory 1502, for saving the interim subscriber identity of the generation unit generation, user's mark of the UE
The corresponding relationship of the mark of knowledge, UE mark and the location server, so that the location server is according to the correspondence
The message comprising the interim subscriber identity of the transmission of UE described in relation recognition;
Processor 1501 is also used to the generation unit through at least one communication interface 1503 through the router
The interim subscriber identity generated is forwarded to the UE.
Location server provided in an embodiment of the present invention, user equipment (UE) pass through login request message for the use of user equipment
Family mark is sent to location server, and obtains the shared key, user's mark of user equipment according to the user identifier of the UE
Know, the mark and shared key for the location server being obtained ahead of time generate interim subscriber identity, by utilizing random user ID
The true ID of user is hidden, privacy of user exposure is solved the problems, such as, improves the sense of security of user network experience.
Optionally, processor 1501 are specifically also used to: according to the random value, shared key, the user identifier of the UE
And the identifier of the location server generates interim subscriber identity, the user identifier pair of the common key and the UE
It answers.
Optionally, processor 1501 are specifically also used to: being turned by least one communication interface 1503 by the router
Registration reply message is sent out to the UE, includes the interim subscriber identity in the registration reply message.
Location server provided in an embodiment of the present invention, location server generate interim use according to the random value generated at random
Family mark, and interim subscriber identity is carried by registration reply message and is sent to user equipment (UE) via router, and then is passed through
The true ID of user is hidden using random user ID, privacy of user exposure is solved the problems, such as, improves the peace of user network experience
Full sense.
The embodiment of the present invention provides a kind of communication system 16, referring to Fig.1 shown in 7, comprising: location server SLS1601,
Domain router DR1602 and the user equipment (UE) 1603 being connect with DR, wherein
Location server SLS1601 is location server SLS shown in Fig. 10;
The user equipment (UE) 1603 is user equipment (UE) shown in Fig. 9;
Alternatively,
Location server SLS1601 is location server SLS shown in Figure 12;
The user equipment (UE) 1603 is user equipment (UE) shown in Figure 11;
Alternatively,
Location server SLS1601 is location server SLS shown in Figure 14;
The user equipment (UE) 1603 is user equipment (UE) shown in Figure 13;
Alternatively,
Location server SLS1601 is location server SLS shown in Figure 16;
The user equipment (UE) 1603 is user equipment (UE) shown in figure 15.
Communication system provided in an embodiment of the present invention, user equipment (UE) pass through login request message for the user of user equipment
Mark is sent to location server, and obtains the shared key according to the user identifier of the UE, the user identifier of user equipment,
The mark and shared key for the location server being obtained ahead of time generate interim subscriber identity, by being hidden using random user ID
The true ID of user solves the problems, such as privacy of user exposure, improves the sense of security of user network experience.
Through the above description of the embodiments, it is apparent to those skilled in the art that the present invention can be with
It is realized with hardware realization or firmware realization or their combination mode.It when implemented in software, can be by above-mentioned function
Storage in computer-readable medium or as on computer-readable medium one or more instructions or code transmitted.Meter
Calculation machine readable medium includes computer storage media and communication media, and wherein communication media includes convenient for from a place to another
Any medium of a place transmission computer program.Storage medium can be any usable medium that computer can access.With
For this but be not limited to: computer-readable medium may include RAM, ROM(Read Only Memory, read-only memory) or its
His optical disc storage, magnetic disk storage medium or other magnetic storage apparatus or it can be used in carrying or storing that there is instruction or number
According to structure type desired program code and can be by any other medium of computer access.Furthermore.Any connection can be with
It is appropriate to become computer-readable medium.For example, if software is using coaxial cable, optical fiber cable, twisted pair, digital subscriber
Line (DSL) either such as infrared ray, radio and microwave etc wireless technology from website, server or other remote sources pass
Defeated, then the wireless technology of coaxial cable, optical fiber cable, twisted pair, DSL or such as infrared ray, wireless and microwave etc
Including in the fixing of affiliated medium.As used in the present invention, disk (Disk) and dish (disc) include compression optical disc (CD), swash
Optical disc, optical disc, Digital Versatile Disc (DVD), floppy disk and Blu-ray Disc, the usually magnetic replicate data of which disk, and dish is then used
Laser carrys out optical replicate data.Combination above should also be as including within the protection scope of computer-readable medium.
The above description is merely a specific embodiment, but scope of protection of the present invention is not limited thereto, any
Those familiar with the art in the technical scope disclosed by the present invention, can easily think of the change or the replacement, and should all contain
Lid is within protection scope of the present invention.Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (23)
1. a kind of method of privacy of user protection characterized by comprising
User equipment (UE) sends login request message to location server by router, so that the location server is connecing
Random value is generated when receiving the login request message of the UE, and the random value is sent to the UE, the registration request
It include the user identifier of the UE in message, so that the location server is according to the random value, shared key, the UE
User identifier and the location server identifier generate interim subscriber identity, and save the interim subscriber identity,
The user identifier of the UE, UE are identified and the corresponding relationship of the mark of the location server, so that the location-based service
Device identifies the message comprising the interim subscriber identity of the transmission of the UE according to the corresponding relationship, the shared key with
The user identifier of the UE is corresponding;
The UE receives the random value that the location server is sent by the router;
The UE is according to the shared key, the user identifier of the UE, the random value and the position obtained in advance
The identifier of server generates the interim subscriber identity, and the shared key is corresponding with the user identifier of the UE.
2. the method according to claim 1, wherein the UE receives the location-based service by the router
Device send the random value include:
The UE receives the authentication request message that the location server is sent, the authentication request message by the router
In include the random value.
3. the method according to claim 1, wherein the UE receives the location-based service by the router
Device send the random value include:
The UE receives the registration reply message that the location server is sent, the registration reply message by the router
In include the random value.
4. a kind of method of privacy of user protection characterized by comprising
Location server receives the login request message that user equipment (UE) is sent by router, wraps in the login request message
User identifier containing the UE, wherein when the location server receives the login request message that the UE is sent, institute's rheme
It sets server and generates random value;
The random value is sent to the UE by the router by the location server, so that the UE is according to shared
The identifier of key, the user identifier of the UE, the random value and the location server obtained in advance generates interim
User identifier;
The location server obtains shared key according to the user identifier of the UE, and according to the shared key, the UE
User identifier, the identifier of the random value and the location server generates the interim subscriber identity;
The location server saves the interim subscriber identity, the user identifier of the UE, UE mark and institute's rheme
The corresponding relationship of the mark of server is set, and marking comprising the casual user for the UE transmission is identified by the corresponding relationship
The message of knowledge.
5. according to the method described in claim 4, it is characterized in that, the location server by the router will it is described with
Machine value is sent to the UE
The location server sends authentication request message to the UE by the router, wraps in the authentication request message
Random value is included, so that the UE is according to the shared key, the user identifier of the UE, the random value and in advance acquisition
The identifier of the location server generate interim subscriber identity, the shared key is corresponding with the user identifier of the UE.
6. according to the method described in claim 4, it is characterized in that, the location server by the router will it is described with
Machine value is sent to the UE
The location server forwards registration reply message to the UE by the router, wraps in the registration reply message
Random value is included, so that the UE is according to the shared key, the user identifier of the UE, the random value and in advance acquisition
The identifier of the location server generate interim subscriber identity, the shared key is corresponding with the user identifier of the UE.
7. a kind of method of privacy of user protection characterized by comprising
User equipment (UE) sends login request message to location server by router, includes institute in the login request message
The user identifier of UE is stated, so that the location server generates random value when receiving the login request message of the UE,
And interim subscriber identity is generated according to the identifier of the random value, the user identifier of the UE and the location server,
And save the correspondence of the mark of the interim subscriber identity, the user identifier of the UE, UE mark and the location server
Relationship so that the location server according to the corresponding relationship identify the UE transmission comprising the casual user mark
The message of knowledge;
The UE receives the interim subscriber identity by the router.
8. the method according to the description of claim 7 is characterized in that the UE receives the casual user by the router
Mark includes:
The UE receives the registration reply message that the location server is sent, the registration reply message by the router
In include the interim subscriber identity.
9. a kind of method of privacy of user protection characterized by comprising
Location server receives the login request message that user equipment (UE) is sent by router, wraps in the login request message
User identifier containing the UE, wherein when the location server receives the login request message that the user equipment (UE) is sent
When, the location server generates random value;
The location server is raw according to the identifier of the random value, the user identifier of the UE and the location server
At interim subscriber identity;
The location server saves the interim subscriber identity, the user identifier of the UE, UE mark and position clothes
The corresponding relationship of the mark of business device, so that the location server identifies the packet of the transmission of the UE according to the corresponding relationship
Message containing the interim subscriber identity;
The interim subscriber identity is forwarded to the UE by the router by the location server.
10. according to the method described in claim 9, it is characterized in that, the location server is according to the random value, the UE
User identifier and the location server identifier generate interim subscriber identity include:
The location server is according to the random value, shared key, the user identifier of the UE and the location server
Identifier generate interim subscriber identity, the shared key is corresponding with the user identifier of the UE.
11. according to the method described in claim 9, it is characterized in that, the location server will be described by the router
Interim subscriber identity is forwarded to the UE, comprising:
The location server forwards registration reply message to the UE by the router, wraps in the registration reply message
Include the interim subscriber identity.
12. a kind of user equipment characterized by comprising
Communication unit, for sending login request message to location server by router, so that the location server
Random value is generated in the login request message for receiving UE, and the random value is sent to the UE, the registration request
It include the user identifier of the UE in message, so that the location server is according to the random value, shared key, the UE
User identifier and the location server identifier generate interim subscriber identity, and save the interim subscriber identity,
The user identifier of the UE, UE are identified and the corresponding relationship of the mark of the location server, so that the location-based service
Device identifies the message comprising the interim subscriber identity of the transmission of the UE according to the corresponding relationship, the shared key with
The user identifier of the UE is corresponding;
The communication unit is also used to receive the random value that the location server is sent by the router;
Generation unit, for according to the shared key, the user identifier of the UE, the random value and the institute obtained in advance
The identifier for stating location server generates the interim subscriber identity, and the shared key is corresponding with the user identifier of the UE.
13. user equipment according to claim 12, which is characterized in that the communication unit is specifically also used to:
The authentication request message that the location server is sent is received by the router, includes in the authentication request message
The random value.
14. user equipment according to claim 12, which is characterized in that the communication unit is specifically also used to:
The registration reply message that the location server is sent is received by the router, includes in the registration reply message
The random value.
15. a kind of location server characterized by comprising
Communication unit, for receiving the login request message that user equipment (UE) is sent, the login request message by router
In include the UE user identifier, wherein when the location server receives the login request message that the UE is sent, institute
It states location server and generates random value;
The communication unit is also used to that the random value is sent to the UE by the router, so that the UE root
According to shared key, the user identifier of the UE, the identifier life of the random value and the location server obtained in advance
At interim subscriber identity;
Generation unit, for obtaining shared key according to the user identifier of the UE, and according to the shared key, the UE's
The identifier of user identifier, the random value and the location server generates the interim subscriber identity;
Storage unit, for saving the user identifier, described of the interim subscriber identity, the UE that the generation unit generates
The corresponding relationship of UE mark and the mark of the location server, and the packet that the UE is sent is identified by the corresponding relationship
Message containing the interim subscriber identity.
16. location server according to claim 15, which is characterized in that the communication unit is specifically also used to:
Authentication request message is sent to the UE by the router, includes random value in the authentication request message, so that
The UE is obtained according to the shared key, the user identifier of the UE, the random value and the position obtained in advance clothes
The identifier of business device generates interim subscriber identity, and the shared key is corresponding with the user identifier of the UE.
17. location server according to claim 15, which is characterized in that the communication unit is specifically also used to:
Registration reply message is forwarded to the UE by the router, includes random value in the registration reply message, so that
The UE is obtained according to the shared key, the user identifier of the UE, the random value and the position obtained in advance clothes
The identifier of business device generates interim subscriber identity, and the shared key is corresponding with the user identifier of the UE.
18. a kind of user equipment characterized by comprising
Transmission unit wraps in the login request message for sending login request message to location server by router
User identifier containing user equipment (UE), so that the location server generates at random in the login request message for receiving UE
Value, and casual user's mark is generated according to the identifier of the random value, the user identifier of the UE and the location server
Know, and saves pair of the mark of the interim subscriber identity, the user identifier of the UE, UE mark and the location server
Should be related to so that the location server according to the corresponding relationship identify the UE transmission comprising the casual user
The message of mark;
Receiving unit, for receiving the interim subscriber identity by the router.
19. user equipment according to claim 18, which is characterized in that the receiving unit is specifically also used to:
The registration reply message that the location server is sent is received by the router, includes in the registration reply message
The interim subscriber identity.
20. a kind of location server characterized by comprising
Communication unit, for receiving the login request message that user equipment (UE) is sent, the login request message by router
In include the UE user identifier, wherein when the location server receives the registration request that the user equipment (UE) is sent
When message, the location server generates random value;
Generation unit, for raw according to the user identifier of the random value, the UE and the identifier of the location server
At interim subscriber identity;
Storage unit, for saving the interim subscriber identity, the user identifier of the UE, UE mark that the generation unit generates
The corresponding relationship of the mark of knowledge and the location server, so that the location server is identified according to the corresponding relationship
The message comprising the interim subscriber identity of the transmission of the UE;
The communication unit is also used to forward by the interim subscriber identity that the router generates the generation unit
To the UE.
21. location server according to claim 20, which is characterized in that the generation unit is specifically also used to:
Faced according to the generation of the identifier of the random value, shared key, the user identifier of the UE and the location server
When user identifier, the shared key is corresponding with the user identifier of the UE.
22. location server according to claim 20, which is characterized in that the communication unit is specifically also used to:
It include the casual user in the registration reply message by router forwarding registration reply message to the UE
Mark.
23. a kind of communication system characterized by comprising location server, router and the use being connected to the router
Family equipment UE, wherein
The location server is location server described in any one of claim 15~17;
The user equipment (UE) is user equipment described in any one of claim 12~14;
Alternatively,
The location server is location server described in any one of claim 20~22;
The user equipment (UE) is user equipment described in any one of claim 18~19.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410070160.3A CN104883339B (en) | 2014-02-27 | 2014-02-27 | A kind of method, apparatus and system of privacy of user protection |
PCT/CN2014/080869 WO2015127736A1 (en) | 2014-02-27 | 2014-06-26 | Method, device and system for user privacy protection |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410070160.3A CN104883339B (en) | 2014-02-27 | 2014-02-27 | A kind of method, apparatus and system of privacy of user protection |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104883339A CN104883339A (en) | 2015-09-02 |
CN104883339B true CN104883339B (en) | 2019-06-21 |
Family
ID=53950674
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410070160.3A Active CN104883339B (en) | 2014-02-27 | 2014-02-27 | A kind of method, apparatus and system of privacy of user protection |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN104883339B (en) |
WO (1) | WO2015127736A1 (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106254308A (en) * | 2016-07-01 | 2016-12-21 | 捷开通讯科技(上海)有限公司 | Communication device intimacy protection system and method |
KR102212873B1 (en) | 2018-07-03 | 2021-02-09 | 한양대학교 산학협력단 | Device and method for requesting message transmission, server for managing message transmission, and base station |
CN109842880B (en) * | 2018-08-23 | 2020-04-03 | 华为技术有限公司 | Routing method, device and system |
CN109889541A (en) * | 2019-03-25 | 2019-06-14 | 郑州轻工业学院 | The mobile device authentication method for having anonymous reward distribution and privacy of identities protection |
CN110069945B (en) * | 2019-04-11 | 2021-02-26 | 西华大学 | Method, device and system for protecting user privacy |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1313287A2 (en) * | 2001-11-20 | 2003-05-21 | Nokia Corporation | SIP-level confidentiality protection |
CN101272589A (en) * | 2007-03-21 | 2008-09-24 | 展讯通信(上海)有限公司 | Method for switch mobile phone device number and protecting user intimacy and mobile phone thereof |
CN101488945A (en) * | 2008-01-14 | 2009-07-22 | 北京大唐高鸿数据网络技术有限公司 | Authentication method oriented to SIP |
EP2237473A4 (en) * | 2008-01-31 | 2011-05-18 | Huawei Tech Co Ltd | Method, apparatus and system for configuring key |
CN102348280A (en) * | 2010-08-02 | 2012-02-08 | 中兴通讯股份有限公司 | Terminal location information obtaining method, system and device |
CN103281672A (en) * | 2013-06-08 | 2013-09-04 | 南京大学 | Method for protecting position privacy by mobile terminals |
-
2014
- 2014-02-27 CN CN201410070160.3A patent/CN104883339B/en active Active
- 2014-06-26 WO PCT/CN2014/080869 patent/WO2015127736A1/en active Application Filing
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1313287A2 (en) * | 2001-11-20 | 2003-05-21 | Nokia Corporation | SIP-level confidentiality protection |
CN101272589A (en) * | 2007-03-21 | 2008-09-24 | 展讯通信(上海)有限公司 | Method for switch mobile phone device number and protecting user intimacy and mobile phone thereof |
CN101488945A (en) * | 2008-01-14 | 2009-07-22 | 北京大唐高鸿数据网络技术有限公司 | Authentication method oriented to SIP |
EP2237473A4 (en) * | 2008-01-31 | 2011-05-18 | Huawei Tech Co Ltd | Method, apparatus and system for configuring key |
CN102348280A (en) * | 2010-08-02 | 2012-02-08 | 中兴通讯股份有限公司 | Terminal location information obtaining method, system and device |
CN103281672A (en) * | 2013-06-08 | 2013-09-04 | 南京大学 | Method for protecting position privacy by mobile terminals |
Also Published As
Publication number | Publication date |
---|---|
CN104883339A (en) | 2015-09-02 |
WO2015127736A1 (en) | 2015-09-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2019158028A1 (en) | Communication method and device | |
CN105637805B (en) | Enhance mobile alternate channel to solve the node failure in wired networks | |
CN104883339B (en) | A kind of method, apparatus and system of privacy of user protection | |
CN104519020B (en) | Manage method, server and the system of wireless network login password sharing function | |
EP3720100A1 (en) | Service request processing method and device | |
US9230286B2 (en) | Methods and systems for associating users through network societies | |
BRPI0716457A2 (en) | device and method to enable sip dect terminal mobility | |
CN104917605B (en) | The method and apparatus of key agreement during a kind of terminal device switching | |
US11088996B1 (en) | Secure network protocol and transit system to protect communications deliverability and attribution | |
CN101960814A (en) | IP address delegation | |
CN104349208A (en) | Message processing method, message processing device, gateway, set-top box and network television system | |
CN113518348B (en) | Service processing method, device, system and storage medium | |
CN107006052A (en) | Set up using the OTT connections of the D2D based on infrastructure serviced | |
CN108366059A (en) | Communication negotiation method, responder device and initiator device | |
WO2015123953A1 (en) | Key generation method, device and system | |
CN108377499A (en) | A kind of method for network access, routing device and terminal | |
CN108702801B (en) | Method for enabling the establishment of a direct connection | |
CN103051594A (en) | Method, network side equipment and system of establishing end-to-end security of marked net | |
CN105516070B (en) | A kind of method and device that Service Ticket substitutes | |
CN106537962B (en) | Wireless network configuration, access and access method, device and equipment | |
CN104301197B (en) | It is a kind of to realize the method and system mutually found between user multiple terminals | |
CN105357445B (en) | A kind of Internet of things system | |
JP2009258965A (en) | Authentication system, authentication apparatus, communication setting apparatus, and authentication method | |
CN109921989B (en) | BGP logical topology generation method and equipment | |
CN107046568A (en) | A kind of authentication method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
EXSB | Decision made by sipo to initiate substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |