CN107371161B - 5G network security authentication access method - Google Patents

5G network security authentication access method Download PDF

Info

Publication number
CN107371161B
CN107371161B CN201710775292.XA CN201710775292A CN107371161B CN 107371161 B CN107371161 B CN 107371161B CN 201710775292 A CN201710775292 A CN 201710775292A CN 107371161 B CN107371161 B CN 107371161B
Authority
CN
China
Prior art keywords
information
matrix
user
password
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710775292.XA
Other languages
Chinese (zh)
Other versions
CN107371161A (en
Inventor
李同波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Siji Location Service Co ltd
State Grid Siji Network Security Beijing Co ltd
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN201710775292.XA priority Critical patent/CN107371161B/en
Publication of CN107371161A publication Critical patent/CN107371161A/en
Application granted granted Critical
Publication of CN107371161B publication Critical patent/CN107371161B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/16Discovering, processing access restriction or access information

Abstract

The invention discloses a 5G network safety certification access method, which adopts a unique verification mode, firstly, user login information and password information are used for generating a user information matrix and a password information matrix, then, a network certification access management server generates a login information matrix according to the user login information matrix and the password information matrix and by combining an additional characteristic matrix, and then a unit matrix vector is obtained according to the login information matrix, and the unit matrix vector is used as a basis for generating a verification code by login access in the future, so that the generation stability of the verification code can be effectively improved, the safety and the stability of 5G network login are improved, and moreover, the invention carries out batch processing on users, can well improve the information processing rate and meet the requirements of a 5G network.

Description

5G network security authentication access method
Technical Field
The invention relates to a 5G network security authentication access method, and belongs to the technical field of 5G network communication.
Background
Currently, 5G is an abbreviation for fifth generation mobile communication technology. Under the condition of a 5G network, the downloading speed of the smart phone can reach 20Gb per second, which is 1000 times faster than that of the existing 4G network. The 5G network is used as the next generation mobile communication network, the maximum theoretical transmission speed can reach dozens of Gb per second, which is hundreds of times faster than the transmission speed of the current 4G network, and the whole super high quality movie can be downloaded within 1 second. With the advent of 5G technology, the era of sharing 3D movies, games, and Ultra High Definition (UHD) programs with intelligent terminals has gone to us. 5G networks have successfully reached 1Gbps in the 28 gigahertz (GHz) band, in contrast to current fourth generation long term evolution (4G LTE) services, which only have 75Mbps transmission rate. The transmission rate of the future 5G network can reach up to 10Gbps, which means that a mobile phone user can complete the downloading of a high-definition movie in less than one second. Obviously, 5G networks mean ultra-fast data transmission speed, and currently, a plurality of countries around the world compete to develop 5G network technology, and China and the European Union invest a great deal of capital and research and development force for the technology.
For the speed of the 5G network, the security of the network is also an extremely important aspect, the current network access verification mode is generally simpler and is completed only by means of a user name and a password, and then, the security is further improved by setting a randomly generated verification code, however, the access mode, especially the mode of randomly generating the verification code, lacks a necessary security unification system, still has certain danger, and affects the secure access of the 5G network, and the current network authentication mode is slower in speed, and is difficult to meet the high-speed requirement of the 5G network.
The invention provides a 5G network security authentication access method aiming at the problems so as to improve the security of 5G network access.
Disclosure of Invention
In order to achieve the purpose, the invention provides the following technical scheme: A5G network security authentication access method comprises the following steps:
(1) when a plurality of user terminals simultaneously request to access the 5G network, the base station inquires the user login information, inquires whether the users have initial login, if so, the users who log in for the first time are processed in a centralized way, and then the step (2) is carried out, the user information is registered and set, meanwhile, the users who do not log in for the first time are processed in a centralized way, and the step (3) is directly carried out, and the user login information is verified;
(2) the user information processing server sends registration information to the user terminals, prompts the user terminals to input password information, and records the password information input by the user terminals as a matrix P:
Figure DEST_PATH_IMAGE001
wherein the content of the first and second substances,
Figure DEST_PATH_IMAGE002
is the digital information in the password and is,
Figure DEST_PATH_IMAGE003
is the alphabetical information in the password,
Figure DEST_PATH_IMAGE004
punctuation information in the password; i is an integer which is more than or equal to 1 and less than or equal to n, and n represents n users;
meanwhile, the user information processing server records the user name information of each user as a matrix Q:
Figure DEST_PATH_IMAGE005
wherein the content of the first and second substances,
Figure DEST_PATH_IMAGE006
is the digital information of the user name information,
Figure DEST_PATH_IMAGE007
is the alphabetical information in the user name information,
Figure DEST_PATH_IMAGE008
punctuation information which is user name information; k is an integer greater than or equal to 1 and less than or equal to m, m represents m users, and m = n is common;
the user processing server simultaneously generates intermediate additional code characteristic information for the batch of users and records the intermediate additional code characteristic information as a matrix
Figure 298489DEST_PATH_IMAGE009
Figure DEST_PATH_IMAGE010
The user processing server generates a middle additional user name characteristic information according to the batch of users at the same time, and records the information as a matrix
Figure 28679DEST_PATH_IMAGE011
Figure DEST_PATH_IMAGE012
The information integration processing server is used for integrating the information according to the matrix P,
Figure 621465DEST_PATH_IMAGE013
And a matrix Q,
Figure 892040DEST_PATH_IMAGE011
Performing integration transformation on the registration information to obtain a login information matrix DPQ, wherein the DPQ is as follows:
Figure DEST_PATH_IMAGE014
obtaining a unit matrix vector according to the login information matrix DPQ
Figure 519462DEST_PATH_IMAGE015
A password information matrix P, a user name information matrix Q and an identity matrix vector input by the user terminal
Figure DEST_PATH_IMAGE016
The data are stored in a network authentication access management server in a one-to-one corresponding mode;
(3) after a user inputs a user name and a password and clicks login, the network authentication access management server converts the input user name and the input password into a password information matrix and a user name information matrix, and inquires whether a password information matrix P and a user name information matrix matched with the user name and the input user name are available in the network authentication access management server, and if the password information matrix P and the user name information matrix are successfully matched with each other, an information verification step is carried out;
and (3) information verification step: the network authentication access management server is based on the unit matrix vector
Figure 154974DEST_PATH_IMAGE015
The verification matrix DP is automatically randomly set, wherein,
Figure DEST_PATH_IMAGE017
wherein, in the step (A),
Figure DEST_PATH_IMAGE018
is an integer of 1 or more;
the network authentication access management server converts the matrix DP into a verification code and sends the verification code to a user for the user to input verification;
if the user input is correct, the 5G network automatically accesses, if the user input is wrong, the 5G network forbids the access, and the authentication process is finished.
Further, preferably, both the letter information and the punctuation information in the user name and the password are converted into numbers and stored in a matrix.
Compared with the prior art, the invention has the beneficial effects that:
the invention adopts a unique verification mode, firstly, the user login information and the password information are generated into a user information matrix and a password information matrix, then, the network authentication access management server generates a login information matrix according to the user login information matrix and the password information matrix in combination with an additional characteristic matrix, and then obtains a unit matrix vector according to the login information matrix, and the unit matrix vector is used as the basis for generating the verification code for future login access, thereby effectively improving the generation stability of the verification code and the safety and stability of 5G network login.
Drawings
Fig. 1 is a schematic structural diagram of a 5G network security authentication access method according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the present invention provides a technical solution: A5G network security authentication access method comprises the following steps:
(1) when a plurality of user terminals simultaneously request to access the 5G network, the base station inquires the user login information, inquires whether the users have initial login, if so, the users who log in for the first time are processed in a centralized way, and then the step (2) is carried out, the user information is registered and set, meanwhile, the users who do not log in for the first time are processed in a centralized way, and the step (3) is directly carried out, and the user login information is verified;
(2) the user information processing server sends registration information to the user terminals, prompts the user terminals to input password information, and records the password information input by the user terminals as a matrix P:
Figure DEST_PATH_IMAGE019
wherein the content of the first and second substances,
Figure DEST_PATH_IMAGE020
is the digital information in the password and is,
Figure DEST_PATH_IMAGE021
is the alphabetical information in the password,
Figure 736521DEST_PATH_IMAGE004
punctuation information in the password; i is an integer which is more than or equal to 1 and less than or equal to n, and n represents n users;
meanwhile, the user information processing server records the user name information of each user as a matrix Q:
Figure 861386DEST_PATH_IMAGE005
wherein the content of the first and second substances,
Figure 405631DEST_PATH_IMAGE006
is the digital information of the user name information,
Figure 274361DEST_PATH_IMAGE007
is the alphabetical information in the user name information,
Figure 966373DEST_PATH_IMAGE008
punctuation information which is user name information; k is an integer greater than or equal to 1 and less than or equal to m, m represents m users, and m = n is common;
the user processing server simultaneously generates an intermediate for the batch of usersAdding the characteristic information of the cipher, and recording the intermediate additional characteristic information of the cipher as a matrix
Figure 578751DEST_PATH_IMAGE009
Figure 977503DEST_PATH_IMAGE010
The user processing server generates a middle additional user name characteristic information according to the batch of users at the same time, and records the information as a matrix
Figure 345030DEST_PATH_IMAGE011
Figure 462022DEST_PATH_IMAGE012
The information integration processing server is used for integrating the information according to the matrix P,
Figure 612512DEST_PATH_IMAGE013
And a matrix Q,
Figure 193666DEST_PATH_IMAGE011
Performing integration transformation on the registration information to obtain a login information matrix DPQ, wherein the DPQ is as follows:
Figure DEST_PATH_IMAGE022
obtaining a unit matrix vector according to the login information matrix DPQ
Figure DEST_PATH_IMAGE023
A password information matrix P, a user name information matrix Q and an identity matrix vector input by the user terminal
Figure DEST_PATH_IMAGE024
The data are stored in a network authentication access management server in a one-to-one corresponding mode;
(3) after a user inputs a user name and a password and clicks login, the network authentication access management server converts the input user name and the input password into a password information matrix and a user name information matrix, and inquires whether a password information matrix P and a user name information matrix matched with the user name and the input user name are available in the network authentication access management server, and if the password information matrix P and the user name information matrix are successfully matched with each other, an information verification step is carried out;
and (3) information verification step: the network authentication access management server is based on the unit matrix vector
Figure 92614DEST_PATH_IMAGE023
The verification matrix DP is automatically randomly set, wherein,
Figure 100002_DEST_PATH_IMAGE025
wherein, in the step (A),
Figure 572268DEST_PATH_IMAGE018
is an integer of 1 or more;
the network authentication access management server converts the matrix DP into a verification code and sends the verification code to a user for the user to input verification;
if the user input is correct, the 5G network automatically accesses, if the user input is wrong, the 5G network forbids the access, and the authentication process is finished.
Further, preferably, both the letter information and the punctuation information in the user name and the password are converted into numbers and stored in a matrix.
The invention adopts a unique verification mode, firstly, the user login information and the password information are generated into a user information matrix and a password information matrix, then, the network authentication access management server generates a login information matrix according to the user login information matrix and the password information matrix in combination with an additional characteristic matrix, and then obtains a unit matrix vector according to the login information matrix, and the unit matrix vector is used as the basis for generating the verification code in the future login access, thereby effectively improving the generation stability of the verification code and the safety and the stability of the 5G network login.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (2)

1. A5G network security authentication access method comprises the following steps:
(1) when a plurality of user terminals simultaneously request to access the 5G network, the base station inquires the user login information, inquires whether the users have initial login, if so, the users who log in for the first time are processed in a centralized way, and then the step (2) is carried out, the user information is registered and set, meanwhile, the users who do not log in for the first time are processed in a centralized way, and the step (3) is directly carried out, and the user login information is verified;
(2) the user information processing server sends registration information to the user terminals, prompts the user terminals to input password information, and records the password information input by the user terminals as a matrix P:
Figure 464944DEST_PATH_IMAGE001
wherein the content of the first and second substances,
Figure 616218DEST_PATH_IMAGE003
is the digital information in the password and is,
Figure 802480DEST_PATH_IMAGE005
is the alphabetical information in the password,
Figure 994427DEST_PATH_IMAGE007
punctuation information in the password; i is an integer which is more than or equal to 1 and less than or equal to n, and n represents n users;
meanwhile, the user information processing server records the user name information of each user as a matrix Q:
Figure 684165DEST_PATH_IMAGE008
wherein the content of the first and second substances,
Figure 647573DEST_PATH_IMAGE010
is the digital information of the user name information,
Figure 453288DEST_PATH_IMAGE012
is the alphabetical information in the user name information,
Figure 448925DEST_PATH_IMAGE014
punctuation information which is user name information; k is an integer greater than or equal to 1 and less than or equal to m, m represents m users, and m = n is common;
the user processing server simultaneously generates intermediate additional code characteristic information for the batch of users and records the intermediate additional code characteristic information as a matrix
Figure 789908DEST_PATH_IMAGE016
Figure 330742DEST_PATH_IMAGE017
The user processing server generates a middle additional user name characteristic information according to the batch of users at the same time, and records the information as a matrix
Figure 616230DEST_PATH_IMAGE019
Figure 25346DEST_PATH_IMAGE020
The information integration processing server is used for integrating the information according to the matrix P,
Figure 827692DEST_PATH_IMAGE016
And a matrix Q,
Figure 54274DEST_PATH_IMAGE019
Performing integration transformation on the registration information to obtain a login information matrix DPQ, wherein the DPQ is as follows:
Figure 968003DEST_PATH_IMAGE022
obtaining a unit matrix vector according to the login information matrix DPQ
Figure 525018DEST_PATH_IMAGE024
A password information matrix P, a user name information matrix Q and an identity matrix vector input by the user terminal
Figure DEST_PATH_IMAGE025
The data are stored in a network authentication access management server in a one-to-one corresponding mode;
(3) after a user inputs a user name and a password and clicks login, the network authentication access management server converts the input user name and the input password into a password information matrix and a user name information matrix, and inquires whether a password information matrix P and a user name information matrix matched with the user name and the input user name are available in the network authentication access management server, and if the password information matrix P and the user name information matrix are successfully matched with each other, an information verification step is carried out;
and (3) information verification step: the network authentication access management server is based on the unit matrix vector
Figure 637330DEST_PATH_IMAGE024
The verification matrix DP is automatically randomly set, wherein,
Figure DEST_PATH_IMAGE027
wherein, in the step (A),μis an integer of 1 or more;
the network authentication access management server converts the matrix DP into a verification code and sends the verification code to a user for the user to input verification;
and if the user name and the password input by the user are correct, the 5G network is automatically accessed, and if the user name and the password input by the user are wrong, the 5G network is forbidden to be accessed, and the authentication process is finished.
2. The 5G network security authentication access method according to claim 1, wherein: the alphabetic information and punctuation information in the username and password are converted to numbers to be stored in the matrix.
CN201710775292.XA 2017-08-31 2017-08-31 5G network security authentication access method Active CN107371161B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710775292.XA CN107371161B (en) 2017-08-31 2017-08-31 5G network security authentication access method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710775292.XA CN107371161B (en) 2017-08-31 2017-08-31 5G network security authentication access method

Publications (2)

Publication Number Publication Date
CN107371161A CN107371161A (en) 2017-11-21
CN107371161B true CN107371161B (en) 2020-03-24

Family

ID=60312164

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710775292.XA Active CN107371161B (en) 2017-08-31 2017-08-31 5G network security authentication access method

Country Status (1)

Country Link
CN (1) CN107371161B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101217371A (en) * 2008-01-09 2008-07-09 腾讯科技(深圳)有限公司 A method to realize user account verification
CN102164137A (en) * 2011-04-15 2011-08-24 华南理工大学 Strong authentication method based on dynamic mapping password
CN102804200A (en) * 2010-10-05 2012-11-28 株式会社希爱思异 Two-factor user authentication system, and method therefor
CN103826220A (en) * 2014-03-12 2014-05-28 西安电子科技大学 Private matching method based on matrix transformation algorithm

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130133053A1 (en) * 2011-11-21 2013-05-23 Infosys Limited Methods for enhancing password authentication and devices thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101217371A (en) * 2008-01-09 2008-07-09 腾讯科技(深圳)有限公司 A method to realize user account verification
CN102804200A (en) * 2010-10-05 2012-11-28 株式会社希爱思异 Two-factor user authentication system, and method therefor
CN102164137A (en) * 2011-04-15 2011-08-24 华南理工大学 Strong authentication method based on dynamic mapping password
CN103826220A (en) * 2014-03-12 2014-05-28 西安电子科技大学 Private matching method based on matrix transformation algorithm

Also Published As

Publication number Publication date
CN107371161A (en) 2017-11-21

Similar Documents

Publication Publication Date Title
US20220278831A1 (en) Discovery Method and Apparatus Based on Service-Based Architecture
US11290876B2 (en) Key derivation method and apparatus
CN116235525A (en) Method and system for mitigating denial of service (DOS) attacks in a wireless network
US20240031800A1 (en) Network access authentication method and device
CN103987025A (en) Roaming communication method based on mobile two-channel virtual card number authentication and roaming communication equipment based on mobile two-channel virtual card number authentication
CN106060034A (en) Account login method and device
CN111630882A (en) Method for determining a key for protecting a communication between a user equipment and an application server
JP2017528804A (en) Terminal authentication method and apparatus used in mobile communication system
EP3675541A1 (en) Authentication method and device
CN111741468B (en) MEC-based AMF (advanced metering library) and identity authentication method, construction method and device thereof
WO2021146164A1 (en) Wireless lan (wlan) public identity federation trust architecture
CN107846676A (en) Safety communicating method and system based on network section security architecture
CN104639421A (en) Instant communication information processing method and instant communication information processing system based on intelligent television
CN104883341A (en) Application management device, terminal and application management method
CN104703183A (en) Special line APN (Access Point Name) security-enhanced access method and device
CN113099449B (en) Authentication method and system of distributed core network and home subscriber server
CN107371161B (en) 5G network security authentication access method
CN110999215A (en) Secure device access token
CN112235799B (en) Network access authentication method and system for terminal equipment
CN115510496A (en) Database access control method and related device
US11736948B2 (en) Electronic subscriber identity module transfer eligibility checking
CN111404944B (en) Safe UDM/HSS design method and system for realizing main authentication enhancement
KR102615305B1 (en) Method And Apparatus for Sharing Virtual Mobile Infrastructure Screen
CN113115413A (en) Method for accessing user terminal to 5G network
US11411952B2 (en) Systems and methods for multi-level authentication

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20210913

Address after: 102200 room 539, 5 / F, building C, State Grid Park, future science and Technology City, Changping District, Beijing

Patentee after: STATE GRID SIJI NETWORK SECURITY (BEIJING) Co.,Ltd.

Address before: Room 301, unit 7, building 23, Wangdu Jiayuan, Beiqijia Town, Changping District, Beijing 102209

Patentee before: Li Tongbo

TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20230831

Address after: 102209 State Grid Park, Beiqijia Town, Changping District, Beijing

Patentee after: STATE GRID SIJI NETWORK SECURITY (BEIJING) Co.,Ltd.

Patentee after: State Grid Siji Location Service Co.,Ltd.

Address before: 102200 room 539, 5 / F, building C, State Grid Park, future science and Technology City, Changping District, Beijing

Patentee before: STATE GRID SIJI NETWORK SECURITY (BEIJING) Co.,Ltd.

TR01 Transfer of patent right