CN107580324A - A kind of method for GSM IMSI secret protections - Google Patents
A kind of method for GSM IMSI secret protections Download PDFInfo
- Publication number
- CN107580324A CN107580324A CN201710866359.0A CN201710866359A CN107580324A CN 107580324 A CN107580324 A CN 107580324A CN 201710866359 A CN201710866359 A CN 201710866359A CN 107580324 A CN107580324 A CN 107580324A
- Authority
- CN
- China
- Prior art keywords
- imsi
- new
- amf
- information
- guti
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
- H04W12/72—Subscriber identity
Abstract
The invention discloses a kind of method for GSM IMSI secret protections; functional entity includes UE, access and mobile management function to ps domain AMF, credible UDM/AUSF, credible SMF and credible UPF; UE is used to perform IMSI change behaviors and initiates network attachment request, while new safety context negotiation is completed based on new IMSI;AMF is used to replace IMSI information and its GUTI information of association under CP modes or UP modes, and completes safety context negotiation again based on new IMSI;UDM/AUSF is used to generate new IMSI information for UE;SMF is used to send a notice credible UPF generations with interior IMSI change control information in UP modes.The present invention can either increase attacker and trace into specific user or derive the difficulty of user real identification, and without prejudice to the requirement of Lawful Interception in the world, while will not also introduce the consumption of extra IMSI identifier spaces.
Description
Technical field
The present invention relates to a kind of method for GSM IMSI secret protections.
Background technology
GSM has evolved to 4G from 2G, has had evolved to 5G research and normalization period at present.
The standardization effort of GSM is dominated by international standard in the world, all research reports and standard gauge of international standard
Before the network element that model is all built upon in the operator and its compass of competency of various countries' GSM is all equal believable hypothesis
On carrying.
As China develops in the theoretical research in GSM field and technology, the state of civil-military inosculation is gradually established
Family's strategy, GSM no longer simply towards the general public user, have the special industry of high safety demand to based on movement
The demand that communication system carries out high safety application is increasing, and just proposes what is applied towards vertical industry at the beginning of design
5G networks just bring opportunity to implement civil-military inosculation strategy, therefore country clearly proposes in 5G researchs and the army and the people are melted
Cooperate to be studied for important need.
However, under this background, the supposed premise of international standard is just no longer set up, and reason has two:
First, with the development of 5G technologies, the GSM that the fusion of ICT technologies will to close originally becomes
Open, all there will be operator will only be merely whole shifting to the various security risks of internet in future mobile communication system
A link in dynamic communication ecology, cause the security of network in operator's compass of competency for special industry user only
It is relative.
Second, come from the angle of ownership, operator, particularly external operator for the special industry user in China
Say, trusting relationship is not reciprocity, then the security of they and its network in compass of competency is for special industry user
Also it is relative.
Therefore, the security model of traditional mobile terminal-service network-home network-application system has just developed into shifting
Dynamic terminal-service network-trustable network-application system, wherein trustable network is as the net in special industry user's compass of competency
Network.As shown in Figure 1.
However, under this security model, the roaming architecture of international standard defined and non-roaming framework be in fact all at present
It can not ensure that mobile terminal UE is bound to be attached directly to the credible of special industry user institute compass of competency in its attaching process
On the network element of network, the network element of service network will be attached to the only way which must be passed of trustable network as mobile terminal.
Under the framework of international standard, the network element of service network is in order to ensure the proper communication of mobile terminal UE, as UE
The destination node of network attachment, the MME in the AMF in 5G, 4G, as the network element of mobile management, inherently record thereon with
IMSI (international mobile subscriber identity, being commonly called as permanent identification) be index various contextual informations, such as MSISDN (move
Dynamic platform ISDN number, is commonly called as phone number), GUTI (global unique temporary identity symbol, be commonly called as temporary identifications), safety up and down
Literary information (with key Kseaf, chain of command key Kcp, user plane key Kup), AKA AV (two-way authentication vector), UE signing
CGI (location information of cell) under TAI List (tracking zone list), UE session status under information, UE idle conditions and
NSSAI (network section identifier).These information may be unimportant for the general public user, but for particular row
Belong to user privacy information for industry user, because IMSI and MSISDN and IMSI and GUTI is close coupling relation, pass through
The capture one of information of IMSI, MSISDN or GUTI is possible to track specific user or derives that UE is used in realistic space
The true identity at family, so as to be created conditions for further APT attacks.
Trustable network is due to there is special safety prevention measure, even if its network element records these information leakage privacy of user letter
The risk of breath is relatively low, but (international standard allows not provide MSISDN information to service network, therefore can for service network
So that MSISDN Trapped problems are directed on service network without paying special attention to), attacker is there is by capturing service network
IMSI the or GUTI information realizations recorded on AMF/MME track specific user or derive that user is true in real space corresponding to UE
The risk of real identity.Although can solve the problem, international standard regulation, the world using IMSI encryptions or false IMSI mechanism
Lawful Interception demand requires that service network can identify the true identity of user in the case where no home network is assisted, also
It is to say, even with IMSI encryptions either false IMSI, but service network still needs the true IMSI of maintenance and encryption IMSI/ is false
IMSI mapping relations, in order to meet international Lawful Interception demand.It can be seen that even UE is by encrypting IMSI or false IMSI
Network attachment is completed, service network still can obtain from home network and record true IMSI information, however it remains by catching
IMSI or GUTI on service network is obtained to reach tracking specific user or derive the wind of UE user real identifications in realistic space
Danger, substantial amounts of inherently limited IMSI identifier spaces in addition will be also wasted, because each UE will actually expend
At least two IMSI identifies (one is true IMSI, the second is encryption/IMSI or false IMSI).
Therefore, there is an urgent need to solve special industry user on the premise of extra IMSI identifier spaces consumption is not introduced moving
IMSI Privacy Protection in dynamic communication system applications, but international Lawful Interception requirement can not be run counter to.
The content of the invention
In order to overcome the disadvantages mentioned above of prior art, it is used for GSM IMSI privacies the invention provides one kind and protects
The method of shield, by realizing the double dereference coupling effect between IMSI and MSISDN and IMSI and GUTI, it can either increase
Attacker is added to trace into specific user by capturing IMSI or GUTI or derive UE user real identifications in realistic space
Difficulty, enough requirements without prejudice to Lawful Interception in the world of and can, while will not also introduce the consumption of extra IMSI identifier spaces,
To meet the needs of special industry user to user secret protection.
The technical solution adopted for the present invention to solve the technical problems is:One kind is used for GSM IMSI privacies and protected
The method of shield, functional entity include mobile terminal UE, access and mobile management function to ps domain AMF, credible uniform data management/certification
Service function UDM/AUSF, credible conversation management functional SMF and trusted users plane function UPF, wherein:The mobile terminal UE
For performing IMSI change behaviors and initiating network attachment request, while new safe context association is completed based on new IMSI
Business;The access is used for IMSI information is replaced under CP modes or UP modes and its is associated with mobile management function to ps domain AMF
GUTI information, and safety context negotiation is completed based on new IMSI again;The credible uniform data management/authentication service function
UDM/AUSF is used to generate new IMSI information for UE;The credible conversation management functional SMF is credible for being sent a notice in UP modes
User-plane function UPF produces changes control information with interior IMSI.
Compared with prior art, the positive effect of the present invention is:
The present invention is used for GSM IMSI method for secret protection by using one kind so that has high safety demand
Special industry user can with one kind not change international standard framework, it is small to change (CP modes) or do not change (UP modes) international standard
Flow, few requirement (CP modes) is proposed to standard network element or the mode of (UP modes) of not making demands reaches IMSI secret protections
Purpose.The double dereference coupling between IMSI and MSISDN and IMSI and GUTI is realized, is increased with the mode for changing IMSI
Attacker is added to track the difficulty of specific user or derivation user's identity in real space by capturing IMSI, simultaneously because UE
IMSI to become be even more to be randomly assigned based on true IMSI ponds, these IMSI are true IMSI for service network, therefore simultaneously
Without prejudice to the requirement of Lawful Interception in the world, while it will not also introduce the consumption of extra IMSI identifier spaces.This method scope of application
Extensively, 5G networks are applicable not only to, apply also for 4G networks and the following mobile communication system using IMSI as permanent identification
System.It can solve the problem that special industry user carries out secret protection when high safety is applied using GSM public infrastructure
Demand, meet national civil-military inosculation strategy.
Brief description of the drawings
Examples of the present invention will be described by way of reference to the accompanying drawings, wherein:
Fig. 1 is existing GSM functional entity composition schematic diagram;
Fig. 2 is the GSM functional entity composition schematic diagram of the present invention;
Fig. 3 is CP mode IMSI renewal process schematic diagrames;
Fig. 4 is UP mode IMSI renewal process schematic diagrames.
Embodiment
The inventive method follows the standard architecture of international standard, and functional entity includes mobile terminal UE, wireless access network
RAN, access and mobile management function to ps domain AMF, credible uniform data management/authentication service function UDM/AUSF, trustable network are cut
Piece (credible conversation management functional SMF, trusted users plane function UPF) and application system, as shown in Figure 2:
Mobile terminal UE is used to perform IMSI change behaviors and initiates network attachment request, while is completed based on new IMSI
New safety context negotiation.
Service AMF/MME replaces IMSI information and its related GUTI letters with being used for actively (CP modes) or passive (UP modes)
Breath, and safety context negotiation is completed based on new IMSI again.
Credible UDM/AUSF/HSS is used to generate new IMSI information according to certain strategy for UE.
Credible SMF/SGW is used to send a notice UPF/PGW generations with interior IMSI change control information in UP mode situations.
Credible UPF/PGW is used to produce changes control information with interior IMSI.
The problem of for being difficult to hide the true IMSI of UE in the prior art in the service network, the invention provides one kind to use
In the method for GSM IMSI secret protections, in order to be solved on the premise of without prejudice to the requirement of international Lawful Interception
IMSI Privacy Protection.
The inventive method includes two kinds of situations, one is by safeguarding UE signing informations or providing the network element UDM/ of certification
AUSF/HSS produces new IMSI information according to certain strategy for UE, replaces the old IMSI before the UE, then safeguards UE signing letters
Breath or the network element of offer certification notify AMF/MME to perform the action that the UE changes IMSI by CP (control plane) mechanism, simultaneously
New GUTI information is produced for new IMSI, then AMF/MME reinforms UE changes IMSI and GUTI.The second is by safeguarding UE signing letters
Breath provides the network element UDM/AUSF/HSS of certification and produces new IMSI information according to certain strategy for UE, replaces old before the UE
IMSI, then safeguard that the network element of UE signing informations or offer certification passes through UP (user plane) mechanism notice UE execution changes IMSI
Action, while the related GUTI information of old IMSI is deleted, then UE carries new IMSI and initiates network attachment flow again, in AMF/
MME establishes various contextual informations with new IMSI, so as to reach the effect that IMSI is changed on AMF/MME.
First, process is changed for the IMSI of CP modes:
UDM/AUSF first produces UE new IMSI, and sends IMSI UPDATE REQUEST message to AMF, central to take
With new IMSI information.
After AMF receives IMSI UPDATE REQUEST, the IMSI of the UE is updated, deletes the GUTI associated by old IMSI
Information, and based on the GUTI information of new IMSI generation associations, it is central then to UE transmission IMSI UPDATE REQUEST message
Carry the GUTI of new IMSI and new IMSI associations.
After UE receives IMSI UPDATE REQUEST message, IMSI changes action is performed, deletes old IMSI associations
GUTI, and the GUTI of new IMSI associations is recorded, and send IMSI UPDATE ACCEPT message to AMF.
After AMF receives IMSI UPDATE ACCEPT message, send IMSI UPDATE ACCEPT to UDM/AUSF and disappear
Breath, and new NAS integralities and Confidentiality protection key Knasi and Knase are generated based on root key Kseaf, and to UE again
Initiate safety context negotiation action.
UE generates new Knase, Knasi according to safety context negotiation flow and the AMF of standard, and Krrce,
Krrci, Kupe and Kupi.
Specific change process is as shown in figure 3, comprise the following steps:
Step S101, UDM/AUSF/HSS produce new IMSI information according to certain strategy for UE, replace old before the UE
IMSI;
The IMSI that step S102, UDM/AUSF/HSS send UE to AMF/MME changes request;
Step S103, AMF/MME performs the IMSI changes of the UE, replaces the old IMSI of the UE, while deletes old IMSI and close
The GUTI of connection simultaneously generates new GUTI for new IMSI;
Step S104, AMF/MME send IMSI change requests to UE, carry new IMSI GUTI;
Step S105, UE performs IMSI changes action, while records new IMSI GUTI;
Step S106, after UE completes IMSI changes, IMSI change confirmation messages are sent to AMF/MME/MSC;
Step S107, AMF/MME send IMSI change confirmation messages to UDM/AUSF/HSS;
Step S108, AMF/MME and UE are based on new IMSI and complete safety context negotiation.
2nd, process is changed for the IMSI of UP modes:
UDM/AUSF first produces UE new IMSI, and sends IMSI UPDATE REQUEST message to SMF, central to take
With new IMSI information.
After SMF receives IMSI UPDATE REQUEST, IMSI UPDATE REQUEST message is sent to UPF, it is central
Carry new IMSI information.
UPF sends IMSI UPDATE REQUEST message, central carrying by band control information in user plane to UE
New IMSI information.
After UE receives IMSI UPDATE REQUEST message, IMSI changes action is performed, deletes old IMSI associations
GUTI, and network attachment flow ATTACH REQUEST are initiated to AMF, it is central to carry new IMSI information.
AMF records the new IMSI of the UE, and carries out subsequent action according to standard network attachment flow.
Specific change process is as shown in figure 4, comprise the following steps:
Step S101, UDM/AUSF/HSS produce new IMSI information according to certain strategy for UE, replace old before the UE
IMSI;
Step S102, UDM/AUSF/HSS send IMSI change requests to SMF/SGW;
Step S103, SMF/SGW send IMSI change requests to UPF/PGW;
Step S104, UPF/PGW send IMSI change requests by band control information in UP to UE;
Step S105, UE perform IMSI changes action, while delete the associated GUTI of old IMSI;
Step S106, UE send IMSI change confirmation messages to UPF/PGW;
Step S107, UPF/PGW send IMSI change confirmation messages to SMF/SGW;
Step S108, SMF/SGW send IMSI change confirmation messages to UDM/AUSF/HSS;
Step S109, after UE completes IMSI changes action, carries new IMSI and initiates network attachment stream again to AMF/MME
Journey;
Step S110, AMF/MME establish various contextual informations with new IMSI, in this case it is not apparent that the UE has changed IMSI
Information.
The IMSI change processes of this UP modes, AMF are that the passive IMSI that completes changes behavior, in this case it is not apparent that UE enters
IMSI exception processes are gone, have been new UE attachment for AMF.
By using above technical scheme, beneficial effects of the present invention are presented as four aspects:First, realize IMSI with
Dual decoupling property between MSISDN and IMSI and GUTI, increase attacker by capturing IMSI with the mode for changing IMSI
To track specific user or derive user's identity difficulty in real space, simultaneously because it is even more to be based on true IMSI that UE IMSI, which becomes,
Pond is randomly assigned, and these IMSI are true IMSI for service network, therefore will without departing from Lawful Interception in the world
Ask.Second, CP modes change less to normal process, the requirement carried to service network network element is few;UP modes do not change standard
Flow, service network network element is not made demands.Third, the consumption of extra IMSI identifier spaces will not be introduced, each UE is still only
1 IMSI mark of consumption.Fourth, this method is applied widely, 5G networks are applicable not only to, apply also for 4G networks and future
The GSM of permanent identification is used as using IMSI.
Claims (5)
- A kind of 1. method for GSM IMSI secret protections, it is characterised in that:Functional entity includes mobile terminal UE, access and mobile management function to ps domain AMF, credible uniform data management/authentication service function UDM/AUSF, credible session management Function SMF and trusted users plane function UPF, wherein:The mobile terminal UE is used to perform IMSI change behaviors and initiation Network attachment is asked, while new safety context negotiation is completed based on new IMSI;The access and mobile management function to ps domain AMF For replacing IMSI information and its GUTI information of association under CP modes or UP modes, and safety is completed based on new IMSI again Context negotiation;The credible uniform data management/authentication service function UDM/AUSF is used to generate new IMSI information for UE;Institute Credible conversation management functional SMF is stated to be used to send a notice trusted users plane function UPF generations with interior IMSI change controls in UP modes Information processed.
- A kind of 2. method for GSM IMSI secret protections according to claim 1, it is characterised in that: The change process of IMSI information comprises the following steps under CP modes:(1) UDM/AUSF produces new IMSI and replaces old IMSI, and the change request for carrying new IMSI is sent to AMF;(2) AMF updates IMSI, deletes the GUTI information associated by old IMSI, and the GUTI information associated based on new IMSI generations, Then the change for the GUTI information for carrying new IMSI and its association being sent to UE is asked;(3) UE performs IMSI changes action, deletes the GUTI of old IMSI associations, and records the GUTI of new IMSI associations, and to AMF Send IMSI change confirmation messages;(4) AMF sends IMSI change confirmation messages to UDM/AUSF, and is based on new IMSI with UE and completes safety context negotiation.
- A kind of 3. method for GSM IMSI secret protections according to claim 2, it is characterised in that:UE Safety context negotiation flow and AMF according to standard generate new Knase, Knasi, and Krrce, Krrci, Kupe and Kupi。
- A kind of 4. method for GSM IMSI secret protections according to claim 1, it is characterised in that: The change process of IMSI information comprises the following steps under UP modes:(1) UDM/AUSF produces new IMSI, and the change request for carrying new IMSI is sent to SMF;(2) SMF sends the change request for carrying new IMSI to UPF;(3) UPF sends the change request for carrying new IMSI in user plane by band control information to UE;(4) UE performs IMSI changes action, deletes the GUTI of old IMSI associations, and attached to the new IMSI of AMF initiation carryings network Request;(5) AMF records new IMSI, and carries out subsequent action according to standard network attachment flow.
- A kind of 5. method for GSM IMSI secret protections according to claim 4, it is characterised in that:UE Performing the process that IMSI changes act is:UE sends IMSI change confirmation messages to UPF;UPF sends IMSI changes to SMF and confirmed Message;SMF sends IMSI change confirmation messages to UDM/AUSF.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710866359.0A CN107580324B (en) | 2017-09-22 | 2017-09-22 | Method for protecting IMSI privacy of mobile communication system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710866359.0A CN107580324B (en) | 2017-09-22 | 2017-09-22 | Method for protecting IMSI privacy of mobile communication system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107580324A true CN107580324A (en) | 2018-01-12 |
CN107580324B CN107580324B (en) | 2020-05-08 |
Family
ID=61038731
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710866359.0A Active CN107580324B (en) | 2017-09-22 | 2017-09-22 | Method for protecting IMSI privacy of mobile communication system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107580324B (en) |
Cited By (37)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108307380A (en) * | 2018-01-26 | 2018-07-20 | 中国电子科技集团公司电子科学研究院 | A kind of location of mobile users method for secret protection and mobile gateway |
CN108901018A (en) * | 2018-07-27 | 2018-11-27 | 中国电子科技集团公司第三十研究所 | A kind of mobile communication system user identity hiding method that terminal is initiated |
CN109041054A (en) * | 2018-07-27 | 2018-12-18 | 中国电子科技集团公司第三十研究所 | A kind of network side initiates the method for secret protection of number change |
CN109587745A (en) * | 2017-09-29 | 2019-04-05 | 华为技术有限公司 | Cut-in method, equipment and system |
CN109842877A (en) * | 2019-04-09 | 2019-06-04 | 中国电子科技集团公司第三十研究所 | A method of realizing that IMSI changes function in SIM card |
CN110049483A (en) * | 2019-04-09 | 2019-07-23 | 中国电子科技集团公司第三十研究所 | Mobile communication system user network identity jumps the implementation method for hiding network function |
CN110049503A (en) * | 2018-01-15 | 2019-07-23 | 中国移动通信有限公司研究院 | A kind of method and apparatus obtaining data |
CN110062381A (en) * | 2018-01-18 | 2019-07-26 | 华为技术有限公司 | A kind of method and device obtaining user identifier |
WO2019157942A1 (en) * | 2018-02-13 | 2019-08-22 | 华为技术有限公司 | Communication method and communication apparatus |
WO2019158028A1 (en) * | 2018-02-13 | 2019-08-22 | 华为技术有限公司 | Communication method and device |
CN110166414A (en) * | 2018-02-14 | 2019-08-23 | 华为技术有限公司 | A kind of communication means, apparatus and system |
WO2019170047A1 (en) * | 2018-03-05 | 2019-09-12 | 华为技术有限公司 | Message processing method, system, and user plane function device |
WO2019196766A1 (en) * | 2018-04-08 | 2019-10-17 | 华为技术有限公司 | Communication method and apparatus |
WO2019196785A1 (en) * | 2018-04-08 | 2019-10-17 | 中兴通讯股份有限公司 | Voice handover method and device, terminal and storage medium |
CN110620748A (en) * | 2018-06-20 | 2019-12-27 | 中国电信股份有限公司 | Data packet identification method, device, system and computer readable storage medium |
CN110636518A (en) * | 2018-06-21 | 2019-12-31 | 华为技术有限公司 | Performance data statistical method and related equipment |
CN110708693A (en) * | 2018-07-10 | 2020-01-17 | 中兴通讯股份有限公司 | User routing method, device and computer readable storage medium |
CN110719611A (en) * | 2018-07-11 | 2020-01-21 | 华为技术有限公司 | Message sending method and device |
WO2020020007A1 (en) * | 2018-07-25 | 2020-01-30 | 中兴通讯股份有限公司 | Network access method and device, terminal, base station, and readable storage medium |
WO2020029938A1 (en) * | 2018-08-10 | 2020-02-13 | 华为技术有限公司 | Secure conversation method and device |
CN110798833A (en) * | 2018-08-03 | 2020-02-14 | 华为技术有限公司 | Method and device for verifying user equipment identification in authentication process |
CN110830990A (en) * | 2018-08-09 | 2020-02-21 | 华为技术有限公司 | Identity information processing method, equipment and system |
CN110830989A (en) * | 2018-08-09 | 2020-02-21 | 华为技术有限公司 | Communication method and device |
WO2020038282A1 (en) * | 2018-08-20 | 2020-02-27 | Telefonaktiebolaget Lm Ericsson (Publ) | Methods and apparatuses for event monitoring |
CN111385794A (en) * | 2020-03-19 | 2020-07-07 | 中国电子科技集团公司第三十研究所 | Mobile communication network privacy protection method and system for industry users |
CN111414645A (en) * | 2020-03-19 | 2020-07-14 | 中国电子科技集团公司第三十研究所 | Safe HSS/UDM design method and system for realizing privacy protection function |
CN111866874A (en) * | 2019-04-29 | 2020-10-30 | 华为技术有限公司 | Registration method and device |
CN111869309A (en) * | 2018-01-30 | 2020-10-30 | 三星电子株式会社 | Method, apparatus and system for establishing a session for communicating with a local area network in a wireless communication system |
CN111989942A (en) * | 2018-04-06 | 2020-11-24 | 三星电子株式会社 | Apparatus and method for information security in wireless communication |
CN112042240A (en) * | 2018-06-25 | 2020-12-04 | Oppo广东移动通信有限公司 | Method for configuring terminal equipment by network equipment, terminal equipment and network equipment |
CN112105021A (en) * | 2019-06-17 | 2020-12-18 | 华为技术有限公司 | Authentication method, device and system |
CN112218287A (en) * | 2019-07-12 | 2021-01-12 | 华为技术有限公司 | Communication method and device |
CN112335285A (en) * | 2018-06-25 | 2021-02-05 | 瑞典爱立信有限公司 | Network function handling in context between management function mobility |
CN113169937A (en) * | 2018-12-21 | 2021-07-23 | 瑞典爱立信有限公司 | User data traffic handling |
CN113316269A (en) * | 2021-04-28 | 2021-08-27 | 武汉虹旭信息技术有限责任公司 | Session management method and device |
CN114125807A (en) * | 2019-04-25 | 2022-03-01 | 瑞典爱立信有限公司 | Method and network node for tracking user equipment |
US11330475B2 (en) | 2018-12-28 | 2022-05-10 | Samsung Electronics Co., Ltd. | Method and apparatus for providing rule information in wireless communication system |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101998362A (en) * | 2009-08-27 | 2011-03-30 | 中兴通讯股份有限公司 | Method and system for switching international mobile subscriber identity (IMSI) |
CN101969638B (en) * | 2010-09-30 | 2013-08-14 | 中国科学院软件研究所 | Method for protecting international mobile subscriber identity (IMSI) in mobile communication |
CN103249033A (en) * | 2013-05-10 | 2013-08-14 | 东信和平科技股份有限公司 | Method and terminal for achieving self-help number changing of SIM card |
CN103501493A (en) * | 2013-09-16 | 2014-01-08 | 深圳市中兴物联科技有限公司 | Method, device and system for on-line number allocation |
CN104411021A (en) * | 2014-12-01 | 2015-03-11 | 恒宝股份有限公司 | Dual-IMSI automatic switching method and system for realizing global roaming |
WO2016140823A1 (en) * | 2015-03-05 | 2016-09-09 | Qualcomm Incorporated | Identity privacy in wireless networks |
CN105979504A (en) * | 2016-05-12 | 2016-09-28 | 中国联合网络通信集团有限公司 | Signaling monitoring number backfill method and device |
-
2017
- 2017-09-22 CN CN201710866359.0A patent/CN107580324B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101998362A (en) * | 2009-08-27 | 2011-03-30 | 中兴通讯股份有限公司 | Method and system for switching international mobile subscriber identity (IMSI) |
CN101969638B (en) * | 2010-09-30 | 2013-08-14 | 中国科学院软件研究所 | Method for protecting international mobile subscriber identity (IMSI) in mobile communication |
CN103249033A (en) * | 2013-05-10 | 2013-08-14 | 东信和平科技股份有限公司 | Method and terminal for achieving self-help number changing of SIM card |
CN103501493A (en) * | 2013-09-16 | 2014-01-08 | 深圳市中兴物联科技有限公司 | Method, device and system for on-line number allocation |
CN104411021A (en) * | 2014-12-01 | 2015-03-11 | 恒宝股份有限公司 | Dual-IMSI automatic switching method and system for realizing global roaming |
WO2016140823A1 (en) * | 2015-03-05 | 2016-09-09 | Qualcomm Incorporated | Identity privacy in wireless networks |
CN105979504A (en) * | 2016-05-12 | 2016-09-28 | 中国联合网络通信集团有限公司 | Signaling monitoring number backfill method and device |
Cited By (70)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109587745A (en) * | 2017-09-29 | 2019-04-05 | 华为技术有限公司 | Cut-in method, equipment and system |
CN110049503A (en) * | 2018-01-15 | 2019-07-23 | 中国移动通信有限公司研究院 | A kind of method and apparatus obtaining data |
CN110049503B (en) * | 2018-01-15 | 2022-07-15 | 中国移动通信有限公司研究院 | Method and equipment for acquiring data |
CN110062381B (en) * | 2018-01-18 | 2020-11-17 | 华为技术有限公司 | Method and device for obtaining user identification |
CN110062381A (en) * | 2018-01-18 | 2019-07-26 | 华为技术有限公司 | A kind of method and device obtaining user identifier |
CN108307380A (en) * | 2018-01-26 | 2018-07-20 | 中国电子科技集团公司电子科学研究院 | A kind of location of mobile users method for secret protection and mobile gateway |
CN108307380B (en) * | 2018-01-26 | 2021-05-07 | 中国电子科技集团公司电子科学研究院 | Mobile user position privacy protection method and mobile gateway |
CN111869309A (en) * | 2018-01-30 | 2020-10-30 | 三星电子株式会社 | Method, apparatus and system for establishing a session for communicating with a local area network in a wireless communication system |
CN111869309B (en) * | 2018-01-30 | 2024-03-08 | 三星电子株式会社 | Method, apparatus and system for establishing session for communication with local area network in wireless communication system |
CN110167195A (en) * | 2018-02-13 | 2019-08-23 | 华为技术有限公司 | Communication means and communication device |
CN110167195B (en) * | 2018-02-13 | 2022-12-06 | 华为技术有限公司 | Communication method and communication device |
CN110167013A (en) * | 2018-02-13 | 2019-08-23 | 华为技术有限公司 | A kind of communication means and device |
CN110167013B (en) * | 2018-02-13 | 2020-10-27 | 华为技术有限公司 | Communication method and device |
US11528761B2 (en) | 2018-02-13 | 2022-12-13 | Huawei Technologies Co., Ltd. | Communication method and communications apparatus |
WO2019157942A1 (en) * | 2018-02-13 | 2019-08-22 | 华为技术有限公司 | Communication method and communication apparatus |
WO2019158028A1 (en) * | 2018-02-13 | 2019-08-22 | 华为技术有限公司 | Communication method and device |
CN110166414A (en) * | 2018-02-14 | 2019-08-23 | 华为技术有限公司 | A kind of communication means, apparatus and system |
CN110166414B (en) * | 2018-02-14 | 2021-10-26 | 华为技术有限公司 | Communication method, device and system |
CN110234112A (en) * | 2018-03-05 | 2019-09-13 | 华为技术有限公司 | Message treatment method, system and user plane functions equipment |
WO2019170047A1 (en) * | 2018-03-05 | 2019-09-12 | 华为技术有限公司 | Message processing method, system, and user plane function device |
CN110234112B (en) * | 2018-03-05 | 2020-12-04 | 华为技术有限公司 | Message processing method, system and user plane function device |
US11765584B2 (en) | 2018-03-05 | 2023-09-19 | Huawei Technologies Co., Ltd. | Message processing method and system, and user plane function device |
CN111989942A (en) * | 2018-04-06 | 2020-11-24 | 三星电子株式会社 | Apparatus and method for information security in wireless communication |
CN111989942B (en) * | 2018-04-06 | 2024-04-19 | 三星电子株式会社 | Apparatus and method for information security in wireless communication |
WO2019196785A1 (en) * | 2018-04-08 | 2019-10-17 | 中兴通讯股份有限公司 | Voice handover method and device, terminal and storage medium |
WO2019196766A1 (en) * | 2018-04-08 | 2019-10-17 | 华为技术有限公司 | Communication method and apparatus |
CN110620748A (en) * | 2018-06-20 | 2019-12-27 | 中国电信股份有限公司 | Data packet identification method, device, system and computer readable storage medium |
CN110636518A (en) * | 2018-06-21 | 2019-12-31 | 华为技术有限公司 | Performance data statistical method and related equipment |
CN110636518B (en) * | 2018-06-21 | 2020-12-25 | 华为技术有限公司 | Performance data statistical method and related equipment |
CN112042240A (en) * | 2018-06-25 | 2020-12-04 | Oppo广东移动通信有限公司 | Method for configuring terminal equipment by network equipment, terminal equipment and network equipment |
CN112042240B (en) * | 2018-06-25 | 2022-01-11 | Oppo广东移动通信有限公司 | Method for configuring terminal equipment by network equipment, terminal equipment and network equipment |
CN112335285A (en) * | 2018-06-25 | 2021-02-05 | 瑞典爱立信有限公司 | Network function handling in context between management function mobility |
CN110708693A (en) * | 2018-07-10 | 2020-01-17 | 中兴通讯股份有限公司 | User routing method, device and computer readable storage medium |
CN110708693B (en) * | 2018-07-10 | 2022-03-01 | 中兴通讯股份有限公司 | User routing method, device and computer readable storage medium |
CN110719611A (en) * | 2018-07-11 | 2020-01-21 | 华为技术有限公司 | Message sending method and device |
CN110719611B (en) * | 2018-07-11 | 2021-02-23 | 华为技术有限公司 | Message sending method and device |
CN110769420A (en) * | 2018-07-25 | 2020-02-07 | 中兴通讯股份有限公司 | Network access method, device, terminal, base station and readable storage medium |
CN110769420B (en) * | 2018-07-25 | 2022-05-13 | 中兴通讯股份有限公司 | Network access method, device, terminal, base station and readable storage medium |
WO2020020007A1 (en) * | 2018-07-25 | 2020-01-30 | 中兴通讯股份有限公司 | Network access method and device, terminal, base station, and readable storage medium |
CN108901018A (en) * | 2018-07-27 | 2018-11-27 | 中国电子科技集团公司第三十研究所 | A kind of mobile communication system user identity hiding method that terminal is initiated |
CN109041054A (en) * | 2018-07-27 | 2018-12-18 | 中国电子科技集团公司第三十研究所 | A kind of network side initiates the method for secret protection of number change |
CN108901018B (en) * | 2018-07-27 | 2021-02-12 | 中国电子科技集团公司第三十研究所 | Method for hiding user identity of mobile communication system initiated by terminal |
CN109041054B (en) * | 2018-07-27 | 2021-04-13 | 中国电子科技集团公司第三十研究所 | Privacy protection method for initiating number change at network side |
CN110798833B (en) * | 2018-08-03 | 2023-10-24 | 华为技术有限公司 | Method and device for verifying user equipment identification in authentication process |
CN110798833A (en) * | 2018-08-03 | 2020-02-14 | 华为技术有限公司 | Method and device for verifying user equipment identification in authentication process |
EP3790299A4 (en) * | 2018-08-09 | 2022-01-05 | Huawei Technologies Co., Ltd. | Identity information processing method, device and system |
US11510052B2 (en) | 2018-08-09 | 2022-11-22 | Huawei Technologies Co., Ltd. | Identity information processing method, device, and system |
CN110830990A (en) * | 2018-08-09 | 2020-02-21 | 华为技术有限公司 | Identity information processing method, equipment and system |
CN110830989A (en) * | 2018-08-09 | 2020-02-21 | 华为技术有限公司 | Communication method and device |
US11570617B2 (en) | 2018-08-09 | 2023-01-31 | Huawei Technologies Co., Ltd. | Communication method and communications apparatus |
CN110830989B (en) * | 2018-08-09 | 2021-06-08 | 华为技术有限公司 | Communication method and device |
US11778459B2 (en) | 2018-08-10 | 2023-10-03 | Huawei Technologies Co., Ltd. | Secure session method and apparatus |
WO2020029938A1 (en) * | 2018-08-10 | 2020-02-13 | 华为技术有限公司 | Secure conversation method and device |
WO2020038282A1 (en) * | 2018-08-20 | 2020-02-27 | Telefonaktiebolaget Lm Ericsson (Publ) | Methods and apparatuses for event monitoring |
CN113169937A (en) * | 2018-12-21 | 2021-07-23 | 瑞典爱立信有限公司 | User data traffic handling |
US11330475B2 (en) | 2018-12-28 | 2022-05-10 | Samsung Electronics Co., Ltd. | Method and apparatus for providing rule information in wireless communication system |
CN109842877A (en) * | 2019-04-09 | 2019-06-04 | 中国电子科技集团公司第三十研究所 | A method of realizing that IMSI changes function in SIM card |
CN110049483A (en) * | 2019-04-09 | 2019-07-23 | 中国电子科技集团公司第三十研究所 | Mobile communication system user network identity jumps the implementation method for hiding network function |
CN109842877B (en) * | 2019-04-09 | 2022-03-18 | 中国电子科技集团公司第三十研究所 | Method for realizing IMSI changing function in SIM card |
CN114125807A (en) * | 2019-04-25 | 2022-03-01 | 瑞典爱立信有限公司 | Method and network node for tracking user equipment |
CN111866874A (en) * | 2019-04-29 | 2020-10-30 | 华为技术有限公司 | Registration method and device |
CN111866874B (en) * | 2019-04-29 | 2022-05-10 | 华为技术有限公司 | Registration method and device |
CN112105021A (en) * | 2019-06-17 | 2020-12-18 | 华为技术有限公司 | Authentication method, device and system |
CN112105021B (en) * | 2019-06-17 | 2022-05-10 | 华为技术有限公司 | Authentication method, device and system |
CN112218287B (en) * | 2019-07-12 | 2023-05-12 | 华为技术有限公司 | Communication method and device |
CN112218287A (en) * | 2019-07-12 | 2021-01-12 | 华为技术有限公司 | Communication method and device |
CN111414645A (en) * | 2020-03-19 | 2020-07-14 | 中国电子科技集团公司第三十研究所 | Safe HSS/UDM design method and system for realizing privacy protection function |
CN111385794A (en) * | 2020-03-19 | 2020-07-07 | 中国电子科技集团公司第三十研究所 | Mobile communication network privacy protection method and system for industry users |
CN113316269B (en) * | 2021-04-28 | 2022-07-19 | 武汉虹旭信息技术有限责任公司 | Session management method and device |
CN113316269A (en) * | 2021-04-28 | 2021-08-27 | 武汉虹旭信息技术有限责任公司 | Session management method and device |
Also Published As
Publication number | Publication date |
---|---|
CN107580324B (en) | 2020-05-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107580324A (en) | A kind of method for GSM IMSI secret protections | |
CN102132541B (en) | Integrity protection and/or ciphering for ue registration with a wireless network | |
CN101083839B (en) | Cipher key processing method for switching among different mobile access systems | |
CN100550725C (en) | The method of a kind of user and application server negotiating about cipher key shared | |
CN101801102B (en) | PDN connection establishment method, relevant device and system | |
CN109041054B (en) | Privacy protection method for initiating number change at network side | |
CN102238484B (en) | Based on the authentication method of group and system in the communication system of Machine To Machine | |
CN104244189B (en) | A kind of paging method in TD-LTE clustering faults reduction communication system | |
CN101455025A (en) | Encryption method for secure packet transmission | |
Thigale et al. | Applying New Trust Requirements in 3GPP Mobile Systems for Improved Subscriber Identity Privacy | |
JP2012500511A (en) | Secured non-connection layer protocol processing method for mobile communication system | |
Sankaran | Network access security in next-generation 3GPP systems: A tutorial | |
CN105830476A (en) | Method and system for providing security from a radio access network | |
Rao et al. | Unblocking stolen mobile devices using SS7-MAP vulnerabilities: Exploiting the relationship between IMEI and IMSI for EIR access | |
CN101299888A (en) | Cryptographic key generation method, switching method, mobile management entity and customer equipment | |
CN108235300B (en) | Method and system for protecting user data security of mobile communication network | |
CN101860863A (en) | Enhanced encryption and integrity protection method | |
CN101119381A (en) | Method and system for preventing playback attack | |
CN102348193B (en) | The method and system that a kind of gateway identification reports | |
JP2020529754A (en) | UE adapted to send service validation messages | |
CN101119199A (en) | Safety fast switch method in wireless local area network | |
CN102821385A (en) | Methods and network entity for sending public warning system (PWS) key information to terminal | |
CN102833743B (en) | Transmission, update method and the relevant device of public warning system key updating information | |
CN101005489A (en) | Method for protecting mobile communication system network safety | |
CN102378168B (en) | The method of multisystem core net notice key and multisystem network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |