CN110392998A - 一种数据包校验方法及设备 - Google Patents

一种数据包校验方法及设备 Download PDF

Info

Publication number
CN110392998A
CN110392998A CN201780088247.5A CN201780088247A CN110392998A CN 110392998 A CN110392998 A CN 110392998A CN 201780088247 A CN201780088247 A CN 201780088247A CN 110392998 A CN110392998 A CN 110392998A
Authority
CN
China
Prior art keywords
token
input information
data packet
terminal device
random number
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201780088247.5A
Other languages
English (en)
Other versions
CN110392998B (zh
Inventor
胡力
陈璟
李欢
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Publication of CN110392998A publication Critical patent/CN110392998A/zh
Application granted granted Critical
Publication of CN110392998B publication Critical patent/CN110392998B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/146Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

一种数据包校验方法及设备,用于提高网络的安全性。该方法包括:接收终端设备的数据包,所述数据包携带第一令牌和业务标识,所述业务标识用于指示所述数据包所属的业务的类型;根据所述数据包获得第一输入信息,并第一输入信息生成第二令牌,所述第一输入信息包括所述数据包携带的所述终端设备的标识及所述业务标识;当所述第一令牌与所述第二令牌相同时,发送所述数据包。

Description

PCT国内申请,说明书已公开。

Claims (16)

  1. PCT国内申请,权利要求书已公开。
CN201780088247.5A 2017-05-09 2017-05-09 一种数据包校验方法及设备 Active CN110392998B (zh)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/083623 WO2018205148A1 (zh) 2017-05-09 2017-05-09 一种数据包校验方法及设备

Publications (2)

Publication Number Publication Date
CN110392998A true CN110392998A (zh) 2019-10-29
CN110392998B CN110392998B (zh) 2020-11-27

Family

ID=64104088

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201780088247.5A Active CN110392998B (zh) 2017-05-09 2017-05-09 一种数据包校验方法及设备

Country Status (4)

Country Link
US (1) US11706618B2 (zh)
EP (1) EP3614621B1 (zh)
CN (1) CN110392998B (zh)
WO (1) WO2018205148A1 (zh)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113015095A (zh) * 2021-02-24 2021-06-22 安科讯(福建)科技有限公司 一种匹配终端与upf的方法及系统
CN115150338A (zh) * 2021-03-29 2022-10-04 华为技术有限公司 报文流量控制的方法、装置、设备及计算机可读存储介质

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3900280B1 (en) * 2018-12-21 2024-06-12 Telefonaktiebolaget Lm Ericsson (Publ) User data traffic handling
GB2584147B (en) * 2019-05-24 2021-10-20 F Secure Corp Method for integrity protection in a computer network
WO2021155940A1 (en) * 2020-02-06 2021-08-12 Telefonaktiebolaget Lm Ericsson (Publ) Tunnel initiation in a communications network
JP2021128261A (ja) * 2020-02-14 2021-09-02 株式会社野村総合研究所 秘密分散ベースのマルチパーティ計算のための装置
US11757707B2 (en) 2021-07-28 2023-09-12 Cisco Technology, Inc. Network assurance for 5G enterprise networks

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101662458A (zh) * 2008-08-28 2010-03-03 西门子(中国)有限公司 一种认证方法
CN101754215A (zh) * 2008-12-01 2010-06-23 华为技术有限公司 一种鉴权方法及系统
US20140337633A1 (en) * 2013-05-07 2014-11-13 Futurewei Technologies, Inc. System and Method for Indicating a Service Set Identifier
CN104579694A (zh) * 2015-02-09 2015-04-29 浙江大学 一种身份认证方法及系统
US20160344635A1 (en) * 2015-05-21 2016-11-24 Qualcomm Incorporated Efficient policy enforcement for downlink traffic using network access tokens - control-plane approach

Family Cites Families (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7325143B2 (en) * 2001-10-15 2008-01-29 Linux Foundation Digital identity creation and coalescence for service authorization
US20040177369A1 (en) * 2003-03-06 2004-09-09 Akins Glendon L. Conditional access personal video recorder
US7376134B2 (en) * 2004-08-02 2008-05-20 Novell, Inc. Privileged network routing
GB0523871D0 (en) * 2005-11-24 2006-01-04 Ibm A system for updating security data
KR100843081B1 (ko) * 2006-12-06 2008-07-02 삼성전자주식회사 보안 제공 시스템 및 방법
CN101351027A (zh) * 2007-07-19 2009-01-21 中国移动通信集团公司 业务鉴权处理方法及系统
US9119067B2 (en) * 2011-06-03 2015-08-25 Apple Inc. Embodiments of a system and method for securely managing multiple user handles across multiple data processing devices
US20140245411A1 (en) * 2013-02-22 2014-08-28 Nokia Corporation Method and apparatus for providing account-less access via an account connector platform
WO2014198745A1 (en) * 2013-06-12 2014-12-18 Telecom Italia S.P.A. Mobile device authentication in heterogeneous communication networks scenario
KR20160042692A (ko) * 2014-10-10 2016-04-20 삼성전자주식회사 트래픽 처리를 위한 방법 및 장치
US9401912B2 (en) * 2014-10-13 2016-07-26 Netiq Corporation Late binding authentication
US10505850B2 (en) * 2015-02-24 2019-12-10 Qualcomm Incorporated Efficient policy enforcement using network tokens for services—user-plane approach
US9819596B2 (en) * 2015-02-24 2017-11-14 Qualcomm Incorporated Efficient policy enforcement using network tokens for services C-plane approach
CN106603461A (zh) * 2015-10-14 2017-04-26 阿里巴巴集团控股有限公司 一种业务认证的方法、装置和系统
US10382409B2 (en) * 2015-11-25 2019-08-13 Visa International Service Association Secure multi-party protocol
US10171463B1 (en) * 2015-12-21 2019-01-01 Amazon Technologies, Inc. Secure transport layer authentication of network traffic
US11032707B2 (en) * 2016-05-06 2021-06-08 Intel IP Corporation Service authorization and credential provisioning for V2X communications
US10986675B2 (en) * 2016-05-12 2021-04-20 Convida Wireless, Llc Connecting to virtualized mobile core networks
US10674346B2 (en) * 2016-10-10 2020-06-02 Qualcomm Incorporated Connectivity to a core network via an access network
US10779345B2 (en) * 2017-03-20 2020-09-15 Qualcomm Incorporated User plane relocation techniques in wireless communication systems
GB2583218B (en) * 2017-11-16 2023-02-15 Prisec Innovation Ltd A system and method for authenticating a user
US11178118B2 (en) * 2019-04-09 2021-11-16 First Data Corporation Network provisioning and tokenization using a remote terminal
WO2020216445A1 (en) * 2019-04-25 2020-10-29 Telefonaktiebolaget Lm Ericsson (Publ) Trusted solutions for enabling user equipment belonging to a home network to access data communication services in a visited network
US10785652B1 (en) * 2019-09-11 2020-09-22 Cisco Technology, Inc. Secure remote access to a 5G private network through a private network slice
US20220400375A1 (en) * 2020-03-03 2022-12-15 The Trustees Of Princeton University System and method for phone privacy
US11375024B1 (en) * 2021-02-22 2022-06-28 T-Mobile Innovations Llc Programmable networking device for user plane function

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101662458A (zh) * 2008-08-28 2010-03-03 西门子(中国)有限公司 一种认证方法
CN101754215A (zh) * 2008-12-01 2010-06-23 华为技术有限公司 一种鉴权方法及系统
US20140337633A1 (en) * 2013-05-07 2014-11-13 Futurewei Technologies, Inc. System and Method for Indicating a Service Set Identifier
CN104579694A (zh) * 2015-02-09 2015-04-29 浙江大学 一种身份认证方法及系统
US20160344635A1 (en) * 2015-05-21 2016-11-24 Qualcomm Incorporated Efficient policy enforcement for downlink traffic using network access tokens - control-plane approach

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113015095A (zh) * 2021-02-24 2021-06-22 安科讯(福建)科技有限公司 一种匹配终端与upf的方法及系统
CN113015095B (zh) * 2021-02-24 2023-12-19 安科讯(福建)科技有限公司 一种匹配终端与upf的方法及系统
CN115150338A (zh) * 2021-03-29 2022-10-04 华为技术有限公司 报文流量控制的方法、装置、设备及计算机可读存储介质

Also Published As

Publication number Publication date
CN110392998B (zh) 2020-11-27
EP3614621A1 (en) 2020-02-26
US20200092722A1 (en) 2020-03-19
WO2018205148A1 (zh) 2018-11-15
EP3614621B1 (en) 2021-04-28
EP3614621A4 (en) 2020-04-08
US11706618B2 (en) 2023-07-18

Similar Documents

Publication Publication Date Title
US11829774B2 (en) Machine-to-machine bootstrapping
CN110392998A (zh) 一种数据包校验方法及设备
US9843579B2 (en) Dynamically generated SSID
CN110830925B (zh) 一种用户群组的会话管理方法及装置
JP6548348B2 (ja) メッセージ保護方法、ならびに関連デバイスおよびシステム
WO2020029729A1 (zh) 一种通信方法和装置
CN108012264A (zh) 用于802.1x载体热点和Wi-Fi呼叫认证的基于经加密的IMSI的方案
US20170118022A1 (en) Mainstream connection establishment method and device based on multipath transmission control protocol (mptcp)
CN102318386A (zh) 向网络的基于服务的认证
EP3614741B1 (en) Processing apparatus for terminal access to 3gpp network and communication system and corresponding system and computer program product
CN114071452B (zh) 用户签约数据的获取方法及装置
CN108683690A (zh) 鉴权方法、用户设备、鉴权装置、鉴权服务器和存储介质
US20230232228A1 (en) Method and apparatus for establishing secure communication
CN105378770A (zh) 对于设备到设备服务的安全计费的方法和装置
CN110351721A (zh) 接入网络切片的方法及装置、存储介质、电子装置
CN109429225A (zh) 消息接收、发送方法及装置、终端、网络功能实体
Santos et al. Cross-federation identities for IoT devices in cellular networks
CN113285805B (zh) 一种通信方法及装置
CN116528234B (zh) 一种虚拟机的安全可信验证方法及装置
US20230328532A1 (en) Communication method and apparatus for trusted or untrusted relay, terminal, and network side device
CN113904781B (zh) 切片认证方法及系统
KR102300487B1 (ko) Mptcp의 서브플로우 보안 연결 방법 및 이를 위한 클라우드 서버, 호스트
CN116074822A (zh) 通信方法、装置及系统
CN116530119A (zh) 保护无线网络中序列号的方法、设备和系统
CN117641342A (zh) 通信方法及装置

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant