CN110392998A - 一种数据包校验方法及设备 - Google Patents
一种数据包校验方法及设备 Download PDFInfo
- Publication number
- CN110392998A CN110392998A CN201780088247.5A CN201780088247A CN110392998A CN 110392998 A CN110392998 A CN 110392998A CN 201780088247 A CN201780088247 A CN 201780088247A CN 110392998 A CN110392998 A CN 110392998A
- Authority
- CN
- China
- Prior art keywords
- token
- input information
- data packet
- terminal device
- random number
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
- H04W12/106—Packet or message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/146—Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
一种数据包校验方法及设备,用于提高网络的安全性。该方法包括:接收终端设备的数据包,所述数据包携带第一令牌和业务标识,所述业务标识用于指示所述数据包所属的业务的类型;根据所述数据包获得第一输入信息,并第一输入信息生成第二令牌,所述第一输入信息包括所述数据包携带的所述终端设备的标识及所述业务标识;当所述第一令牌与所述第二令牌相同时,发送所述数据包。
Description
PCT国内申请,说明书已公开。
Claims (16)
- PCT国内申请,权利要求书已公开。
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2017/083623 WO2018205148A1 (zh) | 2017-05-09 | 2017-05-09 | 一种数据包校验方法及设备 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110392998A true CN110392998A (zh) | 2019-10-29 |
CN110392998B CN110392998B (zh) | 2020-11-27 |
Family
ID=64104088
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201780088247.5A Active CN110392998B (zh) | 2017-05-09 | 2017-05-09 | 一种数据包校验方法及设备 |
Country Status (4)
Country | Link |
---|---|
US (1) | US11706618B2 (zh) |
EP (1) | EP3614621B1 (zh) |
CN (1) | CN110392998B (zh) |
WO (1) | WO2018205148A1 (zh) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113015095A (zh) * | 2021-02-24 | 2021-06-22 | 安科讯(福建)科技有限公司 | 一种匹配终端与upf的方法及系统 |
CN115150338A (zh) * | 2021-03-29 | 2022-10-04 | 华为技术有限公司 | 报文流量控制的方法、装置、设备及计算机可读存储介质 |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP3900280B1 (en) * | 2018-12-21 | 2024-06-12 | Telefonaktiebolaget Lm Ericsson (Publ) | User data traffic handling |
GB2584147B (en) * | 2019-05-24 | 2021-10-20 | F Secure Corp | Method for integrity protection in a computer network |
WO2021155940A1 (en) * | 2020-02-06 | 2021-08-12 | Telefonaktiebolaget Lm Ericsson (Publ) | Tunnel initiation in a communications network |
JP2021128261A (ja) * | 2020-02-14 | 2021-09-02 | 株式会社野村総合研究所 | 秘密分散ベースのマルチパーティ計算のための装置 |
US11757707B2 (en) | 2021-07-28 | 2023-09-12 | Cisco Technology, Inc. | Network assurance for 5G enterprise networks |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101662458A (zh) * | 2008-08-28 | 2010-03-03 | 西门子(中国)有限公司 | 一种认证方法 |
CN101754215A (zh) * | 2008-12-01 | 2010-06-23 | 华为技术有限公司 | 一种鉴权方法及系统 |
US20140337633A1 (en) * | 2013-05-07 | 2014-11-13 | Futurewei Technologies, Inc. | System and Method for Indicating a Service Set Identifier |
CN104579694A (zh) * | 2015-02-09 | 2015-04-29 | 浙江大学 | 一种身份认证方法及系统 |
US20160344635A1 (en) * | 2015-05-21 | 2016-11-24 | Qualcomm Incorporated | Efficient policy enforcement for downlink traffic using network access tokens - control-plane approach |
Family Cites Families (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7325143B2 (en) * | 2001-10-15 | 2008-01-29 | Linux Foundation | Digital identity creation and coalescence for service authorization |
US20040177369A1 (en) * | 2003-03-06 | 2004-09-09 | Akins Glendon L. | Conditional access personal video recorder |
US7376134B2 (en) * | 2004-08-02 | 2008-05-20 | Novell, Inc. | Privileged network routing |
GB0523871D0 (en) * | 2005-11-24 | 2006-01-04 | Ibm | A system for updating security data |
KR100843081B1 (ko) * | 2006-12-06 | 2008-07-02 | 삼성전자주식회사 | 보안 제공 시스템 및 방법 |
CN101351027A (zh) * | 2007-07-19 | 2009-01-21 | 中国移动通信集团公司 | 业务鉴权处理方法及系统 |
US9119067B2 (en) * | 2011-06-03 | 2015-08-25 | Apple Inc. | Embodiments of a system and method for securely managing multiple user handles across multiple data processing devices |
US20140245411A1 (en) * | 2013-02-22 | 2014-08-28 | Nokia Corporation | Method and apparatus for providing account-less access via an account connector platform |
WO2014198745A1 (en) * | 2013-06-12 | 2014-12-18 | Telecom Italia S.P.A. | Mobile device authentication in heterogeneous communication networks scenario |
KR20160042692A (ko) * | 2014-10-10 | 2016-04-20 | 삼성전자주식회사 | 트래픽 처리를 위한 방법 및 장치 |
US9401912B2 (en) * | 2014-10-13 | 2016-07-26 | Netiq Corporation | Late binding authentication |
US10505850B2 (en) * | 2015-02-24 | 2019-12-10 | Qualcomm Incorporated | Efficient policy enforcement using network tokens for services—user-plane approach |
US9819596B2 (en) * | 2015-02-24 | 2017-11-14 | Qualcomm Incorporated | Efficient policy enforcement using network tokens for services C-plane approach |
CN106603461A (zh) * | 2015-10-14 | 2017-04-26 | 阿里巴巴集团控股有限公司 | 一种业务认证的方法、装置和系统 |
US10382409B2 (en) * | 2015-11-25 | 2019-08-13 | Visa International Service Association | Secure multi-party protocol |
US10171463B1 (en) * | 2015-12-21 | 2019-01-01 | Amazon Technologies, Inc. | Secure transport layer authentication of network traffic |
US11032707B2 (en) * | 2016-05-06 | 2021-06-08 | Intel IP Corporation | Service authorization and credential provisioning for V2X communications |
US10986675B2 (en) * | 2016-05-12 | 2021-04-20 | Convida Wireless, Llc | Connecting to virtualized mobile core networks |
US10674346B2 (en) * | 2016-10-10 | 2020-06-02 | Qualcomm Incorporated | Connectivity to a core network via an access network |
US10779345B2 (en) * | 2017-03-20 | 2020-09-15 | Qualcomm Incorporated | User plane relocation techniques in wireless communication systems |
GB2583218B (en) * | 2017-11-16 | 2023-02-15 | Prisec Innovation Ltd | A system and method for authenticating a user |
US11178118B2 (en) * | 2019-04-09 | 2021-11-16 | First Data Corporation | Network provisioning and tokenization using a remote terminal |
WO2020216445A1 (en) * | 2019-04-25 | 2020-10-29 | Telefonaktiebolaget Lm Ericsson (Publ) | Trusted solutions for enabling user equipment belonging to a home network to access data communication services in a visited network |
US10785652B1 (en) * | 2019-09-11 | 2020-09-22 | Cisco Technology, Inc. | Secure remote access to a 5G private network through a private network slice |
US20220400375A1 (en) * | 2020-03-03 | 2022-12-15 | The Trustees Of Princeton University | System and method for phone privacy |
US11375024B1 (en) * | 2021-02-22 | 2022-06-28 | T-Mobile Innovations Llc | Programmable networking device for user plane function |
-
2017
- 2017-05-09 EP EP17909626.8A patent/EP3614621B1/en active Active
- 2017-05-09 CN CN201780088247.5A patent/CN110392998B/zh active Active
- 2017-05-09 WO PCT/CN2017/083623 patent/WO2018205148A1/zh unknown
-
2019
- 2019-11-08 US US16/678,314 patent/US11706618B2/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101662458A (zh) * | 2008-08-28 | 2010-03-03 | 西门子(中国)有限公司 | 一种认证方法 |
CN101754215A (zh) * | 2008-12-01 | 2010-06-23 | 华为技术有限公司 | 一种鉴权方法及系统 |
US20140337633A1 (en) * | 2013-05-07 | 2014-11-13 | Futurewei Technologies, Inc. | System and Method for Indicating a Service Set Identifier |
CN104579694A (zh) * | 2015-02-09 | 2015-04-29 | 浙江大学 | 一种身份认证方法及系统 |
US20160344635A1 (en) * | 2015-05-21 | 2016-11-24 | Qualcomm Incorporated | Efficient policy enforcement for downlink traffic using network access tokens - control-plane approach |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113015095A (zh) * | 2021-02-24 | 2021-06-22 | 安科讯(福建)科技有限公司 | 一种匹配终端与upf的方法及系统 |
CN113015095B (zh) * | 2021-02-24 | 2023-12-19 | 安科讯(福建)科技有限公司 | 一种匹配终端与upf的方法及系统 |
CN115150338A (zh) * | 2021-03-29 | 2022-10-04 | 华为技术有限公司 | 报文流量控制的方法、装置、设备及计算机可读存储介质 |
Also Published As
Publication number | Publication date |
---|---|
CN110392998B (zh) | 2020-11-27 |
EP3614621A1 (en) | 2020-02-26 |
US20200092722A1 (en) | 2020-03-19 |
WO2018205148A1 (zh) | 2018-11-15 |
EP3614621B1 (en) | 2021-04-28 |
EP3614621A4 (en) | 2020-04-08 |
US11706618B2 (en) | 2023-07-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11829774B2 (en) | Machine-to-machine bootstrapping | |
CN110392998A (zh) | 一种数据包校验方法及设备 | |
US9843579B2 (en) | Dynamically generated SSID | |
CN110830925B (zh) | 一种用户群组的会话管理方法及装置 | |
JP6548348B2 (ja) | メッセージ保護方法、ならびに関連デバイスおよびシステム | |
WO2020029729A1 (zh) | 一种通信方法和装置 | |
CN108012264A (zh) | 用于802.1x载体热点和Wi-Fi呼叫认证的基于经加密的IMSI的方案 | |
US20170118022A1 (en) | Mainstream connection establishment method and device based on multipath transmission control protocol (mptcp) | |
CN102318386A (zh) | 向网络的基于服务的认证 | |
EP3614741B1 (en) | Processing apparatus for terminal access to 3gpp network and communication system and corresponding system and computer program product | |
CN114071452B (zh) | 用户签约数据的获取方法及装置 | |
CN108683690A (zh) | 鉴权方法、用户设备、鉴权装置、鉴权服务器和存储介质 | |
US20230232228A1 (en) | Method and apparatus for establishing secure communication | |
CN105378770A (zh) | 对于设备到设备服务的安全计费的方法和装置 | |
CN110351721A (zh) | 接入网络切片的方法及装置、存储介质、电子装置 | |
CN109429225A (zh) | 消息接收、发送方法及装置、终端、网络功能实体 | |
Santos et al. | Cross-federation identities for IoT devices in cellular networks | |
CN113285805B (zh) | 一种通信方法及装置 | |
CN116528234B (zh) | 一种虚拟机的安全可信验证方法及装置 | |
US20230328532A1 (en) | Communication method and apparatus for trusted or untrusted relay, terminal, and network side device | |
CN113904781B (zh) | 切片认证方法及系统 | |
KR102300487B1 (ko) | Mptcp의 서브플로우 보안 연결 방법 및 이를 위한 클라우드 서버, 호스트 | |
CN116074822A (zh) | 通信方法、装置及系统 | |
CN116530119A (zh) | 保护无线网络中序列号的方法、设备和系统 | |
CN117641342A (zh) | 通信方法及装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |