CN110475247A - Message treatment method and device - Google Patents
Message treatment method and device Download PDFInfo
- Publication number
- CN110475247A CN110475247A CN201810447733.8A CN201810447733A CN110475247A CN 110475247 A CN110475247 A CN 110475247A CN 201810447733 A CN201810447733 A CN 201810447733A CN 110475247 A CN110475247 A CN 110475247A
- Authority
- CN
- China
- Prior art keywords
- network element
- information
- suci
- selection information
- element selection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W40/00—Communication routing or communication path finding
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W40/00—Communication routing or communication path finding
- H04W40/02—Communication route or path selection, e.g. power-based or shortest path routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W60/00—Affiliation to network, e.g. registration; Terminating affiliation with the network, e.g. de-registration
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
This application discloses message treatment method and devices, the registration request from UE is accurately routed to target network element.A kind of message treatment method provided by the embodiments of the present application, it include: that user equipment (UE) determines registration request, signing hidden identifiers SUCI is carried in the registration request, the SUCI contains the network element selection information for the selection target network element in Home Public Land Mobile Network network HPLMN for being not belonging to mobile contracted user's identification number MSIN;The registration request is sent to network side by the UE.
Description
Technical field
This application involves field of communication technology more particularly to message treatment methods and device.
Background technique
To protect privacy of user, contracted user's persistent identifier in 3GPP next generation wireless network (5G)
Privacy relevant information in (Subscriber Permanent Identifier, SUPI) will be encrypted.It is encrypted wrap in information
Information containing operator for internal route registration request (Registration Request) causes to have inside operator
Multiple authentication server functions (Authentication Server Function, AUSF) and/or uniform data management
When (Unified Data Management, UDM), registration request cannot be routed to target AUSF and/or UDM.
Summary of the invention
The embodiment of the present application provides message treatment method and device, accurately to route the registration request from UE
To target network element.
A kind of message treatment method provided by the embodiments of the present application, comprising:
User equipment (UE) determines registration request, and signing hidden identifiers SUCI, the SUCI are carried in the registration request
Containing be not belonging to mobile contracted user's identification number MSIN for the selection target in Home Public Land Mobile Network network HPLMN
The network element of network element selects information;
The registration request is sent to network side by the UE.
In this way, UE determines registration request, signing hidden identifiers SUCI is carried in the registration request, it is described
SUCI contain be not belonging to mobile contracted user's identification number MSIN for being selected in Home Public Land Mobile Network network HPLMN
The network element of target network element selects information;The registration request is sent to network side by the UE, so that network side can
The registration request from UE is accurately routed to target network element using network element selection information.
Optionally, the network element selects information to select information ciphertext for network element;
If there is network element to select information master key in the USIM in the UE, the USIM in the UE uses network element selection letter
Breath master key, the random value for exporting network element selection information encryption key utilize key exported algorithm export network element selection letter
Encryption for information key;The UE encrypts network element selection information using network element selection information encryption key, described in acquisition
Network element selects information ciphertext.
To can be further improved the safety of information by the encryption for selecting network element information.
It optionally, further include network element selection information master key mark in the SUCI.
Optionally, the network element selection information master key, network element selection information and network element selection information master are close
Key mark, is stored in USIM.
Optionally, if there is no network element to select information master key in USIM in the UE, the network element is not selected to believe
Breath is encrypted, and network element selection information is set up directly in SUCI by the UE.
Optionally, the registration request is sent to visited Public Land mobile network VPLMN by the UE, by described
VPLMN is transmitted to HPLMN.
Correspondingly, in network side, a kind of message treatment method provided by the embodiments of the present application, comprising:
The registration request from user equipment (UE) is received, SUCI is obtained from the registration request, and obtain from the SUCI
Network element is taken to select information;The network element selects information, for be not belonging to mobile contracted user's identification number MSIN for belonging to
The network element of selection target network element selects information in public land mobile network HPLMN;
Network element selection is carried out using network element selection information or message routes.
Optionally, the network element selects information to select information ciphertext for network element;
SUCI is obtained from the registration request, and obtains network element from the SUCI and selects information, is specifically included by network element
Information decryption functional entity is selected to execute following operation:
Network element is obtained using the network element selection information master key mark in SUCI and selects information master key, if SUCI is not carried
The network element selects information master key mark, then selects default master key, or use empty decryption scheme according to the configuration of system;
Use the random value for selecting information encryption key in network element selection information master key, SUCI for exporting network element, benefit
Information decryption key is selected with key exported algorithm export network element;
Information ciphertext is selected using network element selection information decryption key decryption network element, network element is obtained and selects information;
The network element for needing to carry out network element selection or message routing network element selection information being supplied in HPLMN.
Optionally, network element selection is carried out using network element selection information or message routes, specifically include:
The network element for needing to carry out network element selection or message routing in HPLMN selects information to turn registration request according to network element
Issue target network element.
Optionally, the network element for needing to carry out network element selection or message routing in the HPLMN, also selects the network element of acquisition
Information is attached in the message for being transmitted to the target network element.
In the side UE, a kind of message processing apparatus provided by the embodiments of the present application, comprising:
Memory, for storing program instruction;
Processor is executed for calling the program instruction stored in the memory according to the program of acquisition:
It determines registration request, signing hidden identifiers SUCI is carried in the registration request, the SUCI, which contains, to be not belonging to
The network element for the selection target network element in Home Public Land Mobile Network network HPLMN of mobile contracted user's identification number MSIN
Select information;
The registration request is sent to network side.
Optionally, described device further includes Global Subscriber identification card USIM;The network element selects information to select to believe for network element
Cease ciphertext;
If there is network element to select information master key in the USIM, the USIM uses network element selection information master key, use
In the random value of export network element selection information encryption key, information encryption key is selected using key exported algorithm export network element;
The processor encrypts network element selection information using network element selection information encryption key, described in acquisition
Network element selects information ciphertext.
It optionally, further include network element selection information master key mark in the SUCI.
Optionally, the network element selection information master key, network element selection information and network element selection information master are close
Key mark, is stored in the USIM.
Optionally, if not having network element to select information master key in the USIM, the processor is not selected the network element
It selects information to be encrypted, network element selection information is set up directly in SUCI.
Optionally, the registration request is sent to visited Public Land mobile network by transceiver by the processor
VPLMN is transmitted to HPLMN by the VPLMN.
Correspondingly, in network side, a kind of message processing apparatus provided by the embodiments of the present application, comprising:
Memory, for storing program instruction;
Processor is executed for calling the program instruction stored in the memory according to the program of acquisition:
The registration request from user equipment (UE) is received, SUCI is obtained from the registration request, and obtain from the SUCI
Network element is taken to select information;The network element selects information, for be not belonging to mobile contracted user's identification number MSIN for belonging to
The network element of selection target network element selects information in public land mobile network HPLMN;
Network element selection is carried out using network element selection information or message routes.
Optionally, the network element selects information to select information ciphertext for network element;
SUCI is obtained from the registration request, and obtains network element from the SUCI and selects information, is specifically included by network element
Information decryption functional entity is selected to execute following operation:
Network element is obtained using the network element selection information master key mark in SUCI and selects information master key, if SUCI is not carried
The network element selects information master key mark, then selects default master key, or use empty decryption scheme according to the configuration of system;
Use the random value for selecting information encryption key in network element selection information master key, SUCI for exporting network element, benefit
Information decryption key is selected with key exported algorithm export network element;
Information ciphertext is selected using network element selection information decryption key decryption network element, network element is obtained and selects information;
The network element for needing to carry out network element selection or message routing network element selection information being supplied in HPLMN.
Optionally, described device is the network element for needing to carry out network element selection or message routing in HPLMN;Utilize the network element
It selects information to carry out network element selection or message routing, specifically includes:
Select information that registration request is transmitted to target network element according to network element.
Optionally, the processor, which is also used to for the network element selection information of acquisition being attached to, is transmitted to the target network element
In message.
In the side UE, another kind message processing apparatus provided by the embodiments of the present application, comprising:
Determination unit carries signing hidden identifiers SUCI for determining registration request in the registration request, described
SUCI contain be not belonging to mobile contracted user's identification number MSIN for being selected in Home Public Land Mobile Network network HPLMN
The network element of target network element selects information;
Transmission unit, for the registration request to be sent to network side.
In network side, another kind message processing apparatus provided by the embodiments of the present application, comprising:
First unit obtains SUCI for receiving the registration request from user equipment (UE) from the registration request, and from
Network element is obtained in the SUCI selects information;The network element selects information, to be not belonging to mobile contracted user's identification number MSIN
For in Home Public Land Mobile Network network HPLMN selection target network element network element select information;
Second unit, for carrying out network element selection or message routing using network element selection information.
A kind of Global Subscriber identification card USIM provided by the embodiments of the present application, comprising:
Memory, for storing program instruction, and storage network element selection information;
Processor is executed for calling the program instruction stored in the memory according to the program of acquisition:
If the memory is also stored with network element selection information master key, using network element selection information master key, for leading
The random value of network element selection information encryption key out selects information encryption key using key exported algorithm export network element.
Optionally, the memory is also stored with network element selection information master key and network element selection information master key mark.
Another embodiment of the application provides a kind of calculating equipment comprising memory and processor, wherein the storage
Device is for storing program instruction, and the processor is for calling the program instruction stored in the memory, according to the journey of acquisition
Sequence executes any of the above-described kind of method.
Another embodiment of the application provides a kind of computer storage medium, and the computer storage medium is stored with calculating
Machine executable instruction, the computer executable instructions are for making the computer execute any of the above-described kind of method.
Detailed description of the invention
In order to more clearly explain the technical solutions in the embodiments of the present application, make required in being described below to embodiment
Attached drawing is briefly introduced, it should be apparent that, the drawings in the following description are only some examples of the present application, for this
For the those of ordinary skill in field, without creative efforts, it can also be obtained according to these attached drawings other
Attached drawing.
Fig. 1 is 5G system authentication functional entity provided by the embodiments of the present application and verification process schematic diagram;
Fig. 2 is the secret protection that network element selects information in 5G communication system initial registration procedure provided by the embodiments of the present application
Schematic diagram;
Fig. 3 is the basic procedure schematic diagram under one scene of embodiment provided by the embodiments of the present application;
Fig. 4 is the basic procedure schematic diagram under two scene of embodiment provided by the embodiments of the present application;
Fig. 5 is a kind of flow diagram of message treatment method of the side UE provided by the embodiments of the present application;
Fig. 6 is a kind of flow diagram of message treatment method of network side provided by the embodiments of the present application;
Fig. 7 is a kind of structural schematic diagram of message processing apparatus of the side UE provided by the embodiments of the present application;
Fig. 8 is a kind of structural schematic diagram of message processing apparatus of network side provided by the embodiments of the present application;
Fig. 9 is the structural schematic diagram of another message processing apparatus of the side UE provided by the embodiments of the present application;
Figure 10 is the structural schematic diagram of another message processing apparatus of network side provided by the embodiments of the present application.
Specific embodiment
The embodiment of the present application provides message treatment method and device, accurately to route the registration request from UE
To target network element.
In 5G system, user's signatory mark will be protected by SUPI protection scheme (protection scheme).SUPI
Protection scheme can be divided into two classes:
Short side case (null-scheme): short side case does not encrypt SUPI, namely by empty schemes generation output with it is defeated
Enter identical.
Public key protection scheme (public key protection scheme): using public key to needing to encrypt in SUPI
Content encrypts.
SUPI is consisted of three parts:
Mobile country code (Mobile Country Code, MCC): the country one belongs to of unique identification mobile subscriber.
Mobile network code, MNC (Mobile Network Code, MNC): the Home PLMN of unique identification mobile subscriber, namely
Mobile Network Operator.
Mobile contracted user's identification number (Mobile Subscriber Identification Number, MSIN): know
The mobile identification number (MSIN) of mobile subscriber in other PLMN.
When using public key protection scheme protection SUPI, the MSIN relevant to user identity in SUPI will be encrypted, from
And achieve the purpose that protect privacy of user.
In 5G system, SUPI will could be transmitted by the protection of protection scheme (protection scheme), namely
SUPI always passes through short side case (null-scheme) or public key protection scheme (public key protection
scheme).Through protection scheme treated SUPI is saved in referred to as signing hidden identifiers (SUBScription
Concealed Identifier, SUCI) data structure in.SUCI includes following information:
Protection scheme mark (protection scheme identifier): mark SUCI is protected using which protection scheme
Shield, such as null-scheme or public key protection scheme.
Public key identifier (public key identifier): which defined by local network operation business mark SUCI use
A public key (public key) encryption.If the field is sky using null-scheme.
Home network identifier (home network identifier): mobile country code (MCC)+mobile network's generation
Code (MNC).Under roaming scence, VPLMN (Visited PLMN, access PLMN (Public Land Mobile Network,
Public land mobile network)) using MCC and MNC registration request is routed into HPLMN (Home PLMN, Home PLMN).
Protection scheme exports (protection scheme-output): by protection scheme (protection scheme)
It is generating as a result, namely the output result that is generated by short side case or public key protection scheme.
Referring to Fig. 1, in 5G Verification System, UE and safe anchor point function (SEcurity Anchor Function,
SEAF) it is located in VPLMN, authentication server functions (Authentication Server Function, AUSF), uniform data
It manages (Unified Data Management, UDM), authentication voucher library and processing function (Authentication
Credential Repository and Processing Function, ARPF) and signatory mark symbol remove hidden function
(Subscription Identifier De-concealing Function, SIDF) is located at HPLMN.In 4G network, when
When having multiple AUSF or UDM in HPLMN, registration request is routed to target using the routing iinformation for including in MSIN and returned by HPLMN
Belong to assigned user server (Home Subscriber Server, HSS).In 5G network, due to being responsible for the function of decryption SUCI
It can be located in UDM, so HPLMN is possible in the case that working as in HPLMN has multiple AUSF or UDM, and SUPI is by public key encryption
The registration request of user cannot be routed in target AUSF or UDM.It makes a concrete analysis of as follows:
UPI encryption uses asymmetric encryption techniques.Asymmetric encryption techniques requirement decryption side must use and encrypted public key
Encryption information could be decrypted in corresponding private key.Asymmetric encryption techniques allow unlimited public and private of each UDM generation quantity
Key pair, and private key is managed respectively.The management of private key can be based on HPLMN, be also possible to based on UDM's.Work as Private key management
When being based on HPLMN, it can permit a UDM and possess all private keys, SUCI is decrypted so as to concentrate, at this time not
It needs in SUCI comprising routing iinformation.When the management of private key is based on UDM, that is to say, that a UDM cannot possess other
The private key of UDM will cannot use the SUCI of centralization to decrypt scheme at this time.The case where management for private key is based on UDM needs
SUCI is wanted to provide additional routing iinformation to support message in such a scenario to route, to include to encrypt disappearing for SUPI
Breath is routed to target UDM.
It can learn as described above and be used to find that the information of AUSF or UDM is in SUPI or SUCI in specification at present
MNC and/or MCC.It include that MSIN in SUPI will be encrypted, and be responsible for the function SIDF of decryption to protect privacy of user
In UDM.This has been resulted in when encryption key is based on UDM management (UDM does not provide decruption key to other UDM), former
It cannot be obtained come the information for being routed in HPLMN for NRF or AUSF, and causing can not selection target UDM.
And it there is no in the safe TS of current 5G (3GPP TS 33.501V15.0.0) and relevant carry out net in HPLMN
The technical solution of member selection or routing, does not also provide the technical solution of secret protection to routing iinformation.
Based on the above analysis, it is considered as providing additional routing iinformation in SUCI for initially being recognized in HPLMN
Message routing is demonstrate,proved, and further provides necessary Privacy Preservation Mechanism to the routing iinformation.
Basic principle:
Increase the network element used for HPLMN in SUCI and select information, network element selection information can only be understood by HPLMN
With use, avoid privacy leakage, for example, certification special user group caused by due to network element selects information and the UDM meeting that sets
The identity of exposure sensitive users or the application of special Internet of Things etc., thus the privacy for the user that adequately protects.
The network element selection letter dedicated for HPLMN selection network function (Network Function) is stored in USIM
Breath, such as selecting the network element of AUSF or UDM to select information.
The symmetric key that information is selected for encrypting network element provided by operator is provided in USIM.Using symmetrical close
The reason of key is not will cause information processing bottleneck because encryption/decryption speed is fast.
If user includes firstly the need of to SUCI in registration request using encryption SUPI, HPLMN in the registration request
Encryption network element selection information is decrypted, the message Route Selection after then being carried out using the network element selection information after decryption.
Term or entity function description:
Privacy described in the embodiment of the present application for network element selection information in 5G communication system initial registration procedure is protected
Maintaining method is as shown in Figure 2.
Network element selects information (Network Element Selection Information, NESI): certain in HPLMN
The network element for participating in verification process can choose the target network element of messaging using the information.For example, network storage library facility
The INFORMATION DISCOVERY target AUSF or UDM can be used in (Network Repository Function, NRF).
Network element selects information ciphertext (NESI Cipher text): selecting the encrypted network element of information encryption key by network element
Select information.
Network element selection information master key (NESI Master Key): for generating network element selection information encryption key
Grade key.
Network element selects information encryption main key mark (NESI Master Key Identify): being used in HPLMN only
One mark network element selects information encryption main key.
Network element selection information encryption key (NESI Encryption Key): it is actually used in encryption network element selection information
Encryption key, the key are exported by network element selection information encryption main key.
Network element selects information encryption key export function (NESI Encryption Key Derivation
Function): being located in Global Subscriber identification card (Universal Subscriber Identity Module, USIM), bear
Duty selects information encryption key using network element selection information encryption main key export network element.
Network element selects information encryption function (NESI Encryption Function): user equipment (User
Equipment, UE) function, it is responsible for generating network element selection information ciphertext using network element selection information encryption key.
Network element selects information decryption function (NESI Decryption Function, NESIDF): being located at HPLMN core net
In (Core Network, CN), it is responsible for decryption network element and selects information ciphertext, obtains network element selection information in plain text.
Basic process:
Basic premise: operator is written into USIM: network element selects information, network element selection information master key, network element selection
Information master key mark.Wherein, network element selection information master key and network element selection information master key are identified as option.Work as network element
When to select information master key be empty, network element selection information master key mark also should be empty.Network element selects information encipherment scheme at this time
For null-encryption scheme, namely do not execute cryptographic operation.Selecting information master key not when network element is sky, but network element selection information master is close
When key is identified as sky, default uses default key (preset key can specifically be set according to actual needs).
When UE needs to use non-empty scheme (non null- during initial registration (Initial Registration)
When scheme) protecting SUPI, for the privacy of user in protection network element selection course, technical solution provided by the embodiments of the present application is held
The following operation of row:
Network element selection information, network element selection information master key, network element can be previously stored in USIM selects information master close
Key mark.
UE requests USIM to provide: network element selects information encryption key, network element selection information master key mark and network element selection
Information.Also, UE needs to provide the random value (nonce) for exporting network element selection information encryption key to USIM.This is random
Value is a part of SUCI, such as the ciphertext of MSIN.
USIM (specifically can root using network element selection information master key, the UE nonce provided and other possible parameters
Depending on actual needs, in the embodiment of the present application without limitation, naturally it is also possible to without the parameter described in these), key is utilized
Exported algorithm (specific algorithm can be decided according to the actual requirements, without limiting) export network element selects information encryption key.So
Afterwards, information encryption key, network element selection information master key mark (optional), network element selection information is selected to be supplied to UE network element.
Wherein network element selection information master key is identified as optional content.
If not having network element to select information master key in USIM, system default uses null-encryption scheme processing net element selection letter
Breath.USIM will only return to network element and select information at this time.
UE (specifically information encryption function module can be selected to realize by network element) selects information encryption key using network element
Network element selection information is encrypted, network element is obtained and selects information ciphertext.
If system uses null-encryption scheme, UE is not encrypted network element selection information, and net is used directly in SUCI
Member selection information.
Network element is selected information ciphertext, network element to select information master by UE (can specifically be realized by SUCI systematic function module)
In (optional) the addition SUCI of key identification.If USIM does not provide network element selection information master key mark, not including in SUCI should
Information.
SUCI is included in the registration request, and to be sent to visit by UE (specifically can be by registration request Implement of Function Module)
Network (VPLMN).Further, which is sent to home network (HPLMN) by VPLMN.The registration request, such as
It can be initial registration request, but it is not limited to this.
When the network element in HPLMN needs to carry out network element selection or message routing using the network element selection information provided by SUCI
When, which needs to call network element selection information decryption function that the network element selection information ciphertext for including in SUCI is decrypted.
The network element needs to select information decryption function to provide to network element:
SUCI, alternatively,
Network element selects information ciphertext, nonce and/or network element selection information master key mark (if in SUCI including the letter
Breath).
Network element selects information decryption function, and the following operations need to be performed:
One, corresponding network element is obtained using the network element selection information master key mark in SUCI select information master key.If
SUCI does not carry the key identification, then selects default master key, or use empty decryption scheme, Ye Jizhi according to the configuration of system
It connects and selects information ciphertext to select information as network element network element.
Two, select information master key using network element, in SUCI as the value (such as MSIN ciphertext) of nonce and other can
The parameter of energy selects information decryption key using key exported algorithm export network element.
Three, information ciphertext is selected using network element selection information decryption key decryption network element, obtains network element and selects information.
Four, the request network element that network element selection information is supplied in HPLMN (is needed to carry out network element selection or message routes
Network element).
The network element for needing to carry out network element selection or message routing in HPLMN selects information that registration request disappears according to network element
Breath is transmitted to target network element, and selectively the network element selection information of acquisition is attached in the message of forwarding, so as to subsequent net
Member directly can carry out subsequent network element selection and routing using network element selection information.
Embodiment one:
The network element in SUCI is selected in network element AUSF direct request network element selection information decryption function (NESIDF) in HPLMN
Information ciphertext is selected to be decrypted.AUSF parses network element and selects information, obtains target UDM.Detailed process is as shown in Figure 3, comprising:
Step 1, UE send initial registration request to network, wherein including SUCI.Route the request to VPLMN's
SEAF。
The initial registration request (wherein carrying SUCI) is sent to the AUSF in HPLMN by step 2, SEAF.
Step 3, AUSF select information decoding request by network element, and the SUCI in the initial registration request of UE is sent to
The network element selection ciphertext in SUCI is decrypted in NESIDF, request the latter.
Step 4, NESIDF obtain corresponding key using the network element selection information master key mark carried in SUCI;It utilizes
Key export is carried out as the value of nonce and other parameters in SUCI, obtains network element selection information decryption key;It is selected using network element
It selects information decryption key network element selection information ciphertext is decrypted, obtains network element and select information;Then it selects to believe by network element
Network element selection information is returned to AUSF by breath decryption response.
Step 5, AUSF parsing network element select information, the address of target UDM are obtained, then by the initial registration request of UE
(wherein carrying SUCI) is sent to target UDM.
Embodiment two:
Network element AUSF request NRF in HPLMN provides the address of target UDM.NRF calls NESIDF to obtain network element selection letter
Breath is in plain text.NRF parses network element and selects information, obtains the address of target UDM, and is supplied to AUSF.Detailed process as shown in figure 4,
Include:
Step 11, UE send initial registration request to network, wherein including SUCI.Route the request to VPLMN's
SEAF。
Initial registration request (wherein including SUCI) is sent to the AUSF in HPLMN by step 12, SEAF.
SUCI is sent to NRF by network element selection request by step 13, AUSF, and request the latter provides the address of target UDM.
After step 14, NRF receive network element selection request, network element selection is obtained from the SUCI that network element selects request to carry
Value and network element in information master key mark, SUCI as nonce select information ciphertext, then select information decryption by network element
These information (ciphertext) are sent to NESIDF by request, and the network element selection ciphertext in SUCI is decrypted in request the latter.
Step 15, NESIDF obtain corresponding key using network element selection information master key mark;Using nonce and other
Parameter carries out key export, obtains network element selection information decryption key;Network element is selected using network element selection information decryption key
Information ciphertext is decrypted, and obtains network element and selects information;Then select information decryption response that network element is selected information by network element
(plaintext) returns to NRF.
Step 16, NRF receive network element selection information decryption response, therefrom obtain and parse network element selection information, obtain mesh
The address for marking UDM (target network element), then returns to AUSF for the address of target UDM.
Initial registration request (wherein including SUCI) is sent to target UDM (e.g. UDM1) by step 17, AUSF.
To sum up, referring to Fig. 5, a kind of message treatment method provided by the embodiments of the present application, comprising:
S101, user equipment (UE) determine registration request, and signing hidden identifiers SUCI is carried in the registration request, described
SUCI contain be not belonging to mobile contracted user's identification number MSIN for being selected in Home Public Land Mobile Network network HPLMN
The network element of target network element selects information;
The registration request is sent to network side by S102, the UE.
In this way, UE determines registration request, signing hidden identifiers SUCI is carried in the registration request, it is described
SUCI contain be not belonging to mobile contracted user's identification number MSIN for being selected in Home Public Land Mobile Network network HPLMN
The network element of target network element selects information;The registration request is sent to network side by the UE, so that network side can
The registration request from UE is accurately routed to target network element using network element selection information.
Optionally, the network element selects information to select information ciphertext for network element;
If there is network element to select information master key in the USIM in the UE, the USIM in the UE uses network element selection letter
Breath master key, the random value for exporting network element selection information encryption key utilize key exported algorithm export network element selection letter
Encryption for information key;The UE encrypts network element selection information using network element selection information encryption key, described in acquisition
Network element selects information ciphertext.
To can be further improved the safety of information by the encryption for selecting network element information.
It optionally, further include network element selection information master key mark in the SUCI.
Optionally, the network element selection information master key, network element selection information and network element selection information master are close
Key mark, is stored in USIM.
Optionally, if there is no network element to select information master key in USIM in the UE, the network element is not selected to believe
Breath is encrypted, and network element selection information is set up directly in SUCI by the UE.
Optionally, the registration request is sent to visited Public Land mobile network VPLMN by the UE, by described
VPLMN is transmitted to HPLMN.
Correspondingly, in network side, referring to Fig. 6, a kind of message treatment method provided by the embodiments of the present application, comprising:
S201, the registration request from user equipment (UE) is received, obtains SUCI from the registration request, and from the SUCI
Middle acquisition network element selects information;The network element selects information, to be not belonging to being used for for mobile contracted user's identification number MSIN
The network element of selection target network element selects information in Home Public Land Mobile Network network HPLMN;
S202, network element selection or message routing are carried out using network element selection information.
Optionally, the network element selects information to select information ciphertext for network element;
SUCI is obtained from the registration request, and obtains network element from the SUCI and selects information, is specifically included by network element
Information decryption functional entity is selected to execute following operation:
Network element is obtained using the network element selection information master key mark in SUCI and selects information master key, if SUCI is not carried
The network element selects information master key mark, then selects default master key, or use empty decryption scheme according to the configuration of system;
Use the random value for selecting information encryption key in network element selection information master key, SUCI for exporting network element, benefit
Information decryption key is selected with key exported algorithm export network element;
Information ciphertext is selected using network element selection information decryption key decryption network element, network element is obtained and selects information;
The network element for needing to carry out network element selection or message routing network element selection information being supplied in HPLMN.
Optionally, network element selection is carried out using network element selection information or message routes, specifically include:
The network element for needing to carry out network element selection or message routing in HPLMN selects information to turn registration request according to network element
Issue target network element.
Optionally, the network element for needing to carry out network element selection or message routing in the HPLMN, also selects the network element of acquisition
Information is attached in the message for being transmitted to the target network element.
In the side UE, referring to Fig. 7, a kind of message processing apparatus provided by the embodiments of the present application, comprising:
Memory 620, for storing program instruction;
Processor 600 is executed for calling the program instruction stored in the memory according to the program of acquisition:
It determines registration request, signing hidden identifiers SUCI is carried in the registration request, the SUCI, which contains, to be not belonging to
The network element for the selection target network element in Home Public Land Mobile Network network HPLMN of mobile contracted user's identification number MSIN
Select information;
The registration request is sent to network side.
Optionally, described device further includes Global Subscriber identification card USIM (being not shown in Fig. 7, may refer to Fig. 2);It is described
Network element selects information to select information ciphertext for network element;
If there is network element to select information master key in the USIM, the USIM uses network element selection information master key, use
In the random value of export network element selection information encryption key, information encryption key is selected using key exported algorithm export network element;
The processor encrypts network element selection information using network element selection information encryption key, described in acquisition
Network element selects information ciphertext.
It optionally, further include network element selection information master key mark in the SUCI.
Optionally, the network element selection information master key, network element selection information and network element selection information master are close
Key mark, is stored in the USIM.
Optionally, if not having network element to select information master key in the USIM, the processor is not selected the network element
It selects information to be encrypted, network element selection information is set up directly in SUCI.
Optionally, the registration request is sent to visited Public Land mobile network by transceiver by the processor
VPLMN is transmitted to HPLMN by the VPLMN.
Transceiver 610, for sending and receiving data under the control of processor 600.
Wherein, in Fig. 7, bus architecture may include the bus and bridge of any number of interconnection, specifically by processor 600
The various circuits for the memory that the one or more processors and memory 620 of representative represent link together.Bus architecture is also
Various other circuits of such as peripheral equipment, voltage-stablizer and management circuit or the like can be linked together, these are all
It is it is known in the art, therefore, it will not be further described herein.Bus interface provides interface.Transceiver 610 can
To be multiple element, that is, includes transmitter and receiver, the list for communicating over a transmission medium with various other devices is provided
Member.For different user equipmenies, user interface 630, which can also be, external the interface for needing equipment is inscribed, and connection is set
Standby including but not limited to keypad, display, loudspeaker, microphone, control stick etc..
Processor 600, which is responsible for management bus architecture and common processing, memory 620, can store processor 600 and is holding
Used data when row operation.
Optionally, processor 600 can be CPU (centre buries device), ASIC (Application Specific
Integrated Circuit, specific integrated circuit), (Field-Programmable Gate Array, scene can compile FPGA
Journey gate array) or CPLD (Complex Programmable Logic Device, Complex Programmable Logic Devices).
Correspondingly, in network side, referring to Fig. 8, a kind of message processing apparatus provided by the embodiments of the present application, comprising:
Memory 520, for storing program instruction;
Processor 500 is executed for calling the program instruction stored in the memory according to the program of acquisition:
The registration request from user equipment (UE) is received, SUCI is obtained from the registration request, and obtain from the SUCI
Network element is taken to select information;The network element selects information, for be not belonging to mobile contracted user's identification number MSIN for belonging to
The network element of selection target network element selects information in public land mobile network HPLMN;
Network element selection is carried out using network element selection information or message routes.
Optionally, the network element selects information to select information ciphertext for network element;
SUCI is obtained from the registration request, and obtains network element from the SUCI and selects information, is specifically included by network element
Information decryption functional entity is selected to execute following operation:
Network element is obtained using the network element selection information master key mark in SUCI and selects information master key, if SUCI is not carried
The network element selects information master key mark, then selects default master key, or use empty decryption scheme according to the configuration of system;
Use the random value for selecting information encryption key in network element selection information master key, SUCI for exporting network element, benefit
Information decryption key is selected with key exported algorithm export network element;
Information ciphertext is selected using network element selection information decryption key decryption network element, network element is obtained and selects information;
The network element for needing to carry out network element selection or message routing network element selection information being supplied in HPLMN.
Optionally, described device is the network element for needing to carry out network element selection or message routing in HPLMN;Utilize the network element
It selects information to carry out network element selection or message routing, specifically includes:
Select information that registration request is transmitted to target network element according to network element.
Optionally, the processor, which is also used to for the network element selection information of acquisition being attached to, is transmitted to the target network element
In message.
Transceiver 510, for sending and receiving data under control of the processor 500.
Wherein, in fig. 8, bus architecture may include the bus and bridge of any number of interconnection, specifically by processor 500
The various circuits for the memory that the one or more processors and memory 520 of representative represent link together.Bus architecture is also
Various other circuits of such as peripheral equipment, voltage-stablizer and management circuit or the like can be linked together, these are all
It is it is known in the art, therefore, it will not be further described herein.Bus interface provides interface.Transceiver 510 can
To be multiple element, that is, includes transmitter and transceiver, the list for communicating over a transmission medium with various other devices is provided
Member.Processor 500, which is responsible for management bus architecture and common processing, memory 520, can store processor 500 and is executing operation
When used data.
Processor 500 can be centre and bury device (CPU), specific integrated circuit (Application Specific
Integrated Circuit, ASIC), field programmable gate array (Field-Programmable Gate Array,
) or Complex Programmable Logic Devices (Complex Programmable Logic Device, CPLD) FPGA.
In the side UE, referring to Fig. 9, another kind message processing apparatus provided by the embodiments of the present application, comprising:
Determination unit 303 carries signing hidden identifiers SUCI, institute for determining registration request in the registration request
State SUCI contain be not belonging to mobile contracted user's identification number MSIN for being selected in Home Public Land Mobile Network network HPLMN
Select the network element selection information of target network element;
Transmission unit 304, for the registration request to be sent to network side.
In network side, referring to Figure 10, another kind message processing apparatus provided by the embodiments of the present application, comprising:
First unit 301 obtains SUCI from the registration request for receiving the registration request from user equipment (UE),
And network element is obtained from the SUCI and selects information;The network element selects information, to be not belonging to mobile contracted user's identification number
The network element for the selection target network element in Home Public Land Mobile Network network HPLMN of MSIN selects information;
Second unit 302, for carrying out network element selection or message routing using network element selection information.
A kind of Global Subscriber identification card USIM provided by the embodiments of the present application, comprising:
Memory, for storing program instruction, and storage network element selection information;
Processor is executed for calling the program instruction stored in the memory according to the program of acquisition:
If the memory is also stored with network element selection information master key, using network element selection information master key, for leading
The random value of network element selection information encryption key out selects information encryption key using key exported algorithm export network element.
Optionally, the memory is also stored with network element selection information master key and network element selection information master key mark.
The embodiment of the present application provides a kind of calculating equipment, which is specifically as follows desktop computer, portable
Computer, smart phone, tablet computer, personal digital assistant (Personal Digital Assistant, PDA) etc., the meter
Calculating equipment may include central processing unit (Center Processing Unit, CPU), memory, input-output apparatus etc.,
Input equipment may include keyboard, mouse, touch screen etc., and output equipment may include display equipment, such as liquid crystal display
(Liquid Crystal Display, LCD), cathode-ray tube (Cathode Ray Tube, CRT) etc..
Memory may include read-only memory (ROM) and random access memory (RAM), and provide storage to processor
The program instruction and data stored in device.In the embodiment of the present application, memory can be used for storing the embodiment of the present application offer
Any the method program.
Processor is by the program instruction for calling memory to store, and processor is for executing sheet according to the program instruction of acquisition
Apply for any the method that embodiment provides.
The embodiment of the present application provides a kind of computer storage medium, above-mentioned provided by the embodiments of the present application for being stored as
Computer program instructions used in device, it includes the programs for executing above-mentioned either method provided by the embodiments of the present application.
The computer storage medium can be any usable medium or data storage device that computer can access, packet
Include but be not limited to magnetic storage (such as floppy disk, hard disk, tape, magneto-optic disk (MO) etc.), optical memory (such as CD, DVD,
BD, HVD etc.) and semiconductor memory (such as it is ROM, EPROM, EEPROM, nonvolatile memory (NAND FLASH), solid
State hard disk (SSD)) etc..
Method provided by the embodiments of the present application can be applied to terminal device, also can be applied to the network equipment.
Wherein, terminal device is also referred to as user equipment (User Equipment, referred to as " UE "), mobile station
(Mobile Station, referred to as " MS "), mobile terminal (Mobile Terminal) etc., optionally, which can have
The ability communicated through wireless access network (Radio Access Network, RAN) with one or more core nets, for example,
Terminal can be mobile phone (or for " honeycomb " phone) or the computer etc. with mobile property, for example, terminal can be with
It is portable, pocket, hand-held, built-in computer or vehicle-mounted mobile device.
The network equipment can be equipment of the core network or access network equipment etc., such as can be base station (for example, access point), refer to
Pass through the equipment of one or more sectors and wireless terminal communications in access net on interface in the sky.What base station can be used for receive
Air frame is mutually converted with IP grouping, as the router between wireless terminal and the rest part of access net, wherein connecing
The rest part of networking may include Internet protocol (IP) network.Attribute management of the base station also tunable to air interface.For example, base
Station can be the base station (BTS, Base Transceiver Station) in GSM or CDMA, be also possible to the base station in WCDMA
(NodeB), it can also be the evolved base station (NodeB or eNB or e-NodeB, evolutional Node B) in LTE, or
Person is also possible to the gNB etc. in 5G system.In the embodiment of the present application without limitation.
Above method process flow can realize that the software program can store in storage medium with software program, when
When the software program of storage is called, above method step is executed.
In conclusion in the embodiment of the present application, in SUCI containing be not belonging to MSIN for the selection target net in HPLMN
The network element selection information ciphertext of member and possible key relevant to the ciphertext indicate information.The network element selects information pair
VPLMN is meaningless.Network element selection information may be protected by the security mechanism based on key, to avoid message in transmission process
Middle eavesdropped and cause leakage of private information.Only HPLMN could be decrypted the encryption information.
In the side UE, network element selects information, and network element selects information master key, and network element selection information master key mark should be stored in
In USIM.Network element selects information master key, and network element selection information master key is identified as option.
Network element selection information encryption key export executes in USIM, and USIM is using network element selection information master key to coming from
It can be used as random value (nonce) and other possible input parameters execution key export operations in SUCI, and obtain network element
Select information encryption key.
Information and network element selection information master key are selected when being stored with network element in USIM, but not stored network element selects information master
Key identification, then not including in SUCI has network element selection information master key mark.HPLMN default uses default master key at this time
Carry out key export and decryption.
When be stored in USIM network element selection information, but it is not stored have network element selection information master key and network element selection information
Master key mark, then UE default is encrypted using null-encryption scheme, namely does not execute key export and cryptographic operation, directly will
The network element selection information stored in USIM is added in SUCI, and not including in SUCI has network element selection information master key to identify.
Need the network element for carrying out network element selection or routing using the network element selection information provided by SUCI that should call in HPLMN
Network element selection information decryption function is decrypted or parses to the network element selection information ciphertext for including in SUCI, and needs to network element
It selects information decryption function to provide network element and selects information ciphertext, network element selects information master key mark, in SUCI
nonce.Wherein network element selection information master key is identified as optional project.
Network element selects information decryption function to obtain corresponding network element using network element selection information master key mark and selects information
Master key.If network element selection information master key is identified as sky, default using default master key, or used according to system configuration
Empty decryption scheme.Network element selects information decryption function to select information master key using network element, the value in SUCI as nonce, and
Other possible parameters select information decryption key using key exported algorithm export network element.
Network element selects information decryption function to select information ciphertext using network element selection information decryption key decryption network element, obtains
Network element selects information.
The network element for needing to carry out network element selection or message routing in HPLMN selects information by login request message according to network element
It is transmitted to target network element, and selectively the network element selection information of acquisition is attached in the message of forwarding, so as to subsequent network element
Subsequent network element selection directly can be carried out using network element selection information to route with message.
That is, the embodiment of the present application provide in HPLMN to needed in registration process network element selection or
The technical solution of routing iinformation progress secret protection.
It should be understood by those skilled in the art that, embodiments herein can provide as method, system or computer program
Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the application
Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the application, which can be used in one or more,
The shape for the computer program product implemented in usable storage medium (including but not limited to magnetic disk storage and optical memory etc.)
Formula.
The application is referring to method, the process of equipment (system) and computer program product according to the embodiment of the present application
Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions
The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs
Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce
A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real
The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates,
Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or
The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting
Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or
The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one
The step of function of being specified in a box or multiple boxes.
Obviously, those skilled in the art can carry out various modification and variations without departing from the essence of the application to the application
Mind and range.In this way, if these modifications and variations of the application belong to the range of the claim of this application and its equivalent technologies
Within, then the application is also intended to include these modifications and variations.
Claims (25)
1. a kind of message treatment method, which is characterized in that this method comprises:
User equipment (UE) determines registration request, and signing hidden identifiers SUCI is carried in the registration request, and the SUCI contains
Be not belonging to mobile contracted user's identification number MSIN is used for the selection target network element in Home Public Land Mobile Network network HPLMN
Network element select information;
The registration request is sent to network side by the UE.
2. the method according to claim 1, wherein the network element selects information to select information ciphertext for network element;
If there is network element to select information master key in the USIM in the UE, the USIM in the UE selects information master using network element
Key, the random value for exporting network element selection information encryption key are added using key exported algorithm export network element selection information
Key;The UE encrypts network element selection information using network element selection information encryption key, obtains the network element
Select information ciphertext.
3. according to the method described in claim 2, it is characterized in that, further including network element selection information master key mark in the SUCI
Know.
4. according to the method described in claim 3, it is characterized in that, network element selection information master key, network element selection
Information and network element selection information master key mark, are stored in USIM.
5. the method according to claim 1, wherein if there is no network element to select information master in USIM in the UE
Key does not encrypt network element selection information then, and network element selection information is set up directly in SUCI by the UE.
6. the method according to claim 1, wherein the registration request is sent to the public land of visit by the UE
Ground mobile network VPLMN is transmitted to HPLMN by the VPLMN.
7. a kind of message treatment method, which is characterized in that this method comprises:
The registration request from user equipment (UE) is received, SUCI is obtained from the registration request, and obtain net from the SUCI
Member selection information;The network element selects information, for be not belonging to mobile contracted user's identification number MSIN for belong to it is public
The network element of selection target network element selects information in land mobile network HPLMN;
Network element selection is carried out using network element selection information or message routes.
8. the method according to the description of claim 7 is characterized in that the network element selects information to select information ciphertext for network element;
SUCI is obtained from the registration request, and obtains network element from the SUCI and selects information, is specifically included and is selected by network element
Information decrypts functional entity and executes following operation:
Network element is obtained using the network element selection information master key mark in SUCI and selects information master key, if SUCI does not carry the net
Member selection information master key mark then selects default master key, or uses empty decryption scheme according to the configuration of system;
Using, for exporting the random value of network element selection information encryption key, utilization is close in network element selection information master key, SUCI
Key exported algorithm exports network element and selects information decryption key;
Information ciphertext is selected using network element selection information decryption key decryption network element, network element is obtained and selects information;
The network element for needing to carry out network element selection or message routing network element selection information being supplied in HPLMN.
9. according to the method described in claim 8, it is characterized in that, carrying out network element selection using network element selection information or disappearing
Breath routing, specifically includes:
The network element for needing to carry out network element selection or message routing in HPLMN selects information to be transmitted to registration request according to network element
Target network element.
10. according to the method described in claim 9, it is characterized in that, needing to carry out network element selection or message road in the HPLMN
By network element, also the network element of acquisition selection information is attached in the message for being transmitted to the target network element.
11. a kind of message processing apparatus characterized by comprising
Memory, for storing program instruction;
Processor is executed for calling the program instruction stored in the memory according to the program of acquisition:
It determines registration request, signing hidden identifiers SUCI is carried in the registration request, the SUCI, which contains, to be not belonging to move
The network element selection for the selection target network element in Home Public Land Mobile Network network HPLMN of contracted user's identification number MSIN
Information;
The registration request is sent to network side.
12. device according to claim 11, which is characterized in that described device further includes Global Subscriber identification card USIM;
The network element selects information to select information ciphertext for network element;
If there is network element to select information master key in the USIM, the USIM selects information master key using network element, for leading
The random value of network element selection information encryption key out selects information encryption key using key exported algorithm export network element;
The processor encrypts network element selection information using network element selection information encryption key, obtains the network element
Select information ciphertext.
13. device according to claim 12, which is characterized in that further include network element selection information master key in the SUCI
Mark.
14. device according to claim 13, which is characterized in that the network element selection information master key, network element choosing
Information and network element selection information master key mark are selected, is stored in the USIM.
15. device according to claim 12, which is characterized in that if there is no network element selection information master close in the USIM
Key, then the processor does not encrypt network element selection information, and network element selection information is set up directly in SUCI.
16. device according to claim 11, which is characterized in that the processor passes through transceiver for the registration request
It is sent to visited Public Land mobile network VPLMN, HPLMN is transmitted to by the VPLMN.
17. a kind of message processing apparatus characterized by comprising
Memory, for storing program instruction;
Processor is executed for calling the program instruction stored in the memory according to the program of acquisition:
The registration request from user equipment (UE) is received, SUCI is obtained from the registration request, and obtain net from the SUCI
Member selection information;The network element selects information, for be not belonging to mobile contracted user's identification number MSIN for belong to it is public
The network element of selection target network element selects information in land mobile network HPLMN;
Network element selection is carried out using network element selection information or message routes.
18. device according to claim 17, which is characterized in that the network element selects information to select information close for network element
Text;
SUCI is obtained from the registration request, and obtains network element from the SUCI and selects information, is specifically included and is selected by network element
Information decrypts functional entity and executes following operation:
Network element is obtained using the network element selection information master key mark in SUCI and selects information master key, if SUCI does not carry the net
Member selection information master key mark then selects default master key, or uses empty decryption scheme according to the configuration of system;
Using, for exporting the random value of network element selection information encryption key, utilization is close in network element selection information master key, SUCI
Key exported algorithm exports network element and selects information decryption key;
Information ciphertext is selected using network element selection information decryption key decryption network element, network element is obtained and selects information;
The network element for needing to carry out network element selection or message routing network element selection information being supplied in HPLMN.
19. device according to claim 18, which is characterized in that described device is to need to carry out network element selection in HPLMN
Or the network element of message routing;Network element selection is carried out using network element selection information or message routes, and is specifically included:
Select information that registration request is transmitted to target network element according to network element.
20. device according to claim 19, which is characterized in that the network element that the processor is also used to obtain selects letter
Breath is attached in the message for being transmitted to the target network element.
21. a kind of message processing apparatus characterized by comprising
Determination unit carries signing hidden identifiers SUCI for determining registration request in the registration request, the SUCI contains
Have be not belonging to mobile contracted user's identification number MSIN for the selection target net in Home Public Land Mobile Network network HPLMN
The network element of member selects information;
Transmission unit, for the registration request to be sent to network side.
22. a kind of message processing apparatus characterized by comprising
First unit obtains SUCI for receiving the registration request from user equipment (UE) from the registration request, and from described
Network element is obtained in SUCI selects information;The network element selects information, for the use for being not belonging to mobile contracted user's identification number MSIN
Information is selected in the network element of the selection target network element in Home Public Land Mobile Network network HPLMN;
Second unit, for carrying out network element selection or message routing using network element selection information.
23. a kind of Global Subscriber identification card USIM characterized by comprising
Memory, for storing program instruction, and storage network element selection information;
Processor is executed for calling the program instruction stored in the memory according to the program of acquisition:
If the memory is also stored with network element selection information master key, using network element selection information master key, for exporting net
The random value of member selection information encryption key selects information encryption key using key exported algorithm export network element.
24. USIM according to claim 23, which is characterized in that it is close that the memory is also stored with network element selection information master
Key and network element selection information master key mark.
25. a kind of computer storage medium, which is characterized in that the computer storage medium is stored with the executable finger of computer
It enables, the computer executable instructions are for making the computer perform claim require 1 to 10 described in any item methods.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810447733.8A CN110475247A (en) | 2018-05-11 | 2018-05-11 | Message treatment method and device |
| PCT/CN2019/079106 WO2019214351A1 (en) | 2018-05-11 | 2019-03-21 | Message processing method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810447733.8A CN110475247A (en) | 2018-05-11 | 2018-05-11 | Message treatment method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110475247A true CN110475247A (en) | 2019-11-19 |
Family
ID=68467286
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810447733.8A Pending CN110475247A (en) | 2018-05-11 | 2018-05-11 | Message treatment method and device |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN110475247A (en) |
| WO (1) | WO2019214351A1 (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111770496A (en) * | 2020-06-30 | 2020-10-13 | 中国联合网络通信集团有限公司 | 5G-AKA authentication method, unified data management network element and user equipment |
| CN112235736A (en) * | 2020-10-13 | 2021-01-15 | 中国联合网络通信集团有限公司 | User identification method, charging method and AMF (advanced metering framework) in roaming scene |
| CN113543126A (en) * | 2020-03-31 | 2021-10-22 | 华为技术有限公司 | Key obtaining method and device |
| CN113709729A (en) * | 2020-05-22 | 2021-11-26 | 维沃移动通信有限公司 | Data processing method and device, network equipment and terminal |
| CN113840273A (en) * | 2021-09-18 | 2021-12-24 | 中国联合网络通信集团有限公司 | User hidden identifier generation method, terminal, USIM, device and medium |
| CN114040386A (en) * | 2020-07-21 | 2022-02-11 | 中国移动通信有限公司研究院 | Method, device and equipment for determining replay message |
-
2018
- 2018-05-11 CN CN201810447733.8A patent/CN110475247A/en active Pending
-
2019
- 2019-03-21 WO PCT/CN2019/079106 patent/WO2019214351A1/en active Application Filing
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113543126A (en) * | 2020-03-31 | 2021-10-22 | 华为技术有限公司 | Key obtaining method and device |
| CN113543126B (en) * | 2020-03-31 | 2023-02-28 | 华为技术有限公司 | Key obtaining method and device |
| CN113709729A (en) * | 2020-05-22 | 2021-11-26 | 维沃移动通信有限公司 | Data processing method and device, network equipment and terminal |
| CN111770496A (en) * | 2020-06-30 | 2020-10-13 | 中国联合网络通信集团有限公司 | 5G-AKA authentication method, unified data management network element and user equipment |
| CN111770496B (en) * | 2020-06-30 | 2022-08-02 | 中国联合网络通信集团有限公司 | 5G-AKA authentication method, unified data management network element and user equipment |
| CN114040386A (en) * | 2020-07-21 | 2022-02-11 | 中国移动通信有限公司研究院 | Method, device and equipment for determining replay message |
| CN112235736A (en) * | 2020-10-13 | 2021-01-15 | 中国联合网络通信集团有限公司 | User identification method, charging method and AMF (advanced metering framework) in roaming scene |
| CN112235736B (en) * | 2020-10-13 | 2022-04-15 | 中国联合网络通信集团有限公司 | User identification method in roaming scene |
| CN113840273A (en) * | 2021-09-18 | 2021-12-24 | 中国联合网络通信集团有限公司 | User hidden identifier generation method, terminal, USIM, device and medium |
| CN113840273B (en) * | 2021-09-18 | 2023-05-09 | 中国联合网络通信集团有限公司 | User hidden identifier generation method, terminal, USIM, equipment and medium |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2019214351A1 (en) | 2019-11-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110475247A (en) | Message treatment method and device | |
| EP3249849B1 (en) | Key agreement for wireless communication | |
| CN103596173B (en) | Wireless network authentication method, client and service end wireless network authentication device | |
| EP2510713B1 (en) | Preservation of user data privacy in a network | |
| KR101097709B1 (en) | Authenticating access to a wireless local area network based on security value(s) associated with a cellular system | |
| CN109511115A (en) | A kind of authorization method and network element | |
| US20060291660A1 (en) | SIM UICC based broadcast protection | |
| CN111669276A (en) | Network verification method, device and system | |
| EP4021048A1 (en) | Identity authentication method and apparatus | |
| US8990555B2 (en) | Centralized key management | |
| CN108809635A (en) | Anchor key generation method, equipment and system | |
| US11909869B2 (en) | Communication method and related product based on key agreement and authentication | |
| WO2016161583A1 (en) | Gprs system key enhancement method, sgsn device, ue, hlr/hss and gprs system | |
| CN108012264A (en) | The scheme based on encrypted IMSI for 802.1x carriers hot spot and Wi-Fi call authorizations | |
| Khan et al. | Improving air interface user privacy in mobile telephony | |
| US11863977B2 (en) | Key generation method, device, and system | |
| CN108012266A (en) | A kind of data transmission method and relevant device | |
| CN109831775A (en) | A kind of processor, baseband chip and SIM card information transmission method | |
| CN114189343A (en) | Mutual authentication method and device | |
| CN110831002B (en) | Method and device for key deduction and computing storage medium | |
| US20220400375A1 (en) | System and method for phone privacy | |
| CN109586899B (en) | Signaling operation and indication method and device thereof, and computer storage medium | |
| WO2022237561A1 (en) | Communication method and apparatus | |
| WO2021082558A1 (en) | Access control method for network slice, apparatus, and storage medium | |
| Saxena et al. | BAS-VAS: A novel secure protocol for value added service delivery to mobile devices |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20210525 Address after: 100085 1st floor, building 1, yard 5, Shangdi East Road, Haidian District, Beijing Applicant after: DATANG MOBILE COMMUNICATIONS EQUIPMENT Co.,Ltd. Address before: 100191 No. 40, Haidian District, Beijing, Xueyuan Road Applicant before: Telecommunications Science and Technology Research Institute Co.,Ltd. |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20191119 |