CN110740444A - 5G cloud SIM authentication method - Google Patents
5G cloud SIM authentication method Download PDFInfo
- Publication number
- CN110740444A CN110740444A CN201910894780.1A CN201910894780A CN110740444A CN 110740444 A CN110740444 A CN 110740444A CN 201910894780 A CN201910894780 A CN 201910894780A CN 110740444 A CN110740444 A CN 110740444A
- Authority
- CN
- China
- Prior art keywords
- user
- authentication
- website
- cloud sim
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 25
- 230000004075 alteration Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000002457 bidirectional effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/02—Processing of mobility data, e.g. registration information at HLR [Home Location Register] or VLR [Visitor Location Register]; Transfer of mobility data, e.g. between HLR, VLR or external networks
- H04W8/08—Mobility data transfer
- H04W8/14—Mobility data transfer between corresponding nodes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/08—Access point devices
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Databases & Information Systems (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention relates to the technical field of SIM authentication, in particular to a 5G cloud SIM authentication method which comprises the following steps of S1, wherein a user forcibly sends a user request to a user website through a controller, S2, user websites request authentication to the controller, S3, user websites inquire user information of a network access server, the network access server returns an inquiry result and user connection duration information to an user website, S4, user websites judge an attribution place, push a page customized by the attribution place to the user, inform the user authentication result and start timing reminding.
Description
Technical Field
The invention relates to the technical field of SIM authentication, in particular to a 5G cloud SIM authentication method.
Background
The wireless network access device comprises a wired network, a wireless internet chip (sim card) provided by a wireless operator or the internet connection of a computer, wifi hotspot sharing networks which are established on the basis of the sim card access device, and can expand the internet connection which is not accessed by wifi to be used by an internet access terminal, wherein the wireless wifi which only uses 2G, 3G, 4G or 5G as the network source is also called mifi.
In the prior art, an access mode based on an SIM is relatively closed, so that deployment in commercial and private places is difficult, similar to the deployment of the existing public base station, a site owner has no drive of commercial interests for the deployment of users, and is easy to reject the deployment, and meanwhile, although a user adopts a transparent transmission mode to an authentication server, the user is easily attacked by a malicious network from the user to the server end, so that the user generates a trust crisis.
Disclosure of Invention
The invention aims to solve the defects in the prior art and provides a 5G cloud SIM authentication method.
In order to achieve the purpose, the invention adopts the following technical scheme:
the 5G cloud SIM authentication method comprises the following steps:
s1, the user sends out user 'S request to user' S website through controller;
s2, family website requests authentication to the controller;
s3, family website inquires user information from the network access server, and the network access server returns the inquiry result and the user connection duration information to family website;
s4, user website judges the attribution, pushes the page customized by the attribution to the user, informs the user of the authentication result, and starts timing reminding.
Preferably, in S1, the website sends the authentication page push to the user system .
Preferably, in S2, the controller enables the authentication process and sends the authentication result to the user website.
Preferably, in S3, if the query fails, the website directly provides a prompt message to end the authentication.
Preferably, the user enforces that the authentication vector includes a challenge random number RAND, an authentication token AUTN, an authentication challenge SRES, an encryption key CK1 and an integrity key IK1, wherein the generation of the encryption key CK1 and the integrity key IK1 is generated by a master key K pre-shared by the user and the core network, and the generation method directly uses the method provided in the 3GPP standard.
Preferably, the family website calculates the master key and establishes the list of user identities corresponding to the master key by establishing databases in the family website, the databases including the user's identity ID and the corresponding master key, and when the databases are searched using the user's identity, the corresponding master key can be found.
Compared with the prior art, the invention provides a 5G cloud SIM authentication method, which has the following beneficial effects:
the key is distributed through the SIM card of the hardware carrier, so that the key is effectively prevented from being leaked or stolen; a pseudo-random user name is supported, and the real identity of the user is protected from being leaked; the method supports bidirectional authentication, supports authentication of the server by the user in addition to authentication of the user by the server, can quickly realize a mechanism of user credit authorization and deployment, and ensures quick and safe deployment of the WLAN access point.
Drawings
Fig. 1 is a schematic structural diagram of a 5G cloud SIM authentication method proposed by the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be described clearly and completely with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only partial embodiments of of the present invention, rather than all embodiments.
In the description of the present invention, it is to be understood that the terms "upper", "lower", "front", "rear", "left", "right", "top", "bottom", "inner", "outer", and the like, indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, are merely for convenience in describing the present invention and simplifying the description, and do not indicate or imply that the device or element being referred to must have a particular orientation, be constructed and operated in a particular orientation, and thus, should not be construed as limiting the present invention.
Referring to fig. 1, the authentication method for the 5G cloud SIM includes the following steps:
s1, the user sends out user 'S request to user' S website through controller;
s2, family website requests authentication to the controller;
s3, family website inquires user information from the network access server, and the network access server returns the inquiry result and the user connection duration information to family website;
s4, user website judges the attribution, pushes the page customized by the attribution to the user, informs the user of the authentication result, and starts timing reminding.
In S1, the website of the user pushes the authentication page to the user system .
In S2, the controller initiates an authentication process and sends an authentication result to host website.
In S3, if the query fails, user website directly gives prompt information to end the authentication.
The user enforces that the authentication vector comprises a challenge random number RAND, an authentication token AUTN, an authentication challenge SRES, an encryption key CK1 and an integrity key IK1, wherein the generation of the encryption key CK1 and the integrity key IK1 is generated by a master key K pre-shared by the user and a core network, and the generation method directly uses the method provided in the 3GPP standard.
Preferably, the family website calculates the master key and establishes the list of user identities corresponding to the master key by establishing databases in the family website, the databases including the user's identity ID and the corresponding master key, and when the databases are searched using the user's identity, the corresponding master key can be found.
When in use, the invention comprises the following steps:
s1, the user sends out user 'S request to user' S website through controller;
s2, family website requests authentication to the controller;
s3, family website inquires user information from the network access server, and the network access server returns the inquiry result and the user connection duration information to family website;
s4, user website judges the attribution, pushes the page customized by the attribution to the user, informs the user of the authentication result, and starts timing reminding.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (6)
- The 1.5G cloud SIM authentication method is characterized by comprising the following steps:s1, the user sends out user 'S request to user' S website through controller;s2, family website requests authentication to the controller;s3, family website inquires user information from the network access server, and the network access server returns the inquiry result and the user connection duration information to family website;s4, user website judges the attribution, pushes the page customized by the attribution to the user, informs the user of the authentication result, and starts timing reminding.
- 2. The 5G cloud SIM authentication method of claim 1, wherein in S1, Consumer Web site pushes authentication page to Consumer System .
- 3. The 5G cloud SIM authentication method of claim 1, wherein in S2, the controller enables an authentication process and issues an authentication result to Consumer Website.
- 4. The 5G cloud SIM authentication method of claim 1, wherein in S3, if the query fails, subscriber website directly gives prompt information to end the authentication.
- 5. The 5G cloud SIM authentication method of claim 1, wherein the user enforces an authentication vector comprising a challenge random number (RAND), an authentication token (AUTN), an authentication challenge (SRES), an encryption key (CK 1) and an integrity key (IK 1), wherein the generation of the encryption key (CK 1) and the integrity key (IK 1) is generated by a master key (K) pre-shared by the user and the core network, and the generation method directly uses the method provided in the 3GPP standard.
- 6. The method of claim 5G cloud SIM authentication of claim 5, wherein Consumer Web site calculates master keys and establishes a list of user identities corresponding to the master keys by establishing databases in Consumer Web site, the databases including the user's ID and corresponding master key, the corresponding master key being found when searching the databases using the user's identity.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910894780.1A CN110740444A (en) | 2019-09-20 | 2019-09-20 | 5G cloud SIM authentication method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910894780.1A CN110740444A (en) | 2019-09-20 | 2019-09-20 | 5G cloud SIM authentication method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110740444A true CN110740444A (en) | 2020-01-31 |
Family
ID=69269402
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910894780.1A Pending CN110740444A (en) | 2019-09-20 | 2019-09-20 | 5G cloud SIM authentication method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110740444A (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103597799A (en) * | 2011-06-16 | 2014-02-19 | 瑞典爱立信有限公司 | Service access authentication method and system |
CN104852896A (en) * | 2015-02-03 | 2015-08-19 | 四川通信科研规划设计有限责任公司 | Wi-Fi wireless node network access method and system |
CN105516124A (en) * | 2015-12-03 | 2016-04-20 | 深圳市华讯方舟科技有限公司 | Portal authentication method, portal server and terminal |
CN105764056A (en) * | 2016-04-13 | 2016-07-13 | 北京国创富盛通信股份有限公司 | web certification system and method for public wifi access |
-
2019
- 2019-09-20 CN CN201910894780.1A patent/CN110740444A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103597799A (en) * | 2011-06-16 | 2014-02-19 | 瑞典爱立信有限公司 | Service access authentication method and system |
CN104852896A (en) * | 2015-02-03 | 2015-08-19 | 四川通信科研规划设计有限责任公司 | Wi-Fi wireless node network access method and system |
CN105516124A (en) * | 2015-12-03 | 2016-04-20 | 深圳市华讯方舟科技有限公司 | Portal authentication method, portal server and terminal |
CN105764056A (en) * | 2016-04-13 | 2016-07-13 | 北京国创富盛通信股份有限公司 | web certification system and method for public wifi access |
Non-Patent Citations (1)
Title |
---|
王燚: "一种基于SIM认证的WiFi节点入网方法", 《COMMUNICATION & INFORMATION TECHNOLOGY》 * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8559633B2 (en) | Method and device for generating local interface key | |
TWI388180B (en) | Key generation in a communication system | |
Lai et al. | A novel group access authentication and key agreement protocol for machine‐type communication | |
RU2421931C2 (en) | Authentication in communication networks | |
CN102111766B (en) | Network accessing method, device and system | |
US20150327073A1 (en) | Controlling Access of a User Equipment to Services | |
KR101632946B1 (en) | Manipulation and restoration of authentication challenge parameters in network authentication procedures | |
JP2016506152A (en) | Device authentication by tagging | |
CN101147377A (en) | Secure bootstrapping for wireless communications | |
CN103314605A (en) | Method and apparatus for authenticating a communication device | |
RU2009133260A (en) | SUPPORT CALLS WITHOUT UICC | |
US20150281960A1 (en) | Network authentication | |
US9788202B2 (en) | Method of accessing a WLAN access point | |
US20170041786A1 (en) | Device and method in wireless communication system and wireless communication system | |
CN109391942A (en) | Trigger the method and relevant device of network authentication | |
CN104284331B (en) | A kind of method and system connecting portable WLAN hot spot | |
WO2013185709A1 (en) | Call authentication method, device, and system | |
KR100610872B1 (en) | Method and apparatus for authenticating user service of Wi-Fi terminal | |
CN103781026A (en) | Authentication method of general authentication mechanism | |
CN110740444A (en) | 5G cloud SIM authentication method | |
WO2017008423A1 (en) | Communication method and device, and storage medium | |
WO2016061980A1 (en) | Wlan sharing method and system, and wlan sharing registration server | |
WO2012000285A1 (en) | Method and system for restricting area mobility in evdo system | |
KR20100072973A (en) | Method of access authentication based on policy for wireless network access service | |
WO2008110946A1 (en) | Authentication procedure in an intelligent proxy for multi-access devices |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: 201499 room 324, No. 12, Lane 2165, Wangyuan Road, Fengxian District, Shanghai Applicant after: Shanghai cool tide Technology Co.,Ltd. Address before: 201499 room 324, No. 12, Lane 2165, Wangyuan Road, Fengxian District, Shanghai Applicant before: Shanghai kuchao Information Technology Co.,Ltd. |
|
CB02 | Change of applicant information | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200131 |
|
RJ01 | Rejection of invention patent application after publication |