CN111615837A - 数据传输方法、相关设备以及系统 - Google Patents

数据传输方法、相关设备以及系统 Download PDF

Info

Publication number
CN111615837A
CN111615837A CN201780092970.0A CN201780092970A CN111615837A CN 111615837 A CN111615837 A CN 111615837A CN 201780092970 A CN201780092970 A CN 201780092970A CN 111615837 A CN111615837 A CN 111615837A
Authority
CN
China
Prior art keywords
cookie
access network
network device
key
user equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201780092970.0A
Other languages
English (en)
Other versions
CN111615837B (zh
Inventor
康鑫
王海光
雷中定
刘斐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei International Pte Ltd
Original Assignee
Huawei International Pte Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei International Pte Ltd filed Critical Huawei International Pte Ltd
Publication of CN111615837A publication Critical patent/CN111615837A/zh
Application granted granted Critical
Publication of CN111615837B publication Critical patent/CN111615837B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0841Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
    • H04L9/0844Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/108Source integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Power Engineering (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

本申请公开了数据传输方法、相关设备和系统,该方法包括:第一接入网设备接收用户设备(例如IoT设备)发送的数据包(例如小数据),所述数据包包括第一Cookie和原始数据;所述第一接入网设备验证所述第一Cookie,获得验证结果;所述第一接入网设备基于所述验证结果处理所述原始数据。实施本发明实施例,能够减轻大量用户设备需要进行通信时网络侧的负担,提高数据传输效率。

Description

PCT国内申请,说明书已公开。

Claims (1)

  1. PCT国内申请,权利要求书已公开。
CN201780092970.0A 2017-07-21 2017-07-21 数据传输方法、相关设备以及系统 Active CN111615837B (zh)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/SG2017/050371 WO2019017839A1 (zh) 2017-07-21 2017-07-21 数据传输方法、相关设备以及系统

Publications (2)

Publication Number Publication Date
CN111615837A true CN111615837A (zh) 2020-09-01
CN111615837B CN111615837B (zh) 2023-10-13

Family

ID=65015262

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201780092970.0A Active CN111615837B (zh) 2017-07-21 2017-07-21 数据传输方法、相关设备以及系统

Country Status (5)

Country Link
US (1) US11381973B2 (zh)
EP (1) EP3637815B1 (zh)
CN (1) CN111615837B (zh)
BR (1) BR112020000870A2 (zh)
WO (1) WO2019017839A1 (zh)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11509466B2 (en) * 2021-01-14 2022-11-22 Ford Global Technologies, Llc Transmission of authentication keys
US11811760B2 (en) * 2021-04-14 2023-11-07 Citrix Systems, Inc. Sessionless validation of client connections while mitigating cookie hijack attacks
US11663030B2 (en) * 2021-10-18 2023-05-30 Sophos Limited Extending expiration of user sessions with authentication refresh
CN114189359B (zh) * 2021-11-18 2023-12-01 临沂大学 一种避免数据篡改的物联网设备、数据安全传输方法和系统

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101193424A (zh) * 2006-11-28 2008-06-04 中国移动通信集团公司 一种鉴权方法、通信系统以及设备
CN101772024A (zh) * 2008-12-29 2010-07-07 中国移动通信集团公司 一种用户身份确定方法及装置和系统
US20120213368A1 (en) * 2009-10-29 2012-08-23 Siemens Aktiengesellschaft Authentication and data integrity protection of a token
US20130198383A1 (en) * 2012-01-26 2013-08-01 Erick Tseng Network Access Based on Social-Networking Information
CN105072088A (zh) * 2010-01-22 2015-11-18 交互数字专利控股公司 一种在具有用户的无线设备处执行的方法
US20170142638A1 (en) * 2014-06-02 2017-05-18 Kabushiki Kaisha Toshiba Access point for facilitating connection of one or more wireless user devices to a communications channel

Family Cites Families (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6032260A (en) * 1997-11-13 2000-02-29 Ncr Corporation Method for issuing a new authenticated electronic ticket based on an expired authenticated ticket and distributed server architecture for using same
US7313816B2 (en) * 2001-12-17 2007-12-25 One Touch Systems, Inc. Method and system for authenticating a user in a web-based environment
US7373508B1 (en) * 2002-06-04 2008-05-13 Cisco Technology, Inc. Wireless security system and method
US8024784B1 (en) * 2004-09-16 2011-09-20 Qurio Holdings, Inc. Method and system for providing remote secure access to a peer computer
US8402141B2 (en) * 2004-09-28 2013-03-19 International Business Machines Corporation Gracefully reestablishing an expired browser session
US8887233B2 (en) * 2005-04-08 2014-11-11 Netapp, Inc. Cookie-based acceleration of an authentication protocol
WO2007035655A2 (en) * 2005-09-16 2007-03-29 The Trustees Of Columbia University In The City Of New York Using overlay networks to counter denial-of-service attacks
US8064948B2 (en) * 2006-01-09 2011-11-22 Cisco Technology, Inc. Seamless roaming for dual-mode WiMax/WiFi stations
KR100755394B1 (ko) * 2006-03-07 2007-09-04 한국전자통신연구원 Umts와 무선랜간의 핸드오버 시 umts에서의 빠른재인증 방법
US7793094B2 (en) * 2006-04-18 2010-09-07 Cisco Technology, Inc. HTTP cookie protection by a network security device
US8965338B2 (en) * 2008-06-09 2015-02-24 Apple Inc Network access control methods and apparatus
US8245039B2 (en) * 2008-07-18 2012-08-14 Bridgewater Systems Corp. Extensible authentication protocol authentication and key agreement (EAP-AKA) optimization
US8555069B2 (en) * 2009-03-06 2013-10-08 Microsoft Corporation Fast-reconnection of negotiable authentication network clients
US8392562B2 (en) * 2009-12-23 2013-03-05 Citrix Systems, Inc. Systems and methods for managing preferred client connectivity to servers via multi-core system
WO2013165605A1 (en) * 2012-05-02 2013-11-07 Interdigital Patent Holdings, Inc. One round trip authentication using single sign-on systems
CN104661171B (zh) 2013-11-25 2020-02-28 中兴通讯股份有限公司 一种用于mtc设备组的小数据安全传输方法和系统
KR20170021876A (ko) * 2014-06-26 2017-02-28 노키아 솔루션스 앤드 네트웍스 오와이 코어 네트워크와 무선 노드 인증의 오프로딩
US9590962B2 (en) * 2014-07-07 2017-03-07 Alcatel-Lucent Usa Inc. Using cookies to identify security contexts for connectionless service
US9860324B1 (en) * 2014-12-10 2018-01-02 Google Llc Rapid establishment of a connection from multiple address locations
CN104506502B (zh) * 2014-12-12 2018-08-24 国家电网公司 一种融合通信网络与主站对接的方法
CN105471833B (zh) * 2015-05-14 2019-04-16 瑞数信息技术(上海)有限公司 一种安全通讯方法和装置
US10299244B2 (en) 2015-06-19 2019-05-21 Qualcomm Incorporated Small data transmission in a wireless communications system
US10097562B2 (en) * 2016-05-06 2018-10-09 Sap Se Service token handling
US10193895B2 (en) * 2016-05-18 2019-01-29 Abdulrahman Alhothaily System and method for remote authentication with dynamic usernames
CN109792457B (zh) * 2016-09-29 2021-11-26 康维达无线有限责任公司 存储和检索设备的网络上下文
US10250634B2 (en) * 2016-11-11 2019-04-02 Juniper Networks, Inc Apparatus, system, and method for protecting against denial of service attacks using one-time cookies
US11323529B2 (en) * 2017-07-18 2022-05-03 A10 Networks, Inc. TCP fast open hardware support in proxy devices
US10903999B1 (en) * 2019-09-11 2021-01-26 Zscaler, Inc. Protecting PII data from man-in-the-middle attacks in a network

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101193424A (zh) * 2006-11-28 2008-06-04 中国移动通信集团公司 一种鉴权方法、通信系统以及设备
CN101772024A (zh) * 2008-12-29 2010-07-07 中国移动通信集团公司 一种用户身份确定方法及装置和系统
US20120213368A1 (en) * 2009-10-29 2012-08-23 Siemens Aktiengesellschaft Authentication and data integrity protection of a token
CN105072088A (zh) * 2010-01-22 2015-11-18 交互数字专利控股公司 一种在具有用户的无线设备处执行的方法
US20130198383A1 (en) * 2012-01-26 2013-08-01 Erick Tseng Network Access Based on Social-Networking Information
US20170142638A1 (en) * 2014-06-02 2017-05-18 Kabushiki Kaisha Toshiba Access point for facilitating connection of one or more wireless user devices to a communications channel

Also Published As

Publication number Publication date
EP3637815B1 (en) 2022-05-25
WO2019017839A1 (zh) 2019-01-24
US20200162922A1 (en) 2020-05-21
BR112020000870A2 (pt) 2020-07-21
CN111615837B (zh) 2023-10-13
US11381973B2 (en) 2022-07-05
EP3637815A1 (en) 2020-04-15
EP3637815A4 (en) 2020-06-17

Similar Documents

Publication Publication Date Title
EP3576446B1 (en) Key derivation method
CN108293223B (zh) 一种数据传输方法、用户设备和网络侧设备
EP3846514A1 (en) Identity privacy in wireless networks
US11564100B2 (en) Security protection method and apparatus
US11381973B2 (en) Data transmission method, related device, and related system
US10798082B2 (en) Network authentication triggering method and related device
WO2017048434A1 (en) Apparatus and method for mobility procedure involving mobility management entity relocation
CN110035037B (zh) 安全认证方法、相关设备及系统
CN109906624B (zh) 支持无线通信网络中的认证的方法以及相关网络节点和无线终端
CN108781110B (zh) 用于通过通信网络中继数据的系统和方法
KR20150051568A (ko) 이동 통신 시스템 환경에서 프락시미티 기반 서비스 단말 간 발견 및 통신을 지원하기 위한 보안 방안 및 시스템
CN102223634A (zh) 一种用户终端接入互联网方式的控制方法及装置
WO2019007476A1 (en) SECURE COMMUNICATIONS USING NETWORK ACCESS IDENTITY
WO2017000620A1 (zh) 重认证识别方法、演进分组数据网关及系统
WO2017009714A1 (en) Establishing a temporary subscription with isolated e-utran network
WO2009051405A2 (en) Method of establishing security association in inter-rat handover
CN114650532A (zh) 一种协议数据单元会话建立方法及装置
KR20130085170A (ko) 무선 네트워크에서 가입자 단말의 핸드오버 시 인증 절차를 단축시키는 방법 및 장치

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant