CN111615837A - 数据传输方法、相关设备以及系统 - Google Patents
数据传输方法、相关设备以及系统 Download PDFInfo
- Publication number
- CN111615837A CN111615837A CN201780092970.0A CN201780092970A CN111615837A CN 111615837 A CN111615837 A CN 111615837A CN 201780092970 A CN201780092970 A CN 201780092970A CN 111615837 A CN111615837 A CN 111615837A
- Authority
- CN
- China
- Prior art keywords
- cookie
- access network
- network device
- key
- user equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/03—Protecting confidentiality, e.g. by encryption
- H04W12/033—Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
- H04L9/0841—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
- H04L9/0844—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
- H04W12/106—Packet or message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
- H04W12/108—Source integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Power Engineering (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
本申请公开了数据传输方法、相关设备和系统,该方法包括:第一接入网设备接收用户设备(例如IoT设备)发送的数据包(例如小数据),所述数据包包括第一Cookie和原始数据;所述第一接入网设备验证所述第一Cookie,获得验证结果;所述第一接入网设备基于所述验证结果处理所述原始数据。实施本发明实施例,能够减轻大量用户设备需要进行通信时网络侧的负担,提高数据传输效率。
Description
PCT国内申请,说明书已公开。
Claims (1)
- PCT国内申请,权利要求书已公开。
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/SG2017/050371 WO2019017839A1 (zh) | 2017-07-21 | 2017-07-21 | 数据传输方法、相关设备以及系统 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111615837A true CN111615837A (zh) | 2020-09-01 |
CN111615837B CN111615837B (zh) | 2023-10-13 |
Family
ID=65015262
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201780092970.0A Active CN111615837B (zh) | 2017-07-21 | 2017-07-21 | 数据传输方法、相关设备以及系统 |
Country Status (5)
Country | Link |
---|---|
US (1) | US11381973B2 (zh) |
EP (1) | EP3637815B1 (zh) |
CN (1) | CN111615837B (zh) |
BR (1) | BR112020000870A2 (zh) |
WO (1) | WO2019017839A1 (zh) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11509466B2 (en) * | 2021-01-14 | 2022-11-22 | Ford Global Technologies, Llc | Transmission of authentication keys |
US11811760B2 (en) * | 2021-04-14 | 2023-11-07 | Citrix Systems, Inc. | Sessionless validation of client connections while mitigating cookie hijack attacks |
US11663030B2 (en) * | 2021-10-18 | 2023-05-30 | Sophos Limited | Extending expiration of user sessions with authentication refresh |
CN114189359B (zh) * | 2021-11-18 | 2023-12-01 | 临沂大学 | 一种避免数据篡改的物联网设备、数据安全传输方法和系统 |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101193424A (zh) * | 2006-11-28 | 2008-06-04 | 中国移动通信集团公司 | 一种鉴权方法、通信系统以及设备 |
CN101772024A (zh) * | 2008-12-29 | 2010-07-07 | 中国移动通信集团公司 | 一种用户身份确定方法及装置和系统 |
US20120213368A1 (en) * | 2009-10-29 | 2012-08-23 | Siemens Aktiengesellschaft | Authentication and data integrity protection of a token |
US20130198383A1 (en) * | 2012-01-26 | 2013-08-01 | Erick Tseng | Network Access Based on Social-Networking Information |
CN105072088A (zh) * | 2010-01-22 | 2015-11-18 | 交互数字专利控股公司 | 一种在具有用户的无线设备处执行的方法 |
US20170142638A1 (en) * | 2014-06-02 | 2017-05-18 | Kabushiki Kaisha Toshiba | Access point for facilitating connection of one or more wireless user devices to a communications channel |
Family Cites Families (28)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6032260A (en) * | 1997-11-13 | 2000-02-29 | Ncr Corporation | Method for issuing a new authenticated electronic ticket based on an expired authenticated ticket and distributed server architecture for using same |
US7313816B2 (en) * | 2001-12-17 | 2007-12-25 | One Touch Systems, Inc. | Method and system for authenticating a user in a web-based environment |
US7373508B1 (en) * | 2002-06-04 | 2008-05-13 | Cisco Technology, Inc. | Wireless security system and method |
US8024784B1 (en) * | 2004-09-16 | 2011-09-20 | Qurio Holdings, Inc. | Method and system for providing remote secure access to a peer computer |
US8402141B2 (en) * | 2004-09-28 | 2013-03-19 | International Business Machines Corporation | Gracefully reestablishing an expired browser session |
US8887233B2 (en) * | 2005-04-08 | 2014-11-11 | Netapp, Inc. | Cookie-based acceleration of an authentication protocol |
WO2007035655A2 (en) * | 2005-09-16 | 2007-03-29 | The Trustees Of Columbia University In The City Of New York | Using overlay networks to counter denial-of-service attacks |
US8064948B2 (en) * | 2006-01-09 | 2011-11-22 | Cisco Technology, Inc. | Seamless roaming for dual-mode WiMax/WiFi stations |
KR100755394B1 (ko) * | 2006-03-07 | 2007-09-04 | 한국전자통신연구원 | Umts와 무선랜간의 핸드오버 시 umts에서의 빠른재인증 방법 |
US7793094B2 (en) * | 2006-04-18 | 2010-09-07 | Cisco Technology, Inc. | HTTP cookie protection by a network security device |
US8965338B2 (en) * | 2008-06-09 | 2015-02-24 | Apple Inc | Network access control methods and apparatus |
US8245039B2 (en) * | 2008-07-18 | 2012-08-14 | Bridgewater Systems Corp. | Extensible authentication protocol authentication and key agreement (EAP-AKA) optimization |
US8555069B2 (en) * | 2009-03-06 | 2013-10-08 | Microsoft Corporation | Fast-reconnection of negotiable authentication network clients |
US8392562B2 (en) * | 2009-12-23 | 2013-03-05 | Citrix Systems, Inc. | Systems and methods for managing preferred client connectivity to servers via multi-core system |
WO2013165605A1 (en) * | 2012-05-02 | 2013-11-07 | Interdigital Patent Holdings, Inc. | One round trip authentication using single sign-on systems |
CN104661171B (zh) | 2013-11-25 | 2020-02-28 | 中兴通讯股份有限公司 | 一种用于mtc设备组的小数据安全传输方法和系统 |
KR20170021876A (ko) * | 2014-06-26 | 2017-02-28 | 노키아 솔루션스 앤드 네트웍스 오와이 | 코어 네트워크와 무선 노드 인증의 오프로딩 |
US9590962B2 (en) * | 2014-07-07 | 2017-03-07 | Alcatel-Lucent Usa Inc. | Using cookies to identify security contexts for connectionless service |
US9860324B1 (en) * | 2014-12-10 | 2018-01-02 | Google Llc | Rapid establishment of a connection from multiple address locations |
CN104506502B (zh) * | 2014-12-12 | 2018-08-24 | 国家电网公司 | 一种融合通信网络与主站对接的方法 |
CN105471833B (zh) * | 2015-05-14 | 2019-04-16 | 瑞数信息技术(上海)有限公司 | 一种安全通讯方法和装置 |
US10299244B2 (en) | 2015-06-19 | 2019-05-21 | Qualcomm Incorporated | Small data transmission in a wireless communications system |
US10097562B2 (en) * | 2016-05-06 | 2018-10-09 | Sap Se | Service token handling |
US10193895B2 (en) * | 2016-05-18 | 2019-01-29 | Abdulrahman Alhothaily | System and method for remote authentication with dynamic usernames |
CN109792457B (zh) * | 2016-09-29 | 2021-11-26 | 康维达无线有限责任公司 | 存储和检索设备的网络上下文 |
US10250634B2 (en) * | 2016-11-11 | 2019-04-02 | Juniper Networks, Inc | Apparatus, system, and method for protecting against denial of service attacks using one-time cookies |
US11323529B2 (en) * | 2017-07-18 | 2022-05-03 | A10 Networks, Inc. | TCP fast open hardware support in proxy devices |
US10903999B1 (en) * | 2019-09-11 | 2021-01-26 | Zscaler, Inc. | Protecting PII data from man-in-the-middle attacks in a network |
-
2017
- 2017-07-21 CN CN201780092970.0A patent/CN111615837B/zh active Active
- 2017-07-21 WO PCT/SG2017/050371 patent/WO2019017839A1/zh unknown
- 2017-07-21 EP EP17918558.2A patent/EP3637815B1/en active Active
- 2017-07-21 BR BR112020000870-2A patent/BR112020000870A2/pt unknown
-
2020
- 2020-01-21 US US16/748,556 patent/US11381973B2/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101193424A (zh) * | 2006-11-28 | 2008-06-04 | 中国移动通信集团公司 | 一种鉴权方法、通信系统以及设备 |
CN101772024A (zh) * | 2008-12-29 | 2010-07-07 | 中国移动通信集团公司 | 一种用户身份确定方法及装置和系统 |
US20120213368A1 (en) * | 2009-10-29 | 2012-08-23 | Siemens Aktiengesellschaft | Authentication and data integrity protection of a token |
CN105072088A (zh) * | 2010-01-22 | 2015-11-18 | 交互数字专利控股公司 | 一种在具有用户的无线设备处执行的方法 |
US20130198383A1 (en) * | 2012-01-26 | 2013-08-01 | Erick Tseng | Network Access Based on Social-Networking Information |
US20170142638A1 (en) * | 2014-06-02 | 2017-05-18 | Kabushiki Kaisha Toshiba | Access point for facilitating connection of one or more wireless user devices to a communications channel |
Also Published As
Publication number | Publication date |
---|---|
EP3637815B1 (en) | 2022-05-25 |
WO2019017839A1 (zh) | 2019-01-24 |
US20200162922A1 (en) | 2020-05-21 |
BR112020000870A2 (pt) | 2020-07-21 |
CN111615837B (zh) | 2023-10-13 |
US11381973B2 (en) | 2022-07-05 |
EP3637815A1 (en) | 2020-04-15 |
EP3637815A4 (en) | 2020-06-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3576446B1 (en) | Key derivation method | |
CN108293223B (zh) | 一种数据传输方法、用户设备和网络侧设备 | |
EP3846514A1 (en) | Identity privacy in wireless networks | |
US11564100B2 (en) | Security protection method and apparatus | |
US11381973B2 (en) | Data transmission method, related device, and related system | |
US10798082B2 (en) | Network authentication triggering method and related device | |
WO2017048434A1 (en) | Apparatus and method for mobility procedure involving mobility management entity relocation | |
CN110035037B (zh) | 安全认证方法、相关设备及系统 | |
CN109906624B (zh) | 支持无线通信网络中的认证的方法以及相关网络节点和无线终端 | |
CN108781110B (zh) | 用于通过通信网络中继数据的系统和方法 | |
KR20150051568A (ko) | 이동 통신 시스템 환경에서 프락시미티 기반 서비스 단말 간 발견 및 통신을 지원하기 위한 보안 방안 및 시스템 | |
CN102223634A (zh) | 一种用户终端接入互联网方式的控制方法及装置 | |
WO2019007476A1 (en) | SECURE COMMUNICATIONS USING NETWORK ACCESS IDENTITY | |
WO2017000620A1 (zh) | 重认证识别方法、演进分组数据网关及系统 | |
WO2017009714A1 (en) | Establishing a temporary subscription with isolated e-utran network | |
WO2009051405A2 (en) | Method of establishing security association in inter-rat handover | |
CN114650532A (zh) | 一种协议数据单元会话建立方法及装置 | |
KR20130085170A (ko) | 무선 네트워크에서 가입자 단말의 핸드오버 시 인증 절차를 단축시키는 방법 및 장치 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |