CN114095930B

CN114095930B - Satellite network user violation processing method combined with access authentication and related equipment

Info

Publication number: CN114095930B
Application number: CN202210069723.1A
Authority: CN
Inventors: 裴玉奎; 王丽敏; 王嘉博; 许晋; 殷柳国
Original assignee: Tsinghua University
Current assignee: Tsinghua University
Priority date: 2022-01-21
Filing date: 2022-01-21
Publication date: 2022-04-26
Anticipated expiration: 2042-01-21
Also published as: CN114095930A

Abstract

The invention provides a satellite network user violation processing method combined with access authentication and related equipment, wherein the method comprises the following steps: high-frequency access authentication of a large number of user terminals is completed through all the satellite communication base stations at the front end of the network, so that the single-point fault risk and the performance bottleneck easily generated by central authentication are relieved, and the authentication transmission delay is reduced; after the access authentication is passed, the user side performs data communication by combining the anonymous identity of the authentication, the guard base station performs violation detection and preliminary judgment by combining the cached anonymous identity and the first parameter of the token, and processes the user side with lower-level violation behaviors; for the user side with higher-level violation behaviors, the satellite network center calculates the true identity of the violation user side after further violation judgment, updates the relevant blacklist, and combines all satellite communication base stations to perform violation processing, so that the violation tracing and processing can be conveniently performed after the violation behaviors are found while considering the anonymity of the user access identity.

Description

Satellite network user violation processing method combined with access authentication and related equipment

Technical Field

The invention relates to the technical field of communication, in particular to a satellite network user violation processing method combined with access authentication and related equipment.

Background

With the development and widespread use of communication satellite communication networks, more and more unsafe factors are coming up, among which there are no cases of initiating network attacks by impersonating legitimate user identities. For this reason, before the user formally accesses the satellite communication network to perform communication transmission of a large amount of data, bidirectional secure access authentication is often required: on one hand, the satellite network terminal needs to authenticate the legal user for accessing so as to protect the system security; on the other hand, the user terminal also needs to authenticate the legal satellite communication network to access so as to prevent the legal satellite communication network from being deceived and attacked by the pseudo base station and damage the data security.

However, the existing method of performing single-point centralized access authentication by a satellite network authentication center has the problems of single-point failure risk and performance bottleneck, and is prone to generate a larger network transmission delay. In addition, in consideration of authentication lightweight, in the existing satellite network user access authentication scheme, some do not support identity anonymity protection, and once the user side identity is leaked or maliciously tracked, great communication safety hidden danger is brought; although some schemes provide identity anonymity protection of different degrees, corresponding illegal identity tracing and processing mechanisms are not fully considered, and if legal user sides have illegal behaviors after passing authentication and accessing a network anonymously, inestimable loss is caused to a system.

Disclosure of Invention

In view of the above, the present invention provides a satellite network user violation processing method and related device in combination with access authentication, which perform access authentication and violation processing by combining all satellite access base stations at the front end of a satellite network, so as to alleviate the satellite network center single-point failure risk and performance bottleneck that are easily generated by a central access authentication method, and solve the problem that a legal user end is difficult to be effectively restricted from communication in time when a violation occurs after anonymously accessing a network.

In a first aspect, the present invention provides a method for handling violation of a satellite network user in combination with access authentication, which is applied to a satellite network center, and includes:

receiving violation judgment request information, calculating a first token parameter by combining the violation judgment request information, and determining whether a violation exists at a user side and a final judgment result of a violation level corresponding to the violation according to related violation judgment methods and standards;

adding the first token parameter into a second token blacklist under the condition that the user side is judged to have a second-level violation; and under the condition that the first-level violation behavior of the user side is judged, adding the first parameter of the token into a first-level blacklist of the token, calculating the real identity of the user side according to the first parameter of the token, adding the real identity into the blacklist of the real identity, generating updating information of the blacklist of the token, and broadcasting the updating information of the blacklist of the token to each communication satellite and a satellite communication base station through a gateway station.

Optionally, the method further comprises:

the satellite network center configures system public parameters periodically and generates system parameter updating information according to the system public parameters;

wherein the system common parameters at least comprise: the encryption and decryption method comprises the following steps of encrypting and decrypting a cryptology basic parameter, an expiration date of the cryptology basic parameter, a token common verification parameter, an expiration date of the token common verification parameter, a satellite network center communication encryption parameter and an expiration date of the satellite network center communication encryption parameter;

and performing whole-network broadcasting on the system parameter updating information through the gateway station, each communication satellite and the satellite communication base station.

Optionally, the method further comprises:

the method comprises the steps that a satellite network center receives registration request information of a user side when the user side applies for network access for the first time, and user side initial identity identification and initial verification information in the registration request information are obtained;

verifying whether the initial identity mark is authentic according to the initial verification information, and inquiring whether the initial identity mark is registered;

under the condition that the initial identity identification is authentic and is not registered, configuring a unique real identity, a token first parameter with a valid period and a token second parameter in a satellite communication network for the user side;

generating registration response information according to the real identity, the token first parameter with the validity period and the token second parameter, storing the initial identity identification and the real identity in an associated manner, and sending the registration response information to the user side through a secure channel;

wherein the registration response information at least includes: the real identity, the token first parameter and the token second parameter, wherein the real identity can be calculated by combining the initial identity with a random number, the token first parameter is calculated according to the real identity and a pre-configured system public parameter, and the token second parameter is calculated according to the token first parameter and a pre-configured system public parameter;

wherein the system common parameters at least comprise: the encryption device comprises a cryptology basic parameter used for encryption and decryption, an effective period of the cryptology basic parameter, a token public check parameter, an effective period of the token public check parameter, a satellite network center communication encryption parameter and an effective period of the satellite network center communication encryption parameter.

Optionally, the method further comprises:

the satellite network center receives the token updating second request information and verifies the token updating second request information, wherein the token updating second request information is generated by calculation after the verification of the token updating first request information from the user side is passed by the satellite base station, and is forwarded to the satellite network center through a plurality of hop communication satellites and gateway stations;

under the condition that the token updating second request information passes verification, calculating related token updating request verification parameters; wherein the token update request related check parameters at least comprise: the real identity, a first parameter of the token and the remaining updatable times of the token;

configuring a new token first parameter and a new token second parameter for the user side under the condition that the real identity and the token first parameter are not listed in a blacklist, the remaining updatable times of the token are greater than zero, and the real identity and the remaining updatable times of the token are matched with a storage record;

decreasing the remaining updatable times of the token, and storing the decreased remaining updatable times of the token and the real identity in an associated manner;

generating token updating response information, and returning the token updating response information to the user side through a gateway station, a plurality of hop communication satellites and a satellite communication base station;

wherein the token update response information at least includes: the system comprises a token updating response verification parameter, an updated token first parameter in an encrypted form and a token second parameter, wherein the token updating response verification parameter is calculated by the related token updating request verification parameter.

In a second aspect, the present invention provides a method for handling violation of a satellite network user in combination with access authentication, which is applied to a communication satellite, and includes:

under the condition of receiving uplink information from a satellite network center subsidiary gateway station or a last-hop communication satellite, carrying out message source and integrity verification on the uplink information;

under the condition that the message source and integrity of the uplink information pass verification, forwarding the verified uplink information to a satellite base station or a next-hop communication satellite according to a related routing algorithm;

under the condition of receiving downlink information from a satellite communication base station, carrying out message source and integrity verification on the downlink information;

under the condition that the source and integrity of the downlink information pass verification, attaching the downlink information to a node identifier of the downlink information, and calculating a new message authentication code, thereby generating processed downlink information;

and forwarding the processed downlink information to the satellite network center affiliated gateway station or the next-hop communication satellite according to the related routing algorithm.

In a third aspect, the present invention provides a satellite network user violation processing method in combination with access authentication, which is applied to a satellite communication base station, and includes:

when a user side passing access authentication uses an anonymous identity to carry out data communication, a guard base station combines the anonymous identity cached after the access authentication and a first parameter of a token, detects whether the user side has an illegal behavior according to a related illegal behavior detection method and a judgment standard, and preliminarily judges the illegal behavior level;

wherein the relevant violation detection method may be based on, but not limited to, the following principles: correlation analysis, cluster analysis, KL divergence, etc.;

wherein the violation may include, but is not limited to: the method comprises the following steps of initiating the same data request, abnormal communication requests which do not conform to the communication behavior habit of a user, DoS attacks, DDoS attacks, illegal stealing of system permission and data and the like for multiple times in a short time;

in the invention, the lower violation level is represented by the third violation level and the fourth violation level, the higher violation level is represented by the first violation level and the second violation level, the corresponding violation processing is explained, and the rest can be analogized, and the details are not repeated below;

it should be noted that, after the access authentication of the anonymous identity is passed, the anonymous identity is respectively cached in the gatekeeper base station and the user side to allow the communication connection between the two, in the data communication process, the user side encapsulates the anonymous identity into a communication data frame header, the gatekeeper base station filters user data which does not correctly contain the anonymous identity in the data frame header, forwards the user data which correctly contains the anonymous identity in the data frame header, and according to a related violation detection method and a determination standard, performs violation detection, preliminary determination and processing on the user data containing the anonymous identity, in the case that a first-level or second-level violation behavior is preliminarily determined, a first parameter of a token corresponding to the anonymous identity is queried, and violation determination request information is generated, when the communication is finished, the satellite communication base station releases the communication connection and deletes the cached anonymous user identity;

under the condition that the user side is judged to have third-level violation behaviors, third prompt information is sent to the user side, the communication connection with the user side is terminated, and the anonymous identity in the cache is deleted;

under the condition that the fourth-level violation behavior of the user side is judged, sending fourth prompt information to the user side, and suspending communication connection with the user side;

the third prompt message is used for indicating that the reason for disconnection is that the user side has a third-level violation, and the third prompt message is used for indicating that the user side needs to re-perform access authentication when establishing communication connection again;

the fourth prompt message is used for indicating that the reason for disconnection is that the user side has a fourth-level violation, and the fourth prompt message is used for indicating that the user side recovers communication connection after a specified time;

under the condition that the defensive base station preliminarily judges that the user side has first-level or second-level violation behaviors, inquiring a first parameter of a token corresponding to the anonymous identity in a cache, and generating violation judgment request information;

forwarding the violation determination request information to the satellite network center through a plurality of hop communication satellites and a gateway station, wherein the violation determination request information at least comprises: the encrypted first parameter of the token;

receiving token blacklist updating information, and performing message source and integrity verification on the token blacklist updating information;

under the condition that the message source and integrity of the token blacklist updating information pass verification, updating a stored token blacklist, and sending prompt information to an illegal user side in the token blacklist;

disconnecting communication connection with the illegal user side; in the violation pursuit period, the access authentication authority and the token updating authority of the violation user side are forbidden;

for an illegal user side in a token primary blacklist, a guard base station sends first prompt information, wherein the first prompt information is used for indicating that the user side has a first-level illegal behavior, and the access authentication authority and the token updating authority of the user side are permanently sealed;

for the illegal user side in the token secondary blacklist, the guard base station sends second prompt information; and the second prompt message is used for indicating that the user side has a second-level violation, and after the violation accountability deadline, the user side having the second-level violation restores the normal access authentication authority and the token updating authority.

Optionally, the method further comprises:

the satellite communication base station regularly receives system parameter updating information and carries out message source and integrity verification on the system parameter updating information;

under the condition that the message source and the integrity of the system parameter updating information pass verification, broadcasting the system parameter updating information to a user side in a domain, and storing a system public parameter of the system parameter updating information;

The satellite communication base station regularly configures the public parameters in the domain, generates the update information of the parameters in the domain according to the public parameters in the domain, and broadcasts the update information of the parameters in the domain to each user terminal in the domain; wherein the intra-domain common parameters at least comprise: the communication encryption parameters of the satellite communication base station and the valid period of the communication encryption parameters of the satellite communication base station.

Optionally, the method further comprises:

receiving access authentication request information from a user side, and checking the message freshness of the access authentication request information;

under the condition that the message freshness check of the access authentication request information passes, calculating the anonymous identity of the user at this time according to the system public parameter and the intra-domain public parameter, and verifying whether the check parameter of the first parameter of the token and the second parameter of the token meets a specified relationship, wherein the access authentication request information at least comprises the following fields: the method comprises the steps of obtaining an access authentication request timestamp, an access authentication first encryption parameter, an encrypted token first parameter and a verification parameter of a token second parameter, wherein the verification parameter of the token second parameter is calculated by the token second parameter;

under the condition that the verification parameters of the first token parameter and the second token parameter meet the specified relationship, calculating an access authentication response parameter according to the access authentication request information, generating access authentication response information according to the authentication response parameter and sending the access authentication response information to the user side;

wherein the access authentication response information at least comprises the following fields: the access authentication response timestamp and the access authentication response parameter are calculated by the original parameter after the access authentication request information is decrypted;

caching the anonymous identity of the user authenticated at this time and a first token parameter corresponding to the anonymous identity of the user;

it should be noted that, after the gatekeeper base station completes access authentication on the user side, it will then allow establishing communication connection with the user side according to the cached anonymous identity of the user, in the data communication process, the defending and communicating base station filters the user data which does not correctly contain the anonymous identity in the data frame header, forwards the user data which correctly contains the anonymous identity in the data frame header, and according to a related violation detection method and a judgment standard, carrying out violation detection, preliminary judgment and processing on the user data containing the anonymous identity, and under the condition that the first-level or second-level violation behavior is preliminarily judged, querying a cached first parameter of the token corresponding to the anonymous identity, and generating violation determination request information, and when the communication is finished, the communication connection is released by the satellite communication base station, and the cached anonymous user identity is deleted.

Optionally, the method further comprises:

receiving token updating first request information from a user side, and checking message freshness of the token updating first request information, wherein the token updating first request information at least comprises the following fields: the method comprises the steps of updating a first request timestamp by a token, updating a first encryption parameter by the token, updating a request check parameter by the token in an encrypted form, and checking a second parameter by the token, wherein the token updating request check parameter at least comprises the following steps: the real identity, a first parameter of the token and the remaining updatable times of the token;

under the condition that message freshness check of the token updating first request information passes, calculating a first token parameter according to the system public parameter and the intra-domain public parameter, and verifying whether the first token parameter and a check parameter of a second token parameter meet a specified relationship;

generating second request information for updating the token and sending the second request information to a communication satellite in the domain under the condition that the first parameter of the token and the verification parameter of the second parameter of the token meet a specified relation, wherein the second request information for updating the token at least comprises the following information: the token updates a first encryption parameter, the token first parameter and a token updating request verification parameter in an encrypted form;

receiving token updating response information, and carrying out message source and integrity verification on the token updating response information;

and forwarding the token updating response information to the user side under the condition that the message source and the integrity of the token updating response information are verified.

In a fourth aspect, the present invention provides a method for handling a satellite network user violation in combination with access authentication, which is applied to a user side, and includes:

regularly receiving system parameter updating information, and carrying out message source and integrity verification on the system parameter updating information;

under the condition that the message source and the integrity of the system parameter updating information pass verification, storing the system public parameters in the system parameter updating information;

the system public parameters are configured by a satellite network center regularly and are broadcasted in the whole network through a gateway station, a communication satellite and a satellite base station, wherein the system public parameters at least comprise: the encryption and decryption method comprises the following steps of encrypting and decrypting a cryptology basic parameter, an expiration date of the cryptology basic parameter, a token common verification parameter, an expiration date of the token common verification parameter, a satellite network center communication encryption parameter and an expiration date of the satellite network center communication encryption parameter;

periodically receiving intra-domain parameter updating information, and performing message source and integrity verification on the intra-domain parameter updating information;

under the condition that the message source and the integrity of the intra-domain parameter updating information pass verification, storing intra-domain public parameters in the intra-domain parameter updating information;

the public parameters in the domain are configured by the satellite communication base station regularly and are broadcasted in the domain, wherein the public parameters in the domain at least comprise: the communication encryption parameters of the satellite communication base station and the valid period of the communication encryption parameters of the satellite communication base station.

Optionally, the method further comprises:

when a user side applies for network access for the first time, generating registration request information according to an initial identity mark and initial verification information of the user side;

sending the registration request information to the satellite network center through a secure channel;

receiving registration response information of the satellite network center through a secure channel, and acquiring a real identity, a first token parameter and a second token parameter in the registration response information, wherein the real identity has network-wide uniqueness, the first token parameter and the second token parameter have validity periods, and the longest validity period of the first token parameter and the second token parameter is determined by the validity period of a current system public parameter;

securely storing the real identity, the token first parameter, and the token second parameter.

Optionally, the method further comprises:

when a user side needs to access a satellite communication network, according to a first token parameter and a second token parameter which are stored safely, combining the system public parameter and the intra-domain public parameter, calculating the anonymous identity of the user side, generating access authentication request information, and sending the access authentication request information to a nearby satellite communication base station, wherein the access authentication request information at least comprises the following fields: the method comprises the steps of accessing an authentication request timestamp, accessing an authentication first encryption parameter, an encrypted token first parameter and a verification parameter of a token second parameter;

receiving access authentication response information from a satellite communication base station, and performing access authentication calculation and verification on the satellite communication base station according to the access authentication response information, wherein the access authentication response information at least comprises the following fields: the access authentication response timestamp and the access authentication response parameter are obtained by calculating the original parameter after the access authentication request information is decrypted;

and under the condition that the access authentication check passes, calculating a session key and an integrity protection key, and safely storing the session key, the integrity protection key and the anonymous identity authenticated at this time for a formal data communication process, wherein the session key is used for symmetrically encrypting communication data, and the integrity protection key is used for calculating a message authentication code.

It should be noted that, in the data communication process after the access authentication, the user side encapsulates the anonymous identity into a data frame, encrypts the data to be transmitted by using the session key, calculates a message authentication code by using the integrity protection key, and transmits the communication data in the satellite network through the satellite network.

Optionally, the method further comprises:

when the user side needs to update the token, the user side calculates and generates a token updating first request message by combining the token first parameter to be updated, the token second parameter, the system public parameter and the intra-domain public parameter, and sends the token updating first request message to a nearby satellite communication base station;

wherein the token update first request information at least comprises the following fields: the method comprises the steps of updating a first request timestamp by a token, updating a first encryption parameter by the token, updating a request check parameter by the token in an encrypted form, and checking a second parameter by the token, wherein the token updating request check parameter at least comprises: the real identity, a first parameter of the token and the remaining updatable times of the token;

under the condition that the message source and the integrity of the token updating response information pass verification, calculating a token updating response verification parameter, an updated token first parameter and an updated token second parameter, wherein the token updating response verification parameter is obtained by calculating a token updating request verification parameter, and the token updating request verification parameter at least comprises: the real identity, a first parameter of the token and the remaining updatable times of the token;

verifying whether the token updating response verification parameter is correct or not, and verifying whether the updated token first parameter and the updated token second parameter meet a specified relation or not;

and under the condition that the verification is passed, safely storing the updated first parameter of the token and the updated second parameter of the token.

It should be noted that, when the first token parameter and the second token parameter are stored or used at the user end for a certain time and security risks such as leakage or theft may occur, the token may be updated within the validity period of the current system common parameter, and the user end has token updating permissions for a certain number of times within the validity period of the current system common parameter, and the token updating permissions are consumed once each token updating is performed; the user side can combine with the security requirement, and in the range of the update times allowed by the system, the time and the times for updating the token are selected by self, so that the potential security hazard possibly brought by the long-term storage of the first parameter of the token and the second parameter of the token at the user side is eliminated.

In a fifth aspect, the present invention provides a satellite hub, comprising:

the system parameter updating module is used for configuring system public parameters periodically, generating system parameter updating information according to the system public parameters, and performing whole-network broadcasting on the system parameter updating information through a gateway station, each communication satellite and a satellite base station, wherein the system public parameters at least comprise: the encryption and decryption method comprises the following steps of encrypting and decrypting a cryptology basic parameter, an expiration date of the cryptology basic parameter, a token common verification parameter, an expiration date of the token common verification parameter, a satellite network center communication encryption parameter and an expiration date of the satellite network center communication encryption parameter;

the registration response module is used for receiving and verifying registration request information, configuring a unique real identity of a user side in a satellite communication network, a token first parameter with a valid period and a token second parameter for the user side which is real and is not registered, generating registration response information according to the real identity, the token first parameter with the valid period and the token second parameter, and returning the registration response information to the user side through a secure channel;

the violation judgment module is used for receiving violation judgment request information, combining a first token parameter calculated by the violation judgment request information, and determining whether a violation behavior exists at a user side and a final judgment result of a violation level corresponding to the violation behavior according to a related violation judgment method and standard;

the violation processing module is used for adding the first token parameter into a token second-level blacklist under the condition that the user side is judged to have second-level violation behaviors; under the condition that the user side is judged to have first-level violation, adding the first parameter of the token into a first-level blacklist of the token, calculating the real identity of the user side according to the first parameter of the token, adding the real identity into the blacklist of the real identity, generating updating information of the blacklist of the token, and broadcasting the updating information of the blacklist of the token to each communication satellite and a satellite communication base station through a gateway station;

and the token updating response module is used for receiving and verifying the token updating second request information, configuring the updated token first parameter and the token second parameter under the condition that the token updating second request information passes verification, calculating to generate token updating response information, and sending the token updating response information to the user side through the gateway station, the plurality of hop communication satellites and the satellite communication base station.

In a sixth aspect, the present invention provides a communications satellite comprising:

the uplink information processing module is used for verifying the source and integrity of the uplink information under the condition that the received uplink information from a gateway station attached to a satellite network center or a previous-hop communication satellite passes, and forwarding the verified uplink information to the satellite base station or the next-hop communication satellite according to a related routing algorithm under the condition that the source and integrity of the uplink information pass verification;

and the downlink information processing module is used for verifying the source and integrity of the downlink information under the condition of receiving the downlink information from the satellite network base station, discarding the downlink information failed in verification, attaching the downlink information passing the verification to the node identification of the downlink information, calculating a new message authentication code, generating the processed downlink information, and forwarding the processed downlink information to a satellite network center affiliated gateway station or a next hop communication satellite according to the related routing algorithm.

In a seventh aspect, the present invention provides a satellite communication base station, including:

the parameter updating module is used for regularly receiving and verifying system parameter updating information; under the condition that the system parameter updating information passes verification, storing system public parameters in the system parameter updating information, and broadcasting the system parameter updating information to a user side in a domain, wherein the system public parameters at least comprise: the encryption and decryption method comprises the following steps of encrypting and decrypting a cryptology basic parameter, an expiration date of the cryptology basic parameter, a token common verification parameter, an expiration date of the token common verification parameter, a satellite network center communication encryption parameter and an expiration date of the satellite network center communication encryption parameter;

the parameter updating module is further configured to periodically configure an intra-domain public parameter, generate intra-domain parameter updating information according to the intra-domain public parameter, and broadcast the intra-domain parameter updating information to each user terminal in the domain, where the intra-domain public parameter at least includes: the communication encryption parameters of the satellite communication base station and the valid period of the communication encryption parameters of the satellite communication base station;

the access authentication response module is used for receiving and verifying access authentication request information from a user side, calculating the anonymous identity of a user under the condition that the access authentication request information passes verification, verifying whether the verification parameters of a first parameter of a token and a second parameter of the token meet a specified relation, generating access authentication response information under the condition that the verification parameters of the first parameter of the token and the second parameter of the token meet the specified relation, sending the access authentication response information to the user side, and caching the anonymous identity of the user authenticated at this time and the first parameter of the token;

the communication data transmission module is used for allowing communication connection to be established with the user side according to the cached anonymous identity of the user after access authentication is carried out with the user side, filtering user data which do not correctly contain the anonymous identity in a data frame header in the data communication process, forwarding the user data which correctly contain the anonymous identity in the data frame header to a communication satellite in a domain, and deleting the cached anonymous identity of the user when the communication is finished;

the violation detection module is used for carrying out violation detection and preliminary judgment on the user side according to a related violation detection method and a judgment standard by combining the cached anonymous user identity and the first token parameter in the data communication process;

the violation preliminary processing module is used for sending the third prompt message to the user side, terminating the communication connection with the user side and deleting the anonymous identity in the cache under the condition that the user side is judged to have third-level violation behaviors;

the violation primary processing module is further configured to send the fourth prompt message to the user side and suspend the communication connection with the user side when it is determined that a fourth violation level behavior exists at the user side;

the violation judgment request module is used for inquiring a first token parameter corresponding to the anonymous identity of the user in a cache under the condition of preliminarily judging that the user side has a first-level or second-level violation behavior, generating violation judgment request information, and sending the violation judgment request information to a satellite network center through a plurality of hop communication satellites and gateway stations;

the violation judgment response processing module is used for receiving and verifying the token blacklist updating information, updating the stored token blacklist under the condition that the token blacklist updating information is verified to be passed, sending prompt information to the violation user side, disconnecting the network connection with the violation user side, and forbidding the access authentication authority and the token updating authority of the violation user side within the violation pursuit period;

the system comprises a token updating first request processing module, a communication satellite and a first parameter updating module, wherein the token updating first request processing module is used for receiving and verifying token updating first request information from a user side, calculating a token first parameter under the condition that the token updating first request information passes verification, verifying whether the verification parameter of the token first parameter and the verification parameter of a token second parameter meets a specified relation, generating token updating second request information under the condition that the verification passes, and sending the token updating second request information to the communication satellite in a domain;

and the token updating response processing module is used for receiving and verifying the token updating response information, and forwarding the token updating response information to the user side under the condition that the verification is passed.

In an eighth aspect, the present invention provides a user side, including:

the parameter configuration module is used for regularly receiving and verifying system parameter update information, and storing system public parameters in the system parameter update information under the condition that verification is passed, wherein the system public parameters at least comprise: the encryption and decryption method comprises the following steps of encrypting and decrypting a cryptology basic parameter, an expiration date of the cryptology basic parameter, a token common verification parameter, an expiration date of the token common verification parameter, a satellite network center communication encryption parameter and an expiration date of the satellite network center communication encryption parameter;

the parameter configuration module is further configured to periodically receive and check intra-domain parameter update information, and store intra-domain common parameters in the intra-domain parameter update information when the check is passed, where the intra-domain common parameters at least include: the communication encryption parameters of the satellite communication base station and the valid period of the communication encryption parameters of the satellite communication base station;

the registration request module is used for generating registration request information according to the initial identity identifier and the initial verification information and sending the registration request information to the satellite network center through a secure channel;

the registration response processing module is used for receiving registration response information of the satellite network center through a secure channel, acquiring a network unique real identity, a token first parameter with a valid period and a token second parameter in the registration response information, and safely storing the real identity, the token first parameter and the token second parameter;

the access authentication request module is used for calculating an anonymous identity according to a token first parameter and a token second parameter which are stored safely and by combining the system public parameter and the intra-domain public parameter when the user side needs to access the satellite communication network, generating access authentication request information and sending the access authentication request information to the satellite communication base station;

the access authentication response processing module is used for receiving and verifying the access authentication response information of the defending and communicating base station, analyzing the access authentication response prompt information for abnormal access authentication response prompt information under the condition that the verification is passed, verifying parameters in the access authentication response information for normal access authentication response information, calculating a session key and an integrity protection key under the condition that the parameter verification is passed, and safely storing the session key, the integrity protection key and the anonymous identity of the authentication;

the communication data transmission module is used for packaging the anonymous identity into a data frame in the data communication process after access authentication is completed with the satellite communication base station, encrypting data to be transmitted by using the session key, calculating a message authentication code by using the integrity protection key, and transmitting communication data in a satellite network through the satellite communication base station;

the system comprises a token updating request module, a satellite communication base station and a satellite communication base station, wherein the token updating request module is used for generating token updating first request information according to a first token parameter to be updated and a second token parameter and combining the system public parameter and the intra-domain public parameter when the token is required to be updated, and sending the token updating first request information to the satellite communication base station;

and the token updating response processing module is used for receiving and verifying the token updating response information, calculating and verifying whether the token updating response verification parameters are correct or not under the condition that the token updating response information is verified to be passed, verifying whether the updated first token parameters and the updated second token parameters meet the specified relationship or not, and safely storing the updated first token parameters and the updated second token parameters under the condition that the verification is passed.

In a ninth aspect, the present invention provides a terminal device, comprising a memory, a processor, a transceiver;

the memory stores computer-executable instructions;

the processor executes the computer-executable instructions stored by the memory, so that the processor executes the method for handling the satellite network user violation in combination with the access authentication as described above;

the transceiver is used for receiving information sent by the external equipment and sending information to the external equipment.

In a tenth aspect, the present invention provides a computer-readable storage medium, in which computer-executable instructions are stored, and when the computer-executable instructions are executed by a processor, the computer-readable storage medium is configured to implement the method for satellite network user violation handling in conjunction with access authentication as described above.

According to the satellite network user violation processing method and the related equipment combining the access authentication, high-frequency access authentication of a large number of user sides is completed through each satellite communication base station at the front end of the network, so that the single-point fault risk and the performance bottleneck which are easily generated by central authentication are relieved, and the authentication transmission delay is reduced; after the access authentication is passed, the user side performs data communication by combining the anonymous identity of the authentication, the guard base station performs violation detection and preliminary judgment by combining the cached anonymous identity and the first parameter of the token, and processes the user side with lower-level violation behaviors; for the user side with higher-level violation behaviors, the satellite network center calculates the true identity of the violation user side after further violation judgment, updates the relevant blacklist, and combines all satellite communication base stations to perform violation processing, so that the violation tracing and processing can be conveniently performed after the violation behaviors are found while considering the anonymity of the user access identity.

Drawings

The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure.

FIG. 1 is a schematic view of a scenario of a method for implementing violation handling of a satellite network user in conjunction with access authentication according to the present invention;

FIG. 2 is a schematic flowchart of a first embodiment of a satellite network user violation handling method in conjunction with access authentication according to the present invention;

fig. 3 is a schematic view of an access authentication flow of a second embodiment of a satellite network user violation processing method in combination with access authentication according to the present invention;

fig. 4 is a schematic view of a violation detection and processing flow of a third embodiment of a satellite network user violation processing method in combination with access authentication according to the present invention;

fig. 5 is a schematic diagram illustrating a token updating flow of a fourth embodiment of a satellite network user violation processing method according to the invention;

FIG. 6 is a block diagram of a satellite hub according to the present invention;

FIG. 7 is a block diagram of a communications satellite according to the present invention;

FIG. 8 is a block diagram of a satellite base station according to the present invention;

fig. 9 is a schematic block diagram of a ue according to the present invention;

fig. 10 is a schematic structural diagram of the terminal device of the present invention.

With the foregoing drawings in mind, certain embodiments of the disclosure have been shown and described in more detail below. These drawings and written description are not intended to limit the scope of the disclosed concepts in any way, but rather to illustrate the concepts of the disclosure to those skilled in the art by reference to specific embodiments.

Detailed Description

Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The implementations described in the exemplary embodiments below are not intended to represent all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present disclosure, as detailed in the appended claims.

The invention provides a satellite network user violation processing method combined with access authentication and related equipment.

Referring to fig. 1, fig. 1 is a scene schematic diagram of a satellite network user violation handling method in combination with access authentication according to the present invention.

Wherein the satellite communication base station 3000 communicates with the communication satellite 2000 through a satellite-to-ground link; the communication satellite 2000 communicates with the next hop communication satellite 2000 via an inter-satellite link or with the satellite hub 1000 and its affiliated gateway stations (not labeled) via a satellite-to-ground link according to a related routing algorithm;

mutual authentication, negotiation of a session key and an integrity protection key are completed in advance among the satellite communication base station 3000, the communication satellite 2000 and the satellite network center 1000, and a system security channel is established;

the user terminal 4000 can access the satellite network for data communication after completing bidirectional access authentication with the satellite base station 3000; the sentry base station 3000 combines the user anonymous identity cached after the access authentication, and performs violation detection, preliminary determination and processing at the user terminal 4000 according to the related violation detection method and determination standard;

the sentry base station 3000 performs violation processing on the user side 4000 with a lower violation level; for the user side 4000 suspected of having a higher violation level, inquiring a first token parameter corresponding to the cached user anonymous identity, and generating violation judgment request information; then, the violation determination request information is forwarded to the satellite hub 1000 via the plurality of hop communication satellites 2000 and a gateway station (not labeled); the satellite network center 1000 gives a final violation determination result according to the violation determination method and the standard, updates the blacklist accordingly, generates token blacklist update information, and broadcasts the token blacklist update information to each satellite communication base station 3000 through a gateway station (not marked) and a communication satellite 2000; and the sentry base station 3000 performs violation processing on the violation client 4000 according to the token blacklist information.

The following describes the technical solutions of the present invention and how to solve the above technical problems with specific embodiments. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments. Embodiments of the present invention will be described below with reference to the accompanying drawings.

The invention provides a satellite network user violation processing method combined with access authentication and a general flow thereof.

Referring to fig. 2, fig. 2 is a diagram illustrating a first embodiment of a satellite network user violation handling method in conjunction with access authentication according to the present invention. Which comprises the following steps:

step S10, the satellite network center is used as a trust root node, in the system initialization phase, the node identification, the public and private key pair and the digital certificate of the satellite network center are configured, the node identification and the digital certificate are configured for each communication satellite and the satellite communication base station, mutual authentication with each communication satellite and the satellite communication base station is completed, and the negotiation between the session key and the integrity protection key is completed, so that the system security channel is established.

Specifically, reference may be made to the related technologies such as the PKI public key encryption system which has been developed more maturely, and the detailed description thereof is not further provided herein.

And step S20, the satellite network center periodically updates the system public parameters, and performs whole-network broadcasting through the gateway station, the communication satellite and the satellite communication base station, and the satellite communication base station periodically updates the intra-domain public parameters and broadcasts to intra-domain user terminals.

the intra-domain common parameters at least comprise: the communication encryption parameters of the satellite communication base station and the valid period of the communication encryption parameters of the satellite communication base station;

the satellite network center regularly updates the system public parameters and generates system parameter updating information; then, the system parameter updating information is broadcasted to the user side of the whole network through a gateway station, a communication satellite and a satellite station;

after receiving the system parameter update information, each satellite communication base station and each user side carry out message source and integrity verification on the system parameter update information; and storing the system public parameters in the message when the message source and the integrity check pass.

In this embodiment, the system parameter update information may refer to the following:

{ ID_NOCC||TYPE||LT₁||G||N||LT₂||PK₀||K||LT₃||R_NOCC||SIGN_NOCC}

wherein, what parameters contained in the representation information are in { } (which is not described in detail below); | | represents parameter splicing operation (which is not described in detail below); ID_NOCCIdentifying a node of a satellite network center; TYPE is a message TYPE code, and specifically, the TYPE field may be set to "000" to represent a system parameter updateInformation; g is a generating element of the elliptic curve, and N is the order of G; LT (LT)₁An expiration date configured for N, G for the satellite hub; in addition, the satellite network center respectively selects three different safe random numbers SK from the cyclic addition group₀、k、r_NOCCThen, calculate: authentication token verification public key PK₀=SK₀G, authentication token common parameter K = K G, and satellite hub communication encryption parameter R_NOCC= r_NOCCG; and is PK₀K configuration expiration date LT₂(ii) a Is R_NOCCConfiguring the expiry date LT₃；SIGN_NOCCA digital signature computed for the satellite hub for the message.

In addition, the satellite communication base station regularly configures the public parameters in the domain, generates the update information of the parameters in the domain, and broadcasts the update information to the user terminals in the domain;

in this embodiment, the intra-domain parameter update information may refer to the following:

{ ID_STB||type||LT₄||R_STB||SIGN_STB}

wherein, ID_STBIdentifying nodes of the satellite communication base station; type is a message type code, and specifically, a type field may be set to "000" here to represent intra-domain parameter update information; firstly, the Weitong base station selects a secure random number r from the cyclic addition group_STBThen, calculating a communication encryption parameter R of the satellite communication base station_STB= r_STBG, wherein G is a generator of the elliptic curve; LT (LT)₄Is a satellite base station as R_STBA configured expiration date; SIGN_STBIs a digital signature calculated by the satellite communication base station on the message;

by regularly updating and broadcasting the system public parameters and the intra-domain public parameters, potential safety hazards caused by long-term use of the fixed parameters can be reduced.

It should be noted that, in all embodiments of the present disclosure, TYPE is used to refer to a message TYPE code of a satellite hub, and TYPE is used to refer to a message TYPE code of a satellite base station or a communication satellite.

Step S30, when the user applies for the network access for the first time, the user sends the registration request information to the satellite network center through the safety channel, after the satellite network center receives and checks the information, the satellite network center configures the only real identity in the network for the user, and the token first parameter and the token second parameter with the valid period, and returns the registration response information to the user, and the user end safely stores the real identity, the token first parameter and the token second parameter.

Wherein, the registration request information may include but is not limited to: the system comprises an initial identity label with the uniqueness of the whole network, such as a factory number of a user side, and initial verification information for verifying the authenticity of the initial identity label;

the real identity has the uniqueness of the whole network, the first parameter of the token and the second parameter of the token have certain valid periods, and the maximum valid period is determined by the valid period of the public parameter of the current system.

In this embodiment, the real identity, the token first parameter, and the token second parameter are calculated as follows:

UID= Hash(ID_e||info||RAND) 【1】

α= f_sym(KEY_NOCC , UID||LT₂||rand) 【2】

θ= α·SK₀ + k (mod N) 【3】

the UID, the alpha and the theta are respectively a real identity, a token first parameter and a token second parameter which are configured by a network center as a user side; hash () represents a Hash function; f. of_symRepresenting a symmetric encryption algorithm; | | represents splicing operation of the parameters (which is not described in detail below), "· represents point multiplication operation on the elliptic curve (which is not described in detail below), and" + "represents point addition operation on the elliptic curve (which is not described in detail below); mod is remainder taking operation (not described below); ID_eThe initial identity is identified; info is the initial check information; RAND and RAND respectively represent different random numbers; KEY_NOCCThe security registration key is selected by the satellite network center; n, LT₂、SK₀And k are parameters involved in step S20.

And step S40, when the user needs to access the satellite network, according to the first parameter of the token, the second parameter of the token, the public parameter of the system, the public parameter in the domain and the relevant access authentication parameter, calculating the anonymous identity, and performing bidirectional access authentication with the nearby satellite base station.

Wherein the access authentication-related parameters may include, but are not limited to: a timestamp, a random number;

the system common parameters at least comprise: the encryption and decryption method comprises the following steps of encrypting and decrypting a cryptology basic parameter, an expiration date of the cryptology basic parameter, a token common verification parameter, an expiration date of the token common verification parameter, a satellite network center communication encryption parameter and an expiration date of the satellite network center communication encryption parameter;

the access authentication procedure in step S40 will be further specifically described in steps S41 to S44 with reference to the second embodiment of fig. 3.

And step S50, the user side accesses the satellite network through the satellite communication base station, and performs communication data transmission by combining the anonymous identity of the authentication, the calculated session key and the integrity protection key.

Specifically, the encapsulated communication data at least includes the following fields:

{ PID||EncData||MAC_U}

the PID is an anonymous identity authenticated by the user side at this time, and is respectively cached in the user side and the satellite communication base station after the access authentication is passed; EncData is encrypted data obtained by symmetrically encrypting communication data by using a session key by the user side; MAC_UUsing the message authentication code calculated by the integrity protection key for the user side to check the integrity of the message;

after the data communication is finished, the satellite communication base station disconnects the communication connection with the user side, and deletes the cached anonymous user identity; and when the user side subsequently needs to access the satellite communication network, access authentication needs to be carried out again.

And step S60, the satellite communication base station performs violation detection, preliminary judgment and processing on the access user side according to the related violation detection method and judgment standard by combining the cached anonymous identity after the access authentication and the first parameter of the token, and performs further violation judgment and processing by combining with the satellite network center if necessary.

The violation detection and processing flow in step S60 will be further specifically described in steps S61 to S66 in conjunction with the third embodiment of fig. 4.

Step S70, when needing to update the token, the user end generates a token updating first request message according to the token first parameter to be updated, the token second parameter, the combination system public parameter, the intra-domain public parameter and the related token updating request verification parameter, generates a token updating second request message after verification by the satellite base station, and sends the token updating second request message to the satellite network center through a plurality of hop communication satellites and the gateway station, and the satellite network center configures the new first parameter and the token second parameter for the user end after receiving and verifying the token updating first request message.

Wherein the token update request related check parameters at least comprise: the real identity, a first parameter of the token and the remaining updatable times of the token;

it should be noted that the token updating process in step S70 will be described in detail in steps S71 to S76 in conjunction with the fourth embodiment of fig. 5.

The invention provides an access authentication process related to a satellite network user violation processing method combined with access authentication.

Referring to fig. 3, fig. 3 is a diagram illustrating a second embodiment of a satellite network user violation handling method in combination with access authentication according to the present invention. Which comprises the following steps:

and step S41, when the user side needs to access the network, calculating the anonymous identity of the time according to the first token parameter and the second token parameter which are stored safely and by combining the public parameter of the system and the public parameter in the domain, generating access authentication request information and sending the access authentication request information to the nearby defending base station.

Specifically, in this embodiment, the access authentication request information may refer to the following format:

{ T₁|| R_U||X_α||λ}

wherein, T₁Requesting a timestamp for access authentication; r_UAuthenticating a first encryption parameter for access; x_αA first parameter for the encrypted token; λ is a check parameter of the second parameter of the token. The parameters involved are calculated as follows:

R_U=r_U·G 【4】

X_α= α⊕H(r_U·R_STB) 【5】

PID= hash(α)⊕hash(r_U·R_STB) 【6】

β= H(T₁||R_U||α||PID) 【7】

λ= θ+β·r_U (mod N) 【8】

wherein, the meanings of the parameters and symbols related in the formulas (4) to (8) are as follows: | | represents parameter splicing operation (which is not described in detail below); ≧ denotes bitwise xor operation (which will not be described below), hash (), H () denote hash functions (which will not be described below); mod represents a remainder operation (which will not be described in detail below); r is_UGenerating an access authentication secret random number for a user side, wherein alpha is a first parameter of a token; PID is the anonymous identity of the access authentication of the user side; β is an intermediate parameter; theta is a second parameter of the token; G. n, R_STBThe parameters described in step S20.

And step S42, the defending and communication base station receives and verifies the access authentication request information, calculates the anonymous identity by combining the system public parameter and the intra-domain public parameter, and verifies whether the verification parameter of the first token parameter and the second token parameter meets the specified relation.

In this embodiment, the sentry base station first passes through | T |₂-T₁Whether | is less than Δ t_STBChecking the freshness of the access authentication request information; wherein, T₂A timestamp when the defending base station receives the access authentication request information; Δ t_STBSetting a time interval for the guard base station;

in case the freshness verification passes (| T)₂-T₁| is less than Δ t_STBBy checking), calculating token first parameter α = X_α⊕H(R_U·r_STB) (ii) a Wherein, X_α、R_UThe first parameter of the token and the first encryption parameter of the access authentication, which are respectively the encryption in step S41; r is_STBThe parameters in step S20;

then, checking whether alpha is in a token blacklist; if alpha is not in the token blacklist, the user anonymous identity PID = hash (alpha) and hash (R) at this time is calculated_U·r_STB) And intermediate parameter β = H (T)₁||R_U| α | PID); then, check formula [ 9 ]: λ · G = α · PK₀+K+β·R_UWhether the result is true or not; wherein, G, PK₀、K、r_STBThe parameters in step S20;

and under the condition that a formula (9) is satisfied, indicating that the verification parameters of the first token parameter and the second token parameter satisfy a specified relationship, and further indicating that the first token parameter and the second token parameter of the user side are legal and valid token parameters calculated by combining a private key of a satellite network center, and allowing the user side to access the satellite communication network.

And step S43, under the condition that the verification parameters of the first token parameter and the second token parameter meet the specified relationship, the satellite communication base station caches the anonymous user identity authenticated at this time and the first token parameter, generates access authentication response information and sends the access authentication response information to the user side, generates communication parameter transmission information and sends the communication parameter transmission information to a satellite network center through a plurality of hop communication satellites and gateway stations.

Specifically, in this embodiment, the access authentication response information may refer to the following format: { T₂| RES }; wherein, T₂Is that the satellite communication base station receives the said connectionEntering a timestamp when the authentication request information is received; RES = H (T)₂| β); β is the intermediate parameter calculated in step S42.

The related communication parameters include at least: PID | | | R_U(ii) a The communication parameter transmission information may refer to the following format: { ID_STB||type||C_STB||MAC_STB}；

Wherein, C_STB = f_sym(EK_STB-SAT, PID||R_U)，

MAC_STB= f_int(IK_STB-SAT, ID_STB|| type||C_STB)；

Wherein, ID_STBIdentifying the nodes of the satellite communication base station; type is a message type code, and specifically, a type field may be set to "111" here to represent communication parameter transmission information; c_STBCommunication parameters after encryption of the satellite communication base station; MAC_STBA message authentication code calculated for the satellite communication base station; f. of_symFor symmetric encryption algorithms, f_intAn integrity protection algorithm; EK (extended EK)_STB-SAT 、IK_STB-SATAfter the system security channel is established, a session key and an integrity protection key are negotiated between the satellite communication base station and the communication satellite;

after the communication satellite receives the communication parameter transmission information, checking the message authentication code MAC in the communication parameter transmission information_STBThen decrypt C_STBGet PID | | | R_U(ii) a And caches the PIDs therein to allow the corresponding user data to be transmitted in the network; then, a similar calculation is performed, and then the processed communication parameters are transmitted information according to the relevant routing algorithm: { ID_SAT||type||C_SAT ||MAC_SATForwarding to an attached gateway station of the satellite network center or a next-hop communication satellite;

wherein, ID_SATIdentifying a node for the communication satellite; type is a message type code, and specifically, a type field may be set to "111" here to represent communication parameter transmission information; c_SAT = f_sym(EK_SAT-NOCC, PID||R_U) ，MAC_SAT= f_int(IK_SAT-NOCC，ID_SAT||type||C_SAT) (ii) a Wherein, C_SATEncrypting communication parameters for the communication satellite; MAC_SATA message authentication code computed for the communications satellite; f. of_symFor symmetric encryption algorithms, f_intAn integrity protection algorithm; EK (extended EK)_SAT-NOCC、IK_SAT-NOCCAfter the system security channel is established, a session key and an integrity protection key are negotiated between the communication satellite and the satellite network center;

after receiving the communication parameter transmission information, the satellite network center firstly checks the message authentication code MAC therein_SAT(ii) a Then, decrypt C_SATGet PID | | | R_U(ii) a Recalculate KEYS = H (R)_U·r_NOCC) Wherein r is_NOCCThe parameters in step S20; taking the high 16 bits of KEYS as a session key EK, and taking the low 16 bits of KEYS as an integrity protection key IK; the PIDs, EKs, IKs are then cached for use in the data communication process.

And step S44, the user side authenticates the defending base station according to the access authentication response information, calculates a session key and an integrity protection key under the condition that the authentication is passed, and safely stores the anonymous identity, the session key and the integrity protection key.

Specifically, in this embodiment, the ue first passes through | T |₃-T₂Whether | is less than Δ t_UChecking the freshness of the access authentication response information; wherein, T₃Is the time stamp, delta t, of the time when the user terminal receives the access authentication response information_UA predetermined time interval for the user terminal;

if the freshness check passes (| T)₃-T₂| is less than Δ t_UPass verification), then verify equation [ 10 ]: RES = H (T)₂If | β) is true. Wherein β is the intermediate parameter described in step S41;

under the condition that the formula [ 10 ] passes the verification, the user side calculates: KEYS = H (r)_U·R_NOCC) Wherein R is_NOCCThe parameters in step S20; r is_UAuthenticating the secret random number for the access described in step S41(ii) a Then, taking the high 16 bits of KEYS as a session key EK, and taking the low 16 bits of KEYS as an integrity protection key IK; and securely stores the PIDs, EK, IK for use in the data communication process.

Therefore, bidirectional access authentication is completed between the user side and the satellite communication base station.

And after the user terminal completes the access authentication process of the steps S41-S44, the user terminal can access the satellite communication network to perform communication data transmission.

{ PID||EncData||MAC_U}

and under the condition that the data communication is finished, the satellite communication base station disconnects the communication connection with the user side, deletes the cached anonymous user identity, and needs to perform access authentication again when the user side needs to access the satellite communication network subsequently.

The invention provides a violation detection and processing flow involved in a violation processing method of a satellite network user in combination with access authentication.

Referring to fig. 4, fig. 4 is a diagram illustrating a third embodiment of a satellite network user violation handling method in conjunction with access authentication according to the present invention. Which comprises the following steps:

and step S61, the defensive base station performs violation detection and preliminary judgment on the access user side according to the related violation detection method and judgment standard by combining the cached user anonymous identity after the access authentication and the first token parameter.

The defensive base station can filter the user data which does not correctly contain the authenticated PID field according to the cached user anonymous identity PID and by combining the user communication data encapsulation content in the step S50; forwarding the user data which correctly contains the authenticated PID field to a communication satellite in the domain;

in addition, the guard base station can take a PID field packaged in user data as a characteristic field, and combines a first parameter of a cached corresponding token to perform violation detection and preliminary judgment on the user side according to a related violation detection method and a judgment standard;

wherein the violation detection method may be based on, but not limited to, the following principles: correlation analysis, cluster analysis, KL divergence, and the like.

And step S62, sending prompt information to the user side and suspending or terminating the communication connection with the user side when the defensive base station detects that the user side has third-level and fourth-level violation behaviors.

Under the condition that the guard base station judges that the user side has third-level violation behaviors, third prompt information is sent to the user side, the communication connection with the user side is terminated, and the anonymous identity in the cache is deleted;

the third prompt message is used for indicating that the reason for disconnection is that the user side has third-level violation, and access authentication needs to be carried out again when communication connection is established again;

under the condition that the guard base station judges that the fourth-level violation exists in the user side, sending fourth prompt information to the user side, and suspending communication connection with the user side;

the reason why the fourth prompt message is used to indicate that the connection is disconnected is that the user side has a fourth-level violation, and the communication connection needs to be restored after a specified time.

The violation may include, but is not limited to: the method comprises the following steps of initiating the same data request, abnormal communication requests which do not conform to the communication behavior habit of a user, DoS attacks, DDoS attacks, illegal stealing of system permission and data and the like for multiple times in a short time;

it should be noted that the violation level may be defined by the system in combination with the actual situation; in the disclosure, only the third violation level and the fourth violation level represent lower violation levels, the first violation level and the second violation level represent higher violation levels, the corresponding violation processes are explained, and the rest can be analogized.

Step S63, under the condition that the guard base station preliminarily judges the possibility of the first-level and second-level violation behaviors of the user side, inquiring a first parameter of a token corresponding to the cache according to the anonymous identity of the user, generating violation judgment request information and sending the violation judgment request information to the communication satellite in the domain.

Specifically, the violation determination request information may refer to the following format:

{ ID_STB|| type||C_STB||MAC_STB}

wherein, ID_STBIdentifying the nodes of the satellite communication base station; type is a message type code, and specifically, a type field may be set to "001" here to represent first-level violation determination request information; or the type field is set to "010" to represent second-level violation determination request information; c_STB = f_sym(EK_STB-SATα), wherein f_symA symmetric encryption algorithm; EK (extended EK)_STB-SATAfter a system security channel is established, a session key is negotiated between the satellite communication base station and the communication satellite; alpha is a first parameter of a corresponding token inquired in a cache by the defensive base station according to the anonymous identity of the user suspected of having the first and second level violations; c_STBA ciphertext obtained by symmetrically encrypting the first parameter alpha of the token for the satellite communication base station; MAC_STB= f_int(IK_STB-SAT, ID_STB||type||C_STB) Wherein f is_intFor integrity protection algorithms, IK_STB-SATIntegrity protection key, MAC negotiated between satellite base station and communication satellite after system safety channel is established_STBA message authentication code calculated for the sentry base station for use in requesting the violation determinationAnd solving the information for integrity check.

And step S64, the communication satellite receives the violation determination request information, checks and processes the violation determination request information, forwards the violation determination request information to the next-hop communication satellite, and forwards the violation determination request information to the satellite network center through a plurality of hop communication satellites and the gateway station.

Specifically, after receiving the violation determination request information, the communication satellite identifies an ID according to a gatekeeper base station node therein_STBFinding out the session key EK negotiated with the satellite communication base station_STB-SATIntegrity protection key IK_STB-SAT(ii) a Then checking whether the message authentication code satisfies MAC_STB= f_int(IK_STB-SAT, ID_STB||type|| C_STB). Wherein f is_intAn integrity protection algorithm; ID_STBIdentifying the nodes of the satellite communication base station; type is the message type code described in step S63; c_STBAnd a ciphertext obtained by symmetrically encrypting the first parameter alpha of the token for the satellite communication base station.

If the message authentication code MAC_STBCheck fail (MAC)_STB≠ f_int(IK_STB-SAT, ID_STB||type|| C_STB) Discarding the violation determination request information; if the message authentication code MAC_STBCheck pass (MAC)_STB= f_int(IK_STB-SAT, ID_STB||type|| C_STB) And if the violation judgment request is reliable in information source and complete in information, the following processing is performed:

using the session key EK_STB-SATDecryption C_STBObtaining a first parameter alpha of the token; then, the session key EK between the satellite network center and the satellite network center is found out_SAT-NOCCIntegrity protection key IK_SAT-NOCC(ii) a And calculates the processed violation determination request information, that is:

{ ID_SAT||type||C_SAT||MAC_SAT}

wherein, ID_SATIdentifying a node for the communication satellite; type is the message type described in step S63Code; c_SAT =f_sym(EK_SAT-NOCC,α)，MAC_SAT=f_int(IK_SAT-NOCC, ID_SAT|| type||C_SAT) Wherein f is_symFor symmetric encryption algorithms, f_intAn integrity protection algorithm; c_SATA cipher text obtained by symmetrically encrypting the first parameter alpha of the token for a communication satellite; MAC_SATA message authentication code calculated for the communication satellite;

then, the communication satellite forwards the processed violation determination request information to a next-hop communication satellite according to a related routing algorithm; and after passing through a plurality of hop communication satellites and gateway stations, forwarding the violation judgment request information to a satellite network center.

Step S65, the satellite network center receives and verifies the violation determination request information, and under the condition that the verification is passed, final determination is carried out on violation behaviors and corresponding grades according to related violation determination methods and standards; and updating the blacklist according to the above information, generating token blacklist updating information, and sending the token blacklist updating information to each satellite base station through the gateway station and the communication satellite.

After receiving the violation determination request information, the satellite network center firstly verifies the source and integrity of the message; specifically, the satellite network center identifies ID according to communication satellite node therein_SATFinding out the session key EK negotiated with the communication satellite_SAT-NOCCIntegrity protection key IK_SAT-NOCC(ii) a Then checking whether the message authentication code satisfies MAC_SAT= f_int(IK_SAT-NOCC, ID_SAT||type||C_SAT). Wherein f is_intAn integrity protection algorithm; ID_SATIdentifying a node for the communication satellite; type is message type code; c_SATAnd carrying out symmetric encryption on the first parameter alpha of the token for the communication satellite to obtain a ciphertext.

If the satellite network center authenticates the message authentication code MAC_SATCheck failure (MAC)_SAT≠ f_int(IK_SAT-NOCC, ID_SAT||type||C_SAT)）Discarding the violation determination request information; if the satellite network center authenticates the message authentication code MAC_SATCheck pass (MAC)_SAT= f_int(IK_SAT-NOCC, ID_SAT||type||C_SAT) And if the violation judgment request is reliable in information source and complete in information, the following processing is performed:

acquiring a type field in the violation judgment request information; using a session key EK with the communication satellite_SAT-NOCCDecryption C_SATObtaining a corresponding token first parameter alpha; then, the satellite network center finally judges the violation behaviors and the corresponding grades thereof according to the related violation judgment method and standard;

the violation determination method and criteria may be based on, but not limited to, the following principles: correlation analysis, cluster analysis, KL divergence, etc.;

specifically, the final violation determination result may be divided into: finally judging that no violation exists, a first level violation exists and a second level violation exists;

the satellite network center does not need to process violation judgment request information which is finally judged to have no violation behaviors; for the satellite network center which is finally judged to have the second-level violation, adding the corresponding first token parameter alpha into a token second-level blacklist; for the terminal determined that the first-level violation exists, the satellite network center adds the corresponding token first parameter alpha into a token first-level blacklist, decrypts the token first parameter alpha by using the security registration key in the step S30 to obtain the real identity UID of the user side, and adds the UID into the real identity blacklist;

the satellite network center respectively generates token first-level blacklist updating information and token second-level blacklist updating information according to the newly added alpha in the token first-level blacklist and the token second-level blacklist; and the token primary blacklist updating information and the token secondary blacklist updating information are forwarded to each communication satellite through the gateway station and the communication satellite.

Specifically, the token blacklist update information may refer to the following format: { ID_NOCC||TYPE||α|PToTime||SIGN_NOCC }

Wherein, ID_NOCCIdentifying a node of a satellite network center; TYPE is a message TYPE code, and specifically, a TYPE field may be set to "001" here to represent token-level blacklist update information; setting the TYPE field to be 010 to represent the token secondary blacklist update information; alpha is a first parameter of a token corresponding to the violation user side; ToTime is the violation accountability deadline; the ToTime field in the token primary blacklist may be set to a special identifier representing an infinite length, specifically, INF, so as to permanently block the first-level violation client; SIGN_NOCCA digital signature computed for the satellite hub on the message.

Step S66, each satellite communication base station receives and verifies the updating information of the token blacklist; and under the condition that the verification is passed, analyzing the content in the content, updating the token blacklist according to the content, sending prompt information to the violation user side, disconnecting the communication connection with the violation user side, and limiting the access authentication authority and the token updating authority of the violation user side within the violation pursuit period.

Specifically, after each satellite communication base station receives the first-level blacklist updating information and the second-level blacklist updating information of the token, the digital signature SIGN in the first-level blacklist updating information and the second-level blacklist updating information is checked_NOCC(ii) a At the digital signature SIGN_NOCCDiscarding the token blacklist updating information under the condition of failure in verification; at the digital signature SIGN_NOCCUnder the condition that the verification is passed, updating information of a token primary blacklist with a TYPE field of '001', and adding a token first parameter alpha and a violation accountability deadline ToTime in the updated information into the stored token primary blacklist by the guard base station; for the updating information of the token secondary blacklist with the TYPE field of 010, the defending and communicating base station adds the first parameter alpha of the token and the violation accountability deadline ToTime in the updating information of the token secondary blacklist into the stored token secondary blacklist;

for the illegal user side in the token first-level blacklist, the satellite communication base station sends first prompt information to the illegal user side, and then the communication connection of the illegal user side is disconnected; the first prompt message is used for indicating that the user side has a first-level violation, and the access authentication authority and the token updating authority of the user side are permanently sealed;

for the illegal user side in the token secondary blacklist, the satellite communication base station sends second prompt information to the illegal user side, and then the communication connection of the illegal user side is disconnected; the second prompt message is used for indicating that the user side has a second-level violation, and the normal access authentication authority and the token updating authority can be recovered only after the violation accountability deadline ToTime.

Thus, the violation detection and processing flow of the present embodiment is completed.

The invention provides a token updating process related to a satellite network user violation processing method combined with access authentication.

Referring to fig. 5, fig. 5 is a diagram illustrating a fourth embodiment of a satellite network user violation handling method in conjunction with access authentication according to the present invention. Which comprises the following steps:

step S71, when needing to update the token, the user end generates the first request information of the token update according to the first parameter of the token to be updated, the second parameter of the token, the public parameter of the system, the public parameter in the domain and the related token update request check parameter, and sends the first request information to the nearby defending base station.

specifically, in this embodiment, the token update first request information may adopt the following format:

{ T_U|| R_U||X_U||λ}

wherein, T_UUpdating the first request timestamp for the token; r_UUpdating a first encryption parameter for the token; x_UUpdating a second encryption parameter for the token, wherein lambda is a verification parameter of the second parameter of the token; the parameters involved are calculated as follows:

R_U= r_U·G 【11】

REF_U= H(UID||NUM)⊕H(r_U·R_NOCC) 【12】

X_U= (α||REF_U)⊕H(r_U·R_STB) 【13】

β= H(T_U||R_U||α||REF_U) 【14】

λ= θ+β·r_U (mod N) 【15】

wherein, the symbols and parameters involved in the formulas (11) to (15) have the following meanings: h () represents a hash function; the | | represents splicing operation is carried out on the parameters; ≦ indicates a bitwise exclusive-or operation; n, G, R_NOCC、R_STBThe parameters in step S20; r is_UUpdating a first random number for a token generated by a user side; UID is real identity; NUM is the number of times of remaining renewables of the token; alpha is a first parameter of the token; theta is a second parameter of the token.

And step S72, after the satellite base station receives the token updating first request information, checking the freshness of the information, verifying whether the first parameter of the token and the checking parameter of the second parameter of the token meet the specified relation, calculating and generating the token updating second request information under the condition that the verification is passed, and sending the token updating second request information to the communication satellite in the domain.

In this embodiment, after receiving the token update first request information, the sentry base station first updates the first request information by | T |_STB-T_UWhether | is less than Δ t_STBChecking the freshness of the token updating first request information; wherein, T_STBUpdating the timestamp, Δ t, of the first request message for the satellite communication base station when receiving the token_STBSetting a time interval for the guard base station;

in case the freshness verification passes (| T)_STB-T_U| is less than Δ t_STBPass the check), the sentry base station calculates: alpha | | | REF_U = X_U⊕H(R_U·r_STB) Wherein r is_STBIs the reference described in step S20Counting; then, checking whether alpha is in a token blacklist;

in case alpha is not listed in the token blacklist, the parameter beta = H (T) is calculated_U||R_U||α||REF_U) (ii) a Then, check formula [ 16 ]: λ · G = α · PK₀+K+β·R_UWhether the result is true or not; wherein, G, PK₀The parameters in step S20;

when the formula [ 16 ] holds (λ · G = α · PK)₀+K+β·R_U) If so, the user side is indicated to have a valid and valid token first parameter and a token second parameter configured by a satellite network center private key; then, the satellite communication base station calculates and generates a token updating second request message, and sends the token updating second request message to the communication satellite in the domain.

In this embodiment, the token update second request message may adopt the following format:

{ ID_STB||type||X_STB||MAC_STB}

wherein, ID_STBIdentifying the nodes of the satellite communication base station; type is a message type code, and specifically, a type field may be set to "101" to represent that the token updates the second request information; x_STB=R_U||α||REF_U；MAC_STB= f_int(IK_STB-SAT, ID_STB||type||X_STB) Wherein f is_intAn integrity protection algorithm; IK (Internet Key exchange)_STB-SATAfter a system security channel is established, an integrity protection key is negotiated between the satellite communication base station and the communication satellite; MAC_STBAnd the message authentication code calculated for the satellite communication base station is used for carrying out integrity check on the second request information for updating the token.

And step S73, the communication satellite checks and processes the second request information for updating the token after receiving the second request information for updating the token, and sends the second request information for updating the token after processing to the satellite network center through a plurality of hop communication satellites and gateway stations.

In this embodiment, after receiving the token and updating the second request information, the communication satellite updates the second request information according to the identifier of the satellite base station nodeID_STBFinding out the integrity protection key IK between the guard base station and the guard base station_STB-SAT(ii) a Then checking whether the message authentication code satisfies MAC_STB= f_int(IK_STB-SAT, ID_STB||type||X_STB)。

If the message authentication code MAC_STBIf the verification fails, discarding the second request information for updating the token; if the message authentication code passes the verification, the token indicates that the second request information for updating the token is reliable in source and complete in information; then, the communication satellite calculates a message authentication code MAC_SAT= f_int(IK_SAT-NOCC, ID_SAT||type||X_STB) Wherein f is_intFor integrity protection algorithms, IK_SAT-NOCCAfter a system security channel is established, an integrity protection key is negotiated between a communication satellite and a satellite network center; ID_SATIdentifying a node for the communication satellite; type is the message type code described in step S72; x_STBThe parameters in step S72;

the communications satellite then updates the processed token with the second request information according to the relevant routing algorithm: { ID_SAT||type||X_STB||MAC_SATAnd after being forwarded by a plurality of hop communication satellites, the data are finally forwarded to a satellite network center by a gateway station.

Step S74, the satellite network center receives and verifies the token to update the second request message; calculating relevant token updating request verification parameters under the condition that the verification is passed; and in the case that the token update request verification parameter matches a stored record and is not on a blacklist, configuring a new token first parameter and a token second parameter, storing the new token update request verification parameter, generating token update response information, and forwarding the token update response information to the communication satellite through the gateway station.

In this embodiment, after receiving the token and updating the second request information, the satellite hub updates the second request information according to the communication satellite node identifier ID therein_SATFinding an integrity protection key IK with said communication satellite_SAT-NOCC(ii) a Then theChecking whether the message authentication code satisfies the MAC_SAT= f_int(IK_SAT-NOCC, ID_SAT||type||X_STB)。

If the satellite network center authenticates the message authentication code MAC_SATIf the verification fails, discarding the second request information updated by the token; if the satellite network center authenticates the message authentication code MAC_SATIf the verification is passed, the token indicates that the source of the second request information for updating the token is reliable and the information is complete; next, the satellite hub acquires X_STBThe parameters in (1), namely: r_U||α||REF_U；

Then, checking whether the first parameter alpha of the token is in a first-level blacklist and a second-level blacklist of the token; if α is not in the token primary blacklist or the token secondary blacklist, the secure registration KEY in step S30 is used_NOCCSymmetrically decrypting a first parameter alpha of the token to obtain a real identity UID, and checking whether the real identity UID is in a real identity blacklist;

if the real identity UID is not in the real identity blacklist, inquiring the residual updatable times NUM of the token corresponding to the real identity UID in a storage record; then, check formula [ 17 ]: h (UID | | NUM) = REF_U⊕H(R_U·r_NOCC) Whether or not this is true. Wherein r is_NOCCThe parameters in step S20;

when the formula [ 17 ] is satisfied, the satellite network center decrements the remaining updatable times NUM of the token, and stores the token in association with the real identity UID; then, configuring the updated token first parameter α for the user side^*Token second parameter theta^*；

Wherein alpha is^*= f_sym(KEY_NOCC,UID||LT₂||rand^*)，θ^*= α·SK₀ + k(mod N)；f_symRepresenting a symmetric encryption algorithm, UID being the real identity, rand^*Representing a new random number, KEY_NOCCN, LT as parameters described in step S30₂、SK₀K is in step S20The parameters are described;

then, the satellite network center calculates and generates token updating response information, and the token updating response information is forwarded to the communication satellite through the gateway station;

specifically, the token update response information may refer to the following format:

{ ID_NOCC||TYPE||X_NOCC||SIGN_NOCC }

wherein, ID_NOCCIdentifying a node of a satellite network center; TYPE is the identification code of the message TYPE; specifically, the TYPE field may be set to "101" here to represent the token update response information; x_NOCCUpdating response encryption parameters for the token; SIGN_NOCCA digital signature computed for the satellite hub on the message. The parameters involved are calculated as follows:

REF_NOCC=H(NUM^*||UID)，

X_NOCC=(REF_NOCC||α^*||θ^*)⊕H(R_U·r_NOCC)||H₂(R_U·r_NOCC) ||H₃(R_U·r_NOCC)，

wherein H () is a hash function; h₂() Representing that two hash operations are performed; h₃() Representing performing three times of hash operation; r_UThe parameters in step S71; r is_NOCCThe parameters in step S20; NUM^*、α^*、θ^*Respectively obtaining the residual updatable times, the first token parameter and the second token parameter of the updated token; the UID is a real identity.

And step S75, the communication satellite checks the message source and integrity of the token updating response information, and the token updating response information is sent to the user side through a plurality of hop communication satellites and a satellite communication base station.

After receiving the token updating response information, the communication satellite firstly verifies the digital signature SIGN in the token updating response information_NOCC(ii) a At the digital signature SIGN_NOCCUnder the condition of failure in verification, discarding the token updating response information; at the numberSignature SIGN_NOCCIf the verification is passed, the token updating response information is from the satellite network center and the information is complete; and then, the updated response information of the verified token is forwarded to the user side through a plurality of hop communication satellites and a satellite communication base station.

And step S76, the user side receives and verifies the token updating response information, decrypts and verifies the token updating response parameters under the condition that the verification is passed, verifies whether the updated first parameters of the token and the second parameters of the token meet the specified relationship, and safely stores the first parameters of the token and the second parameters of the token under the condition that the verification is passed.

In this embodiment, after receiving the token update response message, the ue first verifies the digital signature SIGN therein_NOCC(ii) a At the digital signature SIGN_NOCCUnder the condition of failure in verification, discarding the token updating response information; at the digital signature SIGN_NOCCIf the verification is passed, the token updating response information is from the satellite network center and the information is complete; then, the following calculations were performed:

(REF_NOCC||α^*||θ^*)= X_NOCC⊕H(r_U·R_NOCC)||H₂(r_U·R_NOCC)||H₃(r_U·R_NOCC)，

checking formula [ 18 ]: REF_NOCC=H(NUM^*| UID) is true.

Check equation [ 19 ]: theta^*= α^*·PK₀+ K is true.

Wherein H () is a hash function; h₂() Representing that two hash operations are performed; h₃() Representing performing three times of hash operation; UID is real identity; alpha is alpha^*、θ^*Respectively an updated token first parameter and a token second parameter; NUM^*The number of updatable times remaining for the current token can be obtained by decrementing NUM in step S71; r is_UThe parameters in step S71; PK₀、K、G、R_NOCCIs composed of a main body and a lower bodySystem common parameters described in step S20;

and under the condition that the formulas (18) and (19) are both established, the user end safely stores the updated first parameter and the second parameter of the token.

At this point, the token update process of this embodiment is completed.

In addition, the present invention also provides a satellite network center, and referring to fig. 6, the satellite network center 1000 includes:

a system parameter updating module 1010, configured to periodically configure a system public parameter, generate system parameter updating information according to the system public parameter, and perform network-wide broadcasting on the system parameter updating information via a gateway station, each communication satellite, and a satellite base station, where the system public parameter at least includes: the encryption and decryption method comprises the following steps of encrypting and decrypting a cryptology basic parameter, an expiration date of the cryptology basic parameter, a token common verification parameter, an expiration date of the token common verification parameter, a satellite network center communication encryption parameter and an expiration date of the satellite network center communication encryption parameter;

a registration response module 1020, configured to receive and verify registration request information, configure, for a user terminal that is authentic and has not been registered in the registration request information, a unique true identity of the user terminal in a satellite communication network, a token first parameter with an expiration date, and a token second parameter, generate registration response information according to the true identity, the token first parameter with the expiration date, and the token second parameter, and return the registration response information to the user terminal through a secure channel;

the violation determination module 1030 is configured to receive violation determination request information, determine whether a violation behavior exists at the user side according to a violation determination method and a violation determination standard, and determine a final determination result of a violation level corresponding to the violation behavior, by combining a first token parameter calculated by the violation determination request information;

the violation processing module 1040 is configured to, when it is determined that the second-level violation behavior exists at the user side, add the first token parameter to a token second-level blacklist; under the condition that the user side is judged to have first-level violation, adding the first parameter of the token into a first-level blacklist of the token, calculating the real identity of the user side according to the first parameter of the token, adding the real identity into the blacklist of the real identity, generating updating information of the blacklist of the token, and broadcasting the updating information of the blacklist of the token to each communication satellite and a satellite communication base station through a gateway station;

the token update response module 1050 is configured to receive and verify the token update second request information, configure the updated token first parameter and the token second parameter when the token update second request information passes verification, calculate and generate token update response information, and send the token update response information to the user side through the gateway station, the plurality of hop communication satellites, and the satellite communication base station.

The present invention also provides a communication satellite, and referring to fig. 7, a communication satellite 2000 includes:

the uplink information processing module 2010 is configured to, in the case of receiving uplink information from a gateway station attached to a satellite network center or a previous-hop communication satellite, perform verification of a message source and integrity on the uplink information, and in the case that the message source and integrity of the uplink information pass verification, forward the uplink information that passes verification to a satellite base station or a next-hop communication satellite according to a relevant routing algorithm;

and the downlink information processing module 2020 is configured to, in the case of receiving downlink information from a satellite network base station, perform message source and integrity verification on the downlink information, discard the downlink information that fails to be verified, attach the downlink information that passes the verification to a node identifier of the downlink information, and calculate a new message authentication code, thereby generating processed downlink information, and forward the processed downlink information to an affiliated gateway station of a satellite network center or a next-hop communication satellite according to the relevant routing algorithm.

The present invention also provides a satellite communication base station, and referring to fig. 8, a satellite communication base station 3000 includes:

a parameter update module 3010, configured to receive and check system parameter update information periodically; under the condition that the system parameter updating information passes verification, storing system public parameters in the system parameter updating information, and broadcasting the system parameter updating information to a user side in a domain, wherein the system public parameters at least comprise: the encryption and decryption method comprises the following steps of encrypting and decrypting a cryptology basic parameter, an expiration date of the cryptology basic parameter, a token common verification parameter, an expiration date of the token common verification parameter, a satellite network center communication encryption parameter and an expiration date of the satellite network center communication encryption parameter;

an access authentication response module 3020, configured to receive and verify access authentication request information from a user side, calculate an anonymous identity of a user when the access authentication request information passes verification, verify whether a verification parameter of a first parameter of a token and a second parameter of the token satisfies a specified relationship, generate access authentication response information when the verification parameter of the first parameter of the token and the second parameter of the token satisfies the specified relationship, send the access authentication response information to the user side, and cache the anonymous identity of the user authenticated this time and the first parameter of the token;

a communication data transmission module 3030, configured to allow, after performing access authentication with a user terminal, a communication connection to be established with the user terminal according to a cached anonymous identity of a user, filter, in a data communication process, user data that does not correctly include the anonymous identity in a data frame header, forward, to a communication satellite in a domain, the user data that correctly includes the anonymous identity in the data frame header, and delete the cached anonymous identity of the user when the communication is completed;

the violation detection module 3040 is configured to, in the data communication process, perform violation detection and preliminary determination on the user side according to a violation detection method and a determination standard in combination with the cached anonymous identity of the user and the first parameter of the token;

the violation preliminary processing module 3050 is configured to, when it is determined that a third-level violation behavior exists at the user side, send the third prompt message to the user side, terminate the current communication connection with the user side, and delete the anonymous identity in the cache;

the violation determination request module 3060 is configured to, in the case that it is preliminarily determined that the user side has a first-level or second-level violation, query a first token parameter corresponding to an anonymous identity of the user in a cache, generate violation determination request information, and send the violation determination request information to a satellite network center via a plurality of hop communication satellites and gateway stations;

the violation judgment response processing module 3070 is configured to receive and verify the token blacklist update information, update the stored token blacklist when the token blacklist update information is verified to be passed, send a prompt message to the violation user, disconnect the network connection with the violation user, and block the access authentication authority and the token update authority of the violation user within the violation accountability period;

the token update first request processing module 3080, configured to receive and verify the token update first request information from the user side, calculate a token first parameter when the token update first request information passes verification, verify whether the verification parameter of the token first parameter and the verification parameter of the token second parameter satisfies a specified relationship, generate the token update second request information when the verification passes, and send the token update second request information to a communication satellite in a domain;

the token update response processing module 3090 is configured to receive and verify the token update response information, and forward the token update response information to the user side when the verification passes.

The present invention further provides a ue, referring to fig. 9, the ue 4000 includes:

the parameter configuration module 4010 is configured to receive and check system parameter update information periodically, and store a system common parameter in the system parameter update information when the check is passed, where the system common parameter at least includes: the encryption and decryption method comprises the following steps of encrypting and decrypting a cryptology basic parameter, an expiration date of the cryptology basic parameter, a token common verification parameter, an expiration date of the token common verification parameter, a satellite network center communication encryption parameter and an expiration date of the satellite network center communication encryption parameter;

the registration request module 4020 is configured to generate registration request information according to the initial identity identifier and the initial verification information, and send the registration request information to the satellite network center through a secure channel;

a registration response processing module 4030, configured to receive registration response information of the satellite hub through a secure channel, acquire a network unique real identity, a token first parameter with a validity period, and a token second parameter in the registration response information, and perform secure storage on the real identity, the token first parameter, and the token second parameter;

an access authentication request module 4040, configured to calculate an anonymous identity according to a token first parameter and a token second parameter that are stored securely and in combination with the system public parameter and an intra-domain public parameter when the user needs to access the satellite communication network, generate access authentication request information, and send the access authentication request information to a sentry base station;

an access authentication response processing module 4050, configured to receive and verify access authentication response information of the wayward base station, analyze the access authentication response prompt information for an abnormal access authentication response prompt information when the verification passes, verify parameters in the access authentication response information for a normal access authentication response information, calculate a session key and an integrity protection key when the parameter verification passes, and securely store the session key, the integrity protection key, and an anonymous identity of the current authentication;

a communication data transmission module 4060, configured to encapsulate the anonymous identity into a data frame in a data communication process after access authentication is completed with the satellite communication base station, encrypt data to be transmitted using the session key, calculate a message authentication code using the integrity protection key, and transmit communication data in a satellite network through the satellite communication base station;

the token updating request module 4070 is configured to generate token updating first request information according to a first token parameter to be updated and a second token parameter, in combination with the system public parameter and the intra-domain public parameter, and send the token updating first request information to the sentry base station when the token is required to be updated;

the token update response processing module 4080 is configured to receive and verify the token update response information, calculate and verify whether the token update response verification parameter is correct and verify whether the updated token first parameter and the updated token second parameter satisfy a specified relationship when the token update response information passes verification, and perform secure storage on the updated token first parameter and the updated token second parameter when the token update response information passes verification.

Referring to fig. 10, fig. 10 is a hardware configuration diagram illustrating a terminal device according to an exemplary embodiment.

The terminal device 100 may include: a processor 101, e.g. a CPU, a memory 102, a transceiver 103.

Those skilled in the art will appreciate that the configuration shown in fig. 10 does not constitute a limitation of the terminal device and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components.

The memory 102 may be implemented by any type or combination of volatile or non-volatile memory devices, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks.

The processor 101 may invoke a computer program stored in the memory 102 to perform all or a portion of the steps of the satellite network user violation handling method described above in connection with access authentication.

The transceiver 103 is used for receiving and transmitting information from and to an external device.

A non-transitory computer readable storage medium, wherein instructions in the storage medium, when executed by a processor of a terminal device, enable the terminal device to perform the above-described satellite network user violation handling method in conjunction with access authentication.

Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.

It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.

Claims

1. A satellite network user violation processing method combined with access authentication is applied to a satellite network center and is characterized by comprising the following steps:

receiving violation judgment request information, calculating a first token parameter according to the violation judgment request information, and determining whether a violation exists at a user side and a final judgment result of a violation level corresponding to the violation according to related violation judgment methods and standards;

2. The method for satellite network user violation handling in conjunction with access authentication of claim 1, further comprising:

3. The method for satellite network user violation handling in conjunction with access authentication of claim 2, further comprising:

wherein the registration response information at least includes: the real identity, the token first parameter and the token second parameter, wherein the real identity is calculated by combining the initial identity with a random number, the token first parameter is calculated according to the real identity and a pre-configured system public parameter, and the token second parameter is calculated according to the token first parameter and a pre-configured system public parameter;

4. The method for satellite network user violation handling in conjunction with access authentication of claim 3, further comprising:

calculating related token updating request checking parameters under the condition that the token updating second request information passes checking, wherein the related token updating request checking parameters at least comprise: the real identity, a first parameter of the token and the remaining updatable times of the token;

wherein the token update response information at least includes: the token updating response verification parameter is calculated by the related token updating request verification parameter.

5. A satellite network user violation processing method combined with access authentication is applied to a satellite communication base station and is characterized by comprising the following steps:

when a user side passing access authentication uses an anonymous identity to carry out data communication, a defending and communicating base station detects whether the user side has an illegal behavior according to the anonymous identity cached after the access authentication, a first parameter of a token, a related illegal detection method and a judgment standard, and preliminarily judges the illegal level of the illegal behavior;

forwarding the violation judgment request information to a satellite network center through a plurality of hop communication satellites and a gateway station, wherein the violation judgment request information at least comprises: the encrypted first token parameter is used for the satellite network center to calculate the real identity of the user side;

6. The method for satellite network user violation handling in conjunction with access authentication of claim 5, further comprising:

the satellite communication base station regularly configures the public parameters in the domain, generates the update information of the parameters in the domain according to the public parameters in the domain, and broadcasts the update information of the parameters in the domain to each user terminal in the domain;

wherein the intra-domain common parameters at least comprise: the communication encryption parameters of the satellite communication base station and the valid period of the communication encryption parameters of the satellite communication base station.

7. The method for satellite network user violation handling in conjunction with access authentication of claim 6, further comprising:

under the condition that the verification parameters of the first token parameter and the second token parameter meet the specified relationship, calculating an access authentication response parameter according to the access authentication request information, generating access authentication response information according to the authentication response parameter, and sending the access authentication response information to the user side;

and caching the anonymous identity of the user authenticated at this time and a first parameter of the token corresponding to the anonymous identity of the user.

8. The method for satellite network user violation handling in conjunction with access authentication of claim 6, further comprising:

receiving token updating first request information from a user side, and checking message freshness of the token updating first request information, wherein the token updating first request information at least comprises the following fields: the method comprises the steps of updating a first request timestamp by a token, updating a first encryption parameter by the token, updating a request check parameter by the token in an encrypted form, and checking a second parameter by the token, wherein the token updating request check parameter at least comprises: the method comprises the steps of obtaining a true identity, a first token parameter and the remaining updatable times of a token, wherein a verification parameter of a second token parameter is obtained by calculating the second token parameter;

9. A satellite hub, comprising:

the violation judgment module is used for receiving violation judgment request information, calculating a first token parameter according to the violation judgment request information, and determining whether a violation behavior exists at a user side and a final judgment result of a violation level corresponding to the violation behavior according to a related violation judgment method and standard;

the violation processing module is used for adding the first token parameter into a token second-level blacklist under the condition that the user side is judged to have second-level violation behaviors; under the condition that the first-level violation behavior of the user side is judged, adding the first token parameter into a first token blacklist, calculating the real identity of the user side according to the first token parameter, adding the real identity into the real identity blacklist, generating token blacklist updating information, and broadcasting the token blacklist updating information to each communication satellite and a satellite communication base station through a gateway station;

10. A satellite communication base station, comprising:

the violation preliminary processing module is used for sending third prompt information to the user side, terminating the communication connection with the user side and deleting the anonymous identity in the cache under the condition that the user side is judged to have third-level violation behaviors;

the violation primary processing module is further configured to send a fourth prompt message to the user side and suspend the communication connection with the user side when it is determined that the fourth violation level behavior exists at the user side;

the violation judgment request module is used for inquiring a first token parameter corresponding to the anonymous identity of the user in a cache under the condition of preliminarily judging that the user side has a first-level or second-level violation behavior, generating violation judgment request information, and sending the violation judgment request information to a satellite network center through a plurality of hop communication satellites and gateway stations, wherein the first token parameter is used for the satellite network center to calculate the true identity of the user side;

11. A terminal device comprising a memory, a processor, a transceiver;

the memory is used for storing computer execution instructions;

the processor is configured to execute the memory-stored computer-executable instructions to cause the processor to perform the method for satellite network user violation handling in conjunction with access authentication of any of claims 1-8;

12. A computer-readable storage medium having stored thereon computer-executable instructions for implementing the method for satellite network user violation handling in conjunction with access authentication of any one of claims 1-8 when executed by a processor.