CN115941252A - MQTT dynamic access control method based on trust calculation - Google Patents
MQTT dynamic access control method based on trust calculation Download PDFInfo
- Publication number
- CN115941252A CN115941252A CN202211267616.6A CN202211267616A CN115941252A CN 115941252 A CN115941252 A CN 115941252A CN 202211267616 A CN202211267616 A CN 202211267616A CN 115941252 A CN115941252 A CN 115941252A
- Authority
- CN
- China
- Prior art keywords
- trust
- access control
- trust value
- behavior
- value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a trust calculation-based MQTT dynamic access control method, which comprises the following steps: selecting a trust evaluation behavior attribute; extracting attribute information of trust evaluation behaviors; calculating a trust value according to the attribute information of the trust evaluation behavior; and performing dynamic authorization and access control according to the trust value. The invention carries out dynamic access control aiming at the trust scores of the context of the publish/subscribe behavior and the historical records, calculates a direct trust value through three trust factors of message transmission security level, message transmission time delay and main body abnormal behavior proportion, objectively judges the trust degree of the publish/subscribe behavior of the client, introduces a time decay function and combines with the historical behavior expression to calculate a comprehensive trust value, and determines whether to trust the client and allows the client to read or write data into the requested subject. The invention can make timely response to the current behavior characteristics and historical behavior expression of the publisher/subscriber, reduce the complexity of access control and realize fine-grained dynamic access control based on trust calculation.
Description
Technical Field
The invention relates to the technical field of zero trust access control, in particular to an MQTT dynamic access control method based on trust calculation.
Background
The MQTT (Message Queuing telecommunications Transport) protocol is a mainstream protocol for internet of things communication, and in recent years, with the rapid development of internet of things, the MQTT protocol is widely applied to the intelligent fields of medical treatment, industry, home furnishing and the like and instant messaging social networks. The lightweight property of the MQTT protocol, the decoupled publish/subscribe paradigm and the application scenario of the restricted device pose challenges for the secure implementation of the protocol, so the MQTT communication network security technology research becomes a current research hotspot.
In recent years, the internet of things has rapidly spread in industrial, commercial environments and personal lives. Whether the number of deployed devices or the scenario in which the devices are used, the internet of things is a significantly growing area. The MQTT protocol, originally intended to support remote monitoring, supervisory control and data acquisition, has now become popular in the internet of things because it uses less energy, has lower bandwidth and supports smaller footprint devices. Traditional autonomous and mandatory access control policies in an MQTT-based internet-of-things network, the way in which a system administrator authorizes permission of a single user, are not feasible and lack dynamics in the face of large amounts of data. A trust-based dynamic access control method is a key technology for solving the problems of ensuring data security, reducing the authority distribution complexity of a manager, improving the access control dynamics and the like. MQTT communication also faces a common problem of internet of things: the nodes with legal identities generate internal attacks of abnormal behaviors such as denial of service, replay attack, information interception, injection of a large amount of redundant data and the like. And the context-based trust algorithm can consider the recent history of the main body when evaluating the access request, so that the attack that an attacker uses a group of 'normal' access requests for the main body account attack (or internal attack) can be effectively relieved. Therefore, trust calculation is introduced into the MQTT access control method, so that illegal users can be prevented from accessing data and illegal operations of legal users on the data, and the MQTT access control method has important significance for improving the security of MQTT communication.
Disclosure of Invention
The invention mainly aims to solve the security problem of MQTT communication and provides an MQTT dynamic access control method based on trust calculation. The invention can make a timely response to the current behavior characteristics and the historical behavior of the publisher/subscriber, reduce the complexity of access control and realize fine-grained dynamic access control based on trust calculation.
In order to achieve the purpose, the invention adopts the following technical scheme:
an MQTT dynamic access control method based on trust calculation comprises the following steps:
step S1: selecting a trust evaluation behavior attribute;
step S2: extracting attribute information of trust evaluation behaviors;
and step S3: calculating a trust value according to the attribute information of the trust evaluation behavior;
and step S4: performing dynamic authorization and access control according to the trust value;
the invention provides a method for carrying out dynamic access control on trust scores of a publish/subscribe behavior context and a historical record, which calculates a direct trust value through three trust factors of a message transmission security level, a message transmission time delay and a main body abnormal behavior proportion, objectively judges the trust degree of a publish/subscribe behavior of a client, introduces a time decay function and combines with a historical behavior expression to calculate a comprehensive trust value, and determines whether to trust the client and allows the client to read or write data into a requested subject. The invention can react to the current behavior characteristics and the historical behavior of the publisher/subscriber in time, and can be used for realizing dynamic access control.
Preferably, in step S1, the selected trust evaluation behavior attributes include, but are not limited to, a message transmission security level SL, a message transmission delay DT, and an abnormal behavior proportion AR. The security level represents the strength of a cryptographic algorithm used by the client to send the message, and the greater the confidentiality strength of the cryptographic algorithm, the more secure the data sent by the client. Clients that can provide high levels of security are relatively reliable, and publish/subscribe activities using higher levels of security are more trusted. In the internet of things based on the MQTT, due to network infrastructure, deployment environment, signal interference, attack behavior and other factors, certain delay is generated in data transmission between a client and an agent. The message receiver can determine that the transmitted data is legal as long as the transmission delay is within the threshold range set by the system. When the message transmission delay from the client to the agent is smaller than a threshold value, the agent considers that the client is completely credible; after the message transmission delay exceeds the threshold, the greater the delay, the higher the possibility that the client initiates or suffers from malicious attack, and the credibility of the client is also rapidly reduced. The abnormal behaviors comprise security level abnormality, feedback data abnormality and information verification failure such as identity, subject name, time stamp and the like, and other behaviors which are approved as non-compliance behaviors by a system administrator. The credibility of the publisher/subscriber is determined by the ratio of abnormal publish/subscribe behaviors in the publish/subscribe behaviors of the client message, and the higher the abnormal behavior ratio is, the lower the credibility of the publisher/subscriber is.
Preferably, in step S2, the extracted trust evaluation behavior attribute information exists in a subject field of a message header subjected to structure modification, and includes a client identity, a message security level, a subject real name, a timestamp and signature information. The trust evaluation behavior attribute information required to be extracted exists in a subject field of a message header subjected to structural modification, and comprises a client identity, a message security level, a subject real name, a timestamp and signature information, and the information can be directly read and verified when an agent receives a message; the attribute information may be extracted by the agent or by deploying a third party entity.
Preferably, in the step S3, the calculated trust value includes a direct trust value D and a comprehensive trust value C, and the direct trust value D is calculated and obtained according to a security level evaluation trust value SV, a delay evaluation trust value TV, and an abnormal behavior proportion evaluation trust value RV; and on the basis of the direct trust value D, introducing a time decay function and calculating the comprehensive trust value C by combining historical behavior. The calculation of the trust value mainly comprises two parts, namely a direct trust value D and a comprehensive trust value C, in order to save storage resources of the trust value, the calculation results of all the trust values are optimized by rounding down, and the trust score is determined as a percentage system.
Preferably, the direct trust value D is calculated by the following formula:
wherein, ω is s Representing a security level attribute weight, ω t Representing a propagation delay attribute weight, ω r Represents the weight of the abnormal proportion attribute, 0 is more than or equal to omega s ,ω t ,ω r Less than or equal to 1 and omega s +ω t +ω r =1;
The invention defines a security level evaluation trust value SV based on a Sigmoid function, and the formula is as follows:
wherein s is l ∈N * And s l The security level s of the publish/subscribe device for topic publish/subscribe is more than or equal to 1 l Determined by the strength of the cryptographic algorithm it may provide in encrypting the payload, is a relative value defined by a system administrator after all devices in the communication application system are compared and ordered by the cryptographic algorithm;
the trust value TV of the publish/subscribe request behavior of the client on the transmission delay attribute is expressed as:
wherein, tau is a time delay threshold value set by the system according to the specific application requirement, d t The message transmission delay is calculated by subtracting the message sending time marked by the timestamp in the message from the message receiving time of the agent;
the trust value RV of the client on the abnormal behavior proportion attribute is represented as:
wherein N is us Number of normal request actions representing system evaluation, N un Indicating the number of anomalous request behaviors.
Preferably, the calculation formula of the comprehensive trust value C is as follows:
wherein, sigma is an attenuation factor,is the degree of attenuation p (t) i ,t 0 ),t 0 Is the current time, t i Time is generated for historical direct trust values. The agent records a client publishing/subscribing request direct trust value queue, wherein the queue comprises n historical direct trust values arranged according to time sequence and the time of generation. Introducing a time decay function as the degree of decayWherein t is 0 Is the current time, t i And generating time for the historical direct trust value, wherein the closer the time is to the current time, the more the requested direct trust value can truly reflect the current state of the client. The newly generated direct trust value always fills in the head of the queue, i.e., t 1 And t 0 Equal and the degree of attenuation of the first direct trust value history value is 1.
Preferably, the specific processes of step S2 and step S3 include the following steps:
step A1: the method comprises the steps that a client identification and a user name password verification in a connection request establishing stage are established through a client, a historical trust value of equipment/a user is read, and the historical trust value determines the initial issuing/subscribing authority of the equipment/the user;
step A2: the method comprises the steps of evaluating the publishing/subscribing behaviors of the equipment/user, analyzing whether signature, identity, subject and timestamp information are in compliance or not, calculating a direct trust value of the current publishing/subscribing behavior, and calculating a current comprehensive trust value of the equipment/user by combining a historical trust value of the equipment/user.
Preferably, the specific process of step S4 is: and comparing the current comprehensive trust value of the equipment/user with a threshold value set by the system, granting corresponding topic publishing/subscribing permission to the equipment/user according to the comparison result, and finally determining whether to pass the current publishing/subscribing request of the equipment/user to the target topic. In order to reduce the management complexity of the topic and the publisher/subscriber, topic resources are classified according to the confidentiality of data contents, and an access threshold value is distributed to each class. The category of topic is not fixed and can be defined in real-time by the publish/subscribe based on the currently transmitted data. Even if the user who has the topic publishing/subscribing authority and has preliminarily obtained the topic publishing/subscribing authority through identity authentication, whether the proxy accepts the publishing data or whether the publishing data is forwarded to the subscriber depends on the real-time calculation result of the trust calculation module. Meanwhile, a large number of users are divided into fixed roles according to identities and functions. The role of the user decides the preliminary topic publish/subscribe rights, and the integrated trust value of the role in performing publish/subscribe operations decides whether specific data can be written (published) or read (subscribed) from a specific topic. By the method, the complexity of access control can be reduced, and fine-grained dynamic access control based on trust calculation is realized.
Therefore, the invention has the advantages that:
(1) The system can react to the current behavior characteristics and the historical behavior of the publisher/subscriber in time, and realize dynamic access control;
(2) The complexity of access control is reduced, and meanwhile fine-grained dynamic access control based on trust calculation is realized.
Drawings
Fig. 1 is a flowchart of an MQTT dynamic access control method based on trust calculation according to an embodiment of the present invention.
Fig. 2 is a schematic diagram of a generation process of the comprehensive trust value C in the first embodiment of the present invention.
Fig. 3 is a flowchart of dynamic authorization in the second embodiment of the present invention.
Detailed Description
The invention is further described with reference to the following detailed description and accompanying drawings.
The first embodiment is as follows:
a method for controlling MQTT dynamic access based on trust calculation, as shown in fig. 1, includes the following steps:
step S1: selecting a trust evaluation behavior attribute;
step S2: extracting attribute information of trust evaluation behaviors;
and step S3: calculating a trust value according to the attribute information of the trust evaluation behavior;
and step S4: performing dynamic authorization and access control according to the trust value;
the embodiment provides a method for carrying out dynamic access control on trust scores of a publish/subscribe behavior context and a historical record, a direct trust value is calculated through three trust factors of a message transmission security level, a message transmission delay and a main body abnormal behavior proportion, the trust degree of the publish/subscribe behavior of a client is objectively judged, a time decay function is introduced to be combined with the historical behavior expression to calculate a comprehensive trust value, and whether the client is trusted or not is determined and the client is allowed to read or write data into a requested subject.
In step S1, the selected trust evaluation behavior attributes include, but are not limited to, a message transmission security level SL, a message transmission delay DT, and an abnormal behavior proportion AR. The security level represents the strength of a cryptographic algorithm used by the client to send the message, and the greater the confidentiality strength of the cryptographic algorithm, the more secure the data sent by the client. Clients that can provide high levels of security are relatively reliable, and publish/subscribe activities using higher levels of security are more trusted. In the internet of things based on the MQTT, due to network infrastructure, deployment environment, signal interference, attack behavior and other factors, certain delay is generated in data transmission between a client and an agent. The message receiver can determine that the transmitted data is legal as long as the transmission delay is within the threshold range set by the system. When the message transmission delay from the client to the agent is smaller than a threshold value, the agent considers that the client is completely credible; after the message transmission delay exceeds the threshold, the greater the delay is, the higher the possibility that the client initiates or suffers from malicious attack is, and the credibility of the client is also rapidly reduced. The abnormal behaviors comprise security level abnormality, feedback data abnormality and information verification failure such as identity, subject name, time stamp and the like, and other behaviors which are approved as non-compliance behaviors by a system administrator. The credibility of the publisher/subscriber is determined by the ratio of abnormal publish/subscribe behaviors in the publish/subscribe behaviors of the client message, and the higher the abnormal behavior ratio is, the lower the credibility of the publisher/subscriber is.
In step S2, the trust evaluation behavior attribute information to be extracted exists in a subject field of a message header subjected to structural modification, and comprises a client identity identifier, a message security level, a subject real name, a timestamp and signature information, and the information can be directly read and verified when an agent receives a message; the attribute information may be extracted by the agent or by deploying a third party entity.
In step S3, the calculation of the trust value mainly comprises two parts, namely a direct trust value D and a comprehensive trust value C, and in order to save storage resources of the trust value, the calculation results of all trust values are optimized by rounding down, and the trust score is determined as a percentage system.
The direct trust value D is obtained by combining and calculating a security level evaluation trust value SV, a time delay evaluation trust value TV and an abnormal behavior ratio evaluation trust value RV;
defining a security level evaluation trust value SV on the basis of a Sigmoid function, wherein the formula is as follows:
wherein s is l ∈N * And s l More than or equal to 1, publish/subscribeSecurity level s for topic publish/subscribe by devices l Determined by the strength of the cryptographic algorithm it may provide in encrypting the payload, is a relative value defined by a system administrator after all devices in the communication application system are compared and ordered by the cryptographic algorithm;
the trust value TV of the publish/subscribe request behavior of the client on the transmission delay attribute is expressed as:
wherein, ω is a time delay threshold set by the system according to specific application requirements, d t The message transmission delay is calculated by subtracting the message sending time marked by the timestamp in the message from the message receiving time of the agent;
the trust value RV of the client on the abnormal behavior proportion attribute is represented as:
wherein N is us Number of normal request actions representing system evaluation, N un Representing the number of times of abnormal request behaviors;
therefore, the direct confidence value D is calculated by the formula:
wherein, ω is s Representing a security level attribute weight, ω t Representing the weight of the propagation delay property, ω r Represents the weight of the abnormal proportion attribute, 0 is more than or equal to omega s ,ω t ,ω r Less than or equal to 1 and omega s +ω t +ω r =1; in this embodiment, 0 ≦ ω t ≤ω s ≤ω r ≤1。
The generation process of the comprehensive trust value C is shown in FIG. 2, and the agent records a client publish/subscribe request direct trust value queue which comprises n histories arranged according to chronological orderThe trust value and the time of its generation. Introducing a time decay function as a degree of decayWherein t is 0 Is the current time, t i And generating time for the historical direct trust value, wherein the closer the time is to the current time, the more the requested direct trust value can truly reflect the current state of the client. The newly generated direct trust value always fills in the head of the queue, i.e. t 1 And t 0 Equal and the attenuation degree of the historical value of the first direct trust value is 1;
therefore, the calculation formula of the integrated confidence value C is:
where σ is the attenuation factor.
Example two:
the dynamic authorization is performed according to the current device/user behavior and its historical operation record, each publish/subscribe request operation performs continuous verification at the packet level, and the dynamic authorization calculation process for the device/user behavior is shown in fig. 3 and includes the following steps:
step A1: the method comprises the steps that a client identification and a user name password verification in a connection request establishing stage are established through a client, a historical trust value of equipment/a user is read, and the historical trust value determines the initial issuing/subscribing authority of the equipment/the user;
step A2: evaluating the publishing/subscribing behaviors of the equipment/user, analyzing whether signature, identity, subject and timestamp information are in compliance, calculating a direct trust value of the current publishing/subscribing behavior, and calculating a current comprehensive trust value of the equipment/user by combining a historical trust value of the equipment/user;
step A3: comparing the current comprehensive trust value of the equipment/user with a threshold value set by the system, granting the corresponding topic publishing/subscribing authority to the equipment/user according to the comparison result, and finally determining whether to pass the current publishing/subscribing request of the equipment/user to the target topic. In order to reduce the management complexity of the topic and the publish/subscribe, topic resources are classified according to the confidentiality of data content, and an access threshold value is distributed to each class. The category of topic is not fixed and can be defined in real-time by the publish/subscribe based on the currently transmitted data. Even if the user who has the topic publishing/subscribing authority and has preliminarily obtained the topic publishing/subscribing authority through identity authentication, whether the proxy accepts the publishing data or whether the publishing data is forwarded to the subscriber depends on the real-time calculation result of the trust calculation module. Meanwhile, a large number of users are divided into fixed roles according to identities and functions. The role of the user decides the preliminary topic publish/subscribe rights, and the integrated trust value of the role in performing publish/subscribe operations decides whether specific data can be written (published) or read (subscribed) from a specific topic. By the method, the complexity of access control can be reduced, and fine-grained dynamic access control based on trust calculation is realized.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (8)
1. An MQTT dynamic access control method based on trust calculation is characterized by comprising the following steps:
step S1: selecting a trust evaluation behavior attribute;
step S2: extracting attribute information of trust evaluation behaviors;
and step S3: calculating a trust value according to the attribute information of the trust evaluation behavior;
and step S4: and performing dynamic authorization and access control according to the trust value.
2. The MQTT dynamic access control method based on trust calculation as claimed in claim 1, wherein in the step S1, the selected trust evaluation behavior attributes include but are not limited to a message transmission security level SL, a message transmission delay DT and an abnormal behavior percentage AR.
3. The MQTT dynamic access control method based on trust calculation as claimed in claim 1, wherein in the step S2, the extracted trust evaluation behavior attribute information exists in a subject field of a message header subjected to structural modification, and comprises client identity identification, message security level, subject real name, timestamp and signature information.
4. The MQTT dynamic access control method based on trust calculation as claimed in claim 1, wherein in the step S3, the calculated trust value comprises a direct trust value D and a comprehensive trust value C, and the direct trust value D is obtained by calculation according to a security level evaluation trust value SV, a time delay evaluation trust value TV and an abnormal behavior proportion evaluation trust value RV; and on the basis of the direct trust value D, introducing a time decay function and calculating the comprehensive trust value C by combining historical behavior.
5. The MQTT dynamic access control method based on trust calculation of claim 4, wherein the direct trust value D is calculated by the formula:
wherein, ω is s Representing a security level attribute weight, ω t Representing the weight of the propagation delay property, ω r Represents the abnormal proportion attribute weight, 0 ≦ omega s ,ω t ,ω r ≤1,ω s +ω t +ω r =1。
6. The MQTT dynamic access control method based on trust calculation of claim 4, wherein the calculation formula of the comprehensive trust value C is as follows:
7. The MQTT dynamic access control method based on trust calculation as claimed in claim 1, wherein the specific process of the step S2 and the step S3 includes the following steps:
step A1: the method comprises the steps that a client identification and a user name password verification in a connection request establishing stage are established through a client, the historical trust value of equipment/a user is read, and the historical trust value determines the initial issuing/subscribing authority of the equipment/the user;
step A2: the method comprises the steps of evaluating the publishing/subscribing behaviors of the equipment/user, analyzing whether signature, identity, subject and timestamp information are in compliance or not, calculating a direct trust value of the current publishing/subscribing behavior, and calculating a current comprehensive trust value of the equipment/user by combining a historical trust value of the equipment/user.
8. The MQTT dynamic access control method based on trust calculation as claimed in claim 7, wherein the specific process of the step S4 is as follows: comparing the current comprehensive trust value of the equipment/user with a threshold value set by the system, granting the corresponding topic publishing/subscribing authority to the equipment/user according to the comparison result, and finally determining whether to pass the current publishing/subscribing request of the equipment/user to the target topic.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211267616.6A CN115941252A (en) | 2022-10-17 | 2022-10-17 | MQTT dynamic access control method based on trust calculation |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211267616.6A CN115941252A (en) | 2022-10-17 | 2022-10-17 | MQTT dynamic access control method based on trust calculation |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115941252A true CN115941252A (en) | 2023-04-07 |
Family
ID=86649796
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211267616.6A Pending CN115941252A (en) | 2022-10-17 | 2022-10-17 | MQTT dynamic access control method based on trust calculation |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115941252A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116933324A (en) * | 2023-09-19 | 2023-10-24 | 智联信通科技股份有限公司 | Industrial Internet identification data security access method |
-
2022
- 2022-10-17 CN CN202211267616.6A patent/CN115941252A/en active Pending
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116933324A (en) * | 2023-09-19 | 2023-10-24 | 智联信通科技股份有限公司 | Industrial Internet identification data security access method |
CN116933324B (en) * | 2023-09-19 | 2023-12-05 | 智联信通科技股份有限公司 | Industrial Internet identification data security access method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN113051602B (en) | Database fine-grained access control method based on zero trust architecture | |
Duan et al. | TC-BAC: A trust and centrality degree based access control model in wireless sensor networks | |
CN113872944A (en) | Block chain-oriented zero-trust security architecture and cluster deployment framework thereof | |
CN112231692A (en) | Security authentication method, device, equipment and storage medium | |
CN111917714A (en) | Zero trust architecture system and use method thereof | |
CN112910861A (en) | Group authentication and segmented authentication-based authentication method for terminal equipment of power internet of things | |
CN112019481A (en) | Block chain equipment management and data transmission system based on directed acyclic graph architecture | |
CN115834211A (en) | CoAP network security access method based on software defined boundary | |
Xu et al. | Trustworthy and transparent third-party authority | |
CN115941252A (en) | MQTT dynamic access control method based on trust calculation | |
JP5614500B2 (en) | Consignment type authentication method | |
JP5598604B2 (en) | Consignment type authentication method | |
Shen et al. | Trust Mechanism Privacy Protection Scheme Combining Blockchain and Multi-Party Evaluation | |
CN116260656B (en) | Main body trusted authentication method and system in zero trust network based on blockchain | |
CN116170806B (en) | Smart power grid LWM2M protocol security access control method and system | |
CN115720171A (en) | Safe intelligent gateway system and data transmission method | |
CN112040481B (en) | Secondary authentication method based on 5G communication gateway | |
CN114465827A (en) | Data confidential information protection system based on zero trust network | |
Asadzadeh Kaljahi et al. | TSSL: improving SSL/TLS protocol by trust model | |
Wu et al. | Research on security strategy of power internet of things devices based on zero-trust | |
Pu et al. | liteGAP: Lightweight Group Authentication Protocol for Internet of Drones Systems | |
CN108632254B (en) | Access control method of intelligent home environment based on private chain | |
CN113055160A (en) | Intelligent education safety protection method and system based on Kerberos identity authentication protocol | |
CN114666079B (en) | Industrial control system access control method based on attribute certificate | |
CN115955363B (en) | Communication terminal based on desktop fusion |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |