CN1399490A - Safe access method of mobile terminal to radio local area network - Google Patents
Safe access method of mobile terminal to radio local area network Download PDFInfo
- Publication number
- CN1399490A CN1399490A CN02139361A CN02139361A CN1399490A CN 1399490 A CN1399490 A CN 1399490A CN 02139361 A CN02139361 A CN 02139361A CN 02139361 A CN02139361 A CN 02139361A CN 1399490 A CN1399490 A CN 1399490A
- Authority
- CN
- China
- Prior art keywords
- certificate
- portable terminal
- access point
- wireless access
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims description 46
- 230000006854 communication Effects 0.000 claims abstract description 19
- 238000004891 communication Methods 0.000 claims abstract description 18
- 238000012795 verification Methods 0.000 claims description 123
- 230000004044 response Effects 0.000 claims description 62
- 230000008569 process Effects 0.000 claims description 25
- 230000002457 bidirectional effect Effects 0.000 claims description 7
- 230000004913 activation Effects 0.000 claims description 5
- 230000003068 static effect Effects 0.000 claims description 4
- 238000012790 confirmation Methods 0.000 abstract 3
- 238000005516 engineering process Methods 0.000 description 6
- 230000007246 mechanism Effects 0.000 description 4
- 238000011160 research Methods 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000013475 authorization Methods 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 238000011076 safety test Methods 0.000 description 1
Images
Abstract
When the mobile terminal MT is logged in radio access point AP, the certificate authorization center CA performs bi-directional identity confirmation to MT and AP. If the confirmation is successful, the MT will be accessed to legal AP; or else, the AP will reject the log-in of the MT or the MT will reject to log in the AP. The main steps include the confirmation of the certificate and the verificatino of MT private key. The present invention solves the problems of safe access control of MT to WLAN and data communication security in radio link. MT may log in local area and in other areas to support the roaming function of MT.
Description
The present invention relates to a kind of safety access method of mobile terminal of wireless local area network, it is the product that wireless communication technology combines with cryptographic technique.
The target of personal communication makes people at any time write to each other arbitrarily with all other men exactly, freely enjoys the multiple business that network provides.The wide-band wireless IP technology will be at present the most popular two big technology---IP technology and wireless communication technology organically merge, and comply with broadband development trend, for mobile host or portable terminal is provided convenience, fast, Internet access service at a high speed, to adapt to people to express network and the ever-increasing demand of multimedia communication service.WLAN (wireless local area network) WLAN (WirelessLocal Area Network) not only supports mobile computing, and have flexibility, agility and an extensibility of framework, based on WLAN (wireless local area network), as shown in Figure 1 based on the BRAN structural representation of Internet.It is mainly by portable terminal MT (Mobile Terminal)), wireless access point AP (AccessPoint) and wireless access server WAS equipment such as (Wireless Access Server) forms, wherein portable terminal MT can move arbitrarily in net, wireless access point AP realizes comprising the cell management of handover, to management and the bridging functionality of portable terminal MT, wireless access server WAS realizes the internetwork roaming management of wireless access terminal.Insert Internet from fixedly being linked into mobile wireless, the wide-band wireless IP technology has been brought new idea and huge impact for world's network environment.The application of this system will be more extensive, and the occasion that is difficult in commerce NET (mainly being company intranet), organization user's network (as public security, finance, Government departments etc.), cell networks (as school, hospital, residential area etc.), remote monitoring or centralized monitor etc., casual network (as temporary meeting etc.), outdoor mobile subscriber, wiring, the occasion that needs often change etc. are all very useful.
For WLAN (wireless local area network), its safety problem is more than serious many of wired ethernet, and the WLAN (wireless local area network) means of having introduced several levels solve safety problem for this reason.At first be by each wireless access point AP being provided with different service set identifier SSID (Service Set ID), and provide corresponding business group identifier SSID when forcing portable terminal MT to insert, thereby can allow the user of different groups to insert, and the authority of resource access is distinguished restriction.But utilizing service set identifier SSID is the most a kind of authentication mode, is more rudimentary safety certification, as long as because anyone knows that service set identifier SSID just can access network.Next is an address limitation, promptly stops unauthorized visit by media interviews control MAC (the Medium Access Control) address table that the portable terminal MT wireless network card that is authorized to is set on wireless access point AP.But the not so difficult acquisition of the media interviews of wireless network card control MAC Address, and can forge, so this also belongs to more low-level authorization identifying.In a word, above dual mode can not be controlled the access of portable terminal MT effectively, more can't ensure the confidentiality of communication.
Except that above-mentioned two kinds of methods, a kind of measure of more employings at present is the international standards (IEEE802.11) according to WLAN (wireless local area network) WLAN, introduces in WLAN (wireless local area network) WLAN and with WEP wired equivalence (Wired Equivalent Privacy) privacy mechanism data is carried out encrypted transmission based on RC-4.The WEP algorithm adopts single key system, and promptly encryption and decryption is same key, and its length is 64 or 128.Wherein 40 or 104 is standing part, be called initialization key, the i.e. key that is provided with at wireless access point AP and portable terminal MT, remaining 24 is variable part, be called initialization vector, this vector is changed by the drive software of network interface card in communication process, that is to say that to be used for encrypted secret key variable, and this has guaranteed the confidentiality of radio communication to a certain extent.But because the regularity that initialization vector changes, the PC-4 algorithm be subject to attacking property, therefore the safe coefficient of WEP algorithm is not high, prior to discovery in March calendar year 2001, they point out to adopt the WLAN of WEP algorithm only can be broken at 5 hours to this point by one research group of California, USA university.Reason wherein is explained as follows: suppose that the initialization vector value increases progressively 1 rapid change with every frame, every frame length is 1500 bytes, and data transmission rate is 11 megabit per seconds, and then the cycle of initialization vector repetition is:
, promptly just can obtain two frame ciphertexts through same secret key encryption every 5 hours, just can guess or calculate initial key values thus.Here the length that it must be noted that key does not influence the time that tool is decoded, the complexity that has just increased conjecture or calculated.August calendar year 2001 two Israel Zi Man Wei research institutes the expert and the researcher of a Cisco System Co.---three whole world top decoding experts have carried out the WEP safety test, they are according to the sub-fraction data of stealing in the network, less than promptly cracking the key that WLAN uses, AT﹠amp simultaneously in one hour; T laboratory research group also successfully cracks with same method.Safety problem has become one of major obstacle that hinders the application popularization of wireless IP technology, how to insert the most important thing that Internet just becomes wide-band wireless IP system research safely.
The objective of the invention is to overcome above-mentioned the deficiencies in the prior art, a kind of safety access method of mobile terminal of wireless local area network is provided.Based on public key certificate mechanism, it has solved among the WLAN (wireless local area network) WLAN does not carry out data communication security limitation problem on effective safe access control and the Radio Link to portable terminal MT, not only realized the access control of portable terminal MT, and ensured the high security of the peace of access with property, communication.But portable terminal MT can also login in the strange land this locality, supports the roaming function of portable terminal MT.
Design of the present invention is as follows:
A kind of safety access method of mobile terminal of wireless local area network, it is characterized in that: when portable terminal MT logins to wireless access point AP, adopt certificate authorization center CA that portable terminal MT and wireless access point AP are carried out bidirectional identity authentication, if authentication success, the portable terminal MT that holds legal certificate inserts the wireless access point AP of holding legal certificate, otherwise wireless access point AP refusal portable terminal MT inserts or portable terminal MT refusal is logined to wireless access point AP; Its key step comprises
1]. the authentication of certificate
The authentication of described certificate is meant adopts certificate authorization center CA that portable terminal MT and wireless access point AP are carried out bidirectional identity authentication, the authentication of certificate when the authentication of certificate and strange land were inserted when it comprised local the access;
2]. the private key checking of portable terminal MT
The private key checking of described portable terminal MT comprises private key, the checking of response private key and the checking private key signature of requests verification portable terminal MT.
The authentication of certificate was meant certificate verification request, access authentication request, access authentication response and certificate verification response when above-mentioned this locality was inserted; The authentication of certificate was meant certificate verification request, access authentication request, strange land authentication request, strange land authentication response, access authentication response and certificate verification response when described strange land was inserted.
The authentication of certificate was meant when above-mentioned this locality was inserted
1]. the certificate verification request, it comprises that portable terminal MT sends the certificate verification request message to wireless access point AP, and portable terminal MT certificate and current system time are mail to wireless access point AP;
2]. the access authentication request, after it comprises that wireless access point AP is received portable terminal MT certificate verification request, send the access authentication request to local certificate authorization center CA server, with portable terminal MT certificate, certificate verification request time, wireless access point AP certificate and with the private key of wireless access point AP its signing messages that carries out is constituted and insert request authentication message and send to local certificate authorization center CA;
3]. the access authentication response, after it comprises that local certificate authorization center CA is received the access authentication request of wireless access point AP, the signature of checking wireless access point AP, if incorrect, then verification process failure, otherwise further verify portable terminal MT certificate; Server is judged portable terminal MT certificate whether in local CRL, if, then verification process failure, otherwise, authentication success; Last local certificate authorization center CA constitutes the access authentication response message with portable terminal MT certificate verification object information, wireless access point AP certificate verification object information and sends back to wireless access point AP;
4]. the certificate verification response, it access authentication response message that comprises that wireless access point AP is returned local certificate authorization center CA carries out signature verification, obtains the authentication result of portable terminal MT certificate; Wireless access point AP is formed the certificate verification response message with authentication result, the wireless access point AP certificate verification object information of portable terminal MT and is recycled to portable terminal MT, portable terminal MT just obtains the authentication result of wireless access point AP certificate, and the local certificate verification process between portable terminal MT and the wireless access point AP is finished.
The authentication of certificate was meant when above-mentioned strange land was inserted
1]. the certificate verification request, it is that portable terminal MT sends the certificate verification request message to wireless access point AP, and portable terminal MT certificate and current system time are mail to wireless access point AP;
2]. the access authentication request, it is after wireless access point AP is received portable terminal MT certificate verification request, send the access authentication request to local certificate authorization center CA server, with portable terminal MT certificate, certificate verification request time, wireless access point AP certificate and with the private key of wireless access point AP its signing messages that carries out is constituted and insert request authentication message and send to local CA;
3]. the strange land authentication request, it is after local certificate authorization center CA is received the access authentication request of wireless access point AP, the signature of checking wireless access point AP, if incorrect, then verification process failure; Otherwise, further verify portable terminal MT certificate, local certificate authorization center CA outwards certificate authorization center CA is sent the strange land authentication request, with certificate, the certificate verification request time of wireless access point AP certificate, portable terminal MT certificate, local certificate authorization center CA and its signature is sent to nonlocal certificate authorization center CA by Internet;
4]. the strange land authentication response, it is the signature that nonlocal certificate authorization center CA is received the local certificate authorization center CA of checking behind the message, if incorrect, authentification failure then, otherwise, judge that portable terminal MT certificate is whether in CRL; If, then verification process failure, otherwise, authentication success; Last nonlocal certificate authorization center CA is formed strange land authentication response message with the certificate of portable terminal MT certificate verification object information, wireless access point AP certificate verification object information, nonlocal certificate authorization center CA and to its signature, sends back to local certificate authorization center CA by Internet again;
5]. the access authentication response, it is that local certificate authorization center CA is received the strange land authentication response message that nonlocal certificate authorization center CA is returned, verify the signature of nonlocal certificate authorization center CA, if it is incorrect, authentification failure then, otherwise after portable terminal MT certificate verification object information changed signature, constitute together with wireless access point AP certificate verification object information and to insert response message and be transmitted back to wireless access point AP;
6]. the certificate verification response, its access authentication response message that is wireless access point AP is returned local certificate authorization center CA carries out signature verification, obtains the authentication result of portable terminal MT certificate; Wireless access point AP is formed the certificate verification response message with authentication result, the wireless access point AP certificate verification object information of portable terminal MT and is recycled to portable terminal MT, portable terminal MT just obtains the authentication result of wireless access point AP certificate, and the strange land certificate verification process between portable terminal MT and the wireless access point AP is finished.
Above-mentioned portable terminal MT certificate verification object information is meant that portable terminal MT certificate, authentication result and certificate authorization center CA sign to it; Described wireless access point AP certificate verification object information comprises that wireless access point AP certificate, authentication result, certificate verification request time and certificate authorization center CA sign to it.
In the checking of above-mentioned portable terminal MT private key
1]. described requests verification portable terminal MT private key is that wireless access point AP produces data at random, and it is passed to portable terminal MT;
2]. described response private key checking is after portable terminal MT receives the checking private key request message of wireless access point AP, to utilize private key to sign to the random data that receives, and the result that will sign returns to wireless access point AP;
3]. described checking private key signature is the private key signature that wireless access point AP is received portable terminal MT, utilize this signing messages of public key verifications of portable terminal MT certificate, if be proved to be successful, then wireless access point AP allows portable terminal MT to insert, otherwise refuse its access, the portable terminal MT that then has legal certificate and respective private keys thereof successfully inserts the wireless access point AP with legal certificate, and wireless access point AP is finished the safe access control of portable terminal MT.
When logining to wireless access point AP, adopt above-mentioned portable terminal MT certificate authorization center CA that portable terminal MT and wireless access point AP are carried out bidirectional identity authentication, its step comprises session key agreement, described session key agreement is after portable terminal MT and wireless access point AP certificate verification and private key are proved to be successful, both sides consult to generate session key, are used for the encryption and decryption of communication data message.
Above-mentioned session key agreement comprises static the negotiation and dynamic negotiation, and described static negotiation is meant with the other side's PKI and the private key of oneself carries out session key agreement, and described dynamic negotiation comprises that activation key is consulted, response key is consulted and session key generates.
In the dynamic negotiation of above-mentioned session key
1]. it is that portable terminal MT or wireless access point AP produce a random data that described activation key is consulted, utilize the public key encryption of wireless access point AP or portable terminal MT after, send request key agreement message to wireless access point AP or portable terminal MT;
2]. it is after wireless access point AP or portable terminal MT receive that key agreement that portable terminal MT or wireless access point AP are sent activates message that described response key is consulted, utilize the private key of oneself to be decrypted, obtain the random data that the other side produces, then, the local random data that produces, after utilizing the public key encryption of portable terminal MT or wireless access point AP, respond the key negotiation response message to portable terminal MT or wireless access point AP;
3]. it is that portable terminal MT and wireless access point AP all utilize own two random data that produce respectively with the other side to generate session key in this locality that described session key generates, and communicates the encryption and decryption of data message.
The present invention compared with prior art has following advantage:
The present invention is based on public key certificate mechanism, solved among the WLAN (wireless local area network) WLAN and portable terminal MT has not been carried out data communication security limitation problem on effective and safe access control and the Radio Link, not only realize the access control of portable terminal MT, and ensured the fail safe that inserts, the high security of communication.But portable terminal MT can also login in the strange land this locality, supports the roaming function of portable terminal MT.
The accompanying drawing drawing is described as follows:
Fig. 1 is the structural representation of prior art wide-band wireless IP system;
Fig. 2 is the physical structure schematic diagram that the present invention is based on the wireless LAN safety Verification System of certificate authorization center CA;
Fig. 3 is the local identifying procedure figure that inserts of portable terminal MT of the present invention;
The identifying procedure figure that Fig. 4 inserts for portable terminal MT of the present invention strange land.
The invention will be further described below in conjunction with drawings and Examples:
The physical structure schematic diagram that is based on the wireless LAN safety Verification System of certificate authorization center CA (Certification Authorities) shown in Figure 2.Wherein the certificate authorization center CA system is a sandwich construction.Adopt X.509 public key certificate mechanism, when portable terminal MT logins to wireless access point AP, must carry out bidirectional identity authentication by certificate of utility authorization center CA, that is to say that the portable terminal MT that only holds legal certificate could insert the wireless access point AP of holding legal certificate.If authentication success, then wireless access point AP allows portable terminal MT to insert, otherwise wireless access point AP refusal portable terminal MT inserts or portable terminal MT refusal is logined to wireless access point AP.Whole authentication process comprises certificate verification, private key checking and three steps of session key agreement, as shown in Figure 3, Figure 4.Wherein adopt the certificate of form X.509 mainly to comprise the term of validity, the certificate holder's of sequence number, the certificate authority person's of certificate title, certificate title, certificate holder's public key information, signature algorithm that the certificate authority person adopts and certificate authority person contents such as signature to certificate.1. certificate verification
1). the verification process of certificate during local the access
Portable terminal MT holds the certificate that local certificate authorization center CA is issued, and the identifying procedure of certificate is as follows during local the access:
A). the certificate verification request.Portable terminal MT sends the certificate verification request message to wireless access point AP, is about to portable terminal MT certificate and current system time and mails to wireless access point AP;
B). the access authentication request.After wireless access point AP is received portable terminal MT certificate verification request, send the access authentication request to local certificate authorization center CA server, be about to portable terminal MT certificate, certificate verification request time, wireless access point AP certificate and constitute access request authentication message send to local certificate authorization center CA with the signing messages that the private key of wireless access point AP carries out them;
C). the access authentication response.After local certificate authorization center CA is received the access authentication request of wireless access point AP, the signature of checking wireless access point AP, if incorrect, then verification process failure, otherwise further verify portable terminal MT certificate.Server is judged portable terminal MT certificate whether in local CRL, if, then verification process failure; Otherwise, authentication success.Last local certificate authorization center CA constitutes the access authentication response message with portable terminal MT certificate verification object information (comprising portable terminal MT certificate, authentication result, the certificate authorization center CA signature to them) with wireless access point AP certificate verification object information (comprising the signature that wireless access point AP certificate, authentication result, certificate verification request time, certificate authorization center CA are carried out them) and sends back to wireless access point AP;
D). the certificate verification response.The access authentication response message that wireless access point AP is returned local certificate authorization center CA carries out signature verification, just obtains the authentication result of portable terminal MT certificate.Wireless access point AP is formed the certificate verification response message with authentication result, the wireless access point AP certificate verification object information of portable terminal MT and is recycled to portable terminal MT, and terminal just obtains the authentication result of wireless access point AP certificate.So far finished the verification process of local certificate between portable terminal and the wireless access point AP.
2). the verification process of certificate when the strange land is inserted
Portable terminal MT holds the certificate that nonlocal certificate authorization center CA is issued, and the identifying procedure of certificate was as follows when the strange land was inserted:
A). the certificate verification request.Portable terminal MT sends the certificate verification request message to wireless access point AP, is about to portable terminal MT certificate and current system time and mails to wireless access point AP;
B). the access authentication request.After wireless access point AP is received portable terminal MT certificate verification request, send the access authentication request to local certificate authorization center CA server, be about to portable terminal MT certificate, certificate verification request time, wireless access point AP certificate and constitute access request authentication message send to local certificate authorization center CA with the signing messages that the private key of wireless access point AP carries out them;
C). the strange land authentication request.After local certificate authorization center CA is received the access authentication request of wireless access point AP, the signature of checking wireless access point AP, if incorrect, then verification process failure; Otherwise further verify portable terminal MT certificate.Local certificate authorization center CA outwards certificate authorization center CA is sent the strange land authentication request, is about to the certificate, certificate verification request time of wireless access point AP certificate, portable terminal MT certificate, local certificate authorization center CA and their signature is sent to nonlocal certificate authorization center CA by Internet;
D). the strange land authentication response.The other places certificate authorization center CA is received the signature of the local certificate authorization center CA of checking behind the message, if incorrect, and authentification failure then, otherwise judge that portable terminal MT certificate is whether in CRL.If, then verification process failure; Otherwise, authentication success.Last nonlocal certificate authorization center CA is formed strange land authentication response message with the certificate of portable terminal MT certificate verification object information (comprising portable terminal MT certificate, authentication result and the nonlocal certificate authorization center CA signature to them), wireless access point AP certificate verification object information (comprising the signature that wireless access point AP certificate, authentication result, certificate verification request time and nonlocal certificate authorization center CA are carried out them), nonlocal certificate authorization center CA and to their signature, sends back to local certificate authorization center CA by Internet again;
E). the access authentication response.Local certificate authorization center CA is received the strange land authentication response message that nonlocal certificate authorization center CA is returned, verify the signature of nonlocal certificate authorization center CA, if it is incorrect, authentification failure then, otherwise after portable terminal MT certificate verification object information changed signature, constitute together with wireless access point AP certificate verification object information and to insert response message and be transmitted back to wireless access point AP;
F). the certificate verification response.The access authentication response message that wireless access point AP is returned local certificate authorization center CA carries out signature verification, just obtains the authentication result of portable terminal MT certificate.Wireless access point AP is formed the certificate verification response message with authentication result, the wireless access point AP certificate verification object information of portable terminal MT and is recycled to portable terminal MT, and terminal just obtains the authentication result of wireless access point AP certificate.So far finished the verification process of strange land certificate between portable terminal and the wireless access point AP.2. the private key of portable terminal MT checking
After the certificate verification success, can not prove the legitimacy of portable terminal MT identity fully, must verify also whether it holds and the corresponding private key of certificate.Process is as follows:
A). the private key of requests verification portable terminal MT.Wireless access point AP produces data at random, and length and content pass to portable terminal MT with it all at random;
B). the checking of response private key.Portable terminal MT utilizes private key to sign to the random data that receives after receiving the checking private key request message of wireless access point AP, and the result that will sign returns to wireless access point AP;
C). the checking private key signature.Wireless access point AP is received the private key signature of portable terminal MT, utilizes this signing messages of public key verifications of portable terminal MT certificate, if be proved to be successful, then wireless access point AP allows portable terminal MT to insert, otherwise refuses its access.So far, the portable terminal MT with legal certificate and respective private keys thereof just successfully inserts has the wireless access point AP of legal certificate, thereby finishes the safe access control function of wireless access point AP to portable terminal MT.3. session key agreement
After portable terminal MT and wireless access point AP certificate verification and private key are proved to be successful, promptly finished the successful login of portable terminal MT.This moment, both sides utilized the other side's PKI and the private key of oneself to generate session key at this machine, were used for the encryption and decryption of communication data message, thereby realized the wireless security secure communication between portable terminal MT and the wireless access point AP.Yet it should be noted that in validity period of certificate, portable terminal MT and wireless access point AP between session key constant all the time, in order to accomplish the every key of every session, need carry out the dynamic negotiation of session key.The process that dynamic key is consulted is as follows:
A). activation key is consulted.Portable terminal MT or wireless access point AP produce a random data, utilize the public key encryption of wireless access point AP or portable terminal MT after, send request key agreement message to wireless access point AP or portable terminal MT;
B). response key is consulted.Wireless access point AP or portable terminal MT utilize the private key of oneself to be decrypted after receiving that key agreement that portable terminal MT or wireless access point AP send activates message, obtain the random data of the other side's generation.The local then random data that produces, utilize the public key encryption of portable terminal MT or wireless access point AP after, respond the key negotiation response message to portable terminal MT or wireless access point AP;
C). session key generates.Portable terminal MT and wireless access point AP all utilize own two random data that produce respectively with the other side to generate session key in this locality, be used for the encryption and decryption of communication data message.
In order further to improve the confidentiality of communication, portable terminal MT communicate by letter with wireless access point AP a period of time or exchange the message of some after, can also carry out the negotiation again of session key.In addition, the safe access control of wireless access point AP to portable terminal MT finished in certificate verification and private key checking, and session key agreement has then fully guaranteed the high communication security between portable terminal MT and the wireless access point AP.
What particularly point out is: in the specific implementation process, certificate verification, private key checking and three processes of session key negotiation can be carried out in proper order, also can intersect and carry out, and also can merge and carry out.
Claims (9)
1. the safety access method of a mobile terminal of wireless local area network, it is characterized in that: when portable terminal MT logins to wireless access point AP, adopt certificate authorization center CA that portable terminal MT and wireless access point AP are carried out bidirectional identity authentication, if authentication success, the portable terminal MT that holds legal certificate inserts the wireless access point AP of holding legal certificate, otherwise wireless access point AP refusal portable terminal MT inserts or portable terminal MT refusal is logined to wireless access point AP; Its key step comprises
1]. the authentication of certificate
The authentication of described certificate is meant adopts certificate authorization center CA that portable terminal MT and wireless access point AP are carried out bidirectional identity authentication, the authentication of certificate when the authentication of certificate and strange land were inserted when it comprised local the access;
2]. the private key checking of portable terminal MT
The private key checking of described portable terminal MT comprises private key, the checking of response private key and the checking private key signature of requests verification portable terminal MT.
2. the safety access method of mobile terminal of wireless local area network according to claim 1 is characterized in that: the authentication of certificate is meant certificate verification request, access authentication request, access authentication response and certificate verification response during described local the access; The authentication of certificate was meant certificate verification request, access authentication request, strange land authentication request, strange land authentication response, access authentication response and certificate verification response when described strange land was inserted.
3. the safety access method of mobile terminal of wireless local area network according to claim 1 is characterized in that: the authentication of certificate is meant during described local the access
1]. the certificate verification request, it comprises that portable terminal MT sends the certificate verification request message to wireless access point AP, and portable terminal MT certificate and current system time are mail to wireless access point AP;
2]. the access authentication request, after it comprises that wireless access point AP is received portable terminal MT certificate verification request, send the access authentication request to local certificate authorization center CA server, with portable terminal MT certificate, certificate verification request time, wireless access point AP certificate and with the private key of wireless access point AP its signing messages that carries out is constituted and insert request authentication message and send to local certificate authorization center CA;
3]. the access authentication response, after it comprises that local certificate authorization center CA is received the access authentication request of wireless access point AP, the signature of checking wireless access point AP, if incorrect, then verification process failure, otherwise further verify portable terminal MT certificate; Server is judged portable terminal MT certificate whether in local CRL, if, then verification process failure, otherwise, authentication success; Last local certificate authorization center CA constitutes the access authentication response message with portable terminal MT certificate verification object information, wireless access point AP certificate verification object information and sends back to wireless access point AP;
4]. the certificate verification response, it access authentication response message that comprises that wireless access point AP is returned local certificate authorization center CA carries out signature verification, obtains the authentication result of portable terminal MT certificate; Wireless access point AP is formed the certificate verification response message with authentication result, the wireless access point AP certificate verification object information of portable terminal MT and is recycled to portable terminal MT, portable terminal MT just obtains the authentication result of wireless access point AP certificate, and the local certificate verification process between portable terminal MT and the wireless access point AP is finished.
4. the safety access method of mobile terminal of wireless local area network according to claim 1 is characterized in that: the authentication of certificate was meant when described strange land was inserted
1]. the certificate verification request, it is that portable terminal MT sends the certificate verification request message to wireless access point AP, and portable terminal MT certificate and current system time are mail to wireless access point AP;
2]. the access authentication request, it is after wireless access point AP is received portable terminal MT certificate verification request, send the access authentication request to local certificate authorization center CA server, with portable terminal MT certificate, certificate verification request time, wireless access point AP certificate and with the private key of wireless access point AP its signing messages that carries out is constituted and insert request authentication message and send to local CA;
3]. the strange land authentication request, it is after local certificate authorization center CA is received the access authentication request of wireless access point AP, the signature of checking wireless access point AP, if incorrect, then verification process failure; Otherwise, further verify portable terminal MT certificate, local certificate authorization center CA outwards certificate authorization center CA is sent the strange land authentication request, with certificate, the certificate verification request time of wireless access point AP certificate, portable terminal MT certificate, local certificate authorization center CA and its signature is sent to nonlocal certificate authorization center CA by Internet;
4]. the strange land authentication response, it is the signature that nonlocal certificate authorization center CA is received the local certificate authorization center CA of checking behind the message, if incorrect, authentification failure then, otherwise, judge that portable terminal MT certificate is whether in CRL; If, then verification process failure, otherwise, authentication success; Last nonlocal certificate authorization center CA is formed strange land authentication response message with the certificate of portable terminal MT certificate verification object information, wireless access point AP certificate verification object information, nonlocal certificate authorization center CA and to its signature, sends back to local certificate authorization center CA by Internet again;
5]. the access authentication response, it is that local certificate authorization center CA is received the strange land authentication response message that nonlocal certificate authorization center CA is returned, verify the signature of nonlocal certificate authorization center CA, if it is incorrect, authentification failure then, otherwise after portable terminal MT certificate verification object information changed signature, constitute together with wireless access point AP certificate verification object information and to insert response message and be transmitted back to wireless access point AP;
6]. the certificate verification response, its access authentication response message that is wireless access point AP is returned local certificate authorization center CA carries out signature verification, obtains the authentication result of portable terminal MT certificate; Wireless access point AP is formed the certificate verification response message with authentication result, the wireless access point AP certificate verification object information of portable terminal MT and is recycled to portable terminal MT, portable terminal MT just obtains the authentication result of wireless access point AP certificate, and the strange land certificate verification process between portable terminal MT and the wireless access point AP is finished.
5. according to the safety access method of claim 3 or 4 described mobile terminal of wireless local area network, it is characterized in that: described portable terminal MT certificate verification object information is meant that portable terminal MT certificate, authentication result and certificate authorization center CA sign to it; Described wireless access point AP certificate verification object information comprises that wireless access point AP certificate, authentication result, certificate verification request time and certificate authorization center CA sign to it.
6. according to the safety access method of claim 1 or 2 or 3 or 4 described mobile terminal of wireless local area network, it is characterized in that: in the checking of described portable terminal MT private key
1]. described requests verification portable terminal MT private key is that wireless access point AP produces data at random, and it is passed to portable terminal MT;
2]. described response private key checking is after portable terminal MT receives the checking private key request message of wireless access point AP, to utilize private key to sign to the random data that receives, and the result that will sign returns to wireless access point AP;
3]. described checking private key signature is the private key signature that wireless access point AP is received portable terminal MT, utilize this signing messages of public key verifications of portable terminal MT certificate, if be proved to be successful, then wireless access point AP allows portable terminal MT to insert, otherwise refuse its access, the portable terminal MT that then has legal certificate and respective private keys thereof successfully inserts the wireless access point AP with legal certificate, and wireless access point AP is finished the safe access control of portable terminal MT.
7. the safety access method of mobile terminal of wireless local area network according to claim 6, it is characterized in that: adopt certificate authorization center CA that portable terminal MT and wireless access point AP are carried out bidirectional identity authentication when described portable terminal MT logins to wireless access point AP, its step comprises session key agreement, described session key agreement is after portable terminal MT and wireless access point AP certificate verification and private key are proved to be successful, both sides consult to generate session key, are used for the encryption and decryption of communication data message.
8. the safety access method of mobile terminal of wireless local area network according to claim 7, it is characterized in that: described session key agreement comprises static the negotiation and dynamic negotiation, described static negotiation is meant with the other side's PKI and the private key of oneself carries out session key agreement, and described dynamic negotiation comprises that activation key is consulted, response key is consulted and session key generates.
9. the safety access method of mobile terminal of wireless local area network according to claim 8 is characterized in that: in the dynamic negotiation of described session key
1]. it is that portable terminal MT or wireless access point AP produce a random data that described activation key is consulted, utilize the public key encryption of wireless access point AP or portable terminal MT after, send request key agreement message to wireless access point AP or portable terminal MT;
2]. it is after wireless access point AP or portable terminal MT receive that key agreement that portable terminal MT or wireless access point AP are sent activates message that described response key is consulted, utilize the private key of oneself to be decrypted, obtain the random data that the other side produces, then, the local random data that produces, after utilizing the public key encryption of portable terminal MT or wireless access point AP, respond the key negotiation response message to portable terminal MT or wireless access point AP;
3]. it is that portable terminal MT and wireless access point AP all utilize own two random data that produce respectively with the other side to generate session key in this locality that described session key generates, and communicates the encryption and decryption of data message.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN02139361A CN1124759C (en) | 2002-08-15 | 2002-08-15 | Safe access method of mobile terminal to radio local area network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN02139361A CN1124759C (en) | 2002-08-15 | 2002-08-15 | Safe access method of mobile terminal to radio local area network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1399490A true CN1399490A (en) | 2003-02-26 |
| CN1124759C CN1124759C (en) | 2003-10-15 |
Family
ID=4750046
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN02139361A Expired - Lifetime CN1124759C (en) | 2002-08-15 | 2002-08-15 | Safe access method of mobile terminal to radio local area network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1124759C (en) |
Cited By (34)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2005008957A1 (en) * | 2003-07-21 | 2005-01-27 | Zte Corporation | The method of implementing vlan on the device of wireless lan access point |
| WO2005071981A1 (en) * | 2003-08-07 | 2005-08-04 | Huawei Technologies Co., Ltd. | A interactive method of subscriber terminal determining the network selective information in wlan |
| CN1301608C (en) * | 2003-06-25 | 2007-02-21 | 神州亿品科技有限公司 | Method for implementing peer-to-peer WLAN with center certification |
| CN100370772C (en) * | 2004-06-04 | 2008-02-20 | 华为技术有限公司 | Method for switching in radio local-area network mobile terminal |
| CN100383694C (en) * | 2003-10-17 | 2008-04-23 | 国际商业机器公司 | Maintaining privacy for transactions performable by a user device having a security module |
| CN100388835C (en) * | 2003-11-21 | 2008-05-14 | 华为技术有限公司 | Method of identifying legalness of mobile terminal user |
| WO2008080352A1 (en) * | 2006-12-29 | 2008-07-10 | China Mobile Group Design Institute Co., Ltd. | A wlan authentication charging method based on wapi |
| CN100417109C (en) * | 2003-02-28 | 2008-09-03 | 西门子公司 | Method for transmitting data in a wlan network |
| CN100466567C (en) * | 2003-06-23 | 2009-03-04 | 华为技术有限公司 | A method of access authentication for WLAN |
| CN1913434B (en) * | 2005-08-09 | 2010-05-26 | 索尼株式会社 | Wireless communication system, control method, terminal and its control method |
| CN1976309B (en) * | 2006-12-22 | 2010-08-18 | 杭州华三通信技术有限公司 | Method for wireless user inserting network service, access controller and server |
| CN101964978A (en) * | 2010-10-26 | 2011-02-02 | 郑州信大捷安信息技术有限公司 | Reinforcement method for strengthening safety of mobile terminal system on basis of safe TF card |
| CN101183932B (en) * | 2007-12-03 | 2011-02-16 | 宇龙计算机通信科技(深圳)有限公司 | Security identification system of wireless application service and login and entry method thereof |
| CN101023685B (en) * | 2004-10-26 | 2011-04-06 | 思科技术公司 | Method and apparatus for balancing wireless access based on centralized information |
| CN101167334B (en) * | 2005-05-02 | 2011-04-20 | 汤姆森特许公司 | Methods and apparatuses for introducing devices with simple user interfaces into a secure network community |
| CN1918876B (en) * | 2004-02-18 | 2011-05-18 | 索尼德国有限责任公司 | Device registration in a wireless multi-hop ad-hoc network |
| CN101145915B (en) * | 2007-10-10 | 2011-08-10 | 中国科学院计算技术研究所 | An authentication system and method of trustable router |
| CN101420695B (en) * | 2008-12-16 | 2011-09-07 | 天津工业大学 | 3G customer fast roaming authentication method based on wireless LAN |
| CN102595409A (en) * | 2012-03-21 | 2012-07-18 | 华为技术有限公司 | Method, equipment and system for acquiring encryption information based on wireless access |
| CN101496427B (en) * | 2006-08-02 | 2013-06-05 | 摩托罗拉移动公司 | Identity verification using location over time information |
| US8495712B2 (en) | 2006-12-18 | 2013-07-23 | China Iwncomm Co., Ltd. | Peer-to-peer access control method of triple unit structure |
| CN103973434A (en) * | 2003-09-02 | 2014-08-06 | 英特尔公司 | Authenticated key exchange based on pairwise master key |
| CN104104515A (en) * | 2014-07-28 | 2014-10-15 | 安徽科大智能电网技术有限公司 | Safe direct-current carrier authentication system and authentication method for monitoring photovoltaic module |
| CN104301116A (en) * | 2014-10-23 | 2015-01-21 | 上海斐讯数据通信技术有限公司 | Method and system of private authentication mode of NFC wireless router |
| US9078281B2 (en) | 2003-10-22 | 2015-07-07 | Brother Kogyo Kabushiki Kaisha | Wireless station and wireless LAN system |
| CN105959941A (en) * | 2016-04-21 | 2016-09-21 | 林碧琴 | Method for providing access point on a high-speed train |
| CN105992312A (en) * | 2015-02-04 | 2016-10-05 | 中国移动通信集团辽宁有限公司 | Wireless network accessing method and system and access point device |
| CN106714158A (en) * | 2015-08-18 | 2017-05-24 | 中国移动通信集团公司 | WiFi access method and device |
| CN107302544A (en) * | 2017-08-15 | 2017-10-27 | 迈普通信技术股份有限公司 | Certificate request method, wireless access control equipment and wireless access point device |
| WO2017190616A1 (en) * | 2016-05-05 | 2017-11-09 | 腾讯科技(深圳)有限公司 | Wireless network connection method, wireless access point, server, and system |
| CN107360572A (en) * | 2016-05-10 | 2017-11-17 | 普天信息技术有限公司 | A kind of safety enhancing authentication method and device based on WIFI |
| CN107360124A (en) * | 2016-05-10 | 2017-11-17 | 普天信息技术有限公司 | Access authentication method and device, WAP and user terminal |
| CN110972141A (en) * | 2019-12-04 | 2020-04-07 | 迈普通信技术股份有限公司 | Information verification method and device, electronic equipment and readable storage medium |
| CN114553502A (en) * | 2022-01-29 | 2022-05-27 | 联想开天科技有限公司 | Network authentication method and electronic equipment |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100401670C (en) * | 2004-03-26 | 2008-07-09 | 中兴通讯股份有限公司 | Allopatic access authentication method of mobile terminal of radio LAN |
-
2002
- 2002-08-15 CN CN02139361A patent/CN1124759C/en not_active Expired - Lifetime
Cited By (47)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7873348B2 (en) | 2003-02-28 | 2011-01-18 | Siemens Aktiengesellschaft | Method for transmitting data in a WLAN network using an EAP message comprising SIP authentication data |
| US8194633B2 (en) | 2003-02-28 | 2012-06-05 | Siemens Enterprise Communications Gmbh & Co. Kg | Method for transmitting data in a WLAN network |
| CN100417109C (en) * | 2003-02-28 | 2008-09-03 | 西门子公司 | Method for transmitting data in a wlan network |
| CN100466567C (en) * | 2003-06-23 | 2009-03-04 | 华为技术有限公司 | A method of access authentication for WLAN |
| CN1301608C (en) * | 2003-06-25 | 2007-02-21 | 神州亿品科技有限公司 | Method for implementing peer-to-peer WLAN with center certification |
| WO2005008957A1 (en) * | 2003-07-21 | 2005-01-27 | Zte Corporation | The method of implementing vlan on the device of wireless lan access point |
| WO2005071981A1 (en) * | 2003-08-07 | 2005-08-04 | Huawei Technologies Co., Ltd. | A interactive method of subscriber terminal determining the network selective information in wlan |
| CN103973434A (en) * | 2003-09-02 | 2014-08-06 | 英特尔公司 | Authenticated key exchange based on pairwise master key |
| CN100383694C (en) * | 2003-10-17 | 2008-04-23 | 国际商业机器公司 | Maintaining privacy for transactions performable by a user device having a security module |
| CN100388154C (en) * | 2003-10-17 | 2008-05-14 | 国际商业机器公司 | Method and system for user attestation-signatures with attributes |
| US9877221B2 (en) | 2003-10-22 | 2018-01-23 | Brother Kogyo Kabushiki Kaisha | Wireless LAN system, and access point and station for the wireless LAN system |
| CN102938887B (en) * | 2003-10-22 | 2015-09-16 | 兄弟工业株式会社 | Wireless LAN system, communication terminal and signal procedure |
| US9078281B2 (en) | 2003-10-22 | 2015-07-07 | Brother Kogyo Kabushiki Kaisha | Wireless station and wireless LAN system |
| CN100388835C (en) * | 2003-11-21 | 2008-05-14 | 华为技术有限公司 | Method of identifying legalness of mobile terminal user |
| CN1918876B (en) * | 2004-02-18 | 2011-05-18 | 索尼德国有限责任公司 | Device registration in a wireless multi-hop ad-hoc network |
| CN100370772C (en) * | 2004-06-04 | 2008-02-20 | 华为技术有限公司 | Method for switching in radio local-area network mobile terminal |
| CN101023685B (en) * | 2004-10-26 | 2011-04-06 | 思科技术公司 | Method and apparatus for balancing wireless access based on centralized information |
| CN101167334B (en) * | 2005-05-02 | 2011-04-20 | 汤姆森特许公司 | Methods and apparatuses for introducing devices with simple user interfaces into a secure network community |
| CN1913434B (en) * | 2005-08-09 | 2010-05-26 | 索尼株式会社 | Wireless communication system, control method, terminal and its control method |
| CN101496427B (en) * | 2006-08-02 | 2013-06-05 | 摩托罗拉移动公司 | Identity verification using location over time information |
| US8495712B2 (en) | 2006-12-18 | 2013-07-23 | China Iwncomm Co., Ltd. | Peer-to-peer access control method of triple unit structure |
| CN1976309B (en) * | 2006-12-22 | 2010-08-18 | 杭州华三通信技术有限公司 | Method for wireless user inserting network service, access controller and server |
| WO2008080352A1 (en) * | 2006-12-29 | 2008-07-10 | China Mobile Group Design Institute Co., Ltd. | A wlan authentication charging method based on wapi |
| CN101145915B (en) * | 2007-10-10 | 2011-08-10 | 中国科学院计算技术研究所 | An authentication system and method of trustable router |
| CN101183932B (en) * | 2007-12-03 | 2011-02-16 | 宇龙计算机通信科技(深圳)有限公司 | Security identification system of wireless application service and login and entry method thereof |
| CN101420695B (en) * | 2008-12-16 | 2011-09-07 | 天津工业大学 | 3G customer fast roaming authentication method based on wireless LAN |
| CN101964978B (en) * | 2010-10-26 | 2013-09-04 | 郑州信大捷安信息技术股份有限公司 | Reinforcement method for strengthening safety of mobile terminal system on basis of safe TF card |
| CN101964978A (en) * | 2010-10-26 | 2011-02-02 | 郑州信大捷安信息技术有限公司 | Reinforcement method for strengthening safety of mobile terminal system on basis of safe TF card |
| CN102595409A (en) * | 2012-03-21 | 2012-07-18 | 华为技术有限公司 | Method, equipment and system for acquiring encryption information based on wireless access |
| CN104104515A (en) * | 2014-07-28 | 2014-10-15 | 安徽科大智能电网技术有限公司 | Safe direct-current carrier authentication system and authentication method for monitoring photovoltaic module |
| CN104301116A (en) * | 2014-10-23 | 2015-01-21 | 上海斐讯数据通信技术有限公司 | Method and system of private authentication mode of NFC wireless router |
| CN104301116B (en) * | 2014-10-23 | 2018-04-06 | 上海斐讯数据通信技术有限公司 | A kind of method and system of NFC wireless routers private certification mode |
| CN105992312A (en) * | 2015-02-04 | 2016-10-05 | 中国移动通信集团辽宁有限公司 | Wireless network accessing method and system and access point device |
| CN106714158A (en) * | 2015-08-18 | 2017-05-24 | 中国移动通信集团公司 | WiFi access method and device |
| CN106714158B (en) * | 2015-08-18 | 2020-02-18 | 中国移动通信集团公司 | WiFi access method and device |
| CN105959941A (en) * | 2016-04-21 | 2016-09-21 | 林碧琴 | Method for providing access point on a high-speed train |
| WO2017190616A1 (en) * | 2016-05-05 | 2017-11-09 | 腾讯科技(深圳)有限公司 | Wireless network connection method, wireless access point, server, and system |
| US11178125B2 (en) | 2016-05-05 | 2021-11-16 | Tencent Technology (Shenzhen) Company Limited | Wireless network connection method, wireless access point, server, and system |
| CN107360124A (en) * | 2016-05-10 | 2017-11-17 | 普天信息技术有限公司 | Access authentication method and device, WAP and user terminal |
| CN107360572A (en) * | 2016-05-10 | 2017-11-17 | 普天信息技术有限公司 | A kind of safety enhancing authentication method and device based on WIFI |
| CN107360572B (en) * | 2016-05-10 | 2019-11-12 | 普天信息技术有限公司 | A kind of safety enhancing authentication method and device based on WIFI |
| CN107302544B (en) * | 2017-08-15 | 2019-09-13 | 迈普通信技术股份有限公司 | Certificate request method, wireless access control equipment and wireless access point device |
| CN107302544A (en) * | 2017-08-15 | 2017-10-27 | 迈普通信技术股份有限公司 | Certificate request method, wireless access control equipment and wireless access point device |
| CN110972141A (en) * | 2019-12-04 | 2020-04-07 | 迈普通信技术股份有限公司 | Information verification method and device, electronic equipment and readable storage medium |
| CN110972141B (en) * | 2019-12-04 | 2022-02-22 | 迈普通信技术股份有限公司 | Information verification method and device, electronic equipment and readable storage medium |
| CN114553502A (en) * | 2022-01-29 | 2022-05-27 | 联想开天科技有限公司 | Network authentication method and electronic equipment |
| CN114553502B (en) * | 2022-01-29 | 2024-03-29 | 联想开天科技有限公司 | Network authentication method and electronic equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1124759C (en) | 2003-10-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1124759C (en) | Safe access method of mobile terminal to radio local area network | |
| CN1191696C (en) | Sefe access of movable terminal in radio local area network and secrete data communication method in radio link | |
| CN1191703C (en) | Safe inserting method of wide-band wireless IP system mobile terminal | |
| CN1206838C (en) | Method for controlling network access in radio environment and its recording medium | |
| CN100586067C (en) | Identity authentication method with compatible 802.11i and WAPI | |
| CN1846397A (en) | Two-factor authenticated key exchange method and authentication method using the same, and recording medium storing program including the same | |
| CN101056177A (en) | Radio mesh re-authentication method based on the WLAN secure standard WAPI | |
| CN101030859A (en) | Method and system for verifying distributed network | |
| CN1805341A (en) | Network authentication and key allocation method across secure domains | |
| CN113779605A (en) | Industrial internet Handle identification system analysis authentication method based on alliance chain | |
| CN100344208C (en) | Identification method for preventing replay attack | |
| CN101547095A (en) | Application service management system and management method based on digital certificate | |
| CN1897518A (en) | Distributed identity-card signature method | |
| CN1921682A (en) | Method for enhancing key negotiation in universal identifying framework | |
| CN100525182C (en) | Authentication and encryption method for wireless network | |
| CN115038084A (en) | Decentralized trusted access method for cellular base station | |
| CN1260909C (en) | Method for increasing radio city area network safety | |
| CN1728637A (en) | Method for identifying physical uniqueness of networked terminal, and access authentication system for terminals | |
| CN1225941C (en) | Roaming access method of mobile node in radio IP system | |
| CN1329418A (en) | Method for authenticating network user identity and method for overcoming user password loophole in Kerberous authentication system | |
| CN1225871C (en) | Method for distributing enciphered key in wireless local area network | |
| CN112437158B (en) | Network security identity authentication method based on power Internet of things | |
| CN1992710A (en) | Secure interactive method for user terminal accessing soft switching network | |
| CN1700636A (en) | Method of applying certificate for wireless LAN mobile terminal and certificate management system | |
| Yao et al. | A blockchain based authentication mechanism in wireless local area network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C56 | Change in the name or address of the patentee |
Owner name: XI'AN IWNCOMM CO., LTD. Free format text: FORMER NAME: XIDIAN JIETONG WIRELESS NETWORK COMMUNICATION CO LTD, XI'AN |
|
| CP01 | Change in the name or title of a patent holder |
Address after: 710075 4F.C building, No. 12, No. two, hi tech Road, Shaanxi, Xi'an Patentee after: CHINA IWNCOMM Co.,Ltd. Address before: 710075 4F.C building, No. 12, No. two, hi tech Road, Shaanxi, Xi'an Patentee before: CHINA IWNCOMM Co.,Ltd. |
|
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20030226 Assignee: BEIJING ZHIXIANG TECHNOLOGY Co.,Ltd. Assignor: CHINA IWNCOMM Co.,Ltd. Contract record no.: 2016610000049 Denomination of invention: Safe access method of mobile terminal to radio local area network Granted publication date: 20031015 License type: Common License Record date: 20161117 |
|
| LICC | Enforcement, change and cancellation of record of contracts on the licence for exploitation of a patent or utility model | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20030226 Assignee: BEIJING FENGHUO LIANTUO TECHNOLOGY Co.,Ltd. Assignor: CHINA IWNCOMM Co.,Ltd. Contract record no.: 2017610000001 Denomination of invention: Safe access method of mobile terminal to radio local area network Granted publication date: 20031015 License type: Common License Record date: 20170106 |
|
| LICC | Enforcement, change and cancellation of record of contracts on the licence for exploitation of a patent or utility model | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20030226 Assignee: SHANGHAI YU FLY MILKY WAY SCIENCE AND TECHNOLOGY CO.,LTD. Assignor: CHINA IWNCOMM Co.,Ltd. Contract record no.: 2017610000005 Denomination of invention: Safe access method of mobile terminal to radio local area network Granted publication date: 20031015 License type: Common License Record date: 20170317 |
|
| EE01 | Entry into force of recordation of patent licensing contract | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20030226 Assignee: Beijing next Technology Co.,Ltd. Assignor: CHINA IWNCOMM Co.,Ltd. Contract record no.: 2017610000014 Denomination of invention: Safe access method of mobile terminal to radio local area network Granted publication date: 20031015 License type: Common License Record date: 20170601 |
|
| EE01 | Entry into force of recordation of patent licensing contract | ||
| EE01 | Entry into force of recordation of patent licensing contract | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20030226 Assignee: HYTERA COMMUNICATIONS Corp.,Ltd. Assignor: CHINA IWNCOMM Co.,Ltd. Contract record no.: 2017610000015 Denomination of invention: Safe access method of mobile terminal to radio local area network Granted publication date: 20031015 License type: Common License Record date: 20170602 |
|
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20030226 Assignee: Beijing Hua Xinaotian network technology Co.,Ltd. Assignor: CHINA IWNCOMM Co.,Ltd. Contract record no.: 2017610000028 Denomination of invention: Safe access method of mobile terminal to radio local area network Granted publication date: 20031015 License type: Common License Record date: 20171122 |
|
| EE01 | Entry into force of recordation of patent licensing contract | ||
| EE01 | Entry into force of recordation of patent licensing contract | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20030226 Assignee: ALPINE ELECTRONICS, Inc. Assignor: CHINA IWNCOMM Co.,Ltd. Contract record no.: 2017990000497 Denomination of invention: Safe access method of mobile terminal to radio local area network Granted publication date: 20031015 License type: Common License Record date: 20171222 |
|
| EE01 | Entry into force of recordation of patent licensing contract | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20030226 Assignee: SHENZHEN RAKWIRELESS TECHNOLOGY CO.,LTD. Assignor: CHINA IWNCOMM Co.,Ltd. Contract record no.: 2018610000006 Denomination of invention: Safe access method of mobile terminal to radio local area network Granted publication date: 20031015 License type: Common License Record date: 20180226 |
|
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20030226 Assignee: BLACKSHARK TECHNOLOGIES (NANCHANG) Co.,Ltd. Assignor: CHINA IWNCOMM Co.,Ltd. Contract record no.: 2018610000012 Denomination of invention: Safe access method of mobile terminal to radio local area network Granted publication date: 20031015 License type: Common License Record date: 20180404 |
|
| EE01 | Entry into force of recordation of patent licensing contract | ||
| EE01 | Entry into force of recordation of patent licensing contract | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20030226 Assignee: Sony Mobile Communications AB Assignor: CHINA IWNCOMM Co.,Ltd. Contract record no.: 2018990000306 Denomination of invention: Safe access method of mobile terminal to radio local area network Granted publication date: 20031015 License type: Common License Record date: 20181123 |
|
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20030226 Assignee: SHENZHEN UCLOUDLINK NEW TECHNOLOGY Co.,Ltd. Assignor: CHINA IWNCOMM Co.,Ltd. Contract record no.: X2019610000002 Denomination of invention: Safe access method of mobile terminal to radio local area network Granted publication date: 20031015 License type: Common License Record date: 20191010 |
|
| EE01 | Entry into force of recordation of patent licensing contract | ||
| EE01 | Entry into force of recordation of patent licensing contract | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20030226 Assignee: HANGZHOU STRONG EDUCATION TECHNOLOGY Co.,Ltd. Assignor: China IWNCOMM Co.,Ltd. Contract record no.: X2021610000001 Denomination of invention: Secure access method of WLAN mobile terminal Granted publication date: 20031015 License type: Common License Record date: 20210125 |
|
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20030226 Assignee: EKC communication technology (Shenzhen) Co.,Ltd. Assignor: China IWNCOMM Co.,Ltd. Contract record no.: X2021610000008 Denomination of invention: Secure access method of WLAN mobile terminal Granted publication date: 20031015 License type: Common License Record date: 20210705 |
|
| EE01 | Entry into force of recordation of patent licensing contract | ||
| EE01 | Entry into force of recordation of patent licensing contract | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20030226 Assignee: Guangzhou nengchuang Information Technology Co.,Ltd. Assignor: CHINA IWNCOMM Co.,Ltd. Contract record no.: X2021610000011 Denomination of invention: Secure access method of wireless LAN mobile terminal Granted publication date: 20031015 License type: Common License Record date: 20211104 Application publication date: 20030226 Assignee: Xinruiya Technology (Beijing) Co.,Ltd. Assignor: CHINA IWNCOMM Co.,Ltd. Contract record no.: X2021610000012 Denomination of invention: Secure access method of wireless LAN mobile terminal Granted publication date: 20031015 License type: Common License Record date: 20211104 |
|
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20030226 Assignee: SHENZHEN ZHIKAI TECHNOLOGY Co.,Ltd. Assignor: CHINA IWNCOMM Co.,Ltd. Contract record no.: X2022610000005 Denomination of invention: Secure access method of wireless LAN mobile terminal Granted publication date: 20031015 License type: Common License Record date: 20220531 |
|
| EE01 | Entry into force of recordation of patent licensing contract | ||
| CX01 | Expiry of patent term |
Granted publication date: 20031015 |
|
| CX01 | Expiry of patent term |