CN1633127A - A security capability negotiation method for application server - Google Patents

A security capability negotiation method for application server Download PDF

Info

Publication number
CN1633127A
CN1633127A CN 200410103113 CN200410103113A CN1633127A CN 1633127 A CN1633127 A CN 1633127A CN 200410103113 CN200410103113 CN 200410103113 CN 200410103113 A CN200410103113 A CN 200410103113A CN 1633127 A CN1633127 A CN 1633127A
Authority
CN
China
Prior art keywords
security
application server
territory
party
message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN 200410103113
Other languages
Chinese (zh)
Other versions
CN100389584C (en
Inventor
杨放春
邹华
唐菲菲
苏森
孙其博
徐鹏
龙湘明
李静林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing University of Posts and Telecommunications
Original Assignee
Beijing University of Posts and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing University of Posts and Telecommunications filed Critical Beijing University of Posts and Telecommunications
Priority to CNB2004101031130A priority Critical patent/CN100389584C/en
Publication of CN1633127A publication Critical patent/CN1633127A/en
Application granted granted Critical
Publication of CN100389584C publication Critical patent/CN100389584C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

A negotiation method of safety ability used in servers provides an open and extended interface and flexible negotiation flow to enable the service and the applied severs inside and outside of the domain to negotiate on the safety problem, the service can access local or applied server opened by the third party or service ability after making the agreement so as to protect various resources of the service layer. The method designs a set of information interaction flow to make the negotiation process easy.

Description

A kind of machinery of consultation that is used for the security capabilities of application server
Technical field
The present invention relates to a kind of machinery of consultation of security capabilities, exactly, relate to a kind of machinery of consultation that is used for the security capabilities of application server, application server promptly professional and that security domain is inside and outside adopts this method to carry out security negotiation, so that can use other business provide on the inside and outside application server in territory professional ability and/or resource.The safe access control technical field that belongs to computer network or communication network.
Background technology
Along with development of computer, the particularly appearance of various middleware Technology makes software can be used as a kind of business (service) and opens to the external world, and its ability and/or resource can be used for user or other program easily.As CORBA object, Web service and Grid service etc., they are deployed on the network, can accept the visit of other program of this locality or far-end, handle accordingly and return results.
At present, except computer realm, other a lot of fields also propose the problem of professional ability that this area is relevant and/or resource opening in succession.For example, at field of telecommunications, next generation network is a core with the soft switch that is positioned at key-course, the standardization agreement of the various lower floors of shielding network details can be provided to operation layer, and even programmable interface API, make that network capabilities can be open as software service, use for the business that is positioned at operation layer (being program).In addition, along with continuing to bring out of new business demand, the service feature that relates in call/conversation procedure has expanded to such as quality of service control, the visit of distributed proprietary business datum, Portability of service code or the like, this just need provide support for being distributed in belonging to of operation layer computational resource, the multiplexing of professional ability resource same or different business operator, so that new business can realize by inheriting the existing professional ability of part.So not only can and reduce development cost, and can provide business that single service provider is difficult to provide alone, that needs use a plurality of service provider uniqueness service features so that the development rate of new business is accelerated to the terminal use.
In the present invention, application program that service is provided for the client of professional expression.The client here is the people, or other program.Booking on the services package purse rope that business can provide, stock information inquiry, set up multimedia conferencing in many ways, positional information of mobile subscriber inquiry, professional charge information inquiry etc.The opening of professional ability can bring a series of safety problem, and one of them important problem is how to set up and carry out the negotiations process of security capabilities and demand for security between professional and the third party's (being the professional ability user).Promptly before setting up a new interactive sessions, how to reach common understanding between business and the client with regard to both sides' safety problem.In this security negotiation process; may relate to various safety problems, comprise that business has which private data, these private datas to need which kind of other protection of level, client to use professional ability to need to provide before which access control method and the anti-method or the like of denying.
In next generation network, the negotiation between business and the professional ability user is finished by application server.Application server is a kind of service providing system towards next generation network, resident as value-added service and move environment, if a business will be loaded on the application server, this business must satisfy the safety requirements of application server, simultaneously, application server also must satisfy this service security requirement.Equally, two business are carried out when mutual, must satisfy the other side's safety requirements mutually; Therefore, be between business and the local application server on the security negotiation process nature of open service ability, and the process of consulting and sign security protocol between local application server and the third party's application server.And in whole process, application server serves as the role of TSM Security Agent, is responsible for the negotiation of various safety problems between the business.
In sum, next generation network needs a kind of method professional and that application server is consulted demand for security and security capabilities mutually that allows.This method not only can (for example: authentication, mandate, coded format, data transmission security etc.) demand and ability be described and consults to various security service attributes; And the content of its negotiation can be expanded, can not be restricted to the type of described safety requirements and/or ability.
At present, at field of telecommunications, the research of relevant next generation network security architecture just has been in the starting stage, does not also issue the achievement of comparative maturity; Especially the solution of holding consultation about the safety problem of being introduced by the professional opening on the service layer is not seen relevant research report so far.How the method for carrying out security negotiation at the characteristics of business in the next generation network and application server does not have concrete solution at present yet.
Summary of the invention
In view of this, the purpose of this invention is to provide a kind of machinery of consultation that is used for the security capabilities of application server, promptly under the professional ability open condition, professional and professional ability user is the method by application server negotiation security capabilities how.Specifically; the present invention by provide a kind of opening, extendible interface and consult flow process flexibly; business and the inside and outside application server of security domain can both be held consultation with regard to safety problem; so that after reaching an agreement; business can be visited professional ability open on this locality or the third party's application server, thus the various resources of protection operation layer.
In order to achieve the above object, the invention provides the implementation method that a kind of business and local application server carry out security negotiation, when being used for service needed and using professional ability on the local application server or resource, the process of carrying out security negotiation between business and the local application server; Its technical scheme is: the security attribute requirement that comprises private data and access control at least of service statement self, local application server then is provided by security capabilities that can provide and local service ability or the resource of being opened, both sides carry out the mutual of security message then, until consulting successfully or failing; If consult successfully, set up secured session between business and the local application server, beginning session interaction process, and behind mutual the end, discharge secured session; Simultaneously, in security negotiation or session interaction process, business or application server can be revised the safety requirements of oneself at any time by sending security negotiation message in the territory.
This method comprises following operating procedure:
It is (1) professional that " security negotiation request information in the territory asks to carry out security negotiation to the local application server transmission; This message comprises at least: this service identification and this service security list of requirements;
(2) local application server is compared security capabilities file of self and the service security list of requirements that receives, if find to satisfy whole demands for security of this business, then order is carried out subsequent step; Otherwise, redirect execution in step (7);
(3) local application server sends " security negotiation request success in the territory " response message, informing business security negotiation success to business; After business is received, reply " the security negotiation request is successfully confirmed in the territory " message again, so far, successfully set up secured session between business and the local application server; Wherein " security negotiation request success in the territory " message comprises at least: confirm successful information and consult successful contract, " the security negotiation request is successfully confirmed in the territory " message comprises at least: consult the successful affirmation information of request;
(4) professional and local application server both sides carry out interactive sessions;
(5) after finishing interactive sessions, business or local application server send " negotiation result removal request in the territory " message to the other side, and with the secured session of this foundation of request release, the parameter of this message comprises at least: the solicited message of deletion negotiation result;
(6) after business or local application server are received " negotiation result removal request in the territory " message that the other side sends, to the other side's loopback " negotiation result deletion response in the territory " message, both sides delete with this and consult relevant record, and the parameter of this message comprises at least: the affirmation information of deletion negotiation result; So far, finish this negotiations process;
(7) local application server is compared security capabilities file of self and the service security list of requirements that receives, discovery can not be satisfied professional whole demands for security, send " security negotiation request response in the territory " message to business, this message comprises at least: the unappeasable demand for security tabulation of application server;
(8) after business is received " security negotiation request response in the territory " message, check the wherein unappeasable demand for security of local application server, if the priority of these demands for security is higher than professional ability to accept, then order is carried out subsequent step; If the priority of these demands for security is lower than professional ability to accept, then redirect execution in step (10);
(9) professional to local application server transmission " negotiation failure in the territory " message, announcement server is consulted failure; Message comprises at least should " to consult failure in the territory ": the service security attribute list that can not reach an agreement between business and the application server;
(10) the demand for security information of business modification oneself, and after amended result sent to local application server by " in the territory once more consult request ", redirect execution in step (2) receives " the security negotiation request is successfully confirmed in the territory " or " consulting failure in the territory " message until local application server; This message comprises at least: new demand for security tabulation.
Described method perhaps in the reciprocal process after connecting, further comprises following operating procedure in the process that professional and local application server are held consultation:
(11) in case service needed is revised the demand for security of oneself, " request information is changed in demand for security in the territory, and this message comprises at least: the demand for security tabulation that needs upgrade to the local application server transmission; Local application server receives that " after the demand for security change request information, above-mentioned steps (2) is carried out in redirect in the territory;
(12) when the security capabilities that self provides will be provided local application server, send to business that " use the server security ability in the territory in and change request information, this message comprises at least: change and service security list of requirements that needs are consulted again; Business receives that " after using server security ability change request information in the territory, above-mentioned steps (8) is carried out in redirect.
When described method was used for business and is loaded on the local application server, professional and local application server carried out the process of security negotiation, the safe contract of signing.
Described method is used for service needed and uses and to reside in local application server, and this application server when signing other professional abilities of safe contract or resource, the process that the agency of other business---local application server---holds consultation in this business and the territory.
In order to achieve the above object, the implementation method that the present invention also provides third party's application server of a kind of business and different security domains to carry out security negotiation, when being used for service needed and using professional ability on third party's application server of different security domains or resource, the process of carrying out security negotiation between business and the third party's application server; At this moment, third party's business that professional ability or resource be provided with its resident third party's application server signed safe contract by security negotiation process in the territory, and by this third party's application server externally issue its professional ability or the resource that can provide; Its technical scheme is:
At first service needed to this business resident local application server initiate a request, overseas professional ability is used in request; If local application server is agreed this request, then intercept and capture this service security demand, and as agency and third party's business resident third party's application server carry out security negotiation between the territory, otherwise, the request of local application server refusal, business can not be used third-party professional ability; If consult successfully between two application servers as service agent and third party's service agent respectively, then set up secured session between these two application servers, then, two business begin to carry out session interaction, and behind mutual the end, discharge the secured session between the territory; Simultaneously, in security negotiation or session interaction process, either party business or application server all can be revised the safety requirements of oneself at any time and carry out the mutual of security message.
This method comprises following operating procedure:
(1) professional to local application server send " security negotiation request information between the territory; agree to use the permission of third party's professional ability to obtain local application server, this message comprises at least: the professional ability collection of this service identification, third party's service identification, third party's application server identifier and needs use;
(2) if local application server does not allow the professional overseas professional ability of using, then send " security negotiation is forbidden between the territory " to business, stop negotiations process, this message comprises at least: the announcement information that termination is consulted;
(3) if local application server allows the professional overseas professional ability of using, then send " security negotiation response between the territory " message to business, informing business can carry out security negotiation by local application server and third party's application server, and this message comprises at least: the announcement information of holding consultation;
(4) home server sends " security request report between the territory " message to third-party server, use resident professional ability thereon to the third-party server request, this message comprises at least: the professional ability collection that third party's service identification, third party's application server identifier and needs use; If third party's application server is accepted the request of local application server, then order is carried out subsequent step; Otherwise, redirect execution in step (9);
(5) third party's application server is beamed back " security request is reported successfully between the territory " message to home server; Local application server is responded " security request is reported successfully and confirmed between the territory " message, the successful foundation of secured session between the transmission representative domain of this message to third party's application server after receiving " security request is reported successfully between the territory " message; Wherein " security request is reported successfully between the territory " message comprises at least: to the professional third party's professional ability interface opened of requesting party, " security request is reported successfully and confirmed between the territory " message comprises at least: the affirmation information of setting up session;
(6) professional by the secured session between local application server and the third party's application server, carry out alternately with the third party's business that resides on third party's application server;
(7) after local and third-party two application servers are finished alternately, send " security negotiation removal request between the territory " message to the other side, request discharges the secured session of this foundation, and this message is wrapped number at least: the solicited message of security negotiation between the deletion territory;
(8) after this locality or third party's application server are received " security negotiation removal request between the territory " message that the other side sends, to the other side's loopback " security negotiation deletion response between the territory " message, delete the secured session of setting up in this negotiations process, simultaneously, both sides delete with this and consult relevant record, so far, finish this negotiations process; " security negotiation deletion response between the territory " message comprises at least: the affirmation information of security negotiation between the deletion territory;
(9) third party's application server is beamed back " security request report response between the territory " message to home server, and its parameter comprises at least: server identification that request is consulted and the tabulation of unacceptable security request;
(10) after local application server receives the message that third party's application server sends, check the wherein unappeasable security request tabulation of third party's application server, be higher than the ability to accept of local application server if find the priority of these unappeasable security attributes, then send " security request failure between the territory " message to third party's application server, declare this negotiation failure, this message comprises parameter: the announcement information of consulting failure; Be lower than the ability to accept of local application server if find these unappeasable security attribute priority, then local application server is revised the demand for security tabulation of oneself, and amended content sent to third-party server as " between the territory security request report " once more message, its parameter comprises at least: new security request tabulation;
(11) if third-party server is accepted amended demand for security tabulation, then redirect execution in step (5), otherwise, redirect execution in step (9); Till third-party server is received " security request is reported successfully and confirmed between the territory " message or " security request failure between the territory " message.
Described method perhaps in the session interaction process of having set up, further comprises following operating procedure in the process that professional and third party's application server are held consultation:
(12) in case the demand for security of service needed change oneself, immediately to local application server send " demand for security change request information between the territory, this message comprises at least: demand for security request list, third party's service identification and third party's application server identifier of needs renewal;
(13) if local application server is agreed change asks, then send " safety change response between the territory " message and carry out subsequent step with order to business, this message comprises at least: the announcement information of agreeing change; If local application server is disagreed with change request, then send " the safety change is forbidden between the territory " message to business, this message comprises at least: forbid the announcement information changed;
(14) " safety message is changed request information to local application server between the territory, and this message comprises at least: the demand for security tabulation that needs upgrade to the transmission of third party's application server;
(15) third party's application server is received " between the territory after the safety message change request information; checking wherein needs the demand for security tabulation changed, if receive the change request that local application server is sent, then above-mentioned steps (5) is carried out in redirect; otherwise above-mentioned steps (9) is carried out in redirect.
Described method perhaps in the reciprocal process of setting up secured session, further comprises following operating procedure in the process that professional and third party's application server are held consultation:
(16) when third party's application server need be changed the ability of oneself opening, to local application server send " security capabilities change request information between the territory, this message comprises at least: because change third party's professional ability and requesting party's service security demand of needs modification;
(17) local application server is received and " after the security capabilities change request information, the demand for security tabulation that wherein needs oneself to revise is checked that above-mentioned steps (10) is carried out in redirect between the territory.
In above-mentioned each step of described method, step (2), (3) and (13) are option, be security negotiation request between the local application server territory of can the transparent processing business sending, use overseas professional ability not impose any restrictions resident business thereon.
The present invention is a kind of in the next generation network service layer under the condition of open service ability, the method of holding consultation with regard to safety problem between business in same security domain or the different security domain and the application server also is a kind of method of holding consultation at the safety problem of field of telecommunications operation layer.Feature of the present invention is:
(1) the invention provides a kind of business and application server of allowing adopts fairly simple mode to consult the demand for security of self and the method for security capabilities each other.Be mainly reflected in: when professional and its resident local application server carried out information interaction, both sides must agree the other side's safety requirements; Professional when third party's open service ability, this business at first will be to the professional ability and the safety condition of local application server statement oneself; And before the third party uses, the third party also must be first and local application server hold consultation, satisfy the other side's safety requirements separately after, the professional ability of could successfully opening to the outside world.So fully guaranteed the safety of operation layer professional ability and data.
(2) message mechanism has been adopted in machinery of consultation of the present invention, defined a cover flexibly, message interaction process easily, make negotiations process simple, convenient, and can adapt to and satisfy the variation of demand for security in real time.Simultaneously, for the security negotiation between the different security domains, adopted multi-level machinery of consultation, promptly between local service, local application server, third party's application server and third party's business, carry out each more independently negotiations process respectively, as long as the not success of security negotiation of a certain level is arranged, just can finish overall negotiation process at once, simplify the negotiation flow process.
(3) flow process of machinery of consultation of the present invention is simple, flexibility is strong.The at first professional ability that can directly use application server to provide, and do not need the new hardware of extra exploitation, the complexity that can the increase system realize; Secondly, professional and application server all has bigger initiative separately, even application server is acted on behalf of in the process of holding consultation with the external world the professional demand for security that also can change oneself at any time as full powers; Communication process between them is more flexible, can the fast adaptation demand for security or the change of ability.
(4) flow process of machinery of consultation of the present invention is with good expansibility and versatility, not only can satisfy security negotiation requirement generally speaking, and, even when new business interface is provided, only need on the existing interface agreement, message to be done corresponding the expansion, also can not influence the definition and the functional interface of existing message.
Description of drawings
Fig. 1 is that the present invention's business and local application server carry out security negotiation and successfully set up the interacting message figure of the negotiations process of session interaction.
Fig. 2 is the implementation method flow chart of steps that the present invention is professional and local application server carries out security negotiation.
Fig. 3 be the present invention professional and not third party's business of same area carry out security negotiation and successfully set up the interacting message figure of the negotiations process of session interaction.
Fig. 4 is professional and third party's business of the same area implementation method flow chart of steps of carrying out security negotiation not of the present invention.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, the present invention is described in further detail below in conjunction with accompanying drawing.
In computer realm, the research emphasis of relevant negotiation mechanism is often paid close attention to two aspects, and the one, primary study is consulted bipartite repeatedly handshake procedure, does not involve in the security domain and the overseas negotiation that waits between other various levels; The 2nd, consult both sides and may describe factum by agency separately, still, in conventional system, agency's effect is passive often, also needs to design extra parts when realizing usually, increases the complexity of system.The latter especially is not suitable for having existed in the next generation network situation of application server.Because in next generation network, application server itself has bigger autonomy, and business is had certain control action, does not need extra reception and other agencies' of increase expense again.The present invention utilizes this feature development of application server to succeed in developing just.
The present invention is a kind of machinery of consultation that is used for the security capabilities of application server; just provide a kind of opening, extendible interface and consult flow process flexibly; business and the inside and outside application server of security domain can both be held consultation with regard to safety problem; so that after reaching an agreement; business can be visited this locality or open application server and/or the professional ability of third party, thus the various resources of protection operation layer.Therefore the present invention has two kinds of implementation methods that are respectively applied for different occasions, specifies it below respectively.
First kind is implementation method professional and that local application server carries out security negotiation, when being used for service needed and using professional ability on the local application server or resource, carry out the process of security negotiation between business and the local application server, so that protect the business in the same information security territory and the professional ability or the resource of application server; Its process is: the security attribute requirement that comprises private data and access control at least of service statement self, local application server then is provided by security capabilities that can provide and local service ability or the resource of being opened, both sides carry out the mutual of security message then, until consulting successfully or failing; If consult successfully, set up secured session between business and the local application server, beginning session interaction process, and behind mutual the end, discharge secured session; Simultaneously, in security negotiation or session interaction process, business or application server can be revised the safety requirements of oneself at any time by sending security negotiation message in the territory.
Referring to Fig. 1, to introduce the present invention's business and local application server and carry out the process that once safety consults just successfully to set up session, the concrete steps of its operating process are:
It is 1, professional that " security negotiation request information in the territory asks to carry out security negotiation to the local application server transmission;
2, local application server compares demand for security file in the request message and the security capabilities file of himself, if can not satisfy the service security demand fully, sends " security negotiation request response in the territory " message to business;
3, the professional demand for security information of revising according to the needs that carry in " security negotiation request response in the territory " message, check the demand for security that whether can revise wherein, if can, then carry out corresponding modification, then to local application server send " consult request information in the territory once more;
If 4 application servers receive amended result, send " security negotiation request success in the territory " message, informing business security negotiation success to business;
5, professional " the security negotiation request is successfully confirmed in the territory " message of replying, successfully set up the secured session between business and the application server this moment, and both can carry out secure interactive;
6, behind mutual the end, professional to local application server transmission " negotiation result removal request in the territory " message;
7, application server sends " negotiation result deletion response confirmation in the territory " message to business.
Referring to Fig. 2, introduce the concrete operations step (not comprising that here both sides change and delete the situation of security protocol midway) that business and local application server carry out the security negotiation process:
It is (1) professional that " security negotiation request information in the territory asks to carry out security negotiation to the local application server transmission; This message comprises at least: this service identification and this service security list of requirements;
(2) local application server is compared security capabilities file of self and the service security list of requirements that receives, if find to satisfy whole demands for security of this business, then order is carried out subsequent step; Otherwise, redirect execution in step (7);
(3) local application server sends " security negotiation request success in the territory " response message, informing business security negotiation success to business; After business is received, reply " the security negotiation request is successfully confirmed in the territory " message again, so far, successfully set up secured session between business and the local application server; Wherein " security negotiation request success in the territory " message comprises at least: confirm successful information and consult successful contract, " the security negotiation request is successfully confirmed in the territory " message comprises at least: consult the successful affirmation information of request;
(4) professional and local application server both sides carry out interactive sessions;
(5) after finishing interactive sessions, business or local application server send " negotiation result removal request in the territory " message to the other side, and with the secured session of this foundation of request release, the parameter of this message comprises at least: the solicited message of deletion negotiation result;
(6) after business or local application server are received " negotiation result removal request in the territory " message that the other side sends, to the other side's loopback " negotiation result deletion response in the territory " message, both sides delete with this and consult relevant record, and the parameter of this message comprises at least: the affirmation information of deletion negotiation result; So far, finish this negotiations process;
(7) local application server is compared security capabilities file of self and the service security list of requirements that receives, discovery can not be satisfied professional whole demands for security, send " security negotiation request response in the territory " message to business, this message comprises at least: the unappeasable demand for security tabulation of application server;
(8) after business is received " security negotiation request response in the territory " message, check the wherein unappeasable demand for security of local application server, if the priority of these demands for security is higher than professional ability to accept, then order is carried out subsequent step; If the priority of these demands for security is lower than professional ability to accept, then redirect execution in step (10);
(9) professional to local application server transmission " negotiation failure in the territory " message, announcement server is consulted failure; Message comprises at least should " to consult failure in the territory ": the service security attribute list that can not reach an agreement between business and the application server;
(10) the demand for security information of business modification oneself, and after amended result sent to local application server by " in the territory once more consult request ", redirect execution in step (2) receives " the security negotiation request is successfully confirmed in the territory " or " consulting failure in the territory " message until local application server; This message comprises at least: new demand for security tabulation.
If in the process that professional and local application server are held consultation, perhaps in the reciprocal process after connecting, when business or local application server need be revised the demand for security of oneself or the security capabilities that self provides is provided, this method further comprised following operating procedure:
(11) in case service needed is revised the demand for security of oneself, " request information is changed in demand for security in the territory, and this message comprises at least: the demand for security tabulation that needs upgrade to the local application server transmission immediately; Local application server receives that " after the demand for security change request information, above-mentioned steps (2) is carried out in redirect in the territory;
(12) when the security capabilities that self provides will be provided local application server, send to business immediately that " use the server security ability in the territory in and change request information, this message comprises at least: change and service security list of requirements that needs are consulted again; Business receives that " after using server security ability change request information in the territory, above-mentioned steps (8) is carried out in redirect.
When this method business of being mainly used in was loaded on the local application server, professional and local application server carried out security negotiation, signs the process of safe contract; Or be used for service needed and use and to reside in local application server and and this application server when signing other professional abilities of safe contract or resource, the process that the agency of other business---local application server---holds consultation in this business and the territory.
Second method of the present invention is professional implementation method of carrying out security negotiation with third party's application server of different security domains, when being used for the ability of the professional S2 on third party's application server S4 that professional S1 need use different security domains or resource, the process of carrying out security negotiation between professional S1 and the third party's application server S4; At this moment, the professional S2 of third party that professional ability or resource be provided with its resident third party's application server S4 signed safe contract by security negotiation process in the territory, and by this third party's application server S4 externally issue its ability or the resource of the professional S2 that can provide; Its implementation procedure is: at first professional S1 need to this business S1 resident local application server S3 initiate a request, the ability of overseas professional S2 is used in request; If local application server S3 agrees this request, then intercept and capture the demand for security of this business S1, and as agency and third party business S2 resident third party's application server S4 carry out security negotiation between the territory, otherwise, local application server S3 refuses request, and professional S1 can not use the ability of the professional S2 of third party; If consult successfully between two application server S3, the S4 as professional S1 agency and the professional S2 agency of third party respectively, then between these two application server S3, S4, set up a secured session, then, two professional S1, S2 begin to carry out alternately, and behind mutual the end, discharge secured session between the territory between two application server S3, the S4; Simultaneously, in security negotiation or session interaction process, either party professional S1 or S2, or application server S3 or S4 can revise the safety requirements of oneself at any time and carry out the mutual of security message.
Referring to Fig. 3, the business of introduction is carried out the reciprocal process that the process concrete operations step of session is successfully set up in security negotiation with third party's application server of different security domains: the professional third party's professional ability of using, at first to obtain the agreement of local application server, local application server and serve as professional separately agency respectively then with third party's application service that third party's business is signed with safe contract, be responsible for the negotiation of security capabilities between two business, comprising the change procedure of demand for security and the step of security negotiation deletion.Idiographic flow is as follows:
1, the third party is professional signs safe contract with third party's application server earlier, sends " security negotiation request information in the territory to third party's application server;
2, third party's application server is agreed negotiate content, to professional of third party " security negotiation request success in the territory " message;
3, professional " the security negotiation request is successfully confirmed in the territory " message, the so far safe establishment of contract of replying of third party;
4, professional to local application server transmission " security negotiation request information between the territory, the third-party professional ability of request use;
5, local application server is agreed service request, sends " security negotiation response between the territory " message to business;
6, local application server sends " security request report between the territory " message to third party's application server, proposes to use the request of professional ability to third party's application server;
7, third party's application server can not receive the request in " security negotiation report between the territory " fully, beams back " security request report response between the territory " message to local application server, lists the clause that wherein can not receive;
8, wherein part demand for security is revised in the local application server contrast, sends " security request report once more between the territory " message to third party's application server again;
9, third party's application server receives request, beams back " security request is reported successfully between the territory " message to local application server;
10, local application server is replied " security request is reported successfully and confirmed between the territory " message; So far, begin to carry out session interaction; If need the demand for security of change oneself professional this moment, then carry out subsequent operation;
11, the demand for security of professional change oneself sends " demand for security change request information between the territory to local application server;
12, local application server is agreed the change request, sends " safety change response between the territory " message to business;
13, local application server is agreed the change request, sends " safety message change request information between the territory to third party's application server again;
14, third-party server receives the change request, beams back " security request is reported successfully between the territory " message to home server; So far, two application servers carry out session interaction;
15, the mutual end, local application server sends " security negotiation removal request between the territory " message to third party's application server, this negotiate content of request deletion;
16, third party's application server is replied " security negotiation deletion response between the territory " message to local application server, simultaneously, deletes the secured session of setting up in this negotiations process.
Referring to Fig. 4, introduce the concrete operations step (not comprising that here both sides change and delete the situation of security protocol midway) that business and third party's application server carry out the security negotiation process:
It is (1) professional that " security negotiation request information between the territory agrees to use the permission of third party's professional ability to obtain local application server to the local application server transmission;
(2) local application server does not allow the professional overseas professional ability of using, and sends " security negotiation is forbidden between the territory " to business, stops negotiations process;
(3) local application server allows the professional overseas professional ability of using, and sends " security negotiation response between the territory " message to business;
(4) home server sends " security request report between the territory " message to third-party server, uses resident professional ability thereon to the third-party server request; If third party's application server is accepted the request of local application server, then order is carried out subsequent step; Otherwise, redirect execution in step (9);
(5) third party's application server is beamed back " security request is reported successfully between the territory " message to home server; After local application server is received, reply " security request is reported successfully and confirmed between the territory " message again, secured session is successfully set up between the territory;
(6) professional by the secured session between local application server and the third party's application server, carry out session interaction with the third party's business that resides on third party's application server;
(7) after finishing alternately, this locality or third party's application server send " security negotiation removal request between the territory " message to the other side, and request discharges the secured session of this foundation;
(8) after this locality or third party's application server received " security negotiation removal request between the territory " message that the other side sends, to the other side's loopback " security negotiation deletion response between the territory " message, both sides deleted with this and consult relevant record simultaneously;
(9) third party's application server is beamed back " security request report response between the territory " message to home server;
(10) after local application server receives the message that third party's application server sends, check the wherein unappeasable security request tabulation of third party's application server, and judge whether to contrast the demand for security of revising oneself;
Be higher than the ability to accept of local application server if find the priority of these unappeasable security attributes, then send " security request failure between the territory " message, declare this negotiation failure to third party's application server;
Be lower than the ability to accept of local application server if find these unappeasable security attribute priority, then local application server is revised the demand for security tabulation of oneself, and amended content sent redirect execution in step (4) as " between the territory security request report " once more message to third-party server.

Claims (10)

1, a kind of business and local application server carry out the implementation method of security negotiation, when being used for service needed and using professional ability on the local application server or resource, and the process of carrying out security negotiation between business and the local application server; It is characterized in that: the security attribute requirement that comprises private data and access control at least of service statement self, local application server then is provided by security capabilities that can provide and local service ability or the resource of being opened, both sides carry out the mutual of security message then, until consulting successfully or failing; If consult successfully, set up secured session between business and the local application server, beginning session interaction process, and behind mutual the end, discharge secured session; Simultaneously, in security negotiation or session interaction process, business or application server can be revised the safety requirements of oneself at any time by sending security negotiation message in the territory.
2, implementation method according to claim 1 is characterized in that: comprise following operating procedure:
It is (1) professional that " security negotiation request information in the territory asks to carry out security negotiation to the local application server transmission; This message comprises at least: this service identification and this service security list of requirements;
(2) local application server is compared security capabilities file of self and the service security list of requirements that receives, if find to satisfy whole demands for security of this business, then order is carried out subsequent step; Otherwise, redirect execution in step (7);
(3) local application server sends " security negotiation request success in the territory " response message, informing business security negotiation success to business; After business is received, reply " the security negotiation request is successfully confirmed in the territory " message again, so far, successfully set up secured session between business and the local application server; Wherein " security negotiation request success in the territory " message comprises at least: confirm successful information and consult successful contract, " the security negotiation request is successfully confirmed in the territory " message comprises at least: consult the successful affirmation information of request;
(4) professional and local application server both sides carry out interactive sessions;
(5) after finishing interactive sessions, business or local application server send " negotiation result removal request in the territory " message to the other side, and with the secured session of this foundation of request release, the parameter of this message comprises at least: the solicited message of deletion negotiation result;
(6) after business or local application server are received " negotiation result removal request in the territory " message that the other side sends, to the other side's loopback " negotiation result deletion response in the territory " message, both sides delete with this and consult relevant record, and the parameter of this message comprises at least: the affirmation information of deletion negotiation result; So far, finish this negotiations process;
(7) local application server is compared security capabilities file of self and the service security list of requirements that receives, discovery can not be satisfied professional whole demands for security, send " security negotiation request response in the territory " message to business, this message comprises at least: the unappeasable demand for security tabulation of application server;
(8) after business is received " security negotiation request response in the territory " message, check the wherein unappeasable demand for security of local application server, if the priority of these demands for security is higher than professional ability to accept, then order is carried out subsequent step; If the priority of these demands for security is lower than professional ability to accept, then redirect execution in step (10);
(9) professional to local application server transmission " negotiation failure in the territory " message, announcement server is consulted failure; Message comprises at least should " to consult failure in the territory ": the service security attribute list that can not reach an agreement between business and the application server;
(10) the demand for security information of business modification oneself, and after amended result sent to local application server by " in the territory once more consult request ", redirect execution in step (2) receives " the security negotiation request is successfully confirmed in the territory " or " consulting failure in the territory " message until local application server; This message comprises at least: new demand for security tabulation.
3, implementation method according to claim 2 is characterized in that: described method perhaps in the reciprocal process after connecting, further comprises following operating procedure in the process that professional and local application server are held consultation:
(11) in case service needed is revised the demand for security of oneself, " request information is changed in demand for security in the territory, and this message comprises at least: the demand for security tabulation that needs upgrade to the local application server transmission; Local application server receives that " after the demand for security change request information, above-mentioned steps (2) is carried out in redirect in the territory;
(12) when the security capabilities that self provides will be provided local application server, send to business that " use the server security ability in the territory in and change request information, this message comprises at least: change and service security list of requirements that needs are consulted again; Business receives that " after using server security ability change request information in the territory, above-mentioned steps (8) is carried out in redirect.
4, implementation method according to claim 1 is characterized in that: when described method was used for business and is loaded on the local application server, professional and local application server carried out the process of security negotiation, the safe contract of signing.
5, implementation method according to claim 1, it is characterized in that: described method is used for service needed and uses and to reside in local application server, and this application server when signing other professional abilities of safe contract or resource, the process that the agency of other business---local application server---holds consultation in this business and the territory.
6, third party's application server of a kind of business and different security domains implementation method of carrying out security negotiation, when being used for service needed and using professional ability on third party's application server of different security domains or resource, the process of carrying out security negotiation between business and the third party's application server; At this moment, third party's business that professional ability or resource be provided with its resident third party's application server signed safe contract by security negotiation process in the territory, and by this third party's application server externally issue its professional ability or the resource that can provide; It is characterized in that:
At first service needed to this business resident local application server initiate a request, overseas professional ability is used in request; If local application server is agreed this request, then intercept and capture this service security demand, and as agency and third party's business resident third party's application server carry out security negotiation between the territory, otherwise, the request of local application server refusal, business can not be used third-party professional ability; If consult successfully between two application servers as service agent and third party's service agent respectively, then set up secured session between these two application servers, then, two business begin to carry out session interaction, and behind mutual the end, discharge the secured session between the territory; Simultaneously, in security negotiation or session interaction process, either party business or application server all can be revised the safety requirements of oneself at any time and carry out the mutual of security message.
7, implementation method according to claim 6 is characterized in that: comprise following operating procedure:
(1) professional to local application server send " security negotiation request information between the territory; agree to use the permission of third party's professional ability to obtain local application server, this message comprises at least: the professional ability collection of this service identification, third party's service identification, third party's application server identifier and needs use;
(2) if local application server does not allow the professional overseas professional ability of using, then send " security negotiation is forbidden between the territory " to business, stop negotiations process, this message comprises at least: the announcement information that termination is consulted;
(3) if local application server allows the professional overseas professional ability of using, then send " security negotiation response between the territory " message to business, informing business can carry out security negotiation by local application server and third party's application server, and this message comprises at least: the announcement information of holding consultation;
(4) home server sends " security request report between the territory " message to third-party server, use resident professional ability thereon to the third-party server request, this message comprises at least: the professional ability collection that third party's service identification, third party's application server identifier and needs use; If third party's application server is accepted the request of local application server, then order is carried out subsequent step; Otherwise, redirect execution in step (9);
(5) third party's application server is beamed back " security request is reported successfully between the territory " message to home server; Local application server is responded " security request is reported successfully and confirmed between the territory " message, the successful foundation of secured session between the transmission representative domain of this message to third party's application server after receiving " security request is reported successfully between the territory " message; Wherein " security request is reported successfully between the territory " message comprises at least: to the professional third party's professional ability interface opened of requesting party, " security request is reported successfully and confirmed between the territory " message comprises at least: the affirmation information of setting up session;
(6) professional by the secured session between local application server and the third party's application server, carry out session interaction with the third party's business that resides on third party's application server;
(7) after local and third-party two application servers are finished alternately, send " security negotiation removal request between the territory " message to the other side, request discharges the secured session of this foundation, and this message is wrapped number at least: the solicited message of security negotiation between the deletion territory;
(8) after this locality or third party's application server are received " security negotiation removal request between the territory " message that the other side sends, to the other side's loopback " security negotiation deletion response between the territory " message, delete the secured session of setting up in this negotiations process, simultaneously, both sides delete with this and consult relevant record, so far, finish this negotiations process; " security negotiation deletion response between the territory " message comprises at least: the affirmation information of security negotiation between the deletion territory;
(9) third party's application server is beamed back " security request report response between the territory " message to home server, and its parameter comprises at least: server identification that request is consulted and the tabulation of unacceptable security request;
(10) after local application server receives the message that third party's application server sends, check the wherein unappeasable security request tabulation of third party's application server, be higher than the ability to accept of local application server if find the priority of these unappeasable security attributes, then send " security request failure between the territory " message to third party's application server, declare this negotiation failure, this message comprises parameter: the announcement information of consulting failure; Be lower than the ability to accept of local application server if find these unappeasable security attribute priority, then local application server is revised the demand for security tabulation of oneself, and amended content sent to third-party server as " between the territory security request report " once more message, its parameter comprises at least: new security request tabulation;
(11) if third-party server is accepted amended demand for security tabulation, then redirect execution in step (5), otherwise, redirect execution in step (9); Till third-party server is received " security request is reported successfully and confirmed between the territory " message or " security request failure between the territory " message.
8, implementation method according to claim 7 is characterized in that: described method perhaps in the reciprocal process of setting up secured session, further comprises following operating procedure in the process that professional and third party's application server are held consultation:
(12) in case the demand for security of service needed change oneself, to local application server send " demand for security change request information between the territory, this message comprises at least: demand for security request list, third party's service identification and third party's application server identifier of needs renewal;
(13) if local application server is agreed change asks, then send " safety change response between the territory " message and carry out subsequent step with order to business, this message comprises at least: the announcement information of agreeing change; If local application server is disagreed with change request, then send " the safety change is forbidden between the territory " message to business, this message comprises at least: forbid the announcement information changed;
(14) " safety message is changed request information to local application server between the territory, and this message comprises at least: the demand for security tabulation that needs upgrade to the transmission of third party's application server;
(15) third party's application server is received " between the territory after the safety message change request information; checking wherein needs the demand for security tabulation changed, if accept the change request that local application server is sent, then above-mentioned steps (5) is carried out in redirect; otherwise above-mentioned steps (9) is carried out in redirect.
9, implementation method according to claim 7 is characterized in that: described method perhaps in the reciprocal process of setting up secured session, further comprises following operating procedure in the process that professional and third party's application server are held consultation:
(16) when third party's application server need be changed the ability of oneself opening, to local application server send " security capabilities change request information between the territory, this message comprises at least: because change third party's professional ability and requesting party's service security demand of needs modification;
(17) local application server is received and " after the security capabilities change request information, the demand for security tabulation that wherein needs oneself to revise is checked that above-mentioned steps (10) is carried out in redirect between the territory.
10, according to claim 7 or 8 described implementation methods, it is characterized in that: in above-mentioned each step of described method, step (2), (3) and (13) are option, be security negotiation request between the local application server territory of can the transparent processing business sending, use overseas professional ability not impose any restrictions resident business thereon.
CNB2004101031130A 2004-12-31 2004-12-31 A security capability negotiation method for application server Expired - Fee Related CN100389584C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB2004101031130A CN100389584C (en) 2004-12-31 2004-12-31 A security capability negotiation method for application server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2004101031130A CN100389584C (en) 2004-12-31 2004-12-31 A security capability negotiation method for application server

Publications (2)

Publication Number Publication Date
CN1633127A true CN1633127A (en) 2005-06-29
CN100389584C CN100389584C (en) 2008-05-21

Family

ID=34848163

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2004101031130A Expired - Fee Related CN100389584C (en) 2004-12-31 2004-12-31 A security capability negotiation method for application server

Country Status (1)

Country Link
CN (1) CN100389584C (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009097801A1 (en) * 2008-02-02 2009-08-13 Huawei Technologies Co., Ltd. Method, terminal and server for version negotiation
CN101193432B (en) * 2006-11-21 2011-01-05 中兴通讯股份有限公司 Method and system for realizing mobile value-added secure service
CN101465853B (en) * 2008-12-19 2011-11-09 北京工业大学 Method for protecting privacy based on access control
CN104717131A (en) * 2015-02-13 2015-06-17 腾讯科技(深圳)有限公司 Information interaction method and server

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6647260B2 (en) * 1999-04-09 2003-11-11 Openwave Systems Inc. Method and system facilitating web based provisioning of two-way mobile communications devices
US6718388B1 (en) * 1999-05-18 2004-04-06 Jp Morgan Chase Bank Secured session sequencing proxy system and method therefor
US6609198B1 (en) * 1999-08-05 2003-08-19 Sun Microsystems, Inc. Log-on service providing credential level change without loss of session continuity
ATE457585T1 (en) * 2001-08-21 2010-02-15 Ericsson Telefon Ab L M A SECURE GATEWAY WITH PROXY-ENABLED SERVERS TO VERIFY SERVICE LEVEL AGREEMENTS (SLA).
CN1225133C (en) * 2002-12-27 2005-10-26 北京邮电大学 Method of opening control point business capacity of intelligent network service to the third party
US7526640B2 (en) * 2003-06-30 2009-04-28 Microsoft Corporation System and method for automatic negotiation of a security protocol

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101193432B (en) * 2006-11-21 2011-01-05 中兴通讯股份有限公司 Method and system for realizing mobile value-added secure service
WO2009097801A1 (en) * 2008-02-02 2009-08-13 Huawei Technologies Co., Ltd. Method, terminal and server for version negotiation
CN101465853B (en) * 2008-12-19 2011-11-09 北京工业大学 Method for protecting privacy based on access control
CN104717131A (en) * 2015-02-13 2015-06-17 腾讯科技(深圳)有限公司 Information interaction method and server
CN104717131B (en) * 2015-02-13 2017-09-15 腾讯科技(深圳)有限公司 Information interacting method and server
US10873640B2 (en) 2015-02-13 2020-12-22 Tencent Technology (Shenzhen) Company Limited Information exchange method and server

Also Published As

Publication number Publication date
CN100389584C (en) 2008-05-21

Similar Documents

Publication Publication Date Title
CN1178442C (en) Authentication system using network
CN1492656A (en) Method, device and system for sharing applied program conversation information on multichannels
CN1236593C (en) Intenet protocol based network service architecture
CN1947450A (en) System and method of managing connections with an available network
CN1308823C (en) Terminal device
CN1550113A (en) System and method for providing text information service
CN1197297C (en) A platform information switch
CN1238803C (en) Apparatus and method for synthesizing web browse business
CN1855832A (en) Conference system and terminal apparatus
CN1685395A (en) System and method for use of multiple applications
CN1404288A (en) Cellphone number and instant communication number bundling and cellphone state display method
CN1863052A (en) Remote-controlling system and method
CN1852094A (en) Method and system for protecting account of network business user
CN1867102A (en) Method for transmitting short message
CN1968123A (en) Automatic orchestration of dynamic multiple party, multiple media communications
CN1492637A (en) Meta service selector, meta service selector protocol, network access server and system
CN1947404A (en) An apparatus and method for aggregating web services
CN1658636A (en) Immediate voice communication method for implementing interactive of 3G network and internet
CN1183732C (en) Service system in network
CN1870636A (en) Method and system for client redirection
CN1921700A (en) Unanswered phone call treating method and communication system and user terminal
CN1225133C (en) Method of opening control point business capacity of intelligent network service to the third party
CN1633127A (en) A security capability negotiation method for application server
CN1615662A (en) Applet download in a communication system
CN1852294A (en) Method for improving virtual article data safety

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20080521

Termination date: 20121231