CN1855816A - First authentifaction method and system for mobile communication terminal - Google Patents

First authentifaction method and system for mobile communication terminal Download PDF

Info

Publication number
CN1855816A
CN1855816A CNA2006100009247A CN200610000924A CN1855816A CN 1855816 A CN1855816 A CN 1855816A CN A2006100009247 A CNA2006100009247 A CN A2006100009247A CN 200610000924 A CN200610000924 A CN 200610000924A CN 1855816 A CN1855816 A CN 1855816A
Authority
CN
China
Prior art keywords
mobile communication
communication terminal
access point
authentication
prior
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CNA2006100009247A
Other languages
Chinese (zh)
Other versions
CN100583763C (en
Inventor
申容雨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
LG Electronics China Research and Development Center Co Ltd
Original Assignee
LG Electronics China Research and Development Center Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by LG Electronics China Research and Development Center Co Ltd filed Critical LG Electronics China Research and Development Center Co Ltd
Publication of CN1855816A publication Critical patent/CN1855816A/en
Application granted granted Critical
Publication of CN100583763C publication Critical patent/CN100583763C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/062Pre-authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/0005Control or signalling for completing the hand-off
    • H04W36/0011Control or signalling for completing the hand-off for data sessions of end-to-end connection
    • H04W36/0033Control or signalling for completing the hand-off for data sessions of end-to-end connection with transfer of context information
    • H04W36/0038Control or signalling for completing the hand-off for data sessions of end-to-end connection with transfer of context information of security context information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/08Reselecting an access point

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Small-Scale Networks (AREA)

Abstract

The invention discloses a prior authentication method and system applied to mobile communication terminal. Mobile communication terminal need perform prior authentication before entering the adjacent access point, where the said mobile communication terminal makes a request to authentication server for prior authentication through the said adjacent access points. If the prior authentication is allowed, the said new access point sets the authentication information of the said mobile communication terminals to the state of prior authentication, and the said mobile communication terminals is informed of prior authentication successful, it relieves the connection with formerly access point, subsequently links with the said new access point and transmits/receives data each other. When mobile communication terminal is moving around wireless local LANs or mobile communication net enters into wireless local LANs, this invention can reduce the needless signals by utilizing prior authentication obtained from adjacent access point, where authentication server manages the state of mobile communication terminal.

Description

The first authentifaction method of mobile communication terminal and system
Technical field
The present invention relates to the first authentifaction method and the system of mobile communication terminal, particularly relate to a kind of first authentifaction method and system that between the wireless local local area network (LAN), moves or enter the mobile communication terminal of wireless local local area network (LAN) from mobile radio communication.
Background technology
Recently, except that the current mobile radio communication that service is being provided, develop a kind of public wireless local local area network (LAN) that is used to cover specific wireless data traffic larger area, and advance rapidly in the process of commercialization.
Generally speaking, the wireless local local area network (LAN) is meant between computer and computer, or between computer and other communication system, utilizes electric wave (RF:Radio Frequency) or the wireless local area network (LAN) that carries out data transmit-receive of light.The particularly main both at home and abroad wireless local local area network (LAN) that uses uses the frequency of 2.4GHz wave band now, serves as the main service that constantly enlarges with the IEEE 802.11b standard of maximum transfer rate 11Mbps.In this wireless local local area network (LAN), in order to carry out authentification of user, used IEEE 802.1x, used " EAP-MD5/TLS/TTLS " to wait as the authentication protocol between radio zone.Wherein, the mode of information such as authentication protocol use input address name (ID), password/certificate of certification between radio zone.
When utilizing this wireless local local area network (LAN) to use real-time application, mobile communication terminal obtains service after carrying out authenticating step.
; such as when using the services in real time such as voice (Voice over IP:VoIP) service of internet protocol-based; if mobile communication terminal handover/roaming or from mobile radio communication handover/roam to the wireless local local area network (LAN) between the wireless local local area network (LAN) then needs to carry out again authenticating step.Therefore, because this authenticating step, the middle situation that service disruption takes place causes service quality (Quality ofService:Qos) to descend.In order to address this is that, prior authentication (pre-authentication) mode has been proposed, with reference to the accompanying drawings, this prior authentication mode is described.
Fig. 1 is the structured flowchart that carries out the required system of mobile communication terminal authentication in advance in the existing wireless local local area network (LAN).
As shown in Figure 1, current mobile communication terminal 10 is in the state that is connected in the 1st access point (AP1) 21 and obtains service.At this moment, when handovers take place for mobile communication terminal 10, when attempting to be connected with the 2nd access point (AP2) 22, mobile communication terminal 10 needs the authentication of access authentication server 30 in order to be connected with the 2nd access point 22.Therefore, mobile communication terminal 10 is connected required prior authentication for carrying out with the 2nd access point 22, from the prior authentication-related information of the 1st access point 21 acquisitions of original connection.And mobile communication terminal 10 is given the 1st access point 21 message transmission of relevant the 2nd access point 22.
Even as above use prior authentication mode, still can append signaling, correspondingly cause postponing with the connect hours of the 2nd new access point 22.Therefore, in requiring real-time service,, cause being difficult to providing smoothly service because of service delay or data loss etc.
And, in certificate server, be not used in the information of the mobile communication terminal in mobile communication terminal that difference authenticates in advance and actual the use, so, can't distinguish particular terminal and be in prior authentication state or be in actual user mode.Therefore, if certificate server by the charge of time unit, then can duplicate the hidden danger of charge.
In addition, when certificate server is not supported multiple login (Log in) to a user, also can't authenticate in advance.
Summary of the invention
Therefore, the object of the present invention is to provide and a kind ofly moving between the wireless local local area network (LAN) or when mobile radio communication enters the wireless local local area network (LAN), utilizing adjacent new access point to authenticate required method and system in advance when mobile communication terminal.
For achieving the above object, method of the present invention is as the first authentifaction method when mobile communication terminal enters neighboring access points, it is characterized in that comprising following several steps: above-mentioned mobile communication terminal is by above-mentioned neighboring access points, to the step of the prior authentication of certificate server request; If above-mentioned new access point is permitted above-mentioned prior authentication, then the authentication information of above-mentioned mobile communication terminal is set to prior authentication state, notifies the step of prior authentication success to above-mentioned mobile communication terminal; Above-mentioned mobile communication terminal releasing is connected with former access point, carries out step of connecting with above-mentioned new access point; Above-mentioned mobile communication terminal and above-mentioned new access point receive the step that sends data.
For achieving the above object, system of the present invention is as authenticate required system in advance when mobile communication terminal enters neighboring access points, it is characterized in that comprising following several sections: above-mentioned mobile communication terminal, it authenticates in advance by above-mentioned new access point request, if authenticate licensed, then before removing, after the connection of access point, be connected, receive with above-mentioned new access point and send data with above-mentioned new access point; Above-mentioned new access point, if above-mentioned prior authentication is licensed, the authentication information of the above-mentioned mobile communication terminal of above-mentioned new access point is set to prior authentication state, notifies prior authentication success to above-mentioned mobile communication terminal; Certificate server, if receive the request of prior authentication from above-mentioned mobile communication terminal, it judges whether to permit prior authentication.
Adopt the present invention, when mobile communication terminal is moving between the wireless local local area network (LAN) or when mobile radio communication enters the wireless local local area network (LAN), utilize adjacent new access point to obtain authentication in advance, therefore certificate server can manage the state of above-mentioned mobile communication terminal, reduces unnecessary signaling.
Describe the present invention below in conjunction with the drawings and specific embodiments, but not as a limitation of the invention.
Description of drawings
Fig. 1 is the structured flowchart that carries out the required system of mobile communication terminal authentication in advance in the existing wireless local local area network (LAN);
Fig. 2 is the structured flowchart of the required system of mobile communication system authentication in advance of the embodiment of the invention;
Fig. 3 is the flow chart that the mobile communication terminal of the embodiment of the invention is carried out prior authenticating step when entering the wireless local local area network (LAN).
Wherein, Reference numeral:
22: the 2 access points of 21: the 1 access points
30: certificate server 110: mobile communication terminal
122: the 2 access points of 121: the 1 access points
130: certificate server
Embodiment
With reference to the accompanying drawings, describe useful embodiment of the present invention in detail.It should be noted that in the following description only the required part of action and effect of the present invention is understood in explanation, the explanation of part is omitted in addition, to prevent to obscure main idea of the present invention.
In an embodiment of the present invention, mobile communication terminal is authenticated required method during handover/roaming in advance between the wireless local local area network (LAN) describe, before the method explanation, explanation is authenticated in advance the structure of required wireless local local area network (LAN).It should be noted that wherein first authentifaction method is not only applicable to the situation of mobile communication terminal handover/roaming between the wireless local local area network (LAN), and, be suitable for too from the situation of mobile radio communication handover/roam to wireless local local area network (LAN).
Fig. 2 is the structured flowchart of the required system of mobile communication system authentication in advance of the embodiment of the invention.
As above-mentioned shown in Figure 2, the wireless local local area network (LAN) by with access point (the Access Point:AP1 of mobile communication terminal 110 wireless connections, AP2) 121,122, carry out above-mentioned mobile communication terminal 110 authentications and constitute with the certificate server (RADIUS Server) 130 of above-mentioned access point 121,122 wired connections.
Prior authentication and actual user mode that above-mentioned certificate server 130 is preserved mobile communication terminal 110.
Above-mentioned mobile communication terminal 110 becomes prior authentication state to certificate server 130 authentication attempts after success, if realize transceive data later on, then become actual user mode.
With reference to the accompanying drawings, illustrate in having the wireless local local area network (LAN) of as above structure, when mobile communication terminal is mobile between the wireless local local area network (LAN), authenticate required method in advance.
Fig. 3 is the flow chart that the mobile communication terminal of the embodiment of the invention is carried out prior authenticating step when entering the wireless local local area network (LAN).
In 300 steps, the 1st access point 121 in mobile communication terminal 110 and current the connection receives and sends voice and bag data.At this moment, in 310 steps, if above-mentioned mobile communication terminal 110 enters, that is, be handed off to adjacent wireless local local area network (LAN), then mobile communication terminal 110 need be from certificate server 130 access authentications.Have only access authentication, mobile communication terminal 110 could be connected with the access point of above-mentioned wireless local local area network (LAN), receives continuously to send data.
Above-mentioned mobile communication terminal 110 is near behind above-mentioned the 2nd access point 122, and in 320 steps, above-mentioned mobile communication terminal 110 transmits the prior authentication request message that is used to authenticate in advance to above-mentioned the 2nd access point 122.So, in 325 steps, after the 2nd access point 122 is confirmed prior authentication request message, prior authentication request message is transferred to certificate server 130.So certificate server 130 is confirmed the prior authentication request message of above-mentioned reception, judge whether to permit the prior authentication of above-mentioned mobile communication terminal 110.
In 330 steps, when prior authentication is licensed, after the 2nd access point 122 receives prior authentication success message from above-mentioned certificate server 130, in 335 steps, to the prior authentication success message of mobile communication terminal 110 transmission.Behind this prior authentication success, in 336 steps, above-mentioned the 2nd access point 122 and the mobile communication terminal 110 of certificate server 130 at prior authentication success are the terminal authentication information setting prior authentication state.
In 340 steps, the mobile communication terminal 110 that obtains above-mentioned prior authentication transmits the releasing connection message in order to disconnect with the connection of current the 1st access point 121 that is connected, and in 350 steps, transmits the request connection message in order to be connected with the 2nd access point 122.
In 360 steps, mobile communication terminal 110 receives to connect from above-mentioned the 2nd access point 122 finishes message.At this moment, in 365 steps, whether the above-mentioned mobile communication terminal 110 that obtains authentication in advance before the 2nd access point 122 is confirmed is the actual terminals used of beginning.
In 370 steps, the 2nd access point 122 is finished along with connection and is received the transmission data.At this moment, in 375 steps, above-mentioned the 2nd access point 122 is used to notify above-mentioned mobile communication terminal 110 whether to be in the actual user mode message of actual user mode to certificate server 130 transmission.So in 376 steps, the authentication information of certificate server 130 above-mentioned mobile communication terminals 110 is set to actual user mode.
In sum, the present invention has following effect, promptly, when mobile communication terminal is moving between the wireless local local area network (LAN) or when mobile radio communication enters the wireless local local area network (LAN), utilize adjacent new access point to obtain authentication in advance, therefore certificate server can manage the state of above-mentioned mobile communication terminal, reduces unnecessary signaling.
Certainly; the present invention also can have other various embodiments; under the situation that does not deviate from spirit of the present invention and essence thereof; those of ordinary skill in the art work as can make various corresponding changes and distortion according to the present invention, but these corresponding changes and distortion all should belong to the protection range of the appended claim of the present invention.

Claims (8)

1. the first authentifaction method of a mobile communication terminal, the first authentifaction method at when mobile communication terminal enters adjacent new access point is characterized in that, comprises following several steps:
Described mobile communication terminal is by above-mentioned neighboring access points, to the step of the prior authentication of certificate server request;
If described new access point is permitted described prior authentication, then the authentication information of described mobile communication terminal is set to prior authentication state, notifies the step of prior authentication success to described mobile communication terminal;
Described mobile communication terminal releasing is connected with former access point, carries out step of connecting with described new access point;
Described mobile communication terminal and described new access point receive the step that sends data.
2. the first authentifaction method of mobile communication terminal according to claim 1 is characterized in that, also comprises following several steps:
Send data if described new access point and described mobile communication terminal receive, then confirm the step of the actual use of described mobile communication terminal;
Described new access point is in the step of the message transmission of actual user mode to described certificate server to the described mobile communication terminal of expression.
3. the first authentifaction method of mobile communication terminal according to claim 2 is characterized in that, also comprises: the authentication information of the described mobile communication terminal of described certificate server is set to the step of actual user mode.
4. the first authentifaction method of mobile communication terminal according to claim 1 is characterized in that, also comprises: if described prior authentication is licensed, the authentication information of the described mobile communication terminal of described certificate server is set to the step of prior authentication state.
5. the prior Verification System of a mobile communication terminal at authenticate required system in advance when mobile communication terminal enters adjacent new access point, is characterized in that, comprises following several sections:
Mobile communication terminal authenticates in advance by described new access point request, if authenticate licensed, then remove with being connected of access point in the past after, be connected with described new access point, with described new access point reception transmission data;
New access point, if described prior authentication is licensed, the authentication information of the described mobile communication terminal of described new access point is set to prior authentication state, notifies prior authentication success to described mobile communication terminal;
Certificate server if receive the request of prior authentication from described mobile communication terminal, then judges whether to permit prior authentication.
6. the prior Verification System of mobile communication terminal according to claim 5 is characterized in that, if described prior authentication is licensed, the authentication information of the described mobile communication terminal of then described certificate server is set to prior authentication state.
7. the prior Verification System of mobile communication terminal according to claim 5, it is characterized in that, if receiving, described new access point and described mobile communication terminal send data, then confirm the actual use of described mobile communication terminal, the message transmission that the described mobile communication terminal of expression is in actual user mode is given described certificate server.
8. the prior Verification System of mobile communication terminal according to claim 7, it is characterized in that, if described certificate server receives the information of the described actual user mode of expression, then the authentication information of described mobile communication terminal is set to actual user mode.
CN200610000924A 2005-04-30 2006-01-12 First authentification method and system for mobile communication terminal Expired - Fee Related CN100583763C (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020050036509A KR100619998B1 (en) 2005-04-30 2005-04-30 Method and system for in mobile communication station
KR1020050036509 2005-04-30

Publications (2)

Publication Number Publication Date
CN1855816A true CN1855816A (en) 2006-11-01
CN100583763C CN100583763C (en) 2010-01-20

Family

ID=37195687

Family Applications (1)

Application Number Title Priority Date Filing Date
CN200610000924A Expired - Fee Related CN100583763C (en) 2005-04-30 2006-01-12 First authentification method and system for mobile communication terminal

Country Status (2)

Country Link
KR (1) KR100619998B1 (en)
CN (1) CN100583763C (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100998704B1 (en) * 2008-12-08 2010-12-07 경북대학교 산학협력단 High speed handover method in the wireless LAN having a plurality of mobility domain

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3870081B2 (en) 2001-12-19 2007-01-17 キヤノン株式会社 COMMUNICATION SYSTEM AND SERVER DEVICE, CONTROL METHOD, COMPUTER PROGRAM FOR IMPLEMENTING THE SAME, AND STORAGE MEDIUM CONTAINING THE COMPUTER PROGRAM
KR20030052775A (en) * 2001-12-21 2003-06-27 아이피원(주) Method for protecting cutting off data stream transmission at authentication in WLAN
JP2003198557A (en) 2001-12-26 2003-07-11 Nec Corp Network, and wireless lan authenticating method to be used therefor
KR100882431B1 (en) * 2002-06-25 2009-02-05 주식회사 케이티 A Method of reducing authentication delay for mobile host by simplified authentication token

Also Published As

Publication number Publication date
KR100619998B1 (en) 2006-09-06
CN100583763C (en) 2010-01-20

Similar Documents

Publication Publication Date Title
US8078175B2 (en) Method for facilitating a handover of a communication device, communication device, application server for facilitating a handover of a communication device, and communication system arrangement
AU2005236981B2 (en) Improved subscriber authentication for unlicensed mobile access signaling
US7864732B2 (en) Systems and methods for handoff in wireless network
EP2658301B1 (en) Non-mobile authentication for mobile network gateway connectivity
US8199720B2 (en) Method for handover between heterogenous radio access networks
KR101538005B1 (en) Data stream transmission method and related device and system
EP1597866B1 (en) Fast re-authentication with dynamic credentials
EP1693995B1 (en) A method for implementing access authentication of wlan user
CN102006646B (en) Switching method and equipment
CN1505314A (en) A method for fast, secure 802.11 re-association without additional authentication, accounting, and authorization infrastructure
US20090290556A1 (en) Wireless network handover with single radio operation
US20050025182A1 (en) Systems and methods using multiprotocol communication
US8891498B2 (en) Method for wireless network re-selection in a plurality of networks environment
JP4557968B2 (en) Tight coupling signaling connection management for connecting wireless and cellular networks
CN1604520A (en) Control method for wireless communication system, wireless communication device, base station, and authentication device in communication system
EP1424810B1 (en) A communication system and method of authentication therefore
WO2004084463A3 (en) Method and apparatus for performing a handoff in an inter-extended service set (i-ess)
WO2008110432A1 (en) Method and arrangement for the composition of a first and a second communication access network
CA2583182C (en) Reducing handoff latency for a mobile station
CN100583763C (en) First authentification method and system for mobile communication terminal
CN103067993B (en) Wireless terminal and make its method switched between two kinds of wireless networks
KR100623291B1 (en) Handoff system for relating cdma2000 with portable internet and method therof
KR100623292B1 (en) Method for handoff of relation from portable internet to cdma2000 network
Mathonsi Optimized handoff and secure roaming model for wireless networks
Prajapati et al. Design and deployment of Wi-Fi service inside running metro trains

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20100120

Termination date: 20110112