EP1634425A1 - Procede et dispositif pour construire un message crypte contenant des donnees de configuration de communication et pour decrypter un tel message - Google Patents

Procede et dispositif pour construire un message crypte contenant des donnees de configuration de communication et pour decrypter un tel message

Info

Publication number
EP1634425A1
EP1634425A1 EP04766057A EP04766057A EP1634425A1 EP 1634425 A1 EP1634425 A1 EP 1634425A1 EP 04766057 A EP04766057 A EP 04766057A EP 04766057 A EP04766057 A EP 04766057A EP 1634425 A1 EP1634425 A1 EP 1634425A1
Authority
EP
European Patent Office
Prior art keywords
communication
communication unit
configuration data
message
unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP04766057A
Other languages
German (de)
English (en)
Inventor
Jorge Cuellar
Hannes Tschofenig
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nokia Solutions and Networks GmbH and Co KG
Original Assignee
Siemens AG
Nokia Siemens Networks GmbH and Co KG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens AG, Nokia Siemens Networks GmbH and Co KG filed Critical Siemens AG
Publication of EP1634425A1 publication Critical patent/EP1634425A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]

Definitions

  • a device for forming an encrypted message which encrypted message communication
  • the TTLS server computer 203 Upon receipt of the RADIUS access request message 207, the TTLS server computer 203 forms and transmits a RADIUS access challenge message 208 with the EAP request / TTLS start parameter to the access point node computer 202.
  • the EAP-based authentication method is designed according to the PANA method as described in [17].
  • the request and the response to receive the communication configuration data is cryptographically protected by the MAC payload, which is implemented by a keyde message digest function.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Selon l'invention, une paire de clés cryptographique est formée (226) au moyen d'un procédé d'authentification fondé sur Internet et utilisée pour la transmission (230), sécurisée de façon cryptographique, de données de configuration de communication d'une première unité de communication à une seconde unité de communication.
EP04766057A 2003-06-18 2004-06-17 Procede et dispositif pour construire un message crypte contenant des donnees de configuration de communication et pour decrypter un tel message Withdrawn EP1634425A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE10327610 2003-06-18
PCT/EP2004/051153 WO2005004433A1 (fr) 2003-06-18 2004-06-17 Procede et dispositif pour construire un message crypte contenant des donnees de configuration de communication et pour decrypter un tel message

Publications (1)

Publication Number Publication Date
EP1634425A1 true EP1634425A1 (fr) 2006-03-15

Family

ID=33559730

Family Applications (1)

Application Number Title Priority Date Filing Date
EP04766057A Withdrawn EP1634425A1 (fr) 2003-06-18 2004-06-17 Procede et dispositif pour construire un message crypte contenant des donnees de configuration de communication et pour decrypter un tel message

Country Status (3)

Country Link
US (1) US20070101132A1 (fr)
EP (1) EP1634425A1 (fr)
WO (1) WO2005004433A1 (fr)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7983418B2 (en) * 2004-04-23 2011-07-19 Telefonaktiebolaget Lm Ericsson (Publ) AAA support for DHCP
US20060002557A1 (en) * 2004-07-01 2006-01-05 Lila Madour Domain name system (DNS) IP address distribution in a telecommunications network using the protocol for carrying authentication for network access (PANA)
KR100651716B1 (ko) * 2004-10-11 2006-12-01 한국전자통신연구원 Diameter 기반 프로토콜에서 모바일 네트워크의부트스트랩핑 방법 및 그 시스템
US8539559B2 (en) 2006-11-27 2013-09-17 Futurewei Technologies, Inc. System for using an authorization token to separate authentication and authorization services
US8099597B2 (en) 2007-01-09 2012-01-17 Futurewei Technologies, Inc. Service authorization for distributed authentication and authorization servers
CN101247356B (zh) * 2007-02-13 2011-02-16 华为技术有限公司 Dhcp消息传送的方法及系统
US8285990B2 (en) * 2007-05-14 2012-10-09 Future Wei Technologies, Inc. Method and system for authentication confirmation using extensible authentication protocol
US8341702B2 (en) * 2007-11-01 2012-12-25 Bridgewater Systems Corp. Methods for authenticating and authorizing a mobile device using tunneled extensible authentication protocol
CN101917398A (zh) * 2010-06-28 2010-12-15 北京星网锐捷网络技术有限公司 一种客户端访问权限控制方法及设备
US10225138B2 (en) * 2016-02-16 2019-03-05 Architecture Technology Corporation Scalable and automated network-parameter assignment
US10932131B2 (en) * 2016-08-03 2021-02-23 Nokia Solutions And Networks Oy Service provisioning by local operator
US11456921B2 (en) * 2019-04-29 2022-09-27 Ncr Corporation Self-contained microservice platform

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5790548A (en) * 1996-04-18 1998-08-04 Bell Atlantic Network Services, Inc. Universal access multimedia data network
US20020174335A1 (en) * 2001-03-30 2002-11-21 Junbiao Zhang IP-based AAA scheme for wireless LAN virtual operators
US20030084287A1 (en) * 2001-10-25 2003-05-01 Wang Huayan A. System and method for upper layer roaming authentication
US7961884B2 (en) * 2002-08-13 2011-06-14 Ipass Inc. Method and system for changing security information in a computer network
US7788705B2 (en) * 2002-08-12 2010-08-31 Mcafee, Inc. Fine grained access control for wireless networks
WO2004110026A1 (fr) * 2003-06-05 2004-12-16 Wireless Security Corporation Procedes et systemes d'authentification a distance pour reseaux informatiques

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2005004433A1 *

Also Published As

Publication number Publication date
US20070101132A1 (en) 2007-05-03
WO2005004433A1 (fr) 2005-01-13

Similar Documents

Publication Publication Date Title
DE60209858T2 (de) Verfahren und Einrichtung zur Zugriffskontrolle eines mobilen Endgerätes in einem Kommunikationsnetzwerk
DE60121393T2 (de) Schlüsselverwaltungsverfahren für drahtlose lokale Netze
DE102006038592B4 (de) Verfahren und Anordnung zum Bereitstellen eines drahtlosen Mesh-Netzwerks
DE60223951T2 (de) System, Apparat und Methode zur SIM basierten Authentifizierung und Verschlüsselung beim Zugriff auf ein drahtloses lokales Netz
DE102006038591B4 (de) Verfahren und Anordnung zum Bereitstellen eines drahtlosen Mesh-Netzwerks
DE60302882T2 (de) Sicherheitsübertragungsprotokoll für ein mobilitäts-ip-netzwerk
DE69925732T2 (de) Mobiltelefon mit eingebauter Sicherheitsfirmware
EP1529374B1 (fr) Procede et systeme d'authentification gsm pour une itinerance wlan
EP2052517B1 (fr) Procédé et système pour la mise à disposition d'une clé d'accès spécifique
DE60313445T2 (de) Apparat und Methode für eine Authentisierung mit einmaliger Passworteingabe über einen unsicheren Netzwerkzugang
DE102006004868B4 (de) Verfahren und Server zum Bereitstellen eines Mobilitätsschlüssels
EP1943856B1 (fr) Serveur et procede pour fournir une cle de mobilite
EP1770940A1 (fr) Procédé et dispositif pour établir une connexion de communication entre un dispositif mobile et un réseau
DE102006031870B4 (de) Verfahren und System zum Bereitstellen eines Mobile IP Schlüssels
DE102006060040B4 (de) Verfahren und Server zum Bereitstellen einer geschützten Datenverbindung
US20080137863A1 (en) Method and system for using a key management facility to negotiate a security association via an internet key exchange on behalf of another device
WO2007051793A1 (fr) Forçage de l'ip mobile proxy (pmip) a la place de l'ip mobile client (cmip) de maniere specifique a l'abonne
US20070157305A1 (en) Controlling the number of internet protocol security (IPsec) security associations
EP1634425A1 (fr) Procede et dispositif pour construire un message crypte contenant des donnees de configuration de communication et pour decrypter un tel message
DE102017210721A1 (de) Verfahren und Kommunikationssystem zum effizienten Aufbau einer sicheren Datenverbindung zwischen einem Client-Rechner und einem Server-Rechner
CH694678A5 (de) Verfahren und System für GSM-Authentifizierung bei WLAN Roaming.
Korhonen et al. Diameter mobile IPv6: Support for home agent to diameter server interaction
DE60215978T2 (de) Verfahren und Einrichtung zur Zugriffskontrolle eines mobilen Endgerätes in einem Kommunikationsnetzwerk
Froihofer A survey of WLAN security with focus on HotSpot and enterprise environments
DE102004008764A1 (de) Verfahren und System zum transparenten und sicheren Verbinden eines WLAN-Funkzugangsnetzwerks mit einem GPRS/GSM-Kernnetzwerk

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20051111

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PL PT RO SE SI SK TR

DAX Request for extension of the european patent (deleted)
RIN1 Information on inventor provided before grant (corrected)

Inventor name: CUELLAR, JORGE

Inventor name: TSCHOFENIG, HANNES

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: NOKIA SIEMENS NETWORKS GMBH & CO. KG

RAP3 Party data changed (applicant data changed or rights of an application transferred)

Owner name: NOKIA SIEMENS NETWORKS S.P.A.

RAP3 Party data changed (applicant data changed or rights of an application transferred)

Owner name: NOKIA SIEMENS NETWORKS GMBH & CO. KG

17Q First examination report despatched

Effective date: 20080128

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20080610