JP5572314B2 - 無線携帯インターネットシステムにおける端末保安関連パラメター交渉方法 - Google Patents
無線携帯インターネットシステムにおける端末保安関連パラメター交渉方法 Download PDFInfo
- Publication number
- JP5572314B2 JP5572314B2 JP2008501797A JP2008501797A JP5572314B2 JP 5572314 B2 JP5572314 B2 JP 5572314B2 JP 2008501797 A JP2008501797 A JP 2008501797A JP 2008501797 A JP2008501797 A JP 2008501797A JP 5572314 B2 JP5572314 B2 JP 5572314B2
- Authority
- JP
- Japan
- Prior art keywords
- authentication
- terminal
- message
- bit
- bits
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Mobile Radio Communication Systems (AREA)
Description
Claims (14)
- 通信システムの端末が保安能力を交渉する方法において、
前記端末が支援可能なPKM(privacy key management)バージョンを示すPKMバージョン支援(PKM version support)情報、前記端末が支援可能な認証ポリシーを示す認証ポリシー支援(authorization policy support)情報、前記端末が支援可能なメッセージ認証コード方式(message authentication code mode)を示すメッセージ認証コード方式情報、および前記端末が支援可能なPN(packet number)ウィンドウサイズ(PN window size)を示すPNウィンドウサイズ情報を含む要請メッセージを生成する段階と、
前記要請メッセージを基地局に伝送する段階とを含み、
前記認証ポリシー支援情報は、複数のビットを含み、
前記認証ポリシー支援情報の前記複数のビットのうちの一つのビットは、再接続手続でのEAP基盤認証の支援の有無を示し、
前記認証ポリシー支援情報の前記複数のビットが全て0である場合、前記EAP基盤認証とRSA基盤認証が支援されないことを示す
ことを特徴とする方法。 - 前記要請メッセージは、SBC−REQ(subscriber station basic apability request)メッセージであることを特徴とする請求項1に記載の方法。
- 前記PKMバージョン支援情報は、前記端末がPKMバージョン2を支援するか否かに関する情報を含むことを特徴とする請求項1または2に記載の方法。
- 前記認証ポリシー支援情報の前記複数のビットのうちの一つのビットは、再接続手続でのEAP基盤認証の支援の有無を示すことを特徴とする請求項1または2に記載の方法。
- 前記メッセージ認証コード方式情報は、複数のビットを含み、
前記複数のビットのうちの一つのビットは、CMAC(Cipher−based Message Authentication Code)の支援の有無を示し、
前記複数のビットが全て0である場合、前記メッセージ認証コード方式情報は、メッセージ認証コードが適用されないことを示すことを特徴とする請求項1または2に記載の方法。 - 前記複数のビットのうちの他の一つのビットは、前記端末がHMAC(Hashed Message Authentication Code)の支援の有無を示すことを特徴とする請求項5に記載の方法。
- 前記PNウィンドウサイズ情報は、セキュリティ アソシエーションIDごとの受信PNウィンドウサイズのケイパビリティを示す情報であることを特徴とする請求項1または2に記載の方法。
- 通信システムの基地局が保安能力を交渉する方法において、
端末と交渉したPKM(privacy key management)バージョンを示すPKMバージョン支援(PKM version support)情報、前記端末と交渉した認証ポリシーを示す認証ポリシー支援(authorization policy support)情報、前記端末と交渉したメッセージ認証コード方式(message authentication code mode)を示すメッセージ認証コード方式情報、および前記端末と交渉したPN(packet number)ウィンドウサイズ(PN window size)を示すPNウィンドウサイズ情報を含む応答メッセージを生成する段階と、
前記応答メッセージを端末に伝送する段階とを含み、
前記認証ポリシー支援情報は、複数のビットを含み、
前記認証ポリシー支援情報の前記複数のビットのうちの一つのビットは、再接続手続でのEAP基盤認証の支援の有無を示し、
前記認証ポリシー支援情報の前記複数のビットが全て0である場合、前記EAP基盤認証とRSA基盤認証が支援されないことを示す
ことを特徴とする方法。 - 前記応答メッセージは、SBC−RSP(subscriber station basic capability request)メッセージであることを特徴とする請求項8に記載の方法。
- 前記PKMバージョン支援情報は、前記基地局がPKMバージョン2を支援するか否かに関する情報を含むことを特徴とする、請求項8または9に記載の方法。
- 前記認証ポリシー支援情報の前記複数のビットのうちの一つのビットは、再接続手続でのEAP基盤認証の支援の有無を示すことを特徴とする請求項8または9に記載の方法。
- 前記メッセージ認証コード方式情報は、複数のビットを含み、
前記複数のビットのうちの一つのビットは、CMAC(Cipher−based Message Authentication Code)の支援の有無を示し、
前記複数のビットが全て0である場合、前記メッセージ認証コード方式情報は、メッセージ認証コードが適用されないことを示すことを特徴とする請求項8または9に記載の方法。 - 前記複数のビットのうちの他の一つのビットは、前記端末がHMAC(Hashed Message Authentication Code)の支援の有無を示すことを特徴とする請求項12に記載の方法。
- 前記PNウィンドウサイズ情報は、セキュリティ アソシエーションIDごとの受信PNウィンドウサイズのケイパビリティを示す情報であることを特徴とする請求項8または9に記載の方法。
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US66334805P | 2005-03-17 | 2005-03-17 | |
US60/663,348 | 2005-03-17 | ||
PCT/KR2006/000514 WO2006098552A1 (en) | 2005-03-17 | 2006-02-14 | Method for negotiating security-related functions of subscriber station in wireless portable internet system |
Publications (2)
Publication Number | Publication Date |
---|---|
JP2008533609A JP2008533609A (ja) | 2008-08-21 |
JP5572314B2 true JP5572314B2 (ja) | 2014-08-13 |
Family
ID=36991885
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2008501797A Active JP5572314B2 (ja) | 2005-03-17 | 2006-02-14 | 無線携帯インターネットシステムにおける端末保安関連パラメター交渉方法 |
Country Status (6)
Country | Link |
---|---|
US (1) | US8656480B2 (ja) |
EP (1) | EP1864427B1 (ja) |
JP (1) | JP5572314B2 (ja) |
KR (2) | KR100704677B1 (ja) |
CN (1) | CN101142784B (ja) |
WO (1) | WO2006098552A1 (ja) |
Families Citing this family (23)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101365603B1 (ko) | 2006-12-04 | 2014-02-20 | 삼성전자주식회사 | 조건부 인증 코드 삽입 방법 및 그 장치, 인증을 통한조건부 데이터 사용 방법 및 그 장치 |
KR100879982B1 (ko) * | 2006-12-21 | 2009-01-23 | 삼성전자주식회사 | 모바일 와이맥스 네트워크 시스템에서의 보안 시스템 및방법 |
KR100924168B1 (ko) * | 2007-08-07 | 2009-10-28 | 한국전자통신연구원 | 주파수 오버레이 기반의 통신 시스템의 인증키 생성 방법및 인증 방식 협상 방법 |
KR101481558B1 (ko) * | 2007-10-18 | 2015-01-13 | 엘지전자 주식회사 | 이기종 무선접속망간 보안연계 설정 방법 |
KR100862050B1 (ko) * | 2007-11-23 | 2008-10-09 | 한국정보보호진흥원 | VoIP 보안 통신을 제공하는 사용자 에이전트 및 이를이용한 보안 통신 제공 방법 |
KR101395306B1 (ko) * | 2007-12-21 | 2014-05-16 | 삼성전자주식회사 | 상이한 무선접속 방식의 액세스 네트워크를 포함하는 무빙네트워크와 이동 통신 사업자망간의 네트워크 컴퍼지션방법 |
JP4891268B2 (ja) | 2008-01-15 | 2012-03-07 | キヤノン株式会社 | 通信装置、制御方法、プログラム、記憶媒体 |
JP5538680B2 (ja) * | 2008-01-15 | 2014-07-02 | キヤノン株式会社 | 通信装置、制御方法、プログラム、記憶媒体 |
EP2252097A4 (en) * | 2008-02-21 | 2013-01-09 | Ntt Docomo Inc | METHOD FOR TRANSMITTING NOTIFICATION SIGNAL AND MOBILE STATION |
US8335316B2 (en) * | 2008-04-21 | 2012-12-18 | Broadcom Corporation | Method and apparatus for data privacy in passive optical networks |
KR101578004B1 (ko) * | 2009-04-07 | 2015-12-16 | 엘지전자 주식회사 | 플로우 식별자를 이용한 선택적인 제어신호 암호화 방법 |
US20100111012A1 (en) * | 2008-11-06 | 2010-05-06 | Qualcomm Incorporated | Methods and systems for fast network entry and re-entry in multiple access networks |
US8255976B2 (en) * | 2008-11-26 | 2012-08-28 | Alcatel Lucent | Prevention of a bidding-down attack in a communication system |
US20100146262A1 (en) * | 2008-12-04 | 2010-06-10 | Shenzhen Huawei Communication Technologies Co., Ltd. | Method, device and system for negotiating authentication mode |
KR101678401B1 (ko) * | 2010-07-20 | 2016-11-23 | 에스케이텔레콤 주식회사 | 가입자 멀티인증 시스템 및 그 방법 |
CN103650452B (zh) * | 2011-07-01 | 2016-11-02 | 瑞典爱立信有限公司 | 认证网络中的警报消息的方法和设备 |
JP5831090B2 (ja) * | 2011-09-22 | 2015-12-09 | 富士通株式会社 | 移動通信端末、制御方法および通信システム |
KR102059079B1 (ko) | 2011-12-23 | 2020-02-12 | 삼성전자주식회사 | 무선 네트워크 환경에서 제어정보의 보안통신을 위한 방법 및 시스템 |
JP5880898B2 (ja) * | 2014-05-08 | 2016-03-09 | パナソニックIpマネジメント株式会社 | 送信装置 |
WO2015177398A1 (en) | 2014-05-20 | 2015-11-26 | Nokia Technologies Oy | Cellular network authentication control |
JP6447974B2 (ja) * | 2015-09-17 | 2019-01-09 | パナソニックIpマネジメント株式会社 | 送信方法 |
JP6108251B2 (ja) * | 2016-01-19 | 2017-04-05 | パナソニックIpマネジメント株式会社 | 受信装置、及び受信方法 |
US11196731B2 (en) * | 2019-06-28 | 2021-12-07 | T-Mobile Usa, Inc. | Network-authentication control |
Family Cites Families (25)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5764770A (en) * | 1995-11-07 | 1998-06-09 | Trimble Navigation Limited | Image authentication patterning |
US6134434A (en) * | 1997-12-08 | 2000-10-17 | Qualcomm Incorporated | System and method for providing service negotiation in a communications network |
JP3445490B2 (ja) | 1998-03-25 | 2003-09-08 | 株式会社日立製作所 | 移動体通信方法および移動体通信システム |
KR100315691B1 (ko) | 1999-11-20 | 2001-12-12 | 윤종용 | 이동통신 시스템에서 기지국과 단말간 서비스 협상 방법 |
DE69941335D1 (de) * | 1999-12-02 | 2009-10-08 | Sony Deutschland Gmbh | Nachrichtenauthentisierung |
JP2002152180A (ja) | 2000-11-15 | 2002-05-24 | Toshiba Corp | 無線通信システム、送信装置及びコンテンツデータ転送方法 |
US7213144B2 (en) | 2001-08-08 | 2007-05-01 | Nokia Corporation | Efficient security association establishment negotiation technique |
FI116025B (fi) * | 2001-09-28 | 2005-08-31 | Netseal Mobility Technologies | Menetelmä ja verkko viestien turvallisen lähettämisen varmistamiseksi |
US7440573B2 (en) * | 2002-10-08 | 2008-10-21 | Broadcom Corporation | Enterprise wireless local area network switching system |
JP3763812B2 (ja) * | 2002-11-01 | 2006-04-05 | 松下電器産業株式会社 | 通信システム及び方法 |
US7350077B2 (en) * | 2002-11-26 | 2008-03-25 | Cisco Technology, Inc. | 802.11 using a compressed reassociation exchange to facilitate fast handoff |
KR100480761B1 (ko) | 2002-12-21 | 2005-04-07 | 엘지전자 주식회사 | 무선통신망의 보안시스템 및 보안방법 |
US7441043B1 (en) * | 2002-12-31 | 2008-10-21 | At&T Corp. | System and method to support networking functions for mobile hosts that access multiple networks |
US7457411B2 (en) * | 2003-03-13 | 2008-11-25 | New Mexico Technical Research Foundation | Information security via dynamic encryption with hash function |
AU2003242524A1 (en) * | 2003-04-25 | 2004-11-23 | Telefonaktiebolaget L M Ericsson (Publ) | An arrangement and a method relating to secure communication |
JP2005063132A (ja) * | 2003-08-12 | 2005-03-10 | Nippon Telegr & Teleph Corp <Ntt> | 分散システムにおけるセキュリティアソシエーション確立方法 |
KR100804795B1 (ko) | 2003-10-31 | 2008-02-20 | 한국전자통신연구원 | 통신 시스템에서의 인증 요청 방법 및 인증 수행 방법 |
KR100554520B1 (ko) | 2003-11-26 | 2006-03-03 | 삼성전자주식회사 | 휴대 인터넷 시스템의 사용자 인증 및 보안 키 분배 방법 |
KR100589677B1 (ko) | 2003-12-03 | 2006-06-15 | 삼성전자주식회사 | 휴대 인터넷 시스템 및 이의 인증 방법 |
US7788715B2 (en) * | 2003-12-10 | 2010-08-31 | Cisco Technology, Inc. | Authentication for transmission control protocol |
KR20050107537A (ko) * | 2004-05-07 | 2005-11-11 | 삼성전자주식회사 | 무선 통신 시스템에서 사용자 인증 메시지 암호화 방법과장치 및 이를 위한 보안키 생성 방법 |
CA2560414A1 (en) | 2004-05-07 | 2005-11-17 | Samsung Electronics Co., Ltd. | System and method for handover capable of minimizing service delay in broadband wireless access communication system |
KR20050109685A (ko) * | 2004-05-17 | 2005-11-22 | 에스케이 텔레콤주식회사 | 휴대 인터넷 시스템에서 단말기 인증과 공존하는 확장된인증 프로토콜 기반의 사용자 인증 방법 및 시스템 |
ATE405083T1 (de) * | 2004-06-29 | 2008-08-15 | Sap Ag | Rechnersystem und datenverarbeitungsverfahren zum gebrauch eines webdienstes |
US7890769B2 (en) * | 2004-08-04 | 2011-02-15 | Broadcom Corporation | System and method for secure code downloading |
-
2006
- 2006-02-14 CN CN2006800086275A patent/CN101142784B/zh active Active
- 2006-02-14 US US11/908,932 patent/US8656480B2/en active Active
- 2006-02-14 JP JP2008501797A patent/JP5572314B2/ja active Active
- 2006-02-14 EP EP06715965.7A patent/EP1864427B1/en active Active
- 2006-02-14 KR KR1020060013993A patent/KR100704677B1/ko active IP Right Grant
- 2006-02-14 WO PCT/KR2006/000514 patent/WO2006098552A1/en active Application Filing
- 2006-12-19 KR KR1020060129754A patent/KR100804801B1/ko active IP Right Grant
Also Published As
Publication number | Publication date |
---|---|
EP1864427A4 (en) | 2016-04-20 |
KR100804801B1 (ko) | 2008-02-20 |
US8656480B2 (en) | 2014-02-18 |
US20090119509A1 (en) | 2009-05-07 |
KR20070006643A (ko) | 2007-01-11 |
CN101142784A (zh) | 2008-03-12 |
WO2006098552A1 (en) | 2006-09-21 |
JP2008533609A (ja) | 2008-08-21 |
KR100704677B1 (ko) | 2007-04-06 |
EP1864427B1 (en) | 2018-08-01 |
CN101142784B (zh) | 2012-12-19 |
EP1864427A1 (en) | 2007-12-12 |
KR20060101234A (ko) | 2006-09-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5572314B2 (ja) | 無線携帯インターネットシステムにおける端末保安関連パラメター交渉方法 | |
EP3576446B1 (en) | Key derivation method | |
JP4903792B2 (ja) | 無線携帯インターネットシステム用の認証キー識別子の割り当て方法 | |
US8122249B2 (en) | Method and arrangement for providing a wireless mesh network | |
US8731194B2 (en) | Method of establishing security association in inter-rat handover | |
US7499547B2 (en) | Security authentication and key management within an infrastructure based wireless multi-hop network | |
US8707045B2 (en) | Method and apparatus for traffic count key management and key count management | |
EP2288195B1 (en) | Method and apparatus for operating a base station in a wireless communication system | |
US20090164788A1 (en) | Efficient generation method of authorization key for mobile communication | |
US20070112967A1 (en) | Re-authentication system and method in communication system | |
US8417219B2 (en) | Pre-authentication method for inter-rat handover | |
JP2008511240A (ja) | 無線携帯インターネットシステムでeapを利用する保安関係交渉方法 | |
US20090054066A1 (en) | Handover system and method in a wireless mobile communication system | |
US20110002465A1 (en) | Integrated handover authenticating method for next generation network (ngn) with wireless access technologies and mobile ip based mobility control | |
EP2648437B1 (en) | Method, apparatus and system for key generation | |
CN113676901A (zh) | 密钥管理方法、设备及系统 | |
CN102056168A (zh) | 接入方法及装置 | |
JP5399509B2 (ja) | 通信システムにおける競り下げ攻撃の防止 | |
WO2022237561A1 (zh) | 一种通信方法及装置 | |
WO2017000620A1 (zh) | 重认证识别方法、演进分组数据网关及系统 | |
CN110830996B (zh) | 一种密钥更新方法、网络设备及终端 | |
US8713317B2 (en) | Method and system for encrypting data in a wireless communication system | |
WO2009051405A2 (en) | Method of establishing security association in inter-rat handover | |
TWI399068B (zh) | 用於無線通信系統之鑰管理之系統及方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A621 | Written request for application examination |
Free format text: JAPANESE INTERMEDIATE CODE: A621 Effective date: 20090119 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20110614 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20110914 |
|
A02 | Decision of refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A02 Effective date: 20120327 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20120727 |
|
A911 | Transfer to examiner for re-examination before appeal (zenchi) |
Free format text: JAPANESE INTERMEDIATE CODE: A911 Effective date: 20120806 |
|
A912 | Re-examination (zenchi) completed and case transferred to appeal board |
Free format text: JAPANESE INTERMEDIATE CODE: A912 Effective date: 20121130 |
|
A601 | Written request for extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A601 Effective date: 20130430 |
|
A602 | Written permission of extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A602 Effective date: 20130507 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20140303 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20140630 |
|
R150 | Certificate of patent or registration of utility model |
Ref document number: 5572314 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |