JP6086987B2 - ホットスポットネットワークにおける未知のデバイスに対する制限付き証明書登録 - Google Patents
ホットスポットネットワークにおける未知のデバイスに対する制限付き証明書登録 Download PDFInfo
- Publication number
- JP6086987B2 JP6086987B2 JP2015541876A JP2015541876A JP6086987B2 JP 6086987 B2 JP6086987 B2 JP 6086987B2 JP 2015541876 A JP2015541876 A JP 2015541876A JP 2015541876 A JP2015541876 A JP 2015541876A JP 6086987 B2 JP6086987 B2 JP 6086987B2
- Authority
- JP
- Japan
- Prior art keywords
- certificate
- network access
- server
- network
- standard
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 claims description 47
- 238000004891 communication Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 4
- 230000007246 mechanism Effects 0.000 description 4
- 238000013475 authorization Methods 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 238000012795 verification Methods 0.000 description 3
- 230000009471 action Effects 0.000 description 2
- 230000001413 cellular effect Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 230000010267 cellular communication Effects 0.000 description 1
- 230000001143 conditioned effect Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000005067 remediation Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0892—Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/069—Authentication using certificates or pre-shared keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
- H04W12/082—Access security using revocation of authorisation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
- H04W12/084—Access security using delegated authorisation, e.g. open authorisation [OAuth] protocol
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/08—Access point devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/02—Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
- H04W84/10—Small scale networks; Flat hierarchical networks
- H04W84/12—WLAN [Wireless Local Area Networks]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Mobile Radio Communication Systems (AREA)
Description
Claims (13)
- モバイルネットワークアクセスデバイスから証明書署名要求をサーバで受信することと、
証明書要求が所定値に等しいネットワークアクセス規格を含むことを条件に、証明書署名要求を証明書発行局に転送することと
を備える、方法。 - モバイルネットワークアクセスデバイスから証明書署名要求を受信することと、デバイス識別データを含むメッセージがデバイスから以前に受信されたことを条件に証明書署名要求を証明書発行局に転送することとをさらに備える、請求項1に記載の方法。
- 所定値が、Hotspot2.0(HS2.0)またはそれ以降の規格を指定する、請求項1に記載の方法。
- 所定値が、拡張鍵使用(EKU:extended key usage)鍵用途フィールドを介して搬送される、請求項1に記載の方法。
- モバイルネットワークアクセスデバイスから証明書登録要求を、認証局サーバにおいてネットワークを介して受信することと、
証明書登録要求が所定値に等しいネットワークアクセス規格を含むことを条件に、認証局サーバにより、署名されたネットワークアクセス証明書をデバイスへ提供することと
を備える、方法。 - 署名されたアクセス証明書が、モバイルネットワークアクセスデバイスを識別するデバイス識別データを含む、請求項5に記載の方法。
- ネットワークアクセス規格指定が、Hotspot2.0(HS2.0)またはそれ以降の規格を指定する、請求項5に記載の方法。
- ネットワークアクセス規格指定が、署名された証明書のEKU_key_purposeフィールド内で搬送される、請求項5に記載の方法。
- サービスプロバイダネットワークにアクセスするための証明書をモバイルネットワークアクセスデバイスにより受信することと、
モバイルネットワークアクセスデバイスにより証明書署名要求をサービスプロバイダネットワークサーバへ送信することであって、署名要求はネットワークアクセス規格指定を含む、送信することと、
ネットワークアクセス規格指定を含む署名されたアクセス証明書をモバイルネットワークアクセスデバイスにおいて受信することと
を備える、方法。 - デバイス識別データをモバイルネットワークアクセスデバイスによりネットワークアクセスサーバへ提供することをさらに備え、
署名されたアクセス証明書がデバイス識別データを含む、請求項9に記載の方法。 - デバイス識別データが、署名された証明書のサブジェクトフィールド内で搬送される、請求項10に記載の方法。
- ネットワークアクセス規格指定が、Hotspot2.0(HS2.0)またはそれ以降の規格を指定する、請求項9に記載の方法。
- ネットワークアクセス規格指定が、署名された証明書のEKU_key_purposeフィールド内で搬送される、請求項9に記載の方法。
Applications Claiming Priority (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201261726009P | 2012-11-13 | 2012-11-13 | |
US61/726,009 | 2012-11-13 | ||
US13/930,682 US9232400B2 (en) | 2012-11-13 | 2013-06-28 | Restricted certificate enrollment for unknown devices in hotspot networks |
US13/930,682 | 2013-06-28 | ||
PCT/US2013/068716 WO2014078147A1 (en) | 2012-11-13 | 2013-11-06 | Restricted certificate enrollment for unknown devices in hotspot networks |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2017013834A Division JP2017126987A (ja) | 2012-11-13 | 2017-01-30 | ホットスポットネットワークにおける未知のデバイスに対する制限付き証明書登録 |
Publications (2)
Publication Number | Publication Date |
---|---|
JP2015537471A JP2015537471A (ja) | 2015-12-24 |
JP6086987B2 true JP6086987B2 (ja) | 2017-03-01 |
Family
ID=50682189
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2015541876A Active JP6086987B2 (ja) | 2012-11-13 | 2013-11-06 | ホットスポットネットワークにおける未知のデバイスに対する制限付き証明書登録 |
JP2017013834A Pending JP2017126987A (ja) | 2012-11-13 | 2017-01-30 | ホットスポットネットワークにおける未知のデバイスに対する制限付き証明書登録 |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2017013834A Pending JP2017126987A (ja) | 2012-11-13 | 2017-01-30 | ホットスポットネットワークにおける未知のデバイスに対する制限付き証明書登録 |
Country Status (6)
Country | Link |
---|---|
US (2) | US9232400B2 (ja) |
EP (1) | EP2920939B1 (ja) |
JP (2) | JP6086987B2 (ja) |
KR (1) | KR101701793B1 (ja) |
CN (2) | CN108183803B (ja) |
WO (1) | WO2014078147A1 (ja) |
Families Citing this family (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8914628B2 (en) | 2009-11-16 | 2014-12-16 | At&T Intellectual Property I, L.P. | Method and apparatus for providing radio communication with an object in a local environment |
US9571482B2 (en) | 2011-07-21 | 2017-02-14 | Intel Corporation | Secure on-line sign-up and provisioning for Wi-Fi hotspots using a device management protocol |
CN103813330A (zh) * | 2012-11-15 | 2014-05-21 | 中兴通讯股份有限公司 | 一种通信终端、系统以及权限管理方法 |
US9307408B2 (en) | 2012-12-27 | 2016-04-05 | Intel Corporation | Secure on-line signup and provisioning of wireless devices |
US9414216B1 (en) * | 2013-03-15 | 2016-08-09 | Leidos, Inc. | Method and system for multiple carrier resource allocation in LTE-advanced networks |
US9800581B2 (en) * | 2014-03-14 | 2017-10-24 | Cable Television Laboratories, Inc. | Automated wireless device provisioning and authentication |
JP6168415B2 (ja) * | 2014-05-27 | 2017-07-26 | パナソニックIpマネジメント株式会社 | 端末認証システム、サーバ装置、及び端末認証方法 |
US9584492B2 (en) | 2014-06-23 | 2017-02-28 | Vmware, Inc. | Cryptographic proxy service |
US10930101B2 (en) * | 2014-08-27 | 2021-02-23 | Ncr Corporation | Self-service terminal (SST) safe and methods of operating a lock for the SST safe |
US9825937B2 (en) | 2014-09-23 | 2017-11-21 | Qualcomm Incorporated | Certificate-based authentication |
US20160110833A1 (en) * | 2014-10-16 | 2016-04-21 | At&T Mobility Ii Llc | Occupancy Indicator |
US10104544B2 (en) | 2016-04-05 | 2018-10-16 | Qualcomm Incorporated | LTE-level security for neutral host LTE |
US10142323B2 (en) * | 2016-04-11 | 2018-11-27 | Huawei Technologies Co., Ltd. | Activation of mobile devices in enterprise mobile management |
CN109076058B (zh) * | 2016-05-27 | 2020-09-29 | 华为技术有限公司 | 一种移动网络的认证方法和装置 |
US11765154B2 (en) * | 2016-07-26 | 2023-09-19 | Verizon Patent And Licensing Inc. | Securely provisioning a service to a customer equipment |
US11165591B2 (en) * | 2016-09-08 | 2021-11-02 | Cable Television Laboratories, Inc. | System and method for a dynamic-PKI for a social certificate authority |
US10897709B2 (en) | 2016-12-09 | 2021-01-19 | Arris Enterprises Llc | Wireless network authorization using a trusted authenticator |
JP7208707B2 (ja) | 2017-02-17 | 2023-01-19 | キヤノン株式会社 | 情報処理装置及びその制御方法とプログラム |
IL278228B2 (en) * | 2018-04-26 | 2023-11-01 | Seclous Gmbh | Methods for controlling multi-factor access in anonymous systems |
US11997205B2 (en) | 2019-02-25 | 2024-05-28 | Tbcasoft, Inc. | Credential verification and issuance through credential service providers |
KR102394001B1 (ko) | 2019-04-29 | 2022-05-02 | 한국전기연구원 | 열전발전용 가스열교환기 |
WO2023154071A1 (en) * | 2022-02-14 | 2023-08-17 | Rakuten Mobile, Inc. | Enhanced authentication procedure for o-ran network elements |
Family Cites Families (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB9323489D0 (en) * | 1993-11-08 | 1994-01-05 | Ncr Int Inc | Self-service business system |
US5982898A (en) * | 1997-03-07 | 1999-11-09 | At&T Corp. | Certification process |
US6327578B1 (en) * | 1998-12-29 | 2001-12-04 | International Business Machines Corporation | Four-party credit/debit payment protocol |
MXPA01011969A (es) * | 1999-05-21 | 2005-02-17 | Ibm | Metodo y aparato para iniciar comunicaciones seguras entre y exclusivamente para dispositivos inalambricos en pares. |
WO2001022201A1 (en) | 1999-09-20 | 2001-03-29 | Ethentica, Inc. | Context sensitive dynamic authentication in a cryptographic system |
ITRM20020335A1 (it) * | 2002-06-14 | 2003-12-15 | Telecom Italia Mobile Spa | Metodo di autoregistrazione e rilascio automatizzato di certificati digitali e relativa architettura di rete che lo implementa. |
JP4628684B2 (ja) * | 2004-02-16 | 2011-02-09 | 三菱電機株式会社 | データ送受信装置及び電子証明書発行方法 |
US20060002556A1 (en) * | 2004-06-30 | 2006-01-05 | Microsoft Corporation | Secure certificate enrollment of device over a cellular network |
US20080016336A1 (en) * | 2006-07-17 | 2008-01-17 | Nokia Corporation | Generic public key infrastructure architecture |
CN101123501A (zh) * | 2006-08-08 | 2008-02-13 | 西安电子科技大学 | 一种wapi认证和密钥协商方法和系统 |
CN101056177B (zh) * | 2007-06-01 | 2011-06-29 | 清华大学 | 基于无线局域网安全标准wapi的无线网状网重认证方法 |
TWI426762B (zh) * | 2008-08-04 | 2014-02-11 | Ind Tech Res Inst | 網路身分管理方法與系統 |
US8296563B2 (en) * | 2008-10-22 | 2012-10-23 | Research In Motion Limited | Method of handling a certification request |
US8327424B2 (en) * | 2009-12-22 | 2012-12-04 | Motorola Solutions, Inc. | Method and apparatus for selecting a certificate authority |
US9225525B2 (en) * | 2010-02-26 | 2015-12-29 | Red Hat, Inc. | Identity management certificate operations |
JP5934364B2 (ja) * | 2011-09-09 | 2016-06-15 | インテル コーポレイション | Soap−xml技術を使用したwi−fiホットスポットのための安全なオンラインサインアップ及び提供のためのモバイルデバイス及び方法 |
-
2013
- 2013-06-28 US US13/930,682 patent/US9232400B2/en active Active
- 2013-11-06 KR KR1020157012468A patent/KR101701793B1/ko active IP Right Grant
- 2013-11-06 EP EP13795091.1A patent/EP2920939B1/en active Active
- 2013-11-06 JP JP2015541876A patent/JP6086987B2/ja active Active
- 2013-11-06 CN CN201810200297.4A patent/CN108183803B/zh active Active
- 2013-11-06 WO PCT/US2013/068716 patent/WO2014078147A1/en active Application Filing
- 2013-11-06 CN CN201380058802.1A patent/CN104956638B/zh active Active
-
2015
- 2015-12-22 US US14/979,315 patent/US9660977B2/en active Active
-
2017
- 2017-01-30 JP JP2017013834A patent/JP2017126987A/ja active Pending
Also Published As
Publication number | Publication date |
---|---|
EP2920939A1 (en) | 2015-09-23 |
JP2017126987A (ja) | 2017-07-20 |
US9660977B2 (en) | 2017-05-23 |
US20140134980A1 (en) | 2014-05-15 |
US20160134622A1 (en) | 2016-05-12 |
CN108183803B (zh) | 2021-04-16 |
WO2014078147A1 (en) | 2014-05-22 |
JP2015537471A (ja) | 2015-12-24 |
KR20150069001A (ko) | 2015-06-22 |
CN108183803A (zh) | 2018-06-19 |
US9232400B2 (en) | 2016-01-05 |
KR101701793B1 (ko) | 2017-02-02 |
CN104956638A (zh) | 2015-09-30 |
CN104956638B (zh) | 2018-04-17 |
EP2920939B1 (en) | 2019-09-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP6086987B2 (ja) | ホットスポットネットワークにおける未知のデバイスに対する制限付き証明書登録 | |
JP6612358B2 (ja) | ネットワークアクセスデバイスをワイヤレスネットワークアクセスポイントにアクセスさせるための方法、ネットワークアクセスデバイス、アプリケーションサーバ、および不揮発性コンピュータ可読記憶媒体 | |
US20230070253A1 (en) | Methods and systems for authenticating devices using 3gpp network access credentials for providing mec services | |
KR102134302B1 (ko) | 무선 네트워크 접속 방법 및 장치, 및 저장 매체 | |
CN108028758B (zh) | 在通信系统中下载简档的方法和装置 | |
US11863663B2 (en) | Initial network authorization for a communications device | |
US12074883B2 (en) | Systems and methods for network access granting | |
KR101644723B1 (ko) | Soap-xml 기술을 사용한 와이파이 핫스팟에 대한 안전한 온라인 사인업 및 프로비저닝을 위한 모바일 장치 및 방법 | |
US20080072301A1 (en) | System And Method For Managing User Authentication And Service Authorization To Achieve Single-Sign-On To Access Multiple Network Interfaces | |
JP2017535989A (ja) | 証明書ベースの認証 | |
CN108886688B (zh) | 一种可以在连接到无线通信网络的服务提供商sp网络中操作的方法、装置和可读介质 | |
EP2805470A1 (en) | Identity management with local functionality | |
KR20120091635A (ko) | 통신 시스템에서 인증 방법 및 장치 | |
AU2020200523A1 (en) | Methods and arrangements for authenticating a communication device | |
KR20180008411A (ko) | 서비스 등록 절차 내에서 다수의 인증을 수행하는 방법 | |
US20240171402A1 (en) | Authentication methods using zero-knowledge proof algorithms for user equipment and nodes implementing the authentication methods | |
CN116368833A (zh) | 针对边缘计算服务的安全连接的建立和认证的方法和系统 | |
US9307406B2 (en) | Apparatus and method for authenticating access of a mobile station in a wireless communication system | |
KR20140095050A (ko) | 이동 통신 시스템에서 단일 사용자 승인을 지원하는 관리 방법 및 장치 | |
KR102345093B1 (ko) | 무선 인터넷의 보안 세션 제어 시스템 및 보안 세션 제어 방법 | |
KR20130062965A (ko) | 무선 네트워크 접속 인증 방법 및 그 시스템 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A977 | Report on retrieval |
Free format text: JAPANESE INTERMEDIATE CODE: A971007 Effective date: 20160531 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20160628 |
|
A601 | Written request for extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A601 Effective date: 20160926 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20161130 |
|
TRDD | Decision of grant or rejection written | ||
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20170110 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20170131 |
|
R150 | Certificate of patent or registration of utility model |
Ref document number: 6086987 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |