WO2007104259A1 - Procede de mise en oeuvre d'une assurance securisee dans un reseau d'acces ameliore et systeme associe - Google Patents

Procede de mise en oeuvre d'une assurance securisee dans un reseau d'acces ameliore et systeme associe Download PDF

Info

Publication number
WO2007104259A1
WO2007104259A1 PCT/CN2007/000813 CN2007000813W WO2007104259A1 WO 2007104259 A1 WO2007104259 A1 WO 2007104259A1 CN 2007000813 W CN2007000813 W CN 2007000813W WO 2007104259 A1 WO2007104259 A1 WO 2007104259A1
Authority
WO
WIPO (PCT)
Prior art keywords
access network
counter
agw
evolved
base station
Prior art date
Application number
PCT/CN2007/000813
Other languages
English (en)
Chinese (zh)
Inventor
Binsong Tang
Jing Chen
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Publication of WO2007104259A1 publication Critical patent/WO2007104259A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity

Definitions

  • the present invention relates to network and communication technologies, and more particularly to the field of network security technologies, and in particular, to a method and system for implementing security assurance in an evolved access network. Background technique
  • LTE Long Term Evolution
  • SAE System Architecture Evolution
  • FIG. 1 shows the architecture of the LTE/SAE access network.
  • the aGW E-UTRAN Access Gateway
  • the ingress gateway is located in a secure physical location.
  • the eNodeB or the evolved Node B is an evolved base station in the E-UTRAN, which is in an insecure physical location and is highly likely to be attacked.
  • the channel on the air interface is an extremely unstable channel, the possibility of packet loss on this channel is very high; in addition, due to the wireless nature of the air interface, an attacker can easily initiate packet insertion on the air interface.
  • the eNodeB is in an insecure physical location and is highly vulnerable to malicious attacks. Therefore, it is not necessary to provide a security guarantee in E-UTRAN to ensure user terminals (UE, User Equipment). ) The amount of upstream and downstream data is consistent with E-UTRAN. Summary of the invention
  • An embodiment of the present invention provides a method and a system for implementing security assurance in an evolved access network, and checking whether the amount of data transmitted between the UE and the access network is consistent, so as to further determine an evolved access network according to the check result. safety.
  • Embodiments of the present invention provide a method for implementing security assurance in an evolved access network, which is used by The client and the network side are respectively provided with at least one counter for counting the amount of data transmitted between the UE and the evolved access network, and the method includes the following steps:
  • the embodiment of the invention further provides a system for implementing security guarantee in an evolved access network, including:
  • a first counter configured on the user side, for counting the amount of data transmitted between the UE and the access network
  • a second counter configured on the network side, for counting the amount of data transmitted between the UE and the access network
  • a determining unit configured to compare data volume values transmitted between the UE and the access network calculated by the first and second counters
  • the processing unit performs corresponding processing according to the comparison result of the determining unit.
  • the UE and the evolved access network respectively maintain one or more counters, where the counter value is used to indicate the amount of data transmitted between the ⁇ and the evolved access network, and the evolved access network is in the
  • the data volume check is initiated to the UE, and the UE or the evolved access network compares the counter value provided by the peer end with the counter value maintained by the peer, and the evolved access network performs subsequent processing according to the comparison result of the counter value, to Determine the security of the evolved access network.
  • the information or signaling and the message transmitted between the UE and the evolved access network are integrity-protected by using a key shared between the UE and the evolved access network, and the periodic local authentication is further implemented by the integrity protection.
  • FIG. 1 is a schematic diagram of an LTE/SAE access network architecture
  • 2A is a flowchart of a method for detecting, by the UE side, whether the amount of received data is consistent with the amount of data sent by the network side to implement security guarantee in the embodiment of the present invention
  • 2B is a flowchart of a method for detecting, by a network side, whether the amount of received data is consistent with the amount of data sent by the network side to implement security guarantee in another embodiment of the present invention
  • FIG. 3 is a flowchart of a method for implementing security assurance in a first embodiment of the present invention
  • FIG. 4 is a flowchart of a method for implementing security assurance in a second embodiment of the present invention
  • FIG. 5 is a third embodiment of the present invention
  • FIG. 6B is a schematic diagram of a UE performing handover between different aGWs according to an embodiment of the present invention
  • FIG. 7 is a schematic structural diagram of a system for implementing security guarantee according to an embodiment of the present invention.
  • the UE and the evolved access network respectively maintain one or more counters, and the counter is used to count the amount of data transmitted between the UE and the evolved access network, that is, the counter value.
  • the evolved access network initiates a data volume check to the UE when the set condition is met, and the UE or the evolved access network provides the counter value provided by the peer end.
  • the counter values of the own are compared, and the evolved access network performs subsequent processing according to whether the counter value is the same or not.
  • the counter may be a counter, the counter value is used to indicate the amount of all data transmitted; it may be an uplink counter and a downlink counter, the uplink counter value is used to indicate the number of uplink data transmitted, and the downlink counter value is used to indicate the transmission.
  • the number of downlink data may also be a context counter, the context counter value is used to indicate the amount of data transmitted on a certain context; may also be a context uplink counter and a context downlink counter, and the context uplink counter value is used to represent a certain context.
  • the number of uplink data transmitted, the context downlink counter value is used to indicate the amount of downlink data transmitted on a certain context.
  • the setting conditions described above may be such that the set period expires, or one or more counter values reach the set value, or an inspection command is received, and the like.
  • the user end of the evolved access network has an inconsistent value with its corresponding network side counter.
  • the follow-up process specifically includes:
  • the progress access network may end the current data volume checking process
  • the evolved access network may release the connection between the UE and the evolved access network, or report an error to the upper layer.
  • FIG. 2A is a schematic diagram of a first implementation manner of the present invention.
  • the UE and the evolved access network respectively maintain one or more counters, and the counter value is used to indicate that the UE and the evolved access network are transmitted.
  • the actual amount of data including the following steps:
  • Step 201a The evolved access network provides the UE with a counter value maintained by itself when the set condition is met. If there are multiple UE related counters maintained in the evolved access network and multiple counters need to be checked, the evolved access network may simultaneously provide some or all of the UE related counter values to the UE.
  • Step 202a After receiving the counter value provided by the evolved access network, the UE compares the received counter value with its own counter value to determine whether the counter value is consistent. If the evolved access network simultaneously provides multiple counters to the UE, the UE compares the received counter value with its corresponding counter value. For example, the evolved access network simultaneously provides the uplink counter and the downlink counter to the UE, and the UE will The received uplink counter value is compared with its own uplink counter value, and the received downlink counter value is compared with its own downlink counter value.
  • Step 203a The UE provides a check result to the evolved access network. Specifically, if the counter value is consistent, the UE may send an empty message to the evolved access network to notify the evolved access network that there is no counter with a value inconsistency; Inconsistent counters provide counters with inconsistent values to the evolved access network.
  • Step 204a After receiving the check result, the evolved access network performs subsequent processing according to whether there is a counter with a value inconsistency.
  • the evolved access network may perform operations such as disconnection, 'reporting errors, etc. for counters with inconsistent values; Counter, no other processing is possible.
  • 2B a schematic view of a second implementation of the present invention, 2, UE and an evolved B shown in FIG.
  • the access network maintains one or more counters respectively, and the counter value is used to indicate the amount of data transmitted between the UE and the evolved access network.
  • the specific implementation includes the following steps:
  • Step 201b The evolved access network initiates a check of the amount of data to the UE when the set condition is met.
  • Step 202b After obtaining the check of the amount of data initiated by the evolved access network, the UE provides its own counter value to the evolved access network. If multiple counters are maintained in the UE and multiple counters are currently required to be checked, the UE may simultaneously provide some or all of the counter values to the evolved access network.
  • Step 203b After receiving the counter value provided by the UE, the evolved access network compares the received counter value with its counter value to determine whether the counter value of the evolved access network is consistent with the counter value of the UE. If the UE simultaneously provides multiple counters to the evolved access network, the evolved access network compares the received counter with the corresponding counter maintained by itself, for example, the UE simultaneously provides an uplink counter and a downlink counter to the evolved access network. The evolved access network compares the received uplink counter with its own maintained uplink counter, and compares the received downlink counter with its own downlink counter.
  • Step 204b The evolved access network performs subsequent processing according to whether the counter value of the UE is consistent with the counter value of the UE.
  • the evolved access network may perform subsequent operations such as disconnection, reporting error, and the like, and may not perform counters with consistent values. Other processing.
  • the UE and the evolved access network may respectively provide the peer with a counter maintained by the peer, and then the peer will receive the counter.
  • the counter is compared with the counter maintained by itself, and then the UE returns the check result to the evolved access network, and the evolved access network determines whether the received check result is consistent with the check result obtained by itself, if they are consistent, and there is a counter with an inconsistent value.
  • the evolved access network may perform subsequent operations such as disconnecting related connections and reporting errors for counters with inconsistent values. If the counters are inconsistent and there are counters with inconsistent values, the evolved access network may check the amount of data transmitted by the UE again. .
  • the UE and the eNodeB respectively maintain one One or more counters, the counter value is used to indicate the amount of data transmitted between the UE and the eNodeB, and the specific implementation includes the following steps:
  • Step 301 The eNodeB sends a data volume check request to the UE when the set condition is met, where the data volume check request carries the counter value maintained by the eNodeB. If the eNodeB maintains multiple counters and currently needs to check multiple counters, the data volume check request may carry multiple counter values.
  • Step 302 After receiving the data volume check request, the UE compares the counter value carried in the data amount check request with its own counter value to determine whether the counter value is consistent.
  • Step 303 The UE returns a data volume check response to the eNodeB. If the corresponding two counter values are consistent, the data volume check response may be a message that does not carry any content, to notify the evolved access network that the corresponding two counter values are consistent. If the corresponding two counter values are inconsistent, the data amount check response carries a counter with a value inconsistency to notify the evolved access network.
  • Step 304 After receiving the data volume check response, the eNodeB performs subsequent processing according to whether there is a counter with a value inconsistency.
  • the UE and the aGW respectively maintain one or more counters, and the counter value is used to indicate the amount of data transmitted between the UE and the aGW.
  • the specific implementation includes the following steps:
  • Step 401 When the setting condition is satisfied, the aGW sends a data amount check request to the UE, and starts checking the data amount.
  • Step 402 After receiving the data volume check request, the UE returns a data volume check response to the aGW, where the data volume check response carries the counter value maintained by the UE. If there are multiple counters maintained in the UE and multiple counters need to be checked currently, the data volume check response carries some or all of the counter values.
  • Step 403 After receiving the data volume check response, the aGW compares the counter value carried in the data amount check response with the counter value maintained by itself, and determines whether there is a counter with a value inconsistency.
  • Step 404 The aGW performs subsequent processing according to whether there is a counter with inconsistent values.
  • the implementation of the present embodiment is described as being implemented by using the second implementation manner. In actual applications, the first implementation manner may also be implemented.
  • the aGW may report the UE abnormality to the core network (CN, Core Network), and the CN may load the corresponding UE into the blacklist and reject the UE from accessing the network.
  • One of the times is to check the counter once, and the counter value is inconsistent, and the number of times may be continuously accumulated or may be discontinuously accumulated.
  • the manners in the first embodiment and the second embodiment may be combined to perform the check of the amount of data transmitted between the UE and the eNodeB, and the check of the amount of data transmitted between the UE and the aGW, and then the aGW is configured according to Two check results analyze the state of the eNodeB and the connection.
  • the UE and the eNodeB respectively maintain one or more counters, such as an N-Coimter, and the corresponding counter value is used to indicate the amount of data transmitted between the UE and the eNodeB
  • UE and The aGW maintains one or more counters respectively, such as a G-Counter, and the corresponding counter value is used to indicate the amount of data transmitted between the UE and the aGW.
  • the specific implementation includes the following steps:
  • Step 501 According to the first implementation manner or the second implementation manner, the aGW checks the data volume transmitted between the UE and the aGW, and the aGW obtains the G-Counter check result.
  • Step 502 to step 503 According to the first implementation manner or the second implementation manner, the eNodeB checks the data volume transmitted between the UE and the eNodeB, and the eNodeB obtains the N-Counter check result, and then the eNodeB reports the N-Counter to the aGW. Inspection results.
  • Step 501 and step 502 to step 503 have no obvious execution order.
  • Step 501 may be performed first, and then steps 502 to 503 may be performed.
  • Steps 502 to 503 may be performed first, and then step 501 is performed; 501 and steps 502 to 503.
  • Step 504 It is determined whether the connection between the UE and the eNodeB is normal by checking the -Counter. By checking the G-Counter, it can be determined whether the connection between the eNodeB or the eNodeB and the aGW is normal. Therefore, the aGW can be The results of the -Counter and G-Counter check the status of the eNodeB and the connection. The specific analysis is as follows:
  • N-Counter and G-Counter are the same, it indicates eNodeB, The connection between the UE and the eNodeB, and the connection between the eNodeB and the aGW are normal. If the N-Counter check result is consistent and the G-Counter check result is inconsistent, the connection between the UE and the eNodeB is normal, and the eNodeB or eNodeB is The connection between the aGWs is abnormal; since the N-Counter reflects the amount of data transmitted between the UE and the eNodeB over the air interface, the G-Counter reflects the amount of data transmitted between the UE and the aGW, and includes the air interface data transmission.
  • the check results of the N-Counter and the G-Counter are inconsistent, it indicates that the eNodeB, or the connection between the UE and the eNodeB, or the connection between the eNodeB and the aGW is abnormal.
  • the aGW may determine the subsequent operation according to the analysis result. For example, if the analysis result is an eNodeB abnormality, the aGW may notify the UE or the eNodeB to release the connection between the UE and the eNodeB, and further enable the UE to select another eNodeB to perform communication; if the analysis result is If the connection between the eNodeB and the aGW is abnormal, the connection with the eNodeB is released.
  • the aGW may report to the CN, and the CN may carry the corresponding UE. Blacklisting is denied, and the UE is denied access to the network.
  • the information or signaling and the message transmitted between the UE and the evolved access network are used for integrity protection by using a key shared between the UE and the evolved access network, and the periodic protection can be further implemented by the integrity protection. That is, the evolved access network or the UE sends the signaling to the peer to use the shared key for integrity protection. If the information of the peer matches the integrity-protected information, the peer passes the current local authentication.
  • the UE when the UE performs handover between different eNodeBs or different aGWs, the UE is guaranteed.
  • the counters maintained between the switched eNodeBs, or between the a and the switched aGWs are consistent, and the maintenance scheme for the counters is also proposed in the present invention.
  • the UE is switched from the source eNodeB to the target eNodeB, and the counters maintained by the target NodeB and the UE can be consistently implemented in three ways:
  • a processing method is that the target eNodeB requests the source eNodeB to provide a counter related to the UE that is maintained by the source eNodeB, and after receiving the request, the source eNodeB provides the target eNodeB with a counter related to the UE that is maintained by itself;
  • Another processing method is that the target eNodeB requests the UE to provide a counter maintained by the UE, and after receiving the request, the UE provides the target eNodeB with a counter maintained by itself;
  • the third processing method is that after the UE completes the handover of the eNodeB, it actively provides the counter to the target eNodeB for maintenance, and the counters maintained by the target eNodeB and the UE can be consistent under the normal conditions.
  • the information or signaling and the message transmitted between the source eNodeB and the target eNodeB and between the UE and the target eNodeB are integrity protected by using a key shared between the two.
  • the UE is switched from the source aGW to the target aGW, so that the target aGW is
  • the counters maintained by the UE can be consistent and can be implemented in three ways:
  • a processing method is that the target aGW requests the source aGW to provide a counter related to the UE that is maintained by the source aGW. After receiving the request, the source aGW provides the target aGW with a counter related to the UE that is maintained by itself;
  • Another processing method is that the target aGW requests the UE to provide a counter maintained by the UE, and after receiving the request, the UE provides a counter maintained by the target aGW;
  • the third processing method is that after the UE completes the aGW handover, the UE actively provides a counter for maintaining the maintenance of the target aGW.
  • the process described above enables the target aGW and the counter maintained by the UE to be consistent under normal conditions.
  • the information or signaling and the message transmitted between the source aGW and the target aGW and between the UE and the target aGW are integrity protected by using a key shared between the two.
  • an evolved access network to which an evolved access network is located is referred to as an eNodeB, and an actual application may also be referred to as an evolved Node B.
  • the function is the same whether it is called an eNodeB or an evolved Node B.
  • the embodiment of the present invention further provides a system for implementing security assurance in an access network, including:
  • a second counter 702 configured on the network side, for counting the amount of data transmitted between the UE and the access network
  • the set condition such as: the set period expires, the counter value reaches the set value, and the check command is received, and the amount of data transmitted between the UE and the access network is started to be counted, and the first counter and the second counter are counted.
  • Counted as Countl, Count2.
  • the determining unit 703 is configured to compare data volume values transmitted between the UE and the access network calculated by the first and second counters;
  • the processing unit 704 performs corresponding processing according to the comparison result of the determining unit.
  • the processing unit 704 disconnects the current connection or reports an error to the upper layer.
  • the network performs the corresponding processing.
  • the first and second counters use the shared key of both for integrity protection.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un procédé de mise en oeuvre d'une assurance sécurisée dans un réseau d'accès amélioré. Selon ce procédé, un équipement utilisateur (UE) et le réseau d'accès amélioré établissent respectivement au moins un compteur utilisé pour compter le flux de données transmis entre l'UE et le réseau d'accès amélioré; le réseau d'accès amélioré lance le flux de données en vérifiant quand les conditions déterminées sont remplies; l'UE ou le réseau d'accès amélioré compare la contre-valeur auto-conservée à la contre-valeur fournie par le terminal opposé; le réseau d'accès amélioré effectue le traitement en fonction de l'existence du résultat de la vérification par les compteurs dont les valeurs sont contradictoires, ce qui garantit la sécurité du réseau d'accès amélioré en fonction du résultat de la vérification. L'invention concerne également un système correspondant. De plus, les informations, la signalisation ou les messages transmis entre l'UE et le réseau d'accès amélioré utilisent tous la clé secrète partagée par l'UE et le réseau d'accès amélioré pour effectuer la protection d'intégralité, et l'authentification locale périodique est réalisée par cette protection d'intégralité.
PCT/CN2007/000813 2006-03-16 2007-03-14 Procede de mise en oeuvre d'une assurance securisee dans un reseau d'acces ameliore et systeme associe WO2007104259A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2006100575907A CN101039314B (zh) 2006-03-16 2006-03-16 一种在演进接入网络中实现安全性保证的方法
CN200610057590.7 2006-03-16

Publications (1)

Publication Number Publication Date
WO2007104259A1 true WO2007104259A1 (fr) 2007-09-20

Family

ID=38509057

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2007/000813 WO2007104259A1 (fr) 2006-03-16 2007-03-14 Procede de mise en oeuvre d'une assurance securisee dans un reseau d'acces ameliore et systeme associe

Country Status (2)

Country Link
CN (1) CN101039314B (fr)
WO (1) WO2007104259A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101909337A (zh) * 2009-06-04 2010-12-08 中兴通讯股份有限公司 基于切换功能的信息传递方法
WO2021066692A1 (fr) * 2019-10-04 2021-04-08 Telefonaktiebolaget Lm Ericsson (Publ) Fonctionnement d'un compteur de débit de données dans un réseau de communication sans fil

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010078724A1 (fr) * 2009-01-08 2010-07-15 中兴通讯股份有限公司 Procédé d'authentification locale dans un système de communication mobile
CN102379137B (zh) * 2009-04-20 2015-09-09 华为技术有限公司 一种对消息完整性保护检查失败的处理方法、设备和系统
CN102480747B (zh) * 2010-11-25 2014-12-03 大唐移动通信设备有限公司 一种业务承载计数检查方法和装置
CN102572880B (zh) * 2011-12-29 2019-01-04 上海中兴软件有限责任公司 序号检测方法、装置及系统
CN103974238B (zh) 2013-01-25 2018-09-28 中兴通讯股份有限公司 一种在异构网络中实现安全检测的方法、装置和系统
CN104683981B (zh) * 2013-12-02 2019-01-25 华为技术有限公司 一种验证安全能力的方法、设备及系统
ES2703555T3 (es) 2014-05-05 2019-03-11 Ericsson Telefon Ab L M Protección de intercambio de mensajes WLCP entre TWAG y UE
US10455414B2 (en) * 2014-10-29 2019-10-22 Qualcomm Incorporated User-plane security for next generation cellular networks
CN110943964B (zh) * 2018-09-21 2022-07-22 华为技术有限公司 数据校验方法、装置及存储介质

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6480471B1 (en) * 1998-12-21 2002-11-12 Hewlett-Packard Company Hardware sampler for statistical monitoring of network traffic
US20030140140A1 (en) * 2002-01-18 2003-07-24 Jesse Lahtinen Monitoring the flow of a data stream
CN1700784A (zh) * 2004-05-20 2005-11-23 华为技术有限公司 移动通信系统中检查上下行数据传输量一致性的方法

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6480471B1 (en) * 1998-12-21 2002-11-12 Hewlett-Packard Company Hardware sampler for statistical monitoring of network traffic
US20030140140A1 (en) * 2002-01-18 2003-07-24 Jesse Lahtinen Monitoring the flow of a data stream
CN1700784A (zh) * 2004-05-20 2005-11-23 华为技术有限公司 移动通信系统中检查上下行数据传输量一致性的方法

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101909337A (zh) * 2009-06-04 2010-12-08 中兴通讯股份有限公司 基于切换功能的信息传递方法
CN101909337B (zh) * 2009-06-04 2014-08-13 中兴通讯股份有限公司 基于切换功能的信息传递方法
WO2021066692A1 (fr) * 2019-10-04 2021-04-08 Telefonaktiebolaget Lm Ericsson (Publ) Fonctionnement d'un compteur de débit de données dans un réseau de communication sans fil

Also Published As

Publication number Publication date
CN101039314A (zh) 2007-09-19
CN101039314B (zh) 2012-02-22

Similar Documents

Publication Publication Date Title
WO2007104259A1 (fr) Procede de mise en oeuvre d'une assurance securisee dans un reseau d'acces ameliore et systeme associe
US10999065B2 (en) Method and apparatus for updating a key in an active state
JP7342920B2 (ja) 端末及び端末の方法
US11159361B2 (en) Method and apparatus for providing notification of detected error conditions in a network
EP3070903B1 (fr) Système et procédé pour détecter des attaques malveillantes dans un réseau de télécommunication
JP7455220B2 (ja) 無線侵入防止システム、これを含む無線ネットワークシステム、及び無線ネットワークシステムの作動方法
US10469543B2 (en) Recovery from a potential proxy call session control function (P-CSCF) failure during call origination
US20170325139A1 (en) Operation of a serving node in a network
EP3113527B1 (fr) Procédé et appareil pour détecter une attaque de l'homme du milieu
KR101461236B1 (ko) 무선 호를 연결 과정에서 엔티티의 인증을 수행하는 방법
CN101632282A (zh) 经由aaa策略数据库将非准许移动接入(uma)用户列入黑名单
WO2009152759A1 (fr) Procédé et dispositif de prévention de perte de synchronisation de sécurité de réseau
US10834581B2 (en) Security verification when resuming an RRC connection
KR20130073850A (ko) 페이크 네트워크의 식별을 위한 방법 및 장치
KR20190018706A (ko) 사이퍼링 및 무결성 보호의 보안
JP6651613B2 (ja) ワイヤレス通信
US8958336B2 (en) Condition detection by a call session control function (CSCF)
WO2017194161A1 (fr) Procédé et système pour une atténuation de perte durant une commutation de mode de communication de dispositif à dispositif
EP3228108B1 (fr) Procédé, programme d'ordinateur et noeud de réseau pour garantir la sécurité de requêtes de service.
WO2013062394A1 (fr) Procédé et appareil de signature unique dans un système de communication mobile
WO2010078724A1 (fr) Procédé d'authentification locale dans un système de communication mobile
US20240179529A1 (en) Message transmission method and communication apparatus
WO2022174729A1 (fr) Procédé de protection de la confidentialité d'identification d'identité, et appareil de communication
WO2009091309A1 (fr) Détection d'échec de contrôle d'intégrité et récupération dans un système de radiocommunications

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07711084

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07711084

Country of ref document: EP

Kind code of ref document: A1