WO2007121669A1 - Procédé, dispositif et système pour établir une connexion hertzienne - Google Patents

Procédé, dispositif et système pour établir une connexion hertzienne Download PDF

Info

Publication number
WO2007121669A1
WO2007121669A1 PCT/CN2007/001301 CN2007001301W WO2007121669A1 WO 2007121669 A1 WO2007121669 A1 WO 2007121669A1 CN 2007001301 W CN2007001301 W CN 2007001301W WO 2007121669 A1 WO2007121669 A1 WO 2007121669A1
Authority
WO
WIPO (PCT)
Prior art keywords
network device
security
access network
wireless connection
parameters
Prior art date
Application number
PCT/CN2007/001301
Other languages
English (en)
Chinese (zh)
Inventor
Jing Chen
Binsong Tang
Zongjie Wang
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Publication of WO2007121669A1 publication Critical patent/WO2007121669A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices

Definitions

  • the present invention relates to a wireless connection technology in a mobile communication system, and more particularly to a method, device and system for establishing a wireless connection. Background of the invention
  • UMTS Global System for Mobile Communications
  • UE User Equipment
  • UTRAN Global Terrestrial Radio Access Network
  • Figure 1 shows a flow chart of a prior art wireless connection establishment method.
  • the UE in steps 101-103, the UE first sends an RRC connection request to the UTRAN through the air interface, and the UTRAN returns an RRC connection setup message to the UE, and then the UE sends an RRC connection setup completion indicating that the connection establishment is successful to the UTRAN. Message.
  • the UE and the core network device such as the serving general packet radio service support node (SGSN) are saved.
  • An encryption key and an integrity key for protecting communication between the UE and the RNC are saved.
  • the UE reports its own security capabilities, such as encryption algorithms, integrity algorithms, and the like, to the wireless network control in the UTRAN.
  • RNC The UE then sends its identity, encryption key, and integrity key identifier to the core network device in core network signaling.
  • Embodiments of the present invention provide a method, device, and system for establishing a wireless connection, which can reduce access delay.
  • a method for establishing a wireless connection comprising:
  • a method for establishing a wireless connection comprising:
  • the access network device After receiving the wireless connection establishment request from the user equipment, the access network device interacts with the core network device that stores the security parameter of the user equipment, and obtains the security parameter of the user equipment; and determines according to the security parameter of the user equipment. Protecting the security association of the current wireless connection, instructing the user equipment to use the security association to protect communications.
  • a wireless connection establishing system includes: The user equipment UE is configured to request the access network device to establish a wireless connection, and the core network device is configured to save the security parameter of the UE, interact with the access network device, and provide the security parameter of the UE to the access network device;
  • a core network device including:
  • a protection information storage unit configured to save a security parameter of the user equipment UE
  • a receiving unit configured to receive a wireless connection establishment request of the user equipment UE
  • a determining and indicating unit configured to determine, according to the security parameter of the UE, a security association for protecting the current connection, and instruct the UE to use the corresponding security association to protect the communication.
  • the time delay of the UE in the process of accessing the core network can be reduced.
  • the UE and the core network device both store the security parameters of the UE, and the current wireless connection establishment process uses the saved security parameters of the UE to secure the wireless signaling without renegotiating all the Security parameters, which greatly reduce the amount of information that needs to be transmitted during the access process.
  • the negotiation of the security association of the wireless connection security protection is completed during the establishment of the wireless connection, the delay of the access process is effectively shortened, and the wireless connection establishment process can be protected.
  • FIG. 3 is a signaling flowchart of a method for establishing a wireless connection according to Embodiment 2 of the present invention
  • FIG. 4 is a signaling flowchart of a method for establishing a wireless connection according to Embodiment 3 of the present invention
  • FIG. 5 is a flowchart for establishing a wireless connection according to Embodiment 4 of the present invention
  • FIG. 6 is a signaling flowchart of a wireless connection establishment method according to Embodiment 5 of the present invention
  • FIG. 7 is a schematic structural diagram of a wireless connection establishment system according to Embodiment 6 of the present invention. Mode for carrying out the invention
  • the UE and the core network device pre-store the security parameters of the UE, and the current wireless connection establishment process uses the security parameters of the saved UE to secure the wireless signaling.
  • Fig. 2 is a flow chart showing a method of establishing a wireless connection in Embodiment 1 of the present invention.
  • the security parameter information of the UE is pre-stored in the UE and the core network device.
  • the method for establishing a wireless connection in the present invention includes:
  • step 201 the UE requests the access network device to establish a wireless connection
  • step 202 the access network device and the UE are saved in the last wireless connection.
  • the full-threshold core network device interacts to obtain the security parameters of the UE;
  • step 204 the UE sends an acknowledgement message to the access network device.
  • the pre-saved security parameter is all security parameters of the security association used in the last wireless connection, that is, the protection information set includes all the security parameters such as a key for protecting the security of the wireless connection communication, a security algorithm, and the like.
  • FIG. 3 shows a signaling flow chart of the method for establishing a wireless connection in this embodiment.
  • the method for establishing a wireless connection in this embodiment includes:
  • step 301 the UE sends a wireless connection establishment request message carrying the identity identifier of the UE, the protection information set identifier, and the information about the AGW to the BS, requesting to establish a wireless connection.
  • the network architecture in this embodiment uses a resource pool, that is, the BS is connected to multiple AGWs. Therefore, information about the AGW is needed in this step to help the BS find the security parameters of the UE stored in the last wireless connection.
  • AGW the correspondence between the UE and the AGW may be set in advance, so that the BS finds the AGW corresponding to the UE in the preset correspondence according to the received identity of the UE, and therefore the wireless connection in this step. It is not necessary to carry information about the AGW in the setup request message.
  • the protection information set identifier is required to be carried in the wireless connection establishment request message in this step, because a UE can correspond to multiple protection information sets.
  • This protection information set identifier can be an identifier of a key.
  • This key can be a key that protects the wireless connection or a root key used to derive the key that protects the wireless connection.
  • the BS sends a protection information set request message carrying the UE identity identifier and the protection information set identifier to the AGW, and the AGW carries the corresponding protection information set according to the received UI identity and the protection information set identifier.
  • the protection information set response message is returned to the BS. That is, the AGW sends the key, algorithm and other parameters used to protect the security of the wireless connection communication to the BS.
  • the identity identifier of the UE is sent to the determined AGW.
  • the AGW parses the identity identifier and the protection information set identifier of the UE from the message, and searches for the protection corresponding to the UE according to the identity identifier and the protection information set identifier of the UE.
  • the information set, and the protected information set response message is returned to the BS by the set of protection information.
  • step 304 the BS selects a security parameter supported by itself from the received protection information set, obtains a security association for protecting the communication in the current wireless connection, and instructs the UE to use the corresponding security association pair by using a wireless connection establishment message. Communication is protected.
  • the BS determines whether to continue using the received protection information set according to the lifetime of the protection information set and whether it supports the security algorithm in the protection information set. In the case of determining to continue to use the protection information set, the BS determines the security parameter in the protection information set as the security parameter used to protect the wireless signaling during the wireless connection process, in other words, the security association in the current wireless connection process. To protect all security parameters in the information set. That is, the security parameters such as the key and algorithm used in this wireless connection are the same as those used in the previous wireless connection.
  • step 305 after successfully verifying the integrity of the wireless connection message, the UE sends a wireless connection establishment confirmation message, which is protected by the received security parameter, to the BS, indicating the wireless connection.
  • the connection is completed.
  • the BS can report the security association used in the wireless connection to the AGW for storage.
  • the pre-saved security parameters include security key information in the last wireless connection.
  • the UE moves into a different access network control range, and the BS cannot directly communicate with the AGW that holds the security key information in the last wireless connection.
  • the AGW directly connected to the BS is AGWnew, and the AGW that stores the security key information in the last wireless connection is AGWold, and the BS cannot directly connect to the AGWold.
  • UE and The AGWold shared key K is used to derive the security key for protecting the wireless connection signaling in the wireless connection.
  • step 401 the UE sends a wireless connection establishment request message carrying the identity identifier of the UE, the protection information set identifier, the information about the AGWold, and the security algorithm supported by the UE to the BS, requesting to establish a wireless connection.
  • the BS is only connected to one AGWnew, and then communicates with AGWold through AGWnew. Therefore, this step does not need to carry AGWnew information.
  • the information about AGWold may be the identifier of AGWold, and the help BS finds AGWold storing the security association information of the UE in the last wireless connection.
  • the correspondence between the UE and the AGWold may be set in advance, so that the BS finds the AGWold corresponding to the UE in the preset correspondence according to the received identity of the UE, and therefore the wireless connection establishment request in this step.
  • the message may not carry the information about the AGWold.
  • the wireless connection setup request message in this step also carries the security capability of the UE, such as the security algorithm supported by the UE, and the purpose is to facilitate the BS to determine the current wireless connection in the subsequent steps.
  • the security algorithm used in Since each UE can support more than one type of security algorithm, it can be performed by means of a list of security algorithms.
  • the BS sends a protection information set request message carrying the UE identity, the protection information set identifier, and the information about the AGWold to the AGWnew, requesting to obtain the security parameter in the last wireless connection.
  • the BS parses the identity identifier of the UE, the protection information set identifier, the information about the AGWold, and the security algorithm supported by the UE from the radio connection setup request message from the UE, and after saving the security algorithm supported by the UE, UE identity,
  • the protection information set identifier and the information about the AGWold are placed in the protection information set request message and sent to AGWnew.
  • the AGWnew sends a protection information set request message carrying the identity identifier of the UE and the protection information set identifier to the corresponding AGWold according to the protection information set request message from the BS; the AGWold according to the received message, The device searches for the corresponding protection information set, and returns the found protection information set to AGWnew through the protection information set response message.
  • AGWnew determines the corresponding AGWokL according to the information about the AGWold carried in the protection information set request message from the BS.
  • the protection information set in the last wireless connection is protected in the protection information set saved by the AGWold or can be derived from the previous wireless.
  • the root key of the security key in the connection so the AGWold carries the security key corresponding to the UE in the protection information set response message returned to the AGWnew.
  • the security key here contains the shared key K shared by the UE and AGWold.
  • AGWnew may also not generate the first random number RAND.
  • deriving a new encryption key and/or integrity key may use a variable such as a BS identity as an input parameter, because the UE may correspond to different The base station, the base station is replaced, and the BS identity also changes. If the AGWnew does not generate the first random number, or generates a new encryption key and/or the integrity key does not use a parameter that the UE does not know, the protection information set response returned to the BS does not carry the UE does not know. , the parameters required to generate the encryption key and/or integrity key.
  • AGWnew may also derive the intermediate key Kbs based on the shared key K and other parameters such as the random number RAND, BS ID, and the like. AGWnew sends Kbs and the parameters used by Kbs to the BS without knowing the parameters.
  • the BS selects a self-supported security algorithm from the security algorithm from the UE, and generates a second random number FRESH as one of the parameters of the integrity algorithm, and then selects the selected security algorithm, second.
  • the random number FRESH and the first random number RAND are carried in the wireless connection setup message protected by the integrity key, and are sent to the UE.
  • the AGWnew does not generate the first random number RAND, the first random number does not need to be sent to the UE.
  • the BS derives the key to protect the wireless connection according to Kbs and other parameters, such as the integrity key and/or the encryption key, which will derive the intermediate key Kbs and protect the wireless connection.
  • the parameters required by the key, but not known by the UE, are sent to the UE.
  • the UE After successfully verifying the integrity of the wireless connection message, the UE sends a wireless connection establishment confirmation message indicating that the wireless connection establishment is completed, using the received security parameter (such as an algorithm) and the derived protected wireless connection key for protection.
  • the BS selects the security algorithm received in step 401 according to its own characteristics, selects the security algorithm supported by the BS, and uses the selected security algorithm as the security algorithm used in the current wireless connection.
  • the second random number FRESH generated by the BS acts as an input parameter to the integrity algorithm.
  • the UE derives the same intermediate key Kbs as in the BS according to the parameters such as the shared key K, and derives the key for protecting the wireless connection according to the intermediate key Kbs.
  • the UE uses the integrity key for integrity verification, which may require the participation of a second random number FRESH.
  • the UE performs integrity protection on the wireless connection confirmation message by using the integrity algorithm in the received security parameter and the integrity key of the protected wireless connection directly derived by the UE or derived from the intermediate key Kbs.
  • the confidentiality protection is protected by an encryption key and an encryption algorithm that protect the wireless connection. This message can also be only integrity protected without confidentiality protection.
  • the BS can report the security association used in this wireless connection to AGWnew for future wireless connection.
  • the UE when receiving the wireless connection message of the BS, the UE performs integrity verification on the message to ensure that the message has not been tampered with, and indicates to the BS that the wireless connection confirmation message is received when the wireless connection establishment is completed. Security is secured, so the security of the wireless connection is effectively improved.
  • the difference from the embodiment 2 is that all interactions between the BS and the AGWold are performed by AGWnew.
  • the specific difference is that, in steps 302-303, the BS sends a protection information set request message carrying the UE identity to the AGWold through the AGWnew, and the AGWold carries the corresponding protection information set in the protection information set according to the received UE identity identifier. In the response message, it is returned to the BS through AGWnew.
  • the AGWnew and the UE may perform the update of the encryption key and the integrity secret month, or may only update the encryption key or the integrity key.
  • the function of AGWnew to generate an encryption key and/or an integrity key or an intermediate key Kbs may also be performed by AGWold.
  • the AGWnew carries the identity of the BS in the protection information set request and sends it to the AGWold.
  • the AGWold generates or does not generate the first random number RAND, and generates an encryption key according to parameters such as the first random number RAND and/or the identity of the BS. Integrity key.
  • the access gateway directly connected to the base station only plays the role of forwarding during the negotiation of the key.
  • the method of negotiating a key in this embodiment is also suitable for the case where the BS is directly connected to the AGW that holds the security parameters in the last wireless connection.
  • AGWold and AGWnew are combined into one, which becomes the AGW directly connected to the BS.
  • Example 4 the BS can directly communicate with the AGW that saves the security parameters in the last wireless connection, and the security parameters stored in the UE and the AGW are all parameters (algorithms, keys, etc.) in the security association.
  • the security capability information of the UE is also stored in the AGW.
  • FIG. 5 shows a signaling flow chart of the method for establishing a wireless connection in this embodiment.
  • the method for establishing a wireless connection in this embodiment includes:
  • step 501 the UE sends a wireless connection establishment request message carrying the identity identifier of the UE, the protection information set identifier, and the information about the AGW to the BS, requesting to establish a wireless connection.
  • the BS sends a protection information set request message carrying the UE identity to the AGW, and the AGW carries the corresponding protection information set and the security capability information of the UE together with the protection information according to the received UE identity identifier.
  • the collection response message it is returned to the BS.
  • the security capabilities herein include security related information such as security algorithms supported by the UE.
  • the identity of the UE is sent to the determined AGW.
  • the AGW parses the identity of the UE from the message, and then finds the protection information set and security capability corresponding to the UE from itself, and uses the protection information set response message to The found protection information set is returned to the BS.
  • the AGW When the AGW does not save the key to protect the wireless connection, but only saves the root key of the key that can be derived to protect the wireless connection, the AGW needs to derive the key or intermediate key Kbs for protecting the wireless connection and send it to BS.
  • the specific process is as shown in Embodiment 3.
  • step 504 the BS negotiates the algorithm according to the received protection information set response message.
  • the BS parses the protection information set and the security capability information of the UE from the received protection information set response message, and according to the lifetime of the protection information set and itself Whether to support the security algorithm and the like in the protection information set, determine whether to continue using the received protection information set.
  • the BS determines that it does not support the algorithm in the protection information set, for example, when the BS determines that it does not support the encryption algorithm in the protection information set
  • the BS selects, according to the parsed security capability information of the UE, the encryption algorithm supported by the BS.
  • a suitable encryption algorithm for both the UE and the BS A suitable encryption algorithm for both the UE and the BS.
  • the security association in this wireless connection consists of the selected algorithm and other security parameters in the protection information set.
  • the BS carries the selected algorithm and other security parameters from the AGW in the radio connection setup message, and sends the message to the UE. After successfully verifying the integrity of the radio connection setup request message, the UE sends the adoption to the BS.
  • the received wireless connection establishment confirmation message of the security parameter indicates that the wireless connection establishment is completed.
  • the UE parses the algorithm from the received radio connection setup message and performs integrity verification on the strip message. After passing the verification, the UE performs integrity protection on the wireless connection confirmation message by using the received integrity algorithm and the integrity key saved or derived by the UE, and uses the encryption key and the encryption algorithm for confidentiality protection. This message can also be only integrity protected without confidentiality protection.
  • the BS can report the security association used in the wireless connection to the AGW for storage.
  • the BS can save the security association information used in the last wireless connection.
  • the AGW directly communicates, and all security parameters in the protection information set are saved in the AGW, but the BS does not support the encryption algorithm in the protection information set. Therefore, only the negotiation of the encryption algorithm is performed during the establishment of the wireless connection, and other security parameters are directly retrieved from the AGW, thereby effectively shortening the access delay.
  • the UE when receiving the wireless connection message of the BS, the UE performs integrity verification on the message to ensure that the message has not been tampered with, and indicates to the BS that the wireless connection is received using the received security parameter. The confirmation message is secured, so the security of the wireless connection is effectively improved.
  • the BS can directly communicate with the AGW that holds the security association information used in the last wireless connection, but only some of the security parameters are stored in the AGW. In this case, the BS needs to determine whether the security parameters in the protection information set are supported, and the unsupported security parameters and the security parameters that are not saved in the AGW are used as security parameters to be negotiated, and interact with the UE to complete the security parameters that need to be negotiated.
  • Negotiation the BS needs to determine whether the security parameters in the protection information set are supported, and the unsupported security parameters and the security parameters that are not saved in the AGW are used as security parameters to be negotiated, and interact with the UE to complete the security parameters that need to be negotiated.
  • FIG. 6 shows a signaling flow chart of the method for establishing a wireless connection in this embodiment.
  • the method for establishing a wireless connection in this embodiment includes:
  • step 601 the UE sends a wireless connection establishment request message carrying the identity identifier of the UE, the protection information set identifier, and the information about the AGW to the BS, requesting to establish a wireless connection.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention concerne un procédé pour établir une connexion hertzienne qui comprend les opérations suivantes : un équipement utilisateur (EU) demande à un dispositif de réseau d'accès d'établir une connexion hertzienne; le dispositif de réseau d'accès agit en alternance avec un dispositif de réseau central dans lequel est enregistré le paramètre de sécurité de l'EU, et obtient le paramètre de sécurité de l'EU; le dispositif de réseau d'accès obtient une relation de sécurité de la connexion hertzienne courante selon le paramètre de sécurité reçu, et indique à l'EU que la communication doit être protégée par utilisation de la relation de sécurité. L'invention concerne également un dispositif et un système pour établir une connexion hertzienne. L'invention permet de réduire efficacement les temps d'accès et d'augmenter la sécurité au cours de l'établissement d'une connexion hertzienne.
PCT/CN2007/001301 2006-04-20 2007-04-20 Procédé, dispositif et système pour établir une connexion hertzienne WO2007121669A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2006100764364A CN101060712B (zh) 2006-04-20 2006-04-20 无线连接建立方法
CN200610076436.4 2006-04-20

Publications (1)

Publication Number Publication Date
WO2007121669A1 true WO2007121669A1 (fr) 2007-11-01

Family

ID=38624550

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2007/001301 WO2007121669A1 (fr) 2006-04-20 2007-04-20 Procédé, dispositif et système pour établir une connexion hertzienne

Country Status (2)

Country Link
CN (1) CN101060712B (fr)
WO (1) WO2007121669A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190036694A1 (en) * 2010-12-21 2019-01-31 Koninklijke Kpn N.V. Operator-Assisted Key Establishment

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101355809B (zh) * 2008-09-12 2013-03-20 中兴通讯股份有限公司 一种协商启用安全上下文的方法和系统
CN102158854A (zh) * 2009-01-15 2011-08-17 华为技术有限公司 数据发送、传输、接收方法及装置、局域网建立方法及装置
CN102055721B (zh) * 2009-11-02 2014-06-11 中兴通讯股份有限公司 一种访问控制方法和装置
CN102821385B (zh) * 2011-06-10 2017-03-22 中兴通讯股份有限公司 一种向终端发送公共警报系统密钥信息的方法和网络实体
KR101604937B1 (ko) * 2012-01-06 2016-03-18 후지쯔 가부시끼가이샤 기지국, 무선 단말기, 무선 통신 시스템, 및 무선 통신 방법
CN103517271A (zh) * 2012-06-28 2014-01-15 中国移动通信集团公司 数据传输方法及装置、终端
CN103813308B (zh) * 2012-11-13 2017-11-10 电信科学技术研究院 一种上行数据传输方法、装置及系统
CN103841547B (zh) * 2012-11-27 2017-11-10 电信科学技术研究院 一种下行数据传输方法、装置及系统
CN105306448A (zh) * 2015-09-22 2016-02-03 深圳前海华视移动互联有限公司 访问外网数据的方法、车载多媒体终端及其内核Netfilter模块
CN106954210B (zh) * 2016-01-06 2020-02-14 华为技术有限公司 一种空口标识的保护方法及装置
CN114145073B (zh) * 2019-09-29 2024-04-12 华为技术有限公司 通信方法和通信装置
CA3183089A1 (fr) * 2020-05-29 2021-12-02 Huawei Technologies Co., Ltd. Procede de negociation de cle, appareil et systeme

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1553610A (zh) * 2003-05-30 2004-12-08 ��Ϊ�������޹�˾ 码分多址系统用户漫游到全球移动通信系统的鉴权方法
CN1553730A (zh) * 2003-05-30 2004-12-08 华为技术有限公司 一种无线局域网中用于移动台切换的密钥协商方法
US20040250069A1 (en) * 2001-09-25 2004-12-09 Rauno Kosamo Adapting securityparameters of services provided for a user terminal in a communication network and correspondingly secured data communication

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040250069A1 (en) * 2001-09-25 2004-12-09 Rauno Kosamo Adapting securityparameters of services provided for a user terminal in a communication network and correspondingly secured data communication
CN1553610A (zh) * 2003-05-30 2004-12-08 ��Ϊ�������޹�˾ 码分多址系统用户漫游到全球移动通信系统的鉴权方法
CN1553730A (zh) * 2003-05-30 2004-12-08 华为技术有限公司 一种无线局域网中用于移动台切换的密钥协商方法

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190036694A1 (en) * 2010-12-21 2019-01-31 Koninklijke Kpn N.V. Operator-Assisted Key Establishment
US11799650B2 (en) * 2010-12-21 2023-10-24 Koninklijke Kpn N.V. Operator-assisted key establishment

Also Published As

Publication number Publication date
CN101060712B (zh) 2011-08-24
CN101060712A (zh) 2007-10-24

Similar Documents

Publication Publication Date Title
WO2007121669A1 (fr) Procédé, dispositif et système pour établir une connexion hertzienne
TWI497965B (zh) 長期演進無線裝置中實施安全性方法及裝置
US8787572B1 (en) Enhanced association for access points
AU2007232622B2 (en) System and method for optimizing authentication procedure during inter access system handovers
KR101554396B1 (ko) 통신 시스템들에서 가입자 인증과 디바이스 인증을 바인딩하는 방법 및 장치
AU2010201991B2 (en) Method and apparatus for security protection of an original user identity in an initial signaling message
WO2009030155A1 (fr) Procédé, système et appareil pour négocier les capacités de sécurité lors du déplacement d'un terminal
US8881305B2 (en) Methods and apparatus for maintaining secure connections in a wireless communication network
WO2006131061A1 (fr) Procede d'authentification et procede de transmission d'informations correspondant
WO2006022469A1 (fr) Procede pour negociation d'association securisee avec un protocole d'authentification extensible dans un systeme portable d'internet par radio
WO2015100974A1 (fr) Procédé, dispositif et système d'authentification de terminal
WO2009043278A1 (fr) Procédé, système et dispositif pour négocier la capacité de sécurité pendant qu'un terminal se déplace
WO2010083671A1 (fr) Procédé de négociation de protocole de transfert hypertexte de sécurité de réseau et dispositifs associés
WO2008006312A1 (fr) Procédé de fourniture de service push de gaa et dispositif associé
WO2011127774A1 (fr) Procédé et appareil pour contrôler un mode d'accès d'un terminal utilisateur à internet
WO2013174267A1 (fr) Procédé, système et dispositif pour l'établissement d'une connexion sécurisée à un réseau local sans fil
WO2010069202A1 (fr) Procédé de négociation d'authentification et système associé, passerelle de sécurité, noeud local b
WO2012083873A1 (fr) Procédé, appareil et système de génération de clé
WO2010028603A1 (fr) Procédé et système pour générer une clé pendant la mise à jour d'une zone de suivie
WO2007041933A1 (fr) Procédé de mise à jour de clés secrètes contrôlées et appareil idoine
JP5043928B2 (ja) 暗号化および整合性のために使用されるキーを処理する方法および装置
WO2011143977A1 (fr) Procédé et système d'établissement de clés améliorées lorsqu'un terminal rentre dans un réseau d'accès radio terrestre universel (utran) amélioré
WO2007025484A1 (fr) Procede de negociation de mise a jour pour cle d'autorisation et dispositif associe
CA2708898C (fr) Methodes et appareillage de tenue de connexions securisees dans un reseau de communication sans fil
KR101094057B1 (ko) 이동 통신시스템의 초기 시그널링 메시지 처리 방법 및장치

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07720874

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07720874

Country of ref document: EP

Kind code of ref document: A1