WO2008001988A1 - Système et procédé de gestion des accès réseau/service permettant d'assurer la liaison entre l'accès réseau et le service d'application - Google Patents

Système et procédé de gestion des accès réseau/service permettant d'assurer la liaison entre l'accès réseau et le service d'application Download PDF

Info

Publication number
WO2008001988A1
WO2008001988A1 PCT/KR2006/005713 KR2006005713W WO2008001988A1 WO 2008001988 A1 WO2008001988 A1 WO 2008001988A1 KR 2006005713 W KR2006005713 W KR 2006005713W WO 2008001988 A1 WO2008001988 A1 WO 2008001988A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
service
shared key
wireless connection
network
Prior art date
Application number
PCT/KR2006/005713
Other languages
English (en)
Inventor
Dong-Hoon Kim
Hyeon-Suk Lee
Gyung-Mo Kang
Je-Min Jung
Eun-Sook Jin
Original Assignee
Kt Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Kt Corporation filed Critical Kt Corporation
Publication of WO2008001988A1 publication Critical patent/WO2008001988A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/66Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0892Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols

Definitions

  • the present invention relates to a network/service connection management system and method for linkage between wireless connection and application service connection, and more particularly, to a network/service connection management system and method for linkage between wireless connection and application service connection, which allow a user to conveniently use supplementary application services without inputting any separate authentication information and also can provide a network provider with wireless connection service along with application services linked therewith to maximize profit creation effect, by interlinking between the wireless connection and the supplementary application service connection, that is, by managing the application service connection using wireless connection information.
  • Mobile communication networks such as existing CDMA (Code Division Multiple Access), PCS (Personal Communications Services) and so on are a kind of closed networks that providers who are not allowed by mobile communication companies (network provides) providing networks cannot offer services.
  • the next generation IP network such as WiBro and the like is AIl-IP based open network, and is under the environment that allows anyone to offer services, like the wired Internet.
  • OS general purpose operating system
  • ⁇ wireless connection (wireless connection service)' and 'service connection (supplementary application service connection) ' are dealt with separately.
  • the wireless connection service enables the use of IP-based services such as the Internet through connection between a user terminal and a network offered by a network provider with fee.
  • the supplementary application service is an application service with added value that is offered by various providers by using the web browser of the user terminal, application program or the like based on the wireless connection service.
  • the user on service user side, the user must to input ID/password separately even after wireless connection to use the supplementary application services under the existing Internet environment. Then, an application program in the user terminal executes a service connection authentication procedure with a service providing system in accordance with a service connection protocol through the use of the inputted authentication information.
  • the conventional connection management system which manages the wireless connection procedure and the supplementary application service connection procedure separately, requires the user to input the service authentication information (ID/password) separately for use of the corresponding supplementary application service even after wireless connection, thus causing any inconvenience.
  • the general purpose portable terminal such as PDA and so on is the main terminal used in the open network-based AIl-IP network of WLAN, WiBro, etc., it is required to take a separate user information input procedure for service authentication.
  • An embodiment of the present invention is directed to providing a network/service connection management system and method for linkage between wireless connection and application service connection, which allow a user to conveniently use supplementary application services without inputting any separate authentication information and also can provide a network provider with wireless connection service along with application services linked therewith to maximize profit creation effect, by interlinking between the wireless connection and the supplementary application service connection, that is, by managing the application service connection using wireless connection information.
  • a network/service connection management server for linkage between wireless connection and application service connection, including: a wireless connection managing unit for performing a wireless connection authentication procedure with a user terminal and acquiring an inherent identification number (terminal ID) of the user terminal and session information during the wireless connection authentication procedure; an authentication gateway for receiving the terminal ID and the session information from the wireless connection managing unit, generating a shared key (server side' s shared key) by using the session information and storing it in connection with the terminal ID, and transferring the server side's shared key upon request of an application service providing unit; and the application service providing unit for accepting the terminal ID and a shared key (terminal side' s shared key) along with service authentication request from the user terminal, and comparing the server side's shared key received from the authentication gateway in response to its request with the terminal side' s shared key to execute the service connection authentication.
  • a wireless connection managing unit for performing a wireless connection authentication procedure with a user terminal and acquiring an inherent identification number (terminal ID) of the user terminal and session information during the wireless connection authentication procedure
  • a user terminal for linkage between wireless connection and application service connection, including: a wireless connection managing unit for performing a wireless connection authentication procedure with a network/service connection managing server and acquiring an inherent identification number
  • terminal ID of the user terminal and session information during the wireless connection authentication procedure
  • a wireless common session managing unit for receiving the terminal ID and the session information from the wireless connection managing unit, generating a shared key (terminal side' s shared key) by using the session information and storing it in association with the terminal ID, and transferring the terminal side' s shared key upon request of an application service request unit; and the application service request unit for transmitting the terminal ID and the terminal side' s shared key to the network/service connection management server along with a service authentication request.
  • a network/service connection management method for use in a network/service connection management server including steps of: (a) performing a wireless connection authentication procedure with a user terminal and acquiring an inherent identification number
  • terminal ID of the user terminal and session information during the wireless connection authentication procedure
  • step (b) if the wireless connection is authenticated in the step (a) , generating a shared key (server side's shared key) by using the session information and managing the server side' s shared key in association with the terminal ID;
  • step (c) receiving the terminal ID and a shared key (terminal side's shared key) along with a service authentication request from the user terminal; and
  • searching the server side's shared key by using the terminal ID from the user terminal, and comparing the searched server side' s shared key with the terminal side' s shared key to perform the service connection authentication.
  • a network/service connection management method for use in a user terminal, including steps of: (a) performing a wireless connection authentication procedure with a network/service connection management server and acquiring an inherent identification number (terminal ID) of the user terminal and session information during the wireless connection authentication procedure; (b) if the wireless connection is authenticated in the step (a) , generating a shared key (terminal side's shared key) by using the session information and managing the terminal side' s shared key in association with the terminal's ID; and (c) transmitting the terminal ID and the terminal side's shared key to the network/service connection management server to request service connection authentication.
  • a computer-readable storage medium which stores, in a network/service connection management server having a processor for linkage between wireless connection and application service connection, a software program for implementing the functions of: (a) performing a wireless connection authentication procedure with a user terminal and acquiring an inherent identification number (terminal ID) of the user terminal and session information during the wireless connection authentication procedure; (b) if the wireless connection is authenticated in the function (a) , generating a shared key (server side's shared key) by using the session information and managing the server side' s shared key in association with the terminal ID; (c) receiving the terminal ID and a shared key (terminal side's shared key) along with a service authentication request from the user terminal; and (d) searching the server side's shared key by using the terminal ID received from the user terminal, and comparing the searched server side' s shared key with the terminal side' s shared key to perform service connection authentication.
  • a computer-readable storage medium which stores, in a user terminal having a processor for linkage between wireless connection and application service connection, a software program for implementing the functions of: (a) performing a wireless connection authentication procedure with a network/service connection management server and acquiring an inherent identification number (terminal ID) of the user terminal and session information during the wireless connection authentication procedure; (b) if the wireless connection is authenticated in the function (a) , generating a shared key (terminal side' s shared key) by using the session information and managing the terminal side's shared key in association with the terminal ID; and (c) transmitting the terminal ID and the terminal side' s shared key to the network/service connection management server to request service connection authentication.
  • the present invention performs the service connection authentication by using he inherent information of the terminal (user terminal) and wireless connection session information that are acquired during the wireless connection procedure if only the wireless connection has been established, thereby enabling the user to conveniently receive desired application services without inputting any additional information for supplementary service authentication.
  • the present invention allows the provider (network provider) who offers wireless connection to process the wireless connection and service connection by SSO (Single-Sign-On) and thus can provide more convenient service to clients, and also enables service connection by using the results of wireless connection without any separate service procedure.
  • the present invention can allow the clients to create more profit by locking-in the service offered by the provider.
  • Fig. 1 is a diagram illustrating the structure of a network/service connection management system for linkage between wireless connection and application service connection in accordance with a preferred embodiment of the present invention.
  • Fig. 2 is a flowchart illustrating a network/service connection management method for linkage between wireless connection and application service connection in accordance with another preferred embodiment of the present invention.
  • Fig. 1 is a diagram illustrating the structure of a network/service connection management system for linkage between wireless connection and application service connection in accordance with a preferred embodiment of the present invention.
  • the network/service connection management system of the present invention largely includes a user terminal 100 and a network/service connection management server 110.
  • the user terminal 100 is constituted by a wireless connection manager (WCM) 101, a wireless common session manager (WCSM) 102, an APP (application) client 103
  • WCM wireless connection manager
  • WCSM wireless common session manager
  • APP application
  • the network/service connection management server 110 is constituted by a wireless connection management server 111, an authentication gateway (G/W) 112, and an APP (application) server 113.
  • the WCM 101 performs a wireless connection authentication procedure with the wireless connection management server 111 of the network/service connection management server, and acquires an inherent identification number (terminal ID) and session information (wireless connection session information) of the user terminal during the wireless connection authentication procedure.
  • the wireless connection service wireless connection authentication procedure
  • the authentication protocol which is international standard, such as EAP-AKA (Extensible Authentication Protocol-Authentication and Key Agreement) and the like.
  • the session information is shared with the network/service connection management server 110 during the wireless connection authentication procedure.
  • the same session information secret key called session key
  • This secret key is a value which is induced by calculation by each of the user terminal 100 and the wireless connection management server 111 by using information being communicated therebetween during the wireless connection procedure, rather than the information being communicated therebetween during the wireless connection procedure. Therefore, the secrete key is stable in view of security.
  • the WCSM 102 receives the terminal ID and session information from the WCM 101, generate a shared key (which is a key for service authentication and shared by the user terminal and the network/service connection management server) (hereinafter, referred to as ⁇ terminal side' s shared key' ) by using the session information, and stores it in association with the terminal ID. After that, if the WCSM 102 gets a request for service authentication factor from the APP (application) client 103, in response to this, it transfers ⁇ the corresponding terminal ID' and ⁇ encrypted terminal side' s ID' .
  • APP application
  • the APP client 103 serves as ⁇ application service request means' and transmits the terminal ID and terminal side's shared key to the APP server 103 of the network/service connection management server along with the service authentication request, and receives authentication result (including user information) in response to the transmission.
  • the following is a description for each of the components in the network/service connection management server 110 for linkage between wireless connection and application service connection.
  • the wireless connection management server 111 performs a wireless connection authentication procedure with the user terminal 100, and acquires an inherent identification number (terminal ID) of the user terminal and session information during the wireless connection authentication procedure.
  • the wireless connection service (wireless connection authentication procedure) is carried out depending on the authentication protocol, which is international standard, such as EAP-AKA and the like.
  • the session information is shared with the user terminal 100 during the wireless connection authentication procedure. That is, the same session information is shared between the user terminal 100 and the network/service connection management server 110.
  • the wireless connection management server 111 may be an AAA (Authentication, Authorization and Accounting) server (see Fig. 20).
  • the authentication G/W 112 receives the terminal ID and the session information (wireless connection session information) from the wireless connection management server 111, generates a shared key (server side's shared key) by using the session information, and stores it in association with the terminal ID.
  • the shared key generating procedure using the session information is performed by the user terminal 100 and the network/service connection management server 110, respectively, wherein the same algorithm is used.
  • the authentication G/W 112 gets a request for service authentication factor from the APP server 113, in response to this, it transfers ⁇ the corresponding terminal ID' and ⁇ encrypted server side's shared key'.
  • the APP server 113 serves as Application service providing means' , and if the server receives the terminal ID and the shared key (terminal side's shared key) from the APP client 103 of the user terminal along with the service authentication request, it requests the authentication G/W 112 to send the corresponding server side's shared key by using the ⁇ received terminal ID' as index. Then, the APP server 113 accepts the server side's shared key from the authentication G/W 112 and compares the terminal side' s shared key with the server side's shared key.
  • an authentication success message (which may contain user information such as user profile) is sent to the user terminal 100, and if they are different from each other, an authentication failure message is forwarded to the user terminal 100.
  • the authentication success message may contain user information such as user profile.
  • the present invention allows the user to conveniently and safely connect to the supplementary application services and use them by using the session information (secret key) created during the wireless connection procedure, without taking any separate ID/password.
  • Fig. 2 is a flowchart illustrating a network/service connection management method for linkage between wireless connection and application service connection in accordance with another preferred embodiment of the present invention.
  • the method of the invention may be applied to the wireless LAN services (open network environment) such as Fibro and so on as well as the wired Internet .
  • the WCM 101 carries out wireless connection authentication with the AAA server 111 by using the EAP- AKA protocol (200).
  • identification information (identifier) used is an ⁇ inherent identification number of the user terminal (terminal ID) ' , which is an inherent identifier of the terminal that is not exposed to the user and outside.
  • same session information (which is a session key as a secret key and corresponds to MSK (Master Session Key) ) is created between the WCM 101 and the AAA server 111.
  • This session information is not a value that is transmitted through the network during the wireless connection procedure, but a value that is derived by using information being communicated between the WCM 101 and the AAA server 111 during the authentication procedure by their respective calculation, in view of the nature of protocol.
  • the WCM 101 and the AAA server 111 acquire the terminal ID and the session information through the authentication procedure.
  • the step 202 of transferring the terminal ID and the session information (wireless connection session information) from the WCM 101 to the WCSM 102 is performed; and in the network/service connection management server 110, the step 204 of transferring the terminal ID and the session information (wireless connection session information) from the AAA server 111 to the authentication G/W 112 is carried out.
  • the WCSM 102 and the authentication G/W 112 hash and keep the received session information through the use of the same algorithm. So, the WCSM 102 and the authentication G/W 112 create the shared key that is not exposed to outside but known only to both sides (steps 206 and 208) . That is, the WCSM 102 and the authentication G/W 112 create the shared key by using the session information.
  • connection procedure 20 The following is a description for the service (supplementary application services) connection procedure 20.
  • the various APP clients 103 in the user terminal do not accept the ID and password from the user separately for service connection with the APP server 113, but receive the shared key (terminal side's shared key) and the terminal ID by requesting them to the WCSM 102 (steps 210 and 212) . Further, the APP client 103 requests the APP server 113 to execute service authentication (step 214). At this time, the algorithm for authentication may use various standards, and the shared key is encrypted and then sent to the APP server 113. The APP server 113 receiving the request for authentication requests the authentication G/W 112 to send the corresponding server side' s shared key by using the received terminal ID as index and then receives the same there from (steps 216 and 218).
  • the APP server 113 performs the service authentication through the procedure of confirming whether the terminal side's shared key is the same as the server side's shared key (step 220), and thereafter, sends the authentication result along with the user information which is provided from the authentication G/W 112 (step 222). At this time, the user information may be sent along with the authentication result, wherein the user information is provided from the authentication G/W 112.
  • the APP server 113 can know a person who requested the service authentication based on the user information provided by the authentication G/W 112, and responds the received authentication result to the APP client 103.
  • the APP server 113 does not receive the separate ID and password from the user, it succeeds in the service connection by employing the terminal's inherent ID and shared key, and can know the user information as well.
  • the method of the present invention as mentioned above may be implemented by a software program that is stored in a computer-readable storage medium such as CD- ROM, RAM, ROM, floppy disk, hard disk, optical magnetic disk, or the like. This procedure may be readily carried out by those skilled in the art; and therefore, details of thereof are omitted here.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Computer And Data Communications (AREA)

Abstract

La présente invention concerne un serveur de gestion des connexions réseau/service qui assure la liaison entre une connexion sans fil et une connexion de serveur d'application. Le serveur comprend une unité de gestion des connexions sans fil qui exécute une procédure d'authentification des connexions sans fil avec un terminal d'utilisateur et qui acquiert un numéro d'identification propre au terminal d'utilisateur et des informations de session; une passerelle d'authentification qui reçoit l'ID du terminal et les informations de session provenant de l'unité de gestion des connexions sans fil et qui transfère la clé partagée du côté serveur sur demande d'une unité fournissant un service d'application; et l'unité fournissant le service d'application qui accepte l'ID du terminal et une clé partagée ainsi que la demande d'authentification du service provenant du terminal d'utilisateur.
PCT/KR2006/005713 2006-06-30 2006-12-26 Système et procédé de gestion des accès réseau/service permettant d'assurer la liaison entre l'accès réseau et le service d'application WO2008001988A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020060061185A KR100837817B1 (ko) 2006-06-30 2006-06-30 망 접속과 응용서비스 접속 간의 연계를 위한 망/서비스접속 관리 시스템 및 그 방법
KR10-2006-0061185 2006-06-30

Publications (1)

Publication Number Publication Date
WO2008001988A1 true WO2008001988A1 (fr) 2008-01-03

Family

ID=38845728

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2006/005713 WO2008001988A1 (fr) 2006-06-30 2006-12-26 Système et procédé de gestion des accès réseau/service permettant d'assurer la liaison entre l'accès réseau et le service d'application

Country Status (2)

Country Link
KR (1) KR100837817B1 (fr)
WO (1) WO2008001988A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103457954A (zh) * 2013-09-11 2013-12-18 陈迪 用户密码管理方法和装置
CN103747423A (zh) * 2013-12-25 2014-04-23 华为技术有限公司 一种终端应用的注册方法、装置和系统
US9680814B2 (en) 2013-12-25 2017-06-13 Huawei Technologies Co., Ltd. Method, device, and system for registering terminal application

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101038096B1 (ko) * 2010-01-04 2011-06-01 전자부품연구원 바이너리 cdma에서 키 인증 방법

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6275941B1 (en) * 1997-03-28 2001-08-14 Hiatchi, Ltd. Security management method for network system
WO2004032415A1 (fr) * 2002-10-03 2004-04-15 Nokia Corporation Procede et appareil de reauthentification dans un systeme de communication cellulaire
WO2004034720A2 (fr) * 2002-10-08 2004-04-22 Nokia Corporation Procede et systeme d'etablissement de connexion via un reseau d'acces
US20050289643A1 (en) * 2004-06-28 2005-12-29 Ntt Docomo, Inc. Authentication method, terminal device, relay device and authentication server
US20060023682A1 (en) * 2004-07-28 2006-02-02 Nec Corporation Wireless communication network, wireless terminal, access server, and method therefor

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001312468A (ja) * 2000-04-28 2001-11-09 Konami Co Ltd ネットワーク接続制御方法及び接続制御システム
KR20010105705A (ko) * 2000-05-17 2001-11-29 정문술 다중 인터넷 서비스에 대한 통합 사용자 관리환경 제공방법 및 이를 위한 시스템
KR101019849B1 (ko) * 2004-02-20 2011-03-04 주식회사 케이티 사용자 인증 정보 공유 시스템 및 그 방법
KR100813791B1 (ko) * 2004-09-30 2008-03-13 주식회사 케이티 유무선 통합서비스 망에서의 개인 이동성을 위한 통합인증 처리 장치 및 그 방법
KR20070024116A (ko) * 2005-08-26 2007-03-02 주식회사 케이티 단말인증에 기반한 네트워크 서비스 접속 관리 시스템 및방법

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6275941B1 (en) * 1997-03-28 2001-08-14 Hiatchi, Ltd. Security management method for network system
WO2004032415A1 (fr) * 2002-10-03 2004-04-15 Nokia Corporation Procede et appareil de reauthentification dans un systeme de communication cellulaire
WO2004034720A2 (fr) * 2002-10-08 2004-04-22 Nokia Corporation Procede et systeme d'etablissement de connexion via un reseau d'acces
US20050289643A1 (en) * 2004-06-28 2005-12-29 Ntt Docomo, Inc. Authentication method, terminal device, relay device and authentication server
US20060023682A1 (en) * 2004-07-28 2006-02-02 Nec Corporation Wireless communication network, wireless terminal, access server, and method therefor

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103457954A (zh) * 2013-09-11 2013-12-18 陈迪 用户密码管理方法和装置
CN103747423A (zh) * 2013-12-25 2014-04-23 华为技术有限公司 一种终端应用的注册方法、装置和系统
US9680814B2 (en) 2013-12-25 2017-06-13 Huawei Technologies Co., Ltd. Method, device, and system for registering terminal application
CN103747423B (zh) * 2013-12-25 2018-05-11 华为技术有限公司 一种终端应用的注册方法、装置和系统

Also Published As

Publication number Publication date
KR100837817B1 (ko) 2008-06-13
KR20080002382A (ko) 2008-01-04

Similar Documents

Publication Publication Date Title
CN110800331B (zh) 网络验证方法、相关设备及系统
JP6612358B2 (ja) ネットワークアクセスデバイスをワイヤレスネットワークアクセスポイントにアクセスさせるための方法、ネットワークアクセスデバイス、アプリケーションサーバ、および不揮発性コンピュータ可読記憶媒体
JP3869392B2 (ja) 公衆無線lanサービスシステムにおけるユーザ認証方法および該方法をコンピュータで実行させるためのプログラムを記録した記録媒体
US8275355B2 (en) Method for roaming user to establish security association with visited network application server
US8145193B2 (en) Session key management for public wireless LAN supporting multiple virtual operators
JP4701172B2 (ja) リダイレクトを使用してネットワークへのアクセスを制御するシステム及び方法
CN101616410B (zh) 一种蜂窝移动通信网络的接入方法和系统
US7310307B1 (en) System and method for authenticating an element in a network environment
US9686669B2 (en) Method of configuring a mobile node
US7640004B2 (en) Wireless LAN system, wireless terminal, wireless base station, communication configuration method for wireless terminal, and program thereof
KR20070032805A (ko) 복수의 네트워크를 액세스하기 위한 싱글-사인-온을실현하도록 사용자 인증 및 승인을 관리하는 시스템 및방법
US20050135622A1 (en) Upper layer security based on lower layer keying
WO2004034645A1 (fr) Procede de protection de l'information d'identification dans une interconnexion de reseau local sans fil
JP2005519501A (ja) シングルサインオンサービスのためのシステム、方法、および装置
DK2924944T3 (en) Presence authentication
CN104956638A (zh) 用于在热点网络中未知设备的受限证书注册
JP2004241976A (ja) 移動通信ネットワークシステムおよび移動端末認証方法
WO2011026404A1 (fr) Procédé de mise à jour de session pour authentification, autorisation et comptabilité et équipement et système associés
EP2206400A1 (fr) Systèmes et procédés pour sélectionner un réseau sans fil
KR101002471B1 (ko) 계층적 인증을 이용하는 브로커-기반 연동
US20060190601A1 (en) Localized authentication, authorization and accounting (AAA) method and apparatus for optimizing service authentication and authorization in a network system
US8102762B2 (en) Communication control system and communication control method
WO2008001988A1 (fr) Système et procédé de gestion des accès réseau/service permettant d'assurer la liaison entre l'accès réseau et le service d'application
TW201134147A (en) WiFi and WiMAX internetworking
KR100495817B1 (ko) 무선망에서의 사용자 인증 처리 시스템 및 그 방법

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 06835417

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

NENP Non-entry into the national phase

Ref country code: RU

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC OF 06-04-2009

122 Ep: pct application non-entry in european phase

Ref document number: 06835417

Country of ref document: EP

Kind code of ref document: A1