WO2012129985A1 - Procédé et système pour une ouverture de session unique - Google Patents

Procédé et système pour une ouverture de session unique Download PDF

Info

Publication number
WO2012129985A1
WO2012129985A1 PCT/CN2012/070948 CN2012070948W WO2012129985A1 WO 2012129985 A1 WO2012129985 A1 WO 2012129985A1 CN 2012070948 W CN2012070948 W CN 2012070948W WO 2012129985 A1 WO2012129985 A1 WO 2012129985A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
authentication
authentication center
center
noncel
Prior art date
Application number
PCT/CN2012/070948
Other languages
English (en)
Chinese (zh)
Inventor
张孟旺
田甜
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from CN201110076415.3A external-priority patent/CN102469102B/zh
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2012129985A1 publication Critical patent/WO2012129985A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys

Definitions

  • the present invention relates to the field of communications, and in particular to a single sign-on method and system.
  • IMS Unified IP Multimedia Subsystem
  • the IMS UE has a Universal Integrated Circuit Card (UICC), and the network operator has deployed the General Bootstrapping Architecture (GBA):
  • GBA General Bootstrapping Architecture
  • the GBA authentication mechanism can be used at this time.
  • OpenID I Open Identity
  • the operator deploys a large number of GBAs, and at the same time embeds a UICC card into each IMS UE, and uses the information in the GBA and UICC cards to complete the SS0 function of accessing the application server to the IMS terminal.
  • the IMS UE has a UICC card, but the operator cannot deploy the GBA. In this case, the UE terminal user needs to be authenticated.
  • AKA Authentication and Key Agreement
  • the IMS UE sends an authentication request to the application server (Application Server, also referred to as AS, also referred to as RP), and the request includes an OpenID identifier.
  • the RP uses the OpenID identifier to discover an OpenID Provider (OP).
  • the OP obtains the AKA authentication vector and the IP multimedia based private user from the Home Subscriber Server (HSS)
  • HSS Home Subscriber Server
  • IMPI IP Multimedia Private Identity
  • the OP sends an authentication challenge to the UE by using the AKA authentication method, so that the UE authenticates the network; the UE sends a response to the challenge to the OP, which is completed in the OP.
  • the OP sends a flag information asserting that the OpenID identifier belongs to the terminal to the UE, and the assertion is used by the 0P to share the shared key with the RP (the key may be a shared key of the 0P and the RP, or may be 0P own key) mark; redirect the assertion to the RP; if the 0P is shared with the RP, RP directly verify the signature information, and notify the UE verify the results. If After the OP's own key encryption is used, the RP transmits the replica of the assertion to the OP for verification. After the OP is verified, the verification result is notified to the RP, and finally the RP notifies the UE of the verification result.
  • the architecture enables the network operator to act as an OpenID provider to provide authentication services for users to access the WEB server.
  • OIM identity in IMS
  • users can provide SSO functionality across IMS and web servers. Allow users to control their public identity identifiers on the web. By accessing the WEB application controlled by the trusted network operator, the user can improve the security of the user's own information.
  • the IMS UE does not have a UICC card, and the operator does not deploy the GBA.
  • the non-UICC card terminal accesses the IMS network, the probability of this situation increases, and GBA and non-distribution are not deployed.
  • UICC cards users often need to access the IMS network and use IMS-related application services.
  • non-UICC-based IMS-SSO authentication becomes very necessary.
  • the related art has not proposed how to perform the SSO function in this scenario.
  • only the terminal with the UICC card can implement the SSO function, and then access various application services in the IMS network, and most of the cases require the network operator to deploy GBA in a large amount, which will increase the operator's investment.
  • a primary object of the present invention is to provide a single sign-on method and system to solve at least the above problems.
  • An aspect of the present invention provides a single sign-on method, including: the terminal sends an authentication request carrying the user identity to the RP, and the RP redirects the authentication request to the authentication center; the authentication center authenticates the terminal by using the SIP Digest method. The authentication result is redirected to the RP through the terminal; the RP provides services for the terminal according to the authentication result.
  • the single sign-on method further includes: the authentication center determines whether there is a first shared key K0 with the terminal, and if not, continues the subsequent processing. If yes, skip the step of the authentication center using the SIP Digest method to authenticate the terminal, and directly redirect the authentication result to the RP.
  • the single sign-on method further includes: the RP redirects the RP authentication request to the authentication center, where the RP authentication request carries the RP identity RP credential or carries the shared secret between the RP and the authentication center.
  • the authentication center authenticates the RP according to the RP identity and saves the authentication result.
  • the authentication center authenticates the terminal by using the SIP Digest method, and the authentication center authenticates the terminal according to the SIP Digest authentication vector corresponding to the terminal.
  • the authentication center acquires the terminal corresponding to the terminal from the home subscriber register HSS according to the identity of the user.
  • the SIP Digest authentication vector includes at least the following contents: a user identity identifier, an authentication algorithm algorithm, a quality guarantee, a scope realm, a hash value H(A1), where H(A1) is identified by the user identity, realm and The password is composed of passwords.
  • the authentication center uses the SIP Digest method to authenticate the terminal, including: the authentication center generates a random number nonce, and sends a message carrying the algorithm, the nonce, and the realm to the terminal; the terminal generates the random number cnonce, according to the nonce, the cnonce, and the realm, the user
  • the hash value H (Ai;> generated by the identity identifier and the input password is returned by the algorithm, and the response message is returned to the authentication center, where the response message carries the CNNC nonce realm response and the algorithm; the authentication center uses the algorithm according to the storage.
  • the H(A1), the stored nonce, and the received cnonce calculation check response value Xresponse compare the received response and Xresponse, if the same, the authentication is successful, otherwise the authentication fails.
  • the random number is generated in the authentication center.
  • the method further includes: the terminal calculates the first shared key K0 between the authentication center and the terminal according to the generated H(A1) and the cnonce; and uses the SIP Digest in the authentication center.
  • the above single sign-on method further includes: The authentication center calculates K0 and stores it according to the stored H(A1) and CNNOce.
  • the user identity is an open identity identifier OpenID
  • the certificate authority is an OpenID provider OP
  • the user identity is an identity entered into the terminal or The identity identifier obtained when the terminal registers with the Internet Protocol Multimedia Subsystem IMS
  • the authentication center is a single sign-on authentication center IdP.
  • the single sign-on method further includes: the authentication center generates a random number noncel, and generates a second key according to the noncel and the first shared key K0 between the authentication center and the terminal.
  • the authentication center uses K0 to encrypt noncel and the RP authentication result RP_Auth, and obtains KO (noncel, RP_Auth).
  • the shared key Kr, i is used to encrypt K1 and the authentication result UE_Auth to the terminal, and Kr, i is obtained.
  • Kl, UE_Auth The terminal obtains K0 (noncel, RP_Auth) and Kr, i (Kl, UE_Auth) in the redirect message redirecting the terminal to the RP in the authentication center.
  • Kr, i Kl, UE_Auth
  • the terminal decrypts KO (noncel, RP_Auth), obtains the authentication result of the RP, generates a second key K1; and, the RP decrypts Kr, i (Kl, UE_Auth), and transmits the content to the terminal by using K1 encryption service; the terminal decrypts by using K1 Get the service content.
  • the single sign-on method further includes: the authentication center generates a random number noncel, according to the noncel and the authentication center and the terminal A shared key K0 generates a second key K1; the authentication center uses K0 to encrypt noncel and the RP authentication assertion RP_Assert, to obtain KO (noncel, RP_Assert), and to use the shared key between the RP and the RP Kr, o force secret K1 And the authentication of the terminal asserts UE_Assert, and obtains Kr,o(Kl,UE_Assert); the authentication center sends the 200OK information carrying KOCnoncel, RP_Auth;> and redirects Kr, oCKl, UE_Auth;) to the RP, or the terminal is The authentication center redirects the terminal to the RP redirect message to obtain KO (noncel, RP_As
  • the single sign-on method further includes: the authentication center generates a random number noncel, according to the noncel and the authentication center and the terminal A shared key K0 generates a second key K1; the authentication center uses K0 to encrypt noncel, obtains KO (noncel), uses the shared key Kr, o between the RP, and encrypts K1 and authenticates the terminal with UE_Assert to obtain Kr, o(Kl,UE_Assert;); The authentication center sends the 200 OK message carrying KOOioncel) to the terminal and redirects Kr,o(Kl,UE_Auth) to the RP, or the terminal redirects the terminal to the RP in the authentication center.
  • Kr,o(Kl,UE_Assert) is redirected to RP; terminal decrypts KOCnoncel), obtains noncel and generates second key K1; and, RP decrypts Kr , o (Kl, UE_Assert), using K1 encryption service content is sent to the terminal; the terminal uses K1 to decrypt to obtain the service content.
  • Another aspect of the present invention provides a single sign-on method, including: a terminal sends a service request to an application server RP; the RP redirects its own authentication request to the authentication center through the terminal, or the RP returns an indication to the terminal for indicating The terminal responds to the authentication center by the terminal; the terminal sends an authentication request to the authentication center; the authentication center uses the session initial protocol digest authentication SIP Digest method to authenticate the terminal, and the authentication result is redirected to the RP through the terminal; The terminal provides services.
  • the single sign-on method further includes: the authentication center determines whether there is a first shared key ⁇ with the terminal, and if not, continues Subsequent processing, if yes, skips the step of the authentication center using the SIP Digest method to authenticate the terminal, and directly redirects the authentication result to the RP.
  • the authentication center authenticates the terminal by using the SIP Digest method, and the authentication center authenticates the terminal according to the SIP Digest authentication vector corresponding to the terminal.
  • the authentication center acquires the terminal corresponding to the terminal from the home subscriber register HSS according to the identity of the user.
  • the SIP Digest authentication vector includes at least the following contents: a user identity identifier, an authentication algorithm algorithm, a quality guarantee, a scope realm, a hash value H(A1), where H(A1) is identified by the user identity, realm and The password is composed of passwords.
  • the authentication center uses the SIP Digest method to authenticate the terminal, including: the authentication center generates a random number nonce, and sends a message carrying the algorithm, the nonce, and the realm to the terminal; the terminal generates the random number cnonce, according to the nonce, the cnonce, and the realm, the user
  • the hash value H (Ai;> generated by the identity identifier and the input password is returned by the algorithm, and the response message is returned to the authentication center, where the response message carries the CNNC nonce realm response and the algorithm; the authentication center uses the algorithm according to the storage.
  • the H(A1), the stored nonce, and the received cnonce calculation check response value Xresponse compare the received response and Xresponse, if the same, the authentication is successful, otherwise the authentication fails.
  • the random number is generated in the authentication center.
  • the method further includes: the terminal calculates the first shared key K0 between the authentication center and the terminal according to the generated H(A1) and the cnonce; and uses the SIP Digest in the authentication center.
  • the method further includes: H(A1) and cnonce calculate K0 and store it.
  • the foregoing single sign-on method further includes: the terminal according to the RP indication, before the terminal sends the terminal's authentication request to the authentication center.
  • the RP authentication request is redirected to the authentication center.
  • the authentication center is the single sign-on authentication center IdP
  • the RP when the RP returns a response to the terminal to instruct the terminal to authenticate to the authentication center, the RP
  • the response returned to the terminal carries the RP identity identifier, and the terminal sends the terminal identity identifier and the RP identity identifier to the authentication request sent by the terminal.
  • the RP redirects its own authentication request to the authentication center through the terminal, the RP is in use.
  • the redirection message directed to the authentication center carries the RP identity identifier, and the terminal identity identifier is carried in the authentication request of the terminal sent by the terminal to the authentication center.
  • the method for single sign-on further includes: the authentication center authenticates the RP according to the RP identity and saves the authentication result.
  • the single sign-on method further includes: the authentication center generates a random number noncel, according to the nonce 1 and the first shared key K0 between the authentication center and the terminal. The second key K1 is generated; the authentication center uses the K0 encryption noncel and the RP authentication result RP_Auth to obtain KO (noncel, RP_Auth;), and uses the shared key Kr, i between the RP and the RP to encrypt K1 and the authentication result to the terminal.
  • UE_Auth get Kr, i (Kl, UE_Auth;) ; the authentication center sends 200OK information carrying KO (noncel, RP_Auth;) and redirects Kr, i (Kl, UE_Auth) to the RP, or the terminal is in the authentication center.
  • Yet another aspect of the present invention provides a single sign-on system, comprising: a terminal, configured to send an authentication request carrying a user identity to an RP; an RP, configured to redirect an authentication request to a certificate authority, and set to The terminal is provided with the service according to the authentication result of the authentication center.
  • the authentication center is configured to authenticate the terminal by using the SIP Digest method and redirect the authentication result to the RP through the terminal.
  • the authentication center is further configured to authenticate the RP according to the RP identity and save the authentication result.
  • the authentication center is an OpenID provider OP; the identity obtained when the user identity is an identity input to the terminal or the terminal is registered to the Internet Protocol Multimedia Subsystem IMS
  • the certificate authority is the single sign-on authentication center IdP.
  • the authentication center is further configured to generate a secure communication key and redirect the secure communication key to the RP through the terminal; the RP is further configured to encrypt the service content with the secure communication key and send the content to the terminal; the terminal is further configured to generate security The communication key is decrypted using a secure communication key to obtain the service content.
  • Still another aspect of the present invention provides a single sign-on system, comprising: a terminal, configured to send a service request to an application server RP, and configured to receive a response returned by the RP for instructing the terminal to authenticate to the authentication center Or sending an authentication request of the terminal to the authentication center when the RP indicates that the authentication request of the RP is redirected to the authentication center by the terminal; the RP is configured to return a response to the terminal to indicate that the terminal performs authentication to the authentication center or indicate that the RP is to be The authentication request is redirected to the certificate authority through the terminal, and is set to be recognized The authentication result of the certificate center provides services for the terminal.
  • the authentication center is configured to use the session initial protocol digest authentication SIP Digest method to authenticate the terminal and redirect the authentication result to the RP through the terminal.
  • the authentication center is further configured to authenticate the RP according to the RP identity and save the authentication result.
  • the authentication center is further configured to generate a secure communication key and redirect the secure communication key to the RP through the terminal;
  • the RP is further configured to encrypt the service content with the secure communication key and send the content to the terminal;
  • the terminal is further configured to generate security
  • the communication key is decrypted using a secure communication key to obtain the service content.
  • the RP redirects the UE's request to the authentication center or sends the UE information indicating that it needs to authenticate to the authentication center.
  • the RADIUS server uses the SIP Digest method according to the received user identity.
  • the UE performs authentication and redirects the authentication result to the RP, which solves the problem that the authentication scheme in the related art is only applicable to the terminal having the UICC card.
  • the method can support the authentication of the terminal single sign-on RP without the UICC. Since the method does not need to deploy a large number of GBAs, the resources required for the operator to deploy the GBA are reduced, and the non-UICC terminal accesses the IMS network, and the IMS network-related application service can be accessed through the SSO.
  • FIG. 1 is a flowchart of a single sign-on method according to an embodiment of the present invention
  • FIG. 2 is a structural block diagram of a single sign-on system according to an embodiment of the present invention
  • FIG. 3 is a non-UICC card according to Embodiment 2.
  • the IMS terminal implements a single sign-on authentication process for the application server by using the SIP Digest authentication mechanism.
  • FIG. 4 is a IMS terminal of the non-UICC card according to Embodiment 3, which implements single sign-on authentication to the application server by using the SIP Digest authentication mechanism.
  • FIG. 5 is a flowchart of an implementation of interworking with an existing non-3GPP single sign-on system OpenID;
  • FIG. 5 is a single sign-on of an application server by an IMS terminal that implements a non-UICC card by using an SIP Digest authentication mechanism by an operator as an OpenID Provider according to Embodiment 4; Certification flow chart;
  • FIG. 6 is an overall architecture diagram of an IMS terminal providing an IMS terminal of a non-UICC card to an application server for single sign-on authentication by using an SIP Digest authentication mechanism provided by an operator according to an embodiment of the present invention;
  • FIG. 5 is a flowchart of an implementation of interworking with an existing non-3GPP single sign-on system OpenID
  • FIG. 5 is a single sign-on of an application server by an IMS terminal that implements
  • FIG. 7 is an operator according to an embodiment of the present invention
  • the OpenID Provider implements a single-point login authentication scheme of the IMS terminal of the non-UICC card to the application server by using the SIP Digest authentication mechanism.
  • FIG. 8 is a flowchart of another single sign-on method according to an embodiment of the present invention.
  • the IMS terminal of the non-UICC card of the example 6 implements a single sign-on authentication flowchart for the application server by using the SIP Digest authentication mechanism.
  • Step S102 A UE sends an authentication request carrying a user identity to an RP, and the RP redirects the authentication request to the authentication center.
  • Step S104 The authentication center authenticates the UE by using the Session Initiation Protocol Digest (SIP Digest) method, and redirects the authentication result to the RP through the UE.
  • step S106 the RP provides services for the UE according to the authentication result.
  • the SSO function of the UE by the UE terminal is generally implemented by a combination of Liberty Alliance/OpenID or AKA/OpenID.
  • the two methods only support the authentication of the UICC identity information, and therefore only apply to the UE.
  • the terminal has the UICC card in advance.
  • the UE that does not have the UICC card is increasing. Therefore, a new mechanism is needed to support the UE terminal of the non-UICC card to implement the SSO function.
  • the method in this embodiment uses the SIP Digest.
  • the type of supported user identity is not limited to UICC identity information, and therefore, authentication of a terminal that does not have a UICC can be supported.
  • the network operator can complete the unified authentication of the AS using the AS as a user authentication center provider, and facilitate access to the terminal by various application servers.
  • the network operator can provide a large number of user groups for the application service provider.
  • the operator can cooperate with the AS provider to better meet the needs of the user group for various application services, and the user accesses the related application server through the trusted network operator. Not only provides users with convenience but also increases the security of user information and also expands the profitability of operators.
  • the authentication center may determine whether there is a first shared key K Q with the UE, and if not, continue the subsequent processing, if yes, skip
  • the authentication center uses the SIP Digest method to authenticate the UE and directly redirects the authentication result to the RP. Through the above judging steps, the authentication center can directly return the authentication result to the RP to the authenticated UE, thereby improving the processing speed.
  • the RP may also redirect the RP authentication request to the authentication center, where the RP authentication request carries the RP identity RP_credential or carries the shared key Kr, i encrypted between the RP and the authentication center.
  • RP identity Ekr,i (; RP_credential) (specifically, considering the difference between the two network deployments of the OP and the IdP as the authentication center, Ekr,i can be carried in the RP authentication request when the OP is used as the authentication center.
  • the UE of the non-UICC card can implement the SSO function of the legitimate application server in the IMS network, and the two-way authentication can better ensure the security of the identity information of the IMS terminal, and can correctly identify the illegal application server, thereby improving the The security of the service.
  • the above user identity may be an open identity (OpenID), and the authentication center may be an OP; or the user identity may be obtained when the identity is input to the UE or the UE is registered to the Internet Protocol Multimedia Subsystem (IMS).
  • OpenID open identity
  • IMS Internet Protocol Multimedia Subsystem
  • the identity of the authentication center can be a single sign-on authentication center (IdP).
  • the process of authenticating the UE by using the SIP Digest method by the authentication center may adopt the following processing manner:
  • the authentication center authenticates the terminal according to the 81? 01 ⁇ 631 authentication vector (80- ⁇ ) corresponding to the terminal.
  • the (SD-AV) may be obtained and stored by the authentication center from the HSS according to the user identity, wherein the SD-AV includes at least the following contents: a user identity, an authentication algorithm (algorithm) quality assurance, a scope (realm), and a
  • the process of authenticating the terminal by using the SIP Digest method by the authentication center may include: the authentication center generates a random number nonce, and sends a message carrying the algorithm, the nonce, the realm, etc. to the UE; the UE generates the random number cnonce, According to the nonce, the cnonce, and the H (A1) generated by the realm, the user identity, and the password input by the user, the response value is generated by using the algorithm, and the response message is returned to the authentication center, where the response message carries the CNNC nonce realm response and the algorithm;
  • the authentication center uses the algorithm to calculate the verification response value Xresponse according to the stored ⁇ ( ⁇ 1), the stored nonce, and the received cnonce, and compares the received response with Xresponse.
  • the operator can perform the two-way authentication of the user and the accessed application server by providing the unified authentication center of the IdP, which can implement the SSO function in scenario 3.
  • the calculation basis of the response may further include: the number of times the UE uses the same nonce when calculating the response. Using the nonce-count to participate in the response calculation, the possibility of replaying the attack can be reduced.
  • the random number nonce is generated in the authentication center, and the message carrying the algorithm, the nonce, and the realm is sent to the terminal, and the UE can be based on H ( A1) and CNonce use the authentication algorithm to calculate K Q; after the authentication center authenticates the UE using the SIP Digest method, the authentication center can calculate K 0 according to the authentication algorithm and store it.
  • the authentication center and the UE may generate a shared key K Q between the two according to the parameters of the authentication process interaction, and the authentication center may determine whether the UE has been authenticated according to whether the shared key is stored.
  • the following processing methods can be adopted:
  • the authentication center When the user identity is the identity entered into the UE or the identity obtained when the UE is registered to the IMS, if the authentication center is an IdP, and the authentication center is successfully authenticated, the authentication center generates a random number noncel, according to noncel and K. . Generate a second key ⁇ 1; the certificate authority uses ⁇ .
  • the encryption noncel and the authentication result RP_Auth of the RP are obtained by K Q (noncel, RP_Auth), and the shared key Kr, i is used to encrypt the Id and the authentication result UE_Auth for the UE is obtained Kr, i (Kl, UE_Auth);
  • the center sends the 200 OK information carrying K 0 Oioncel, RP_Auth;) to the terminal and redirects the Ki ⁇ K UE_Auth;) to the RP, or the terminal obtains the K Q in the redirect message that the authentication center redirects the terminal to the RP.
  • a processing method is authentication center generates a random number noncel, generating a second key K 1 according noncel and K Q; certification The center uses ⁇ . Encrypt noncel and the RP authentication assertion RP_Assert gets K. (; noncel, RP_ Assert), using the shared key Kr between i and RP, i encrypts the Id and authenticates the UE.
  • the UE_Assert asserts Kr, o (Ki, UE_Assert); the authentication center sends the carry K to the terminal.
  • the (200) information of the (noncel, RP_Auth) and the Ki ⁇ CK UE-Auth) are redirected to the RP.
  • the terminal obtains K in the redirect message that the authentication center redirects the terminal to the RP.
  • (noncel, RP_Assert) and Kr ⁇ K UE-Assert) then redirect Kr ⁇ K UE-Assert) to the RP;
  • RP decryption The cryptographic service content is sent to the UE; the UE uses the decryption to obtain the service content.
  • the certificate authority to generate random numbers noncel, according to noncel and K.
  • Generating a second key Ki the authentication center uses K Q encryption noncel to obtain K Q (noncel), adopts the shared key Kr, i and the RP and the authentication assertion to the UE asserts UE_Assert to obtain Ki ⁇ oCK UE-Assert)
  • the certification center sends a carry K to the terminal. (noncei;> 200 OK information and redirect Ki ⁇ CK UE-Auth;) to the RP, or the terminal obtains K Q (noncel) and Ki ⁇ CK UE in the redirect message that the authentication center redirects the terminal to the RP.
  • the terminal trusts the authentication center.
  • the authentication center authentication RP passes the information to the UE. If the terminal UE can receive K Q (noncel) from the authentication center, it indicates The RP authentication is passed, and it is not necessary to explicitly notify the terminal UE.
  • the interaction information between the authentication center and the UE, and between the authentication center and the RP is encrypted by using the corresponding shared key to ensure the information exchange security between the authentication center and the UE and the authentication center and the RP.
  • one authentication request for the UE, to generate a service utilization K l encrypted content interaction between the UE and the RP, prevent illegal interception of user data the security is further improved.
  • the above method adopts the SIP Digest mechanism, which is applicable not only to the authentication of the terminal of the non-UICC but also to the authentication of the UICC terminal, and does not need to configure a large number of GBAs, thereby reducing the deployment of the GBA by the network operator and embedding the UICC. The cost of the card.
  • FIG. 2 is a structural block diagram of a single sign-on system according to an embodiment of the present invention.
  • the system includes: UE 22, configured to send an identifier carrying the user identity to the RP 24
  • the RP 24, connected to the UE 22, is configured to redirect the authentication request to the authentication center 26, and is configured to provide the UE 22 with the authentication result of the authentication center 26;
  • the SIP Digest method authenticates the UE 22 and redirects the authentication result to the RP 24 through the UE 22.
  • the authentication center 26 is also configured to authenticate the RP 24 based on the RP identity and save the authentication results.
  • the authentication center 26 is an OP; in the case that the user identity is an identity input to the UE or an identity obtained when the UE registers with the IMS, the authentication center 26 is an IdPo.
  • the authentication center 26 is further arranged to generate a secure communication key and redirect the secure communication key to the RP 24 via the UE 22; the RP 24 is further arranged to encrypt the service content with the secure communication key and send it to the UE 22 ;
  • Embodiment 1 This embodiment provides a method for implementing an SSO function on an application server in a unified IMS network based on a SIP Digest authentication mechanism. In the method, a mechanism for mutual authentication is performed on both the UE terminal and the AS server; a UE terminal capable of satisfying a non-UICC card in the IMS network implements an SSO function for its application server; and has better performance than OpenlD/AKA Universality and security ensure the security of both the UE user terminal and the AS server.
  • the method mainly includes the following steps: Step 1: The UE terminal user registers with the IMS network; Step 2: When the terminal wants to access the application server RP, the RP itself does not store any identity information of the UE, and the RP does not authenticate the UE, directly
  • the login authentication request is redirected to the IdP (SSO) single sign-on authentication center (or OP) provided by the network operator to authenticate the UE terminal; and for the security of the UE user terminal, the RP application server also goes to the IdP authentication center for authentication.
  • the shared key has been negotiated in advance between the RP and the IdP.
  • Step 3 The IdP authenticates the RP identity and stores the authentication result.
  • Step 4 The IdP finds whether it contains the unique shared key K Q corresponding to the UE user terminal information. If the corresponding shared key K Q exists, indicating that the UE terminal has passed the authentication, the SIP Digest authentication process is not needed. The shared key and the newly generated nonce random number of the IdP generate a session key! ⁇ , the subsequent RP authentication and UE verification process is implemented by using the keys K Q and Id. If the user K Q does not exist, the user-related authentication vector and user information are downloaded to the HSS according to the passed user identifier. Then, using these parameters, the SIP Digest authentication method is used to implement the authentication process for the UE terminal.
  • a shared key K Q generated by H (A1), cnonce, and nonce-count, and a noncel random number newly generated by IdP are used to generate a session key ⁇ 1 and then implemented by using the keys K Q and Id .
  • RP authentication and UE verification process For the processing of the single sign-on in the network architecture of the non-UICC card in the network architecture where the GBA is not deployed, the following will be described in detail in Embodiments 2-4 in conjunction with FIGS. 1, 2, 6, and 7. It should be noted that The figure is an overall architecture diagram and a flowchart.
  • the UE is an IMS non-UICC card terminal
  • the RP corresponds to an application server to be accessed by the IMS terminal
  • the IdP/OP corresponds to an SSO subsystem provided by the network operator.
  • the specific network element interfaces of some networks that have no impact on the process are not drawn and the supported protocols are not specified, such as UE.
  • the functions of the interface with the RP, the functions of the UE and the IdP interface, the functions of the HSS and IdP interfaces, and the related protocols supported are not shown; the interface reference point between the HSS and the IdP can implement the Diameter protocol, and the IMS can be reused.
  • FIG. 6 is an overall architecture diagram of an IMS terminal provided by an operator to implement single sign-on authentication of an IMS terminal of a non-UICC card to an application server by using an SIP Digest authentication mechanism according to an embodiment of the present invention, and FIG.
  • Step 1 The UE terminal first completes the registration within the IMS network. This process can be implemented using the SIP Digest terminal user registration mechanism in the TS33.203 document.
  • Step 2 The UE sends an authentication request to the RP, where the request carries the user identity of the user.
  • Step 3 The RP redirects the user authentication request to the IdP address, and sends an RP authentication request to the IdP address.
  • the user identity (U_credential) and the RP identity information (RP_credential) are respectively carried.
  • Step 4 The above authentication request is redirected to the IdP address, which carries the user identity OJ_credential and the RP identity information (RP-credential).
  • Step 5 The IdP authenticates the RP according to the RP identity information (RP_credential), and saves the authentication result RP_Auth to the RP.
  • the transmitted user identity U_credential
  • a shared key (Kr, i) has been established in advance between the RP and the network operator's IdP (SSO).
  • SSO network operator's IdP
  • Step 6 The IdP searches for and downloads the corresponding SIP Digest Authentication Vector (SD-AV) and user configuration information according to the user identity (U_credential) received in the previous step.
  • SD-AV SIP Digest Authentication Vector
  • U_credential user identity received in the previous step.
  • the SIP Digest authentication vector includes 11_ ⁇ 6 ( ⁇ 1&1, realm, quality assurance (qop), algorithm (algorithm), and H(A1), where H(A1) is U_credential, realm, and password (password).
  • a hash function value that is composed.
  • the IdP can obtain the HSS address corresponding to the stored user information by querying the SLF to find the corresponding HSS.
  • Step 7 The IdP generates a random number nonce containing timestamp information, and stores H(A1) downloaded from the HSS with the nonce.
  • Step 8 The IdP sends a 401 unauthenticated challenge message (401 Auth_Challenge) to the UE, where the information includes U_credential, realm, qop, algorithm and nonce.
  • Step 9 The UE generates a random number cnonce. U_credential, realm and password are used to generate H(A1); then H(A1), cnonce nonce-count, key validity period, etc.
  • the response value ( response ) is calculated by a one-way hash function F.
  • Response F(cnonce, nonce, realm, password, U credential, qop, nonce-count).
  • the terminal uses conce for network authentication and avoids plain text attacks ("chosen plaintext").
  • the nonce-count is a counter. The user calculates the response every time the same nonce is used. The nonce-count will increase the strength. The non-count is also involved in the response calculation, which reduces the possibility of heavy attack.
  • Step 10 The UE sends a response message (response information) to the IdP for the challenge information in step 8.
  • the interface response information includes a CNN, a system Digest- url, and a nonce-count.
  • Step 11 Use the stored nonce value to check the nonce value in the response message. If the check is correct, the IdP uses the received parameters cnonce, nonce-count qop, etc. and the original stored nonce and H (; A1) The response response value (Xresponse) is compared with the received response value. If the comparison result is the same, the authenticated user passes, otherwise the UE user terminal authentication fails, and the IdP generates the UE authentication result UE_Auth; using H (A1) The UE and the IdP shared key Ko are generated by the cnonce nonce-count and the key validity period.
  • Step 12 IdP regenerates a random number noncel; then uses K Q , noncel and key validity period and parameters stored in IdP to generate key K 1 ; shared key K Q encrypts noncel and RP_Auth to generate K Q ( Noncel, RP_Auth); Encrypt Id and UE_Auth with RP and IdP shared keys
  • Step 13 IdP redirects the UE terminal to the RP, the message carries K Q Cnoncel, RP_Auth) and Step 14: The UE terminal decrypts K Q (noncel, RP_Auth;), obtains the noncel value and the RP authentication result, and obtains the legality of the RP application server.
  • step 15 IdP to redirect the UE terminal RP, the message carries Step 16: After receiving the message, the RP decrypts the Ki ⁇ K UE_Auth by using the shared key, and the RP obtains the authentication result of the IdP to the UE terminal and the key K1 ; the RP determines whether to provide the authorized service content to the UE according to the UE_Auth.
  • Step 17 The RP notifies the UE of the content of the authorization information, and carries the information ⁇ (1 ⁇ _ ⁇ 1101.
  • Step 18 Whether the UE can decrypt the K ⁇ UE_Author by using the key) to satisfy whether the requested service can be obtained. If any of the above steps 1-18 fails, the entire authentication process stops. If the IMS terminal UE obtains the request service and then requests another application server, when the IMS terminal user UE authentication request carries the user identity (U_credential) information, the IdP searches for the user identity (U-credential). The K Q key corresponding to the information is used to know whether the user has passed the authentication.
  • FIG. 7 is an overall architecture diagram of a single sign-on authentication of an IMS terminal to an application server that implements a non-UICC card by an operator as an OpenID Provider using an SIP Digest authentication mechanism according to an embodiment of the present invention, and FIG.
  • Step 1 The UE terminal first completes the registration within the IMS network. This process uses the TS33.203 document
  • Step 2 The UE sends an authentication request to the RP, where the request carries the OpenID identifier information of the user.
  • Step 3 The RP redirects the user OpenID authentication request and sends an RP authentication request to the OP address. At the same time, the user OpenID identifier information OpenID identifier and RP identity information CRP_credential are carried.
  • Step 4 The OpenID authentication request is redirected to the OP address. It also carries the user OpenID identifier information OpenID identifier and RP identity information (RP_credential).
  • Step 5 The OP authenticates the RP according to the RP identity information (RP_credential), and saves the RP_Assert for the RP.
  • the OpenID identifier is used to determine whether the corresponding UE and the OP share the OP.
  • Key K Q If the shared key exists, jump directly to step 12 for execution, otherwise continue to the next step.
  • a shared key (Kr, o) has been established in advance between the RP (Application Server) and the network operator's OP (SSO). After this step, the OP establishes the relationship between the OpenID identifier and the user identity identifier.
  • Step 6 The OP searches and downloads the corresponding SIP Digest Authentication Vector (SD-AV) and user configuration information content in the HSS according to the relationship between the OpenID identifier and the user identity identifier.
  • SD-AV SIP Digest Authentication Vector
  • the SIP Digest Authentication Vector includes U_credential, realm qop, algorithm and H(A1), where H(A1) is a hash function value composed of U_credential, realm and password.
  • the OP can obtain the HSS address corresponding to the stored user information by querying the SLF to find the corresponding HSS.
  • Step 9 The UE generates a random number cnonce.
  • U_credential, realm and password are used to generate H(A1); then H(A1), cnonce, nonce-count and key validity period are used to generate UE and OP shared key K Q .
  • the response value is calculated by a one-way hash function F.
  • Response F(cnonce, nonce, realm, password, U credential, qop, nonce-count).
  • the terminal uses the cnonce to enter the network certification and avoid the "choice plaintext" attack.
  • the nonce-count is a counter. If the user calculates the response once for the same nonce, the nonce-count will increase. The nonce-count also participates in the response calculation, which reduces the possibility of replay attacks.
  • Step 10 The UE sends a response response to the challenge information in step 8.
  • the response information includes cnonce, nonce, response, realm, U credential qop, algorithm, Digest-url, and nonce-count.
  • Step 11 The nonce value in the response message is checked by using the stored nonce value. If the check is correct, the OP calculates the Xresponse by using the received parameters cnonce, nonce-count qop, etc. and the original stored nonce and H (; A1). The calculated Xresponse is compared with the received response value.
  • the OP If the comparison result is the same, the authenticated user passes, otherwise the UE user terminal authentication fails; the OP generates the authentication assertion information UE_Assert for the UE; uses H(A1), cnonce, The UE and the OP shared key K 0 are generated by the nonce-count and the key validity period and the like.
  • Step 12 ⁇ generate a random number noncel; then use K Q , noncel and the key validity period and the parameters stored in the OP to generate the key K 1 ; the shared key K Q encrypts the noncel and the RP authentication assertion RP_Assert Operation generates K Q (noncel, RP_ Assert); RP and P OP shared key encryption and UE_Assert generates Kr ⁇ CK UE_Assert) o
  • Step 13 OP redirects the UE terminal to the RP, the message carries K Q (noncel, RP_ Assert And Kr'oCId, UE_Assert) o
  • the UE terminal decrypts K Q (noncel, RP_ Assert), obtains the noncel value and the RP authentication assertion, and obtains the legality of the RP application server.
  • step 15 OP redirect the UE terminal to RP, and the message carries, 0 ( ⁇ , UE_Assert).
  • Step 16 After the RP receives the message, it decrypts it with the shared key.
  • the RP obtains the assertion result of the OP to the UE terminal and the key K1 ; the RP determines whether to provide the authorized service content UE_Author to the UE according to the UE_A SS ert assertion ; and encrypts the authorization information with the key to generate K ⁇ UE— Authoi ⁇
  • Step 17 The RP notifies the UE of the content of the authorization information, carrying the information ⁇ (1 ⁇ _ ⁇ 1101.
  • Step 18 Whether the UE can decrypt the K ⁇ UE_Author using the key) to satisfy whether the requested service can be obtained. If any of the above steps 1-18 fails, the entire authentication process stops.
  • the IMS terminal UE obtains the request service and then requests another application server
  • the IMS terminal user UE authentication request carries the user OpenID identifier information OpenID identifier
  • the OP searches for the corresponding identifier by using the user OpenID identifier information OpenID identifier.
  • the K Q key it is known whether the user has passed the authentication. If the K Q key exists, the user does not need to perform SIP Digest authentication, and only needs to start from step 12. If the K Q key life cycle expires, it will be automatically destroyed. The authenticated user needs to perform SIP Digest authentication again to generate the UE and OP shared key.
  • the UE needs to restart the authentication process if the UE needs to access the application server after the network is restored. If the network is used, it does not reach K. The life cycle, after the network is restored, the UE can continue to use the K Q for subsequent operations, otherwise it needs to be re-authenticated.
  • the user accesses the RP application server, if the user encounters a special situation such as the user actively shutting down the UE or powering off, the user needs to complete the entire execution process such as registration in the IMS.
  • FIG. 7 is an overall architecture diagram of a single sign-on authentication of an IMS terminal to an application server by an IMS terminal that implements a non-UICC card by an operator as an OpenID Provider according to an embodiment of the present invention
  • FIG. 5 is an operation according to Embodiment 4.
  • the SIP digest authentication mechanism is used to implement a single sign-on authentication flowchart of the IMS terminal of the non-UICC card to the application server.
  • This embodiment is based on the architecture shown in FIG. 7, and the flow of the single sign-on method is described in conjunction with FIG. 5.
  • the details are as follows: Step 1: The UE terminal sends an authentication request to the RP, where the request carries the OpenID identifier information of the user.
  • Step 2 The RP normalizes the OpenID identifier, obtains the OpenID Provider address according to the identifier RP, and finds the OP endpoint URL.
  • the UE terminal expects to use the URL to complete the authentication, and the RP and P OP use the Diffie-Hellman through the association process.
  • the key exchange protocol establishes a shared key Kr,o; the RP redirects the user OpenID authentication request and sends an RP authentication request to the OP address.
  • the message includes the RP identity information encrypted by the shared key Kr, o, that is, Ekr, oCRP_credentiai;).
  • Step 3 The OpenID authentication request is redirected to the address of the OpenID Identity Provider OP.
  • Step 4 The RP authenticates the RP according to the RP identity information (RP_credential), and saves the RP_Auth authentication result to the RP. At the same time, it is determined according to the transmitted OpenID identifier information OpenID identifier.
  • Step 5 The OP searches and downloads the corresponding SIP Digest Authentication Vector CSD-AV and the user configuration information content in the HSS according to the user identity identifier (U_credential) associated with the OpenID identifier in the previous step.
  • U_credential user identity identifier
  • H(A1) H(A1) is a hash function value consisting of U_credential, realm, and password.
  • the OP can obtain the HSS address corresponding to the stored user information by querying the SLF to find the corresponding HSS.
  • Step 6 The OP generates a random number nonce and stores the H(A1) downloaded from the HSS with the nonce.
  • Step 7 The 0P sends a 401 unauthenticated challenge message to the UE, where the information includes U_credential, realm qop, algorithm and nonce.
  • Step 8 Generate a random number cnonce. U_credential, realm and password are used to generate H(A1); then H(A1), cnonce, etc. are used to generate the UE and OP shared key K Q .
  • the response value is calculated by a one-way hash function F.
  • the terminal uses conce for network authentication and avoids the "choice plaintext" attack.
  • the nonce-count is a counter. The user calculates the response every time the same nonce is used. The nonce-count will increase the port, and the non-count will also participate in the response calculation to reduce the possibility of replay attacks.
  • Step 9 The UE sends a response response to the challenge information in step 7 to the 0P, where the response information includes cnonce, nonce, response, realm, U credential qop, algorithm, Digest-url, and nonce-count.
  • Step 10 Use storage The nonce value checks the nonce value in the response message.
  • the 0P calculates the Xresponse using the received parameters cnonce, nonce-count qop, etc. and the original stored nonce and H (; A1), and the calculated Xresponse Compared with the received response value, if the comparison result is the same, the authenticated user passes, otherwise the UE user terminal authentication fails; 0P generates the authentication assertion information UE_Assert for the UE according to the authentication result of the terminal; uses H(A1), cnonce The UE and the OP shared key K 0 are generated. Step 11: 0 ⁇ generates a random number noncel; then uses K Q , noncel, etc.
  • Step 12 The OP sends the 200 OK message to the UE terminal, including Ko (noncel); and the 0P redirects the UE terminal to the RP, and the message carries UE—Assert
  • Step 13 The UE terminal decrypts KoCnoncel), obtains a noncel value; and uses K Q , nonce 1 , etc.
  • Step 14 The redirect message sent by the OP is redirected to the RP, which carries 0, 1 ⁇ , UE_Assert).
  • Step 15 After receiving the message, the RP decrypts with the shared key. UE_Assert), the RP obtains the UE's assertion result UE_Assert and key for the UE terminal.
  • Step 16 After the RP verifies the UE_Assert assertion, the RP generates the UE's authorization information UE_Author; and encrypts the authorization information with the key.
  • Step 17 The RP notifies the UE of the content of the authorization information, and carries the information ⁇ (1 ⁇ _ ⁇ 1101.
  • Step 18 Whether the UE can decrypt the K ⁇ UE_Author by using the key) to satisfy whether the requested service can be obtained.
  • Steps 16, 17, and 18 are specific application layer steps, which are optional steps. If any of the above steps 1-15 fails, the entire authentication process stops. If the IMS terminal UE obtains the request service and then requests another application server, when the IMS terminal user UE authentication request carries the user OpenID identifier information OpenID identifier, the OP searches for the corresponding identifier by using the user OpenID identifier information OpenID identifier.
  • step 10 requires only; otherwise needed to perform the entire authentication process; density when K Q When the key life cycle expires, it is automatically destroyed.
  • the authenticated user needs to perform SIP Digest authentication again to generate the UE and OP shared key. If the UE has visited the RP application server, if the UE has not completed the UE authentication process, the UE needs to restart the authentication process if the UE needs to access the application server after the network is restored. If the network is used, it does not reach K.
  • FIG. 8 is a flowchart of another single sign-on method according to an embodiment of the present invention. As shown in FIG. 8, the method includes: Step S802: A terminal sends a service request to an RP. In step S804, the RP redirects its own authentication request to the authentication center through the terminal, or the RP returns a response to the terminal to indicate that the terminal performs authentication to the authentication center.
  • Step S806 The terminal sends an authentication request of the terminal to the authentication center.
  • Step S808 The authentication center uses the session initial protocol digest authentication SIP Digest method to authenticate the terminal, and the authentication result is redirected to the RP through the terminal.
  • the RP provides services for the terminal according to the authentication result.
  • the terminal does not send the identity information of the RP to the RP.
  • the RP does not obtain the identity information of the UE, and does not authenticate the terminal. Instead, the terminal uses a certain trigger mechanism to enable the terminal to initiate the terminal to the authentication center. Authentication request.
  • the RP may be triggered by two mechanisms: one is that the RP returns a response for instructing the terminal to perform authentication to the authentication center; and the other is used in the process of redirecting the instruction to the destination network element through the intermediate network element, and the intermediate network element After redirecting the instruction to the destination network element according to the indication, the information or instruction generated by itself is also sent to the destination network element as a redirection processing mechanism, that is, the RP redirects its own authentication request through the terminal. Go to the certificate authority, so that the terminal will send its own authentication request to the certificate center through the redirect process. In this way, the RP cannot obtain the identity information of the terminal, and the terminal directly authenticates to the trusted authentication center to prevent the user identity information from being leaked to the RP, thereby improving security.
  • the above service request may be an HTTP service request
  • the above response may be a 401 unauthorised HTTPS response.
  • the RP returns a response to the terminal to indicate that the terminal performs authentication to the authentication center
  • the response returned by the RP to the terminal indicates that the terminal performs authentication to the authentication center by carrying the authentication header.
  • the RP redirects its own authentication request to the authentication center through the terminal, before the terminal sends the authentication request of the terminal to the authentication center, the terminal redirects the RP authentication request to the authentication center according to the RP.
  • the authentication center since the authentication center performs only one-way authentication on the UE terminal, and the server may have an unauthenticated attack situation, there may be a problem that the security is poor due to the server being illegal. Therefore, the following processing methods can be used:
  • the RP When the RP returns a response to the terminal to indicate the authentication of the terminal to the authentication center, the RP sends the RP identity to the response sent by the terminal, and the terminal sends the terminal identity and RP to the authentication request sent by the terminal to the authentication center.
  • Identity (2) In the case that the RP redirects its own authentication request to the authentication center through the terminal, the RP carries the RP identity identifier in the redirect message used to redirect its own authentication request to the authentication center, and the terminal sends the RP identity identifier to the authentication center.
  • the terminal's authentication request carries the terminal identity. After the RADIUS identity is obtained by the authentication center in the above manner, the authentication center can authenticate the RP according to the RP identity and save the authentication result.
  • the authentication center may determine whether there is a first shared key K Q with the UE, and if not, continue the subsequent processing, if yes, skip
  • the authentication center uses the SIP Digest method to authenticate the UE and directly redirects the authentication result to the RP. Through the above judging steps, the authentication center can directly return the authentication result to the RP to the authenticated UE, thereby improving the processing speed.
  • the process of authenticating the UE by using the SIP Digest method by the authentication center may adopt the following processing manner: The authentication center authenticates the terminal according to the 81? 01 ⁇ 631 authentication vector (80- ⁇ ) corresponding to the terminal.
  • the (SD-AV) may be obtained and stored by the authentication center from the HSS according to the user identity, wherein the SD-AV includes at least the following contents: a user identity, an authentication algorithm (algorithm) quality assurance, a scope (realm), and a The hash value H(A1), where H(A1) is composed of a user identity, a realm, and a password (password).
  • the process of authenticating the terminal by using the SIP Digest method by the authentication center may include: the authentication center generates a random number nonce, and sends a message carrying the algorithm, the nonce, the realm, etc.
  • the UE generates the random number cnonce, According to the nonce, the cnonce, and the H (A1) generated by the realm, the user identity, and the password input by the user, the response value is generated by using the algorithm, and the response message is returned to the authentication center, where the response message carries the CNNC nonce realm response and the algorithm;
  • the authentication center uses the algorithm to calculate the verification response value Xresponse according to the stored ⁇ ( ⁇ 1), the stored nonce, and the received cnonce, and compares the received response with Xresponse. If the same, the authentication succeeds, otherwise the authentication fails.
  • the operator can perform the two-way authentication of the user and the accessed application server by providing the unified authentication center of the IdP, which can implement the SSO function in scenario 3.
  • the calculation basis of the response may further include: the number of times the UE uses the same nonce when calculating the response. Using the nonce-count to participate in the response calculation, the possibility of replaying the attack can be reduced.
  • the random number nonce is generated in the authentication center, and the message carrying the algorithm, the nonce, and the realm is sent to the terminal, and the UE can be based on H ( A1) and CNonce use the authentication algorithm to calculate K Q; after the authentication center authenticates the UE using the SIP Digest method, the authentication center can calculate K 0 according to the authentication algorithm and store it.
  • the authentication center and the UE can generate two according to the parameters of the authentication process interaction.
  • the shared key K Q the authentication center can determine whether the UE has been authenticated according to whether the shared key is stored.
  • the following processing methods can be adopted to ensure the communication between the UE and the RP:
  • the authentication center When the authentication center is an IdP and the authentication center is successfully authenticated, the authentication center generates a random number noncel.
  • the first shared key K Q between the noncel and the authentication center and the terminal generates a second key Ki; the authentication center adopts K.
  • Encrypt noncel and RP_Auth authentication result to RP get K 0 (noncel, RP_Auth), use the shared key Kr, i between the RP and the authentication result UE_Auth to the terminal, get Kr ⁇ K UE-Auth;);
  • the authentication center sends the 200 OK information carrying K Q ⁇ ; noncel, RP_Auth;) to the terminal and redirects the Kr ⁇ K UE-Auth) to the RP, or the terminal obtains the redirect message of the terminal redirecting the terminal to the RP in the authentication center.
  • K 0 oncel, RP_Auth
  • P Kr, i Ki, UE_Auth
  • KrJ KrJ ⁇ UE_Auth
  • the terminal decrypts K Q ⁇ ; noncel, RP_Auth;), and obtains the authentication result for the RP, Generate a second key K 1 ; and, RP decrypts Ki ⁇ K UE-Auth), adopt! ⁇
  • the encrypted service content is sent to the terminal; the terminal uses 13 ⁇ 4 to decrypt to obtain the service content.
  • the interaction information between the authentication center and the UE, and between the authentication center and the RP is encrypted by using the corresponding shared key to ensure the information exchange security between the authentication center and the UE and the authentication center and the RP.
  • FIG. 2 is a structural block diagram of a single sign-on system according to an embodiment of the present invention.
  • the system includes: a UE 22, configured to send a service request to the RP 24, and set to Receiving a response returned by the RP 24 for instructing the UE 22 to authenticate to the authentication center 26 or transmitting the UE 22 to the authentication center 26 if the RP 24 indicates that the authentication request of the RP 24 is redirected to the authentication center 26 by the UE 22.
  • An authentication request ; the RP 24, coupled to the UE 22, configured to return a response to the UE 22 indicating that the UE 22 is authenticated to the authentication center 26 or to redirect the authentication request of the RP 24 to the authentication center 26 via the UE 22, and to set
  • the UE 22 is provided with a service according to the authentication result of the authentication center 26;
  • the authentication center 26 is connected to the UE 22, and is configured to authenticate the UE 22 by using the SIP Digest method, and redirect the authentication result to the RP 24 through the terminal.
  • the authentication center 26 is further arranged to authenticate the RP 24 based on the RP identity and to save the authentication result.
  • the authentication center 26 may also be configured to generate a secure communication key and redirect the secure communication key to the RP 24 through the UE 22; the RP 24 is further configured to encrypt the service content with the secure communication key and send it to the UE 22; The UE 22 is also arranged to generate a secure communication key, decrypted using a secure communication key to obtain service content.
  • Embodiments 5-6 described below combine the technical solutions of the above-described plurality of preferred embodiments.
  • Embodiment 5 This embodiment provides a method for implementing an SSO function on an application server in a unified IMS network based on a SIP Digest authentication mechanism.
  • a mechanism for mutual authentication is performed on both the UE terminal and the AS server; a UE terminal capable of satisfying a non-UICC card in the IMS network implements an SSO function for its application server; and has better performance than OpenlD/AKA Universality and security ensure the security of both the UE user terminal and the AS server.
  • the method mainly includes the following steps: Step 1: When the UE terminal user requests to access the application server RP, the RP itself does not store any identity information of the UE, the RP cannot authenticate the UE, and the RP returns an unauthorized response message to the UE.
  • the authentication header is required to authenticate the identity of the terminal user, or the RP redirects the RP authentication request to the authentication center.
  • the RP application server also needs to go to the IdP authentication center for authentication.
  • the shared key has been negotiated in advance between the RP and the IdP.
  • Step 2 The IdP authenticates the RP identity and stores the authentication result.
  • Step 3 The IdP searches whether it contains the unique shared key K 0 corresponding to the UE user terminal information. If the corresponding shared key K Q exists, indicating that the UE terminal has passed the authentication, the SIP Digest authentication process is not required.
  • a session key is generated using the newly generated nonce random number of the shared key K Q and IdP! ⁇ , the subsequent RP authentication and UE verification process is implemented by using the keys K Q and Id.
  • the user-related authentication vector and user information are downloaded to the HSS according to the passed user identifier. Then, using these parameters, the SIP Digest authentication method is used to implement the authentication process for the UE terminal. After authenticating the UE terminal, a shared key K Q generated by H (A1), cnonce, etc., and a newly generated noncel random number generated by IdP are used to generate a session key K l and then use the keys K Q and Id to implement subsequent RP authentication and The UE confirms the process.
  • the processing of the single sign-on in the network architecture of the non-UICC card in the network architecture where the GBA is not deployed the following will be described in detail in Embodiment 6 with reference to FIGS.
  • the UE is an IMS non-UICC card terminal
  • the RP corresponds to an application server to be accessed by the IMS terminal
  • the IdP corresponds to an SSO subsystem provided by the network operator.
  • the specific network element interfaces of some networks that have no impact on the process are not drawn and the supported protocols are not described, such as the functions of the UE and the RP interface, the functions of the UE and the IdP interface, and the HSS and IdP interfaces.
  • FIG. 6 is an overall architecture diagram of an IMS terminal provided by an operator to implement single sign-on authentication of an IMS terminal of a non-UICC card to an application server by using an SIP Digest authentication mechanism according to an embodiment of the present invention
  • FIG. 9 is a non- The IMS terminal of the UICC card implements a single sign-on authentication flowchart for the application server by using the SIP Digest authentication mechanism.
  • the embodiment is based on the architecture shown in FIG. 6, and the flow of the single sign-on method is described in conjunction with FIG. 9, which is described in detail as follows: Step 1: The UE terminal sends an HTTP service request to the application server RP.
  • Step 2 The application server RP responds to the UE terminal with a 401 unauthorised HTTPS response, and requests the UE terminal to go to the authentication center for identity authentication; and the RP identity information is included in the response; or the application server RP redirects the RP authentication request to the authentication center.
  • the message carries the RP identity information.
  • the application server RP does not contain any identity authentication information related to the UE terminal, and the RP does not authenticate the UE; the key is not included in the RP.
  • SSO network operator's authentication center IdP
  • Step 3 The UE terminal sends an HTTP request message to the authentication center IdP, requesting the IdP to perform identity authentication on the UE terminal.
  • Step 4 The IdP authenticates the RP according to the RP identity information (RP_credential), and saves the authentication result RP_Auth to the RP.
  • U_credential the transmitted user identity
  • Step 5 The IdP searches for and downloads the corresponding SIP Digest Authentication Vector (SD-AV) and user configuration information content according to the user identity (U_credential) received in the previous step.
  • SD-AV SIP Digest Authentication Vector
  • the IdP can obtain the HSS address corresponding to the stored user information by querying the SLF to find the corresponding HSS.
  • Step 6 The IdP generates a random number nonce and stores the H(A1) downloaded from the HSS with the nonce.
  • Step 7 The IdP sends a 401 unauthenticated challenge message to the UE, where the information includes U_credential, realm, qop, algorithm and nonce.
  • Step 8 Generate a random number cnonce.
  • U_credential, realm and password are used to generate H(A1); then H(A1), cnonce, etc. are used to generate the UE and IdP shared key K Q .
  • the response value is calculated by a one-way hash function F.
  • Response F(H(A), cnonce, nonce, qop, nonce-count) 0
  • the terminal uses cnonce for network authentication and avoids "chosen plaintext" attacks.
  • the nonce-count is a counter. The user calculates the response every time the same nonce is used. The nonce-count will increase the port. The non-count is also involved in the response calculation, which reduces the possibility of replay attacks.
  • Step 9 The UE sends a response response to the challenge information in step 7 to the IdP, where the response information includes cnonce, nonce, response, realm, U credential qop, algorithm, Digest-url, and nonce-count.
  • Step 10 Use storage The nonce value checks the nonce value in the response message. If the check is correct, the IdP uses the received parameters cnonce, nonce-count qop, etc. and the original stored nonce and H (; A1) to calculate Xresponse, which will calculate the Xresponse.
  • Step 11 IdP regenerates a random number noncel; then uses K Q , noncel, etc.
  • Step 12 IdP sends 200 OK information to the UE terminal, including KoCnoncel, RP_Auth;) information, indicating to the UE terminal that the authentication is successful, and the IdP redirects the UE.
  • Terminal to RP the message carries Step 13: The UE terminal decrypts K Q (noncel, RP_Auth;), obtains the noncel value and the RP authentication result, and obtains the legality of the RP application server.
  • Step 14 The redirect message sent by the IdP is redirected to RP, carried in the message
  • Step 15 After receiving the message, the RP decrypts the Ki ⁇ K UE-Auth) by using the shared key, and the RP obtains the authentication result information and the key K lt of the IdP to the UE terminal.
  • Step 16 The RP determines, according to the UE_Auth, whether to provide the UE with the authorized service content UE_Author ; and encrypts the authorization information by using the key.
  • Step 17 The RP notifies the UE of the content of the authorization information.
  • Step 18 The UE uses the key to decrypt K ⁇ UE_Author to satisfy whether it can obtain the requested service.
  • Steps 16, 17, and 18 are specific application layer steps, which are optional steps. If any of the above steps 1-15 fails, the entire authentication process stops. If the IMS terminal UE obtains the request service and then requests another application server, when the IMS terminal user UE authentication request carries the user identity (U_credential) information, the IdP searches for the user identity (U-credential).
  • the solution provided by the embodiment of the present invention can support the authentication of the single-sign-on RP of the terminal without the UICC.
  • the method does not need to deploy a large number of GBAs, and can satisfy the non-UICC terminal accessing the IMS network, thereby reducing
  • the cost of deploying GBA and embedding UICC cards by network operators reduces the consumption of various devices and can access IMS network-related application services through SSO.
  • the above modules or steps of the present invention can be implemented by a general-purpose computing device, which can be concentrated on a single computing device or distributed over a network composed of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device so that they may be stored in the storage device by the computing device, or they may be separately fabricated into individual integrated circuit modules, or Multiple modules or steps are made into a single integrated circuit module.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention se rapporte à un procédé et à un système pour une ouverture de session unique. Le procédé selon l'invention comprend les étapes suivantes : un terminal d'utilisateur (UE) envoie une demande d'authentification contenant l'identification d'un utilisateur à un RP, et redirige la demande d'authentification par le RP à un centre d'authentification; le centre d'authentification authentifie l'UE au moyen du procédé SIP Digest et redirige le résultat de l'authentification au RP via l'UE; et le RP fournit des services à l'UE sur la base du résultat de l'authentification. La présente invention résout le problème lié, dans l'état de la technique, au fait que la solution d'authentification s'applique exclusivement à un UE comprenant une carte UICC. Elle permet ainsi de réduire les ressources requises par un opérateur pour déployer un GBA tout en permettant à un UE ne comprenant pas une carte UICC d'accéder au réseau IMS et de visiter les services d'applications connexes du réseau IMS via un procédé SSO.
PCT/CN2012/070948 2011-03-29 2012-02-08 Procédé et système pour une ouverture de session unique WO2012129985A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201110076415.3A CN102469102B (zh) 2010-11-04 2011-03-29 单点登录方法及系统
CN201110076415.3 2011-03-29

Publications (1)

Publication Number Publication Date
WO2012129985A1 true WO2012129985A1 (fr) 2012-10-04

Family

ID=46932060

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/070948 WO2012129985A1 (fr) 2011-03-29 2012-02-08 Procédé et système pour une ouverture de session unique

Country Status (1)

Country Link
WO (1) WO2012129985A1 (fr)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1474586A (zh) * 2002-08-07 2004-02-11 华为技术有限公司 Ip多媒体域用户呼叫的快速摘要认证方法
CN101127603A (zh) * 2007-08-16 2008-02-20 中兴通讯股份有限公司 一种实现门户网站单点登录的方法及ims客户端
CN101207482A (zh) * 2007-12-13 2008-06-25 深圳市戴文科技有限公司 一种实现单点登录的方法及系统
CN101510877A (zh) * 2009-02-25 2009-08-19 中国网络通信集团公司 单点登录方法和系统、通信装置

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1474586A (zh) * 2002-08-07 2004-02-11 华为技术有限公司 Ip多媒体域用户呼叫的快速摘要认证方法
CN101127603A (zh) * 2007-08-16 2008-02-20 中兴通讯股份有限公司 一种实现门户网站单点登录的方法及ims客户端
CN101207482A (zh) * 2007-12-13 2008-06-25 深圳市戴文科技有限公司 一种实现单点登录的方法及系统
CN101510877A (zh) * 2009-02-25 2009-08-19 中国网络通信集团公司 单点登录方法和系统、通信装置

Similar Documents

Publication Publication Date Title
US9015819B2 (en) Method and system for single sign-on
US10411884B2 (en) Secure bootstrapping architecture method based on password-based digest authentication
KR101009330B1 (ko) 모바일 네트워크를 기반으로 하는 엔드 투 엔드 통신에서의 인증을 위한 방법, 시스템 및 인증 센터
EP3376735B1 (fr) Procédé et système permettant de fournir une authentification d'autorisation par un tiers
US9490984B2 (en) Method and apparatus for trusted authentication and logon
KR101309426B1 (ko) 모바일 네트워크에서 재귀 인증을 위한 방법 및 시스템
JP2017535998A5 (fr)
EP2478682A1 (fr) Procédé et appareil pour une authentification et une connexion sécurisées
CN109525565B (zh) 一种针对短信拦截攻击的防御方法及系统
WO2007104248A1 (fr) Procédé, système, appareil et entité à fonction de service d'amorçage aux fins de prévention d'attaques
WO2013044766A1 (fr) Procédé et dispositif d'accès aux services pour un terminal sans carte
EP1639782B1 (fr) Procede de distribution de mots de passe
WO2013004104A1 (fr) Procédé et système de signature unique
CN102694779B (zh) 组合认证系统及认证方法
CN103067345A (zh) 一种变异gba的引导方法及系统
CN114765551A (zh) 基于区块链的sdp访问控制方法及装置
JP5185926B2 (ja) アンチ・エミュレーション機構を備えた、サービスを提供する装置、システム及び方法
JP2017139026A (ja) 信頼できる認証およびログオンのための方法および装置
Sudhakar Techniques for securing rest
WO2010094185A1 (fr) Procédé et système de transfert intercellulaire sécurisé
JP2015111440A (ja) 信頼できる認証およびログオンのための方法および装置
WO2012129985A1 (fr) Procédé et système pour une ouverture de session unique
Singh et al. Survey and analysis of Modern Authentication system
WO2011017851A1 (fr) Procédé permettant à un client d’accéder de manière sécurisée à un serveur de stockage de messages, et dispositifs correspondants
CN102469102B (zh) 单点登录方法及系统

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12764215

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12764215

Country of ref document: EP

Kind code of ref document: A1