WO2013109417A3 - Notarized ike-client identity and info via ike configuration payload support - Google Patents

Notarized ike-client identity and info via ike configuration payload support Download PDF

Info

Publication number
WO2013109417A3
WO2013109417A3 PCT/US2013/020292 US2013020292W WO2013109417A3 WO 2013109417 A3 WO2013109417 A3 WO 2013109417A3 US 2013020292 W US2013020292 W US 2013020292W WO 2013109417 A3 WO2013109417 A3 WO 2013109417A3
Authority
WO
WIPO (PCT)
Prior art keywords
ike
notarized
access point
information
client identity
Prior art date
Application number
PCT/US2013/020292
Other languages
French (fr)
Other versions
WO2013109417A2 (en
Inventor
Zaifeng Zong
Xiaoyun Zhou
Tricci So
Li Zhu
Original Assignee
Zte Corporation
Zte (Usa) Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zte Corporation, Zte (Usa) Inc. filed Critical Zte Corporation
Publication of WO2013109417A2 publication Critical patent/WO2013109417A2/en
Publication of WO2013109417A3 publication Critical patent/WO2013109417A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0841Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
    • H04L9/0844Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0892Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/04Large scale networks; Deep hierarchical networks
    • H04W84/042Public Land Mobile systems, e.g. cellular systems
    • H04W84/045Public Land Mobile systems, e.g. cellular systems using private Base Stations, e.g. femto Base Stations, home Node B

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Systems and methods for notarizing access point information are disclosed. An access point provides identity information to a gateway, wherein the gateway notarizes the identify information with a notarized signature. The notarized signature for the FAP information is sent to the access point. The access point sends both the identity information and the corresponding notarized signature to a core network associated with the access point. The core network verifies the FAP information by validating the gateway notarized signature prior to acceptance of the identity information.
PCT/US2013/020292 2012-01-18 2013-01-04 Notarized ike-client identity and info via ike configuration payload support WO2013109417A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201261587772P 2012-01-18 2012-01-18
US61/587,772 2012-01-18

Publications (2)

Publication Number Publication Date
WO2013109417A2 WO2013109417A2 (en) 2013-07-25
WO2013109417A3 true WO2013109417A3 (en) 2013-09-12

Family

ID=48799800

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2013/020292 WO2013109417A2 (en) 2012-01-18 2013-01-04 Notarized ike-client identity and info via ike configuration payload support

Country Status (1)

Country Link
WO (1) WO2013109417A2 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104518874A (en) * 2013-09-26 2015-04-15 中兴通讯股份有限公司 Network access control method and system
CN106685644B (en) * 2015-11-10 2021-02-02 阿里巴巴集团控股有限公司 Communication encryption method and device, gateway, server, intelligent terminal and system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050063352A1 (en) * 2002-03-20 2005-03-24 Utstarcom Incorporated Method to provide dynamic Internet Protocol security policy service
US20080076392A1 (en) * 2006-09-22 2008-03-27 Amit Khetawat Method and apparatus for securing a wireless air interface
US20100125899A1 (en) * 2008-11-17 2010-05-20 Qualcomm Incorporated Remote access to local network via security gateway
US20110041003A1 (en) * 2009-03-05 2011-02-17 Interdigital Patent Holdings, Inc. METHOD AND APPARATUS FOR H(e)NB INTEGRITY VERIFICATION AND VALIDATION

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050063352A1 (en) * 2002-03-20 2005-03-24 Utstarcom Incorporated Method to provide dynamic Internet Protocol security policy service
US20080076392A1 (en) * 2006-09-22 2008-03-27 Amit Khetawat Method and apparatus for securing a wireless air interface
US20100125899A1 (en) * 2008-11-17 2010-05-20 Qualcomm Incorporated Remote access to local network via security gateway
US20110041003A1 (en) * 2009-03-05 2011-02-17 Interdigital Patent Holdings, Inc. METHOD AND APPARATUS FOR H(e)NB INTEGRITY VERIFICATION AND VALIDATION

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"TSGSA; Security of Home Node B (HNB) / Home evolved Node B (HeNB) (Release 9)", 3GPP TS 33.320 V9.4.0, December 2010 (2010-12-01) *

Also Published As

Publication number Publication date
WO2013109417A2 (en) 2013-07-25

Similar Documents

Publication Publication Date Title
EP3089031A4 (en) Management system, virtual communication-function management node, and management method
WO2014036504A3 (en) Internetwork authentication
EP2835941A4 (en) Network system, controller, and packet authentication method
WO2013016167A3 (en) Secure network communications for meters
WO2012100198A3 (en) Methods and systems for performing digital measurements
EP3082086A4 (en) Secure network accessing method for pos terminal, and system thereof
EP2654372A4 (en) Method and system for reporting interference information, and ue
EP3086563A4 (en) Gateway, management center, and remote access system
EP2590356A4 (en) Method, device and system for authenticating gateway, node and server
HK1172467A1 (en) Figure sharing method, system and terminal
WO2014014997A3 (en) Methods and system for networking consumer devices
EP2882157A4 (en) Network accessing method, application server and system
WO2014015005A3 (en) Methods and system for networking consumer devices
EP3035594A4 (en) Method and system for identifying the cause of network problems in mobile networks, and computer program for same
EP2849465A4 (en) Service gateway obtaining method and mobile management node, data gateway and system
EP2879421A4 (en) Terminal identity verification and service authentication method, system, and terminal
EP2700190B8 (en) Authenticator, authenticatee and authentication method
EP3021518A4 (en) Multi-party secure authentication system, authentication server, intermediate server, multi-party secure authentication method, and program
WO2012121996A8 (en) Ipsec connection to private networks
HK1159897A1 (en) Method, server and system for authenticating network payment
EP3091779A4 (en) Cell interference investigation method and system, and network manager
EP2866489A4 (en) Uplink interference management method, node and system
EP2439903A4 (en) Method for providing information, home gateway and home network system
WO2014105801A3 (en) Fuel assembly
EP2555552A4 (en) Communication control method, communication system, and management server

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13738837

Country of ref document: EP

Kind code of ref document: A2

122 Ep: pct application non-entry in european phase

Ref document number: 13738837

Country of ref document: EP

Kind code of ref document: A2