CN102006591A - Data transmission security protection method, authentication server and terminal - Google Patents
Data transmission security protection method, authentication server and terminal Download PDFInfo
- Publication number
- CN102006591A CN102006591A CN2009101716304A CN200910171630A CN102006591A CN 102006591 A CN102006591 A CN 102006591A CN 2009101716304 A CN2009101716304 A CN 2009101716304A CN 200910171630 A CN200910171630 A CN 200910171630A CN 102006591 A CN102006591 A CN 102006591A
- Authority
- CN
- China
- Prior art keywords
- module
- key information
- terminal
- certificate server
- access network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 46
- 230000005540 biological transmission Effects 0.000 title claims abstract description 21
- 238000012546 transfer Methods 0.000 claims description 13
- 238000005516 engineering process Methods 0.000 abstract description 2
- 239000000463 material Substances 0.000 description 44
- 238000004891 communication Methods 0.000 description 8
- 238000012795 verification Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 238000013475 authorization Methods 0.000 description 2
- 230000009977 dual effect Effects 0.000 description 2
- 150000001768 cations Chemical class 0.000 description 1
- 239000012141 concentrate Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 238000012797 qualification Methods 0.000 description 1
- 230000011664 signaling Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a data transmission security protection method, an authentication server and a terminal, wherein the method comprises receiving an authentication request from a terminal by an authentication server, authenticating from the terminal, generating a secret key information by the authentication server, and then sending the secret key information to a network accessing function module when the authentication is successful so as to connect the network accessing function module with the terminal and/or implement data transmission by means of the secret key information. The data transmission security protection method provided by the invention solves the security problem of existing NGN network of the relative technology of which the security protection between the user terminal and the network accessing node is free and improves the security while accessing the terminal into the network node.
Description
Technical field
The present invention relates to the communications field, in particular to a kind of data transmission security guard method, certificate server and terminal.
Background technology
Next generation network (Next Generation Network abbreviates NGN as) receives increasing concern as the network frame based on packet switching of evolution.ITU Telecommunication Standardization Sector's (International Telecommunications Union-Telecommuni cations standardization sector abbreviates ITU-T as) and other regional standards organizations have carried out extensive studies and standardization effort to NGN frame model, business and association area.
NGN can support heterogeneous network access, internetwork roaming and seamless switching.When user terminal carries out data communication and switches, need to guarantee professional continuity, simultaneously, guarantee the signaling data between mobile subscriber terminal and the NGN Network Access Point and privacy, the integrality of user data.
In the current NGN network; user terminal and access network nodes between do not have safeguard protection; there are many safety problems; for example; there are not the user terminal of mandate and the ciphered data that do not have of access network nodes to be eavesdropped; the network behavior of possible monitor user ' has very big influence to user's privacy.
Summary of the invention
At in the correlation technique in current NGN network user terminal and access network nodes between do not have safeguard protection; there is safety problem and proposes the present invention; for this reason, main purpose of the present invention is to provide a kind of data transmission security protection scheme, one of to address the above problem at least.
To achieve these goals, according to an aspect of the present invention, provide a kind of data transmission security guard method.
According to data transmission security guard method of the present invention, be applied to next generation network, comprising: certificate server receives the authentication request of self terminal, and authenticates with terminal; Certificate server generates key information, and after authentication success, key information is sent to the access network functional module, so that the access network functional module connects by key information and terminal and/or carries out transfer of data.
Preferably, certificate server sends to the access network functional module with key information and comprises: certificate server sends to the access network functional module via the access management function module with key information.
Preferably, certificate server sends to the access network functional module with key information and comprises: certificate server sends to the access network functional module via inserting the forwarding capability module with key information.
Preferably, certificate server generates key information and comprises: certificate server is cooperated with the server of other types and is generated key information, and wherein, the server of other types comprises the transmitting subscriber information server.
Preferably, after certificate server generated key information, said method also comprised: certificate server and terminal are preserved key information.
To achieve these goals, according to a further aspect in the invention, also provide a kind of certificate server.
According to certificate server of the present invention, be applied to comprise in the next generation network: first receiver module is used to receive the authentication request of self terminal; Authentication module is used for authenticating with terminal; Cipher key module is used to generate key information; First sending module is used for after authentication success, and key information is sent to the access network functional module, so that the access network functional module connects by key information and terminal and/or carries out transfer of data.
Preferably, first sending module specifically is used for via the access management function module key information being sent to the access network functional module, wherein, below the access management function module is used for carrying out one of at least: the two layers of transmissions links that terminate, obtain access network information, transmit authentication request, obtain network configuration information.
Preferably, first sending module specifically is used for via inserting the forwarding capability module key information being sent to the access network functional module, wherein, insert the forwarding capability module be used for carrying out below one of at least: insert and/or transmit network configuration information, the access of terminal and/or transmit terminal authentication request, add local configuration information.
Preferably, cipher key module specifically is used for cooperating with the server of other types and generates key information, wherein, the server of other types comprises the transmitting subscriber information server, below the server of other types is used for carrying out one of at least: keep user profile, produce the authentification of user vector, produce key information.
To achieve these goals, according to a further aspect in the invention, also provide a kind of terminal.
According to terminal of the present invention, be applied to comprise in the next generation network: second sending module is used for sending authentication request to certificate server; Second receiver module is used to receive the key information from certificate server; Preserve module, be used to preserve key information, so as with connect by key information and access network functional module and/or carry out transfer of data.
By the present invention; adopt terminal and certificate server to authenticate and generate key information; the access network functional module is carried out safety communication with this key information and terminal; solved in the correlation technique in current NGN network user terminal and access network nodes between do not have safeguard protection; there is safety problem, and then the fail safe when having improved the accessing terminal to network node.
Description of drawings
Accompanying drawing described herein is used to provide further understanding of the present invention, constitutes the application's a part, and illustrative examples of the present invention and explanation thereof are used to explain the present invention, do not constitute improper qualification of the present invention.In the accompanying drawings:
Fig. 1 is the flow chart according to the data transmission security guard method of the embodiment of the invention;
Fig. 2 is according to inserting the schematic diagram that the forwarding capability module obtains key material in the next generation network of the embodiment of the invention;
Fig. 3 is according to the flow chart that obtains key material in the same territory of access network functional module of the embodiment of the invention from access forwarding capability module;
Fig. 4 is according to the flow chart that obtains key material in the same territory of access network functional module of the embodiment of the invention from the access management function module;
Fig. 5 is the flow chart that does not obtain key material according to the access network functional module of the embodiment of the invention in the same area;
Fig. 6 is the schematic diagram that obtains key according to access network functional module among the ITU-T NGN of the embodiment of the invention;
Fig. 7 is the structured flowchart according to the certificate server of the embodiment of the invention;
Fig. 8 is the structured flowchart according to the terminal of the embodiment of the invention.
Embodiment
Functional overview
Consider in the correlation technique in current NGN network user terminal and access network nodes between do not have safeguard protection; there is safety problem; the embodiment of the invention provides a kind of data transmission security protection scheme; promptly; a kind of scheme that the transfer of data of terminal and access network functional module is carried out safeguard protection has solved user and access network functional module safety issue in the next generation network by this scheme.This scheme can be applied to transportation level, and this scheme treatment principle is as follows: certificate server receives the authentication request of self terminal, and authenticates with terminal; Certificate server generates key information, and after authentication success, key information is sent to the access network functional module, so that the access network functional module connects by key information and terminal and/or carries out transfer of data.
Need to prove that under the situation of not conflicting, embodiment and the feature among the embodiment among the application can make up mutually.Describe the present invention below with reference to the accompanying drawings and in conjunction with the embodiments in detail.
In following examples, can in computer system, carry out in the step shown in the flow chart of accompanying drawing such as a set of computer-executable instructions, and, though there is shown logical order in flow process, but in some cases, can carry out step shown or that describe with the order that is different from herein.
Method embodiment
According to embodiments of the invention; a kind of data transmission security guard method is provided, has been applied to next generation network, Fig. 1 is the flow chart according to the data transmission security guard method of the embodiment of the invention; as shown in Figure 1, this method comprises that following step S2 is to step S4:
Step S2, certificate server receive the authentication request of self terminal, and authenticate with terminal.
Step S4, certificate server generates key information, and after authentication success, key information is sent to the access network functional module, so that the access network functional module connects by key information and terminal and/or carries out transfer of data.
By above-mentioned step S2 and S4, the access network functional module just can connect and/or carries out transfer of data by key information and terminal, has improved safety of data transmission.
Wherein, in step S4, certificate server can send to the access network functional module with key information via the access management function module, wherein, the access management function module should have but be not limited to following function: the two layers of transmissions links that terminate, obtain access network information (link layer parameter, sign, terminal location etc.), transmit authentication request, obtain network configuration information; Perhaps, also can key information be sent to the access network functional module via inserting the forwarding capability module, wherein, access forwarding capability module should have but be not limited to following function: insert, transmit the terminal authentication request.Insert, transmit the network configuration information of terminal, can add local configuration information.
Preferably, in step S4, certificate server can generate key information separately, also can cooperate with the server of other types with generating key information, and wherein, the server of other types comprises the transmitting subscriber information server.
After certificate server generated key information, certificate server can be preserved this key information, and this key information is sent to terminal, so that terminal is preserved.
The data transmission security protection scheme of present embodiment is described in detail to step S4 below in conjunction with above-mentioned steps S2.
Step S22, terminal and certificate server carry out verification process.
Step S24, behind the authentication success, terminal and certificate server have shared key material.Should share key material (that is key information) produces in verification process.
Step S26, certificate server sends to the access network functional module with this key material, and wherein, the access network functional module should have but be not limited to following function: the boundary node of network side, be responsible for transfer of data with terminal.
Step S28, the access network functional module uses this key material and terminal to carry out secure communication.
In step S28, certificate server can be derived the sub-key material with this key material.The shared key material that terminal will have is derived the sub-key material.Then, certificate server sends to the access network functional module with this sub-key material, and the access network functional module uses this sub-key material and terminal to carry out secure communication.
In step S22, certificate server is carried out authentification of user, can produce key material, also can cooperate with other servers (for example, transmitting subscriber information server), the common key material that produces, wherein, other servers (for example, transmitting subscriber information server) should have but be not limited to following function: keep user profile, generation authentification of user vector produces key material.
Be described in detail below in conjunction with the implementation procedure of example the embodiment of the invention.
Fig. 2 is according to inserting the schematic diagram that the forwarding capability module obtains key material in the next generation network of the embodiment of the invention, as shown in Figure 2, authenticate between terminal 150 and the certificate server 130, after authentication success, terminal 150 all obtains to share key material with certificate server 130.Certificate server 130 can send this by dual mode should share key material to the access network functional module.
Mode one, certificate server 130 send should share key material to access management function module 100, and access management function module 100 issues this shared key material to access network functional module 120.
Mode two, certificate server 130 send should share key material to inserting forwarding capability module 110, inserted forwarding capability module 110 and issued this shared key material to access network functional module 120.
Fig. 3 be according in the same territory of access network functional module of the embodiment of the invention from inserting the flow chart that the forwarding capability module obtains key material, as shown in Figure 3, this flow process comprises the steps that S302 is to step S308:
Step S302, terminal and certificate server carry out identifying procedure, and the shared key material of terminal and certificate server produces in verification process.
Step S304, certificate server send key material to inserting the forwarding capability module.Need to prove that this step S304 can carry out in identifying procedure, also can behind identifying procedure, carry out, still, must under the situation of authentication success, just carry out this step.
Step S306, the access network functional module obtains key material from inserting the forwarding capability module.
Step S308, terminal all has shared key material with access forwarding capability module, can set up Security Association with this shared key, the communication security between protection terminal and the access forwarding capability module.
Fig. 4 is according to the flow chart that obtains key material in the same territory of access network functional module of the embodiment of the invention from the access management function module, and as shown in Figure 4, this flow process comprises the steps that S402 is to step S408:
Step S402, terminal and certificate server carry out identifying procedure, produce in the shared key material verification process of terminal and certificate server.
Step S404, certificate server send key material to the access management function module, need to prove that this step S404 can carry out in identifying procedure, also can carry out behind identifying procedure.But all must under the situation of authentication success, just carry out this step.
Step S406, the access network functional module obtains key material from the access management function module.
Step S408, terminal all has shared key material with access forwarding capability module, can set up Security Association with this shared key, the communication security between protection terminal and the access forwarding capability module.
Fig. 5 is the flow chart that does not obtain key material according to the access network functional module of the embodiment of the invention in the same area, and as shown in Figure 5, this flow process comprises the steps:
Step S502, terminal and purpose domain authentication server device carry out identifying procedure, produce in the shared key material verification process of terminal and purpose domain authentication server device.Identifying procedure can relate to and former access forwarding capability module, former access management function module, and former certificate server, forwarding capability module, purpose territory access management function module are inserted in the purpose territory.
Step S504, purpose territory access network functional module has dual mode to obtain to share key material.Mode one, i.e. step S504a, purpose domain authentication server send and share key material and insert the forwarding capability module to the purpose territory, and the purpose territory is inserted the forwarding capability module and is sent and share key material to purpose territory access network module; Mode two, i.e. step S504b, purpose domain authentication server send and share key material to purpose territory access management function module, and purpose territory access management function module sends shares key material to purpose territory access network module.Need to prove that this step S604 can carry out, and also can carry out behind identifying procedure in identifying procedure.But, must under the situation of authentication success, just carry out this step.
Step S506, the forwarding capability module is inserted in terminal and purpose territory all shared key material, can set up Security Association with this shared key, and the communication security between the forwarding capability module is inserted in protection terminal and purpose territory.
Fig. 6 is the schematic diagram that obtains key according to access network functional module among the ITU-T NGN of the embodiment of the invention, as shown in Figure 5, UE represents terminal (User Equipment), AM-FE (Access Management Function Entity) expression access management function module, TAA-FE (Transport authentication and authorization functional entity) expression certified transmission authorization function module, AR-FE (Access relay functional entity) expression inserts the forwarding capability module, TUP (Transport user profile functional entity) expression transmitting subscriber information functional entity.Wherein, can be in TUP storing subscriber information, and can produce Ciphering Key, then, send to TAA, carry out the authentification of user flow process with TAA.This flow process comprises the steps:
Step S602, the access network functional module obtains key material from the access management function module.
Step S604, the access network functional module obtains key material from inserting the forwarding capability module.
Device embodiment
According to embodiments of the invention, a kind of certificate server is provided, be applied in the next generation network, Fig. 7 is the structured flowchart according to the certificate server of the embodiment of the invention, as shown in Figure 7, this certificate server comprises: first receiver module 72, authentication module 74, cipher key module 76, first sending module 78 are described in detail this structure below.
First receiver module 72 is used to receive the authentication request of self terminal; Authentication module 74 is connected to first receiver module 72, is used for authenticating with terminal; Cipher key module 76 is connected to authentication module 74, is used to generate key information; First sending module 78 is connected to cipher key module 76, is used for after authentication success, and key information is sent to the access network functional module, so that the access network functional module connects by key information and terminal and/or carries out transfer of data.
Preferably, first sending module 78 can specifically be used for via the access management function module key information being sent to the access network functional module, wherein, below the access management function module is used for carrying out one of at least: the two layers of transmissions links that terminate, obtain access network information, transmit authentication request, obtain network configuration information.
Preferably, first sending module 78 specifically is used for via inserting the forwarding capability module key information being sent to the access network functional module, wherein, insert the forwarding capability module be used for carrying out below one of at least: insert and/or transmit network configuration information, the access of terminal and/or transmit terminal authentication request, add local configuration information.
Preferably, cipher key module 76 specifically is used for cooperating with the server of other types and generates key information, wherein, the server of other types comprises the transmitting subscriber information server, below the server of other types is used for carrying out one of at least: keep user profile, produce the authentification of user vector, produce key information.
According to embodiments of the invention, a kind of terminal also is provided, be applied in the next generation network, Fig. 8 is the structured flowchart according to the terminal of the embodiment of the invention, as shown in Figure 8, this terminal comprises: second sending module 82, second receiver module 84, preservation module 86 are described in detail this structure below.
Second sending module 82 is used for sending authentication request to certificate server; Second receiver module 84 is connected to second sending module 82, is used to receive the key information from certificate server; Preserve module 86 and be connected to second receiver module 84, be used to preserve key information, so as with connect by key information and access network functional module and/or carry out transfer of data.
In sum, by the above embodiment of the present invention, solved in the correlation technique in current NGN network user terminal and access network nodes between do not have safeguard protection, have safety problem, and then a fail safe when having improved the accessing terminal to network node.
Obviously, those skilled in the art should be understood that, above-mentioned each module of the present invention or each step can realize with the general calculation device, they can concentrate on the single calculation element, perhaps be distributed on the network that a plurality of calculation element forms, alternatively, they can be realized with the executable program code of calculation element, thereby, they can be stored in the storage device and carry out by calculation element, perhaps they are made into each integrated circuit modules respectively, perhaps a plurality of modules in them or step are made into the single integrated circuit module and realize.Like this, the present invention is not restricted to any specific hardware and software combination.
The above is the preferred embodiments of the present invention only, is not limited to the present invention, and for a person skilled in the art, the present invention can have various changes and variation.Within the spirit and principles in the present invention all, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (10)
1. a data transmission security guard method is applied to next generation network, it is characterized in that,
Comprise:
Certificate server receives the authentication request of self terminal, and authenticates with described terminal;
Described certificate server generates key information, and after authentication success, described key information is sent to the access network functional module, so that described access network functional module connects by described key information and described terminal and/or carries out transfer of data.
2. method according to claim 1 is characterized in that, described certificate server sends to described access network functional module with described key information and comprises:
Described certificate server sends to described access network functional module via the access management function module with described key information.
3. method according to claim 1 is characterized in that, described certificate server sends to described access network functional module with described key information and comprises:
Described certificate server sends to described access network functional module via described access forwarding capability module with described key information.
4. according to each described method in the claim 1 to 3, it is characterized in that described certificate server generates described key information and comprises:
Described certificate server is cooperated with the server of other types and is generated described key information, and wherein, the server of described other types comprises the transmitting subscriber information server.
5. according to each described method in the claim 1 to 3, it is characterized in that after described certificate server generated described key information, described method also comprised:
Described certificate server and described terminal are preserved described key information.
6. a certificate server is applied to it is characterized in that in the next generation network, comprising:
First receiver module is used to receive the authentication request of self terminal;
Authentication module is used for authenticating with described terminal;
Cipher key module is used to generate key information;
First sending module is used for after authentication success, and described key information is sent to the access network functional module, so that described access network functional module connects by described key information and described terminal and/or carries out transfer of data.
7. certificate server according to claim 6, it is characterized in that, described first sending module specifically is used for via the access management function module described key information being sent to described access network functional module, wherein, below described access management function module is used for carrying out one of at least: the two layers of transmissions links that terminate, obtain access network information, transmit authentication request, obtain network configuration information.
8. certificate server according to claim 6, it is characterized in that, described first sending module specifically is used for via inserting the forwarding capability module described key information being sent to described access network functional module, wherein, below described access forwarding capability module is used for carrying out one of at least: insert and/or transmit network configuration information, the access of terminal and/or transmit terminal authentication request, add local configuration information.
9. according to each described certificate server in the claim 6 to 8, it is characterized in that, described cipher key module specifically is used for cooperating with the server of other types and generates described key information, wherein, the server of described other types comprises the transmitting subscriber information server, below the server of described other types is used for carrying out one of at least: keep user profile, produce the authentification of user vector, produce key information.
10. a terminal is applied to it is characterized in that in the next generation network, comprising:
Second sending module is used for sending authentication request to certificate server;
Second receiver module is used to receive the key information from described certificate server;
Preserve module, be used to preserve described key information, so as with connect by described key information and access network functional module and/or carry out transfer of data.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009101716304A CN102006591A (en) | 2009-08-31 | 2009-08-31 | Data transmission security protection method, authentication server and terminal |
| PCT/CN2010/071206 WO2011022963A1 (en) | 2009-08-31 | 2010-03-23 | Method for protecting the security of data transmission, authentication server and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009101716304A CN102006591A (en) | 2009-08-31 | 2009-08-31 | Data transmission security protection method, authentication server and terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102006591A true CN102006591A (en) | 2011-04-06 |
Family
ID=43627196
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009101716304A Pending CN102006591A (en) | 2009-08-31 | 2009-08-31 | Data transmission security protection method, authentication server and terminal |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN102006591A (en) |
| WO (1) | WO2011022963A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106162635A (en) * | 2015-04-01 | 2016-11-23 | 北京佰才邦技术有限公司 | The authentication method of subscriber equipment and device |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1268093C (en) * | 2002-03-08 | 2006-08-02 | 华为技术有限公司 | Distribution method of wireless local area network encrypted keys |
| CN1658547B (en) * | 2004-02-16 | 2010-08-18 | 华为技术有限公司 | Crytographic keys distribution method |
| CN101001143A (en) * | 2006-01-12 | 2007-07-18 | 中兴通讯股份有限公司 | Method for authenticating system equipment by terminal equipment |
| JP4804983B2 (en) * | 2006-03-29 | 2011-11-02 | 富士通株式会社 | Wireless terminal, authentication device, and program |
| CN101321395B (en) * | 2008-06-24 | 2012-01-11 | 中兴通讯股份有限公司 | Method and system for supporting mobility safety in next generation network |
-
2009
- 2009-08-31 CN CN2009101716304A patent/CN102006591A/en active Pending
-
2010
- 2010-03-23 WO PCT/CN2010/071206 patent/WO2011022963A1/en active Application Filing
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106162635A (en) * | 2015-04-01 | 2016-11-23 | 北京佰才邦技术有限公司 | The authentication method of subscriber equipment and device |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2011022963A1 (en) | 2011-03-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11228442B2 (en) | Authentication method, authentication apparatus, and authentication system | |
| CN102160357B (en) | Key Management in Communication Networks | |
| RU2406251C2 (en) | Method and device for establishing security association | |
| US7933591B2 (en) | Security in a mobile communications system | |
| KR101438243B1 (en) | SIM based authentication method | |
| CN101969638B (en) | Method for protecting international mobile subscriber identity (IMSI) in mobile communication | |
| CN107094076B (en) | Secret communication method based on quantum true random number and communication system | |
| CN108880813B (en) | A method and device for realizing an attachment process | |
| CN108683510A (en) | A kind of user identity update method of encrypted transmission | |
| US9608971B2 (en) | Method and apparatus for using a bootstrapping protocol to secure communication between a terminal and cooperating servers | |
| WO2002068418A2 (en) | Authentication and distribution of keys in mobile ip network | |
| CN111787532B (en) | Method for negotiating 5G mobile communication network safety capability | |
| CN101340443A (en) | Session key negotiating method, system and server in communication network | |
| CN101039181B (en) | Method for Preventing Service Functional Entities in Universal Authentication Framework from Attacking | |
| JP2012110009A (en) | Methods and arrangements for secure linking of entity authentication and ciphering key generation | |
| US20200344055A1 (en) | Decentralized and/or hybrid decentralized secure cryptographic key storage method | |
| CN104756458A (en) | Method and apparatus for securing a connection in a communications network | |
| CN101926188A (en) | Security Policy Distribution to Communication Terminals | |
| JP2004241976A (en) | Mobile communication network system and method for authenticating mobile terminal | |
| CN102264068B (en) | Shared key consultation method, system, network platform and terminal | |
| CN115699672B (en) | Method for protecting encrypted user identities from replay attacks | |
| CN116569516A (en) | Method for preventing leakage of authentication serial number of mobile terminal | |
| TWI878539B (en) | A method for preventing encrypted user identity from replay attacks | |
| Aryal et al. | Subscription management for beyond 5g and 6g cellular networks using blockchain technology | |
| WO2024183628A1 (en) | Communication method, terminal, device, and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20110406 |