公开(公告)号：EP2713642B1

公开(公告)日：2016-11-02

申请号：EP11865120.7

申请日：2011-09-14

申请人： ZTE Corporation

发明人： YU, Wantao

IPC分类号： H04W12/08 ,  H04W4/00 ,  H04W60/04 ,  H04W12/04

CPC分类号： H04W60/04 ,  H04W4/70 ,  H04W12/04 ,  H04W12/08

摘要： The present disclosure discloses a method and system for triggering a Machine Type Communication MTC device. The method includes that: an MTC server sends a Bootstrapping Server Function entity BSF a request message including information on a GBA-PUSH Information GPI request and information on a triggering request; the BSF generates GPI and adds parametric information of a triggering instruction in the GPI according to the information on the triggering request through a GPI request processing flow, and sends the GPI including the parametric information of the triggering instruction to the MTC server; the MTC server sends the GPI including the parametric information of the triggering instruction to an MTC device to be triggered; and the MTC device is triggered according to the parametric information of the triggering instruction in the received GPI. With the present disclosure, secure triggering of an MTC device is implemented, and it is ensured that a secure connection can be established between the MTC device and an MTC server.

公开(公告)号：EP2654332B1

公开(公告)日：2016-08-10

申请号：EP11855388.2

申请日：2011-06-30

申请人： ZTE Corporation

发明人： YU, Wantao

IPC分类号： H04W12/00 ,  H04W12/04 ,  H04W4/00 ,  H04W12/06

CPC分类号： H04W12/04 ,  H04W4/50 ,  H04W4/70 ,  H04W12/06

摘要： The disclosure discloses a key sharing method for a Machine Type Communication (MTC) server, wherein when establishing a safe connection and performs safe communications with a first MTC server via a Generic Bootstrapping Architecture (GBA) process, an MTC device may send a second MTC server a request message containing a bootstrapping identifier (B-TID) currently used by the MTC device and the first MTC server and a host identifier NAF-ID 1 of the first MTC server; the second MTC server sends a Bootstrapping Server Function (BSF) an authentication request containing a host identifier NAF-ID 2 of the second MTC server, the B-TID, and NAF-ID; after verifying the validity of NAF-ID 2 and NAF-ID 1 , the BSF generates a session key K NAF according to the B-TID and the NAF-ID 1 , and sends the generated K NAF to the second MTC server. Accordingly, the disclosure further discloses a key sharing system for an MTC server. With the disclosure, the MTC device is enabled to perform safe communications simultaneously with a plurality of MTC servers, thereby enhancing the efficiency of network resources.

公开(公告)号：EP2713642A1

公开(公告)日：2014-04-02

申请号：EP11865120.7

申请日：2011-09-14

申请人： ZTE Corporation

发明人： YU, Wantao

IPC分类号： H04W12/08

CPC分类号： H04W60/04 ,  H04W4/70 ,  H04W12/04 ,  H04W12/08

摘要： The present disclosure discloses a method and system for triggering a Machine Type Communication MTC device. The method includes that: an MTC server sends a Bootstrapping Server Function entity BSF a request message including information on a GBA-PUSH Information GPI request and information on a triggering request; the BSF generates GPI and adds parametric information of a triggering instruction in the GPI according to the information on the triggering request through a GPI request processing flow, and sends the GPI including the parametric information of the triggering instruction to the MTC server; the MTC server sends the GPI including the parametric information of the triggering instruction to an MTC device to be triggered; and the MTC device is triggered according to the parametric information of the triggering instruction in the received GPI. With the present disclosure, secure triggering of an MTC device is implemented, and it is ensured that a secure connection can be established between the MTC device and an MTC server.

摘要翻译： 本公开公开了一种用于触发机器类型通信MTC设备的方法和系统。 该方法包括：MTC服务器向引导服务器功能实体BSF发送包括关于GBA-PUSH信息GPI请求的信息和关于触发请求的信息的请求消息; BSF产生GPI，并通过GPI请求处理流程根据关于触发请求的信息在GPI中添加触发指令的参数信息，并将包括触发指令的参数信息的GPI发送到MTC服务器; MTC服务器将包含触发指令的参数信息的GPI发送到要触发的MTC设备; 并根据接收到的GPI中的触发指令的参数信息触发MTC设备。 通过本公开，实现了MTC设备的安全触发，并且确保了可以在MTC设备和MTC服务器之间建立安全连接。

公开(公告)号：EP2654332A1

公开(公告)日：2013-10-23

申请号：EP11855388.2

申请日：2011-06-30

申请人： ZTE Corporation

发明人： YU, Wantao

IPC分类号： H04W12/00 ,  H04W12/04

CPC分类号： H04W12/04 ,  H04W4/50 ,  H04W4/70 ,  H04W12/06

摘要： The disclosure discloses a key sharing method for a Machine Type Communication (MTC) server, wherein when establishing a safe connection and performs safe communications with a first MTC server via a Generic Bootstrapping Architecture (GBA) process, an MTC device may send a second MTC server a request message containing a bootstrapping identifier (B-TID) currently used by the MTC device and the first MTC server and a host identifier NAF-ID 1 of the first MTC server; the second MTC server sends a Bootstrapping Server Function (BSF) an authentication request containing a host identifier NAF-ID 2 of the second MTC server, the B-TID, and NAF-ID; after verifying the validity of NAF-ID 2 and NAF-ID 1 , the BSF generates a session key K NAF according to the B-TID and the NAF-ID 1 , and sends the generated K NAF to the second MTC server. Accordingly, the disclosure further discloses a key sharing system for an MTC server. With the disclosure, the MTC device is enabled to perform safe communications simultaneously with a plurality of MTC servers, thereby enhancing the efficiency of network resources.

摘要翻译： 本公开公开了一种机器类型通信（MTC）服务器的密钥共享方法，其中当建立安全连接并经由通用引导架构（GBA）进程与第一MTC服务器进行安全通信时，MTC设备可以发送第二MTC 服务器包含MTC设备和第一MTC服务器当前使用的引导标识符（B-TID）和第一MTC服务器的主机标识符NAF-ID 1的请求消息; 第二MTC服务器发送引导服务器功能（BSF）包含第二MTC服务器的主机标识符NAF-ID 2，B-TID和NAF-ID的认证请求; 在验证NAF-ID 2和NAF-ID 1的有效性之后，BSF根据B-TID和NAF-ID 1生成会话密钥K NAF，并将生成的K NAF发送到第二MTC服务器。 因此，本公开进一步公开了一种用于MTC服务器的密钥共享系统。 通过本公开，MTC设备能够与多个MTC服务器同时执行安全通信，从而提高网络资源的效率。

公开(公告)号：EP2343852A1

公开(公告)日：2011-07-13

申请号：EP09821538.7

申请日：2009-08-12

申请人： ZTE Corporation

发明人： MA, Jingwang ,  JIA, Qian ,  YU, Wantao

IPC分类号： H04L9/32

CPC分类号： H04L9/083 ,  H04L2209/56 ,  H04L2209/805

摘要： A key distribution method and system are provided, and the method includes that: a card issuer management platform generates an initial key of a secondary security domain corresponding to an application provider, imports the initial key and a trusted root public key used for external authentication to the secondary security domain, and sends the information of the secondary security domain and the initial key to an application provider management platform (202); the application provider management platform receives the information of the secondary security domain and the initial key, and selects the secondary security domain of a smart card by a service terminal according to the information of the secondary security domain and the initial key (204); the application provider management platform generates a public key and a private key of the secondary security domain as well as a certificate of the secondary security domain, and encrypts the public key and the private key as well as the certificate and then sends them to the secondary security domain (206). Through the above process, the security of the key distribution for the secondary security domain can be improved.

摘要翻译： 提供了一种密钥分配方法和系统，该方法包括：发卡机构管理平台生成与应用提供商对应的辅助安全域的初始密钥，将初始密钥和用于外部认证的可信根公钥输入 二级安全域，并将二级安全域的信息和初始密钥发送到应用提供商管理平台（202）; 所述应用提供商管理平台接收所述辅助安全域和所述初始密钥的信息，并且根据所述辅助安全域和初始密钥（204）的信息，由服务终端选择智能卡的辅助安全域。 应用提供商管理平台生成辅助安全域的公钥和私钥以及辅助安全域的证书，并对公钥和私钥以及证书进行加密，然后将其发送到二级 安全域（206）。 通过上述过程，可以提高二级安全域密钥分发的安全性。

公开(公告)号：EP3913953A1

公开(公告)日：2021-11-24

申请号：EP19910875.4

申请日：2019-10-21

申请人： ZTE Corporation

发明人： YU, Wantao ,  XIE, Zhenhua ,  PENG, Jin ,  YOU, Shilin

IPC分类号： H04W12/12

摘要： An anti-pseudo base station method and apparatus, and a computer-readable storage medium are provided. The anti-pseudo base station method includes: sending, by a base station, first anti-pseudo base station capacity information to a mobile terminal, wherein the first anti-pseudo base station capacity information is used for identifying an anti-pseudo base station capacity of the base station. According to the solution provided by the embodiments, the terminal can be informed of the anti-pseudo base station capacity of the base station conveniently, so as to execute a corresponding authentication and key agreement and distribution process conveniently, and therefore improve network security.

公开(公告)号：EP2827661B1

公开(公告)日：2020-01-01

申请号：EP12871083.7

申请日：2012-04-17

申请人： ZTE Corporation

发明人： YU, Wantao

IPC分类号： H04W4/70 ,  H04W8/12

公开(公告)号：EP3076695B1

公开(公告)日：2018-01-31

申请号：EP14797273.1

申请日：2014-04-18

申请人： ZTE Corporation

发明人： YU, Wantao

IPC分类号： H04W12/06 ,  H04W12/04

CPC分类号： H04W12/06 ,  H04L2463/061 ,  H04W4/70 ,  H04W12/04

摘要： Disclosed is a method for secure transmission of small data of a machine type communication (MTC) device group, comprising a process wherein an MTC device and an MTC-Interworking Function (MTC-IWF) generate a shared key KIWF on the basis of a GBA procedure, the MTC device and a bootstrapping server (BSF) performing AKA authentication: a home subscriber server (HSS) determines whether the MTC device belongs to the MTC device group and whether said device has small data transmission and reception capabilities; if said device belongs to said group and has said capabilities, an AKA authentication vector generated on the basis of the MTC device group key is sent to said BSF; the BSF carries out AKA authentication with the MTC device on the basis of the received AKA authentication vector. Also disclosed is a system for secure transmission of small data of an MTC device group.

公开(公告)号：EP3240318A1

公开(公告)日：2017-11-01

申请号：EP15871654.8

申请日：2015-07-01

申请人： ZTE Corporation

发明人： YU, Wantao

IPC分类号： H04W12/04

CPC分类号： H04L63/062 ,  G06F21/44 ,  H04L9/08 ,  H04L9/3263 ,  H04L63/06 ,  H04L63/065 ,  H04L63/0807 ,  H04W4/08 ,  H04W4/70 ,  H04W12/04

摘要： Disclosed is a key negotiation method including that a network entity generates an MTC communication key between an MTC device or an MTC application and a network by utilizing a key distribution algorithm for MTC communication according to a root key for the MTC communication maintained by the network entity. The network entity generates an MTC group key by utilizing a key distribution algorithm for MTC group communication according to the root key. The network entity issues the generated MTC communication key and the generated MTC group key to the MTC device or the MTC application via a secure method so as to allow the MTC device or the MTC application to securely store the MTC communication key and the MTC group key. Also disclosed are a network entity, a key negotiation system and a computer storage medium.

摘要翻译： 公开了一种密钥协商方法，包括：网络实体根据由网络实体维护的MTC通信的根密钥，利用用于MTC通信的密钥分配算法在MTC设备或MTC应用与网络之间生成MTC通信密钥 。 网络实体根据根密钥利用MTC组通信的密钥分发算法生成MTC组密钥。 网络实体将生成的MTC通信密钥和生成的MTC组密钥通过安全的方式下发给MTC设备或MTC应用，以允许MTC设备或MTC应用安全地存储MTC通信密钥和MTC组密钥 。 还公开了网络实体，密钥协商系统和计算机存储介质。

公开(公告)号：EP3059989A1

公开(公告)日：2016-08-24

申请号：EP14797756.5

申请日：2014-05-05

申请人： ZTE Corporation

发明人： YU, Wantao

IPC分类号： H04W12/00

摘要： A method for realizing secure communication between machine type communication devices and a network entity, the method includes: creating, by a network entity, an MTC device group for a directly-communicating MTC device, and saving MTC device group information corresponding to the MTC device group and MTC device information of an MTC devices contained in the MTC device group, herein the MTC device group information includes MTC device group identification information and MTC device group key information; and sending, by the network entity, the MTC device group information of the MTC device group, to which the MTC device belongs, to the MTC device.

摘要翻译： 一种用于实现机器类型的通信设备和网络实体之间的安全通信的方法，该方法包括：用于直接相通MTC设备创建，由网络实体，在MTC设备组，以及保存MTC devicegroup信息对应于所述MTC设备 包含在MTC devicegroup一个MTC装置，在MTC devicegroup信息的组和MTC设备信息包括MTC设备组识别信息和MTC devicegroup密钥信息; 和发送，由所述网络实体，该MTC设备组的机器设备组的信息，向其中MTC设备所属的机器设备。