-
公开(公告)号:US20130297940A1
公开(公告)日:2013-11-07
申请号:US13933543
申请日:2013-07-02
Applicant: Core Wireless Licensing S.a.r.l.
Inventor: Tat Keung Chan , Gabor Bajko
CPC classification number: H04L9/0838 , H04L9/08 , H04L9/0841 , H04L9/3247 , H04L9/3265 , H04L9/3271 , H04L63/061 , H04L63/062 , H04L63/08 , H04L63/0823 , H04L63/0869 , H04L63/205 , H04L2209/38 , H04L2209/56 , H04L2209/80 , H04L2463/061 , H04W12/04 , H04W12/06 , H04W88/02
Abstract: The invention relates to a method of authenticating a user equipment in a communications network. The method involves sending a message from a network entity to the user equipment. This message includes a set of options for an authentication procedure for authenticating an internet protocol communication over a first interface between the user equipment and the network entity; said options including a “shared key”-based authentication procedure. The method also involves selecting an option from the set. In the event that the “shared-key”-based authentication procedure is selected, a shared secret from a security key established in a generic bootstrapping architecture (GBA) is generated over a second interface between the user equipment and a bootstrapping service function. The shared secret is then used to compute and verify authentication payloads in the key-based authentication procedure for the communication over the first interface.
Abstract translation: 本发明涉及一种在通信网络中认证用户设备的方法。 该方法涉及将消息从网络实体发送到用户设备。 该消息包括用于通过用户设备和网络实体之间的第一接口认证互联网协议通信的认证过程的一组选项; 所述选项包括基于“共享密钥”的认证过程。 该方法还涉及从集合中选择一个选项。 在选择“基于共享密钥”的认证过程的情况下,通过在通用引导体系结构(GBA)中建立的安全密钥的共享密钥在用户设备和引导服务功能之间的第二接口上生成。 然后,共享秘密用于在基于密钥的认证过程中通过第一接口进行通信的计算和验证认证有效载荷。
-
公开(公告)号:US09231759B2
公开(公告)日:2016-01-05
申请号:US13933543
申请日:2013-07-02
Applicant: Core Wireless Licensing S.a.r.l.
Inventor: Tat Keung Chan , Gabor Bajko
CPC classification number: H04L9/0838 , H04L9/08 , H04L9/0841 , H04L9/3247 , H04L9/3265 , H04L9/3271 , H04L63/061 , H04L63/062 , H04L63/08 , H04L63/0823 , H04L63/0869 , H04L63/205 , H04L2209/38 , H04L2209/56 , H04L2209/80 , H04L2463/061 , H04W12/04 , H04W12/06 , H04W88/02
Abstract: The invention relates to a method of authenticating a user equipment in a communications network. The method involves sending a message from a network entity to the user equipment. This message includes a set of options for an authentication procedure for authenticating an internet protocol communication over a first interface between the user equipment and the network entity; said options including a “shared key”-based authentication procedure. The method also involves selecting an option from the set. In the event that the “shared-key”-based authentication procedure is selected, a shared secret from a security key established in a generic bootstrapping architecture (GBA) is generated over a second interface between the user equipment and a bootstrapping service function. The shared secret is then used to compute and verify authentication payloads in the key-based authentication procedure for the communication over the first interface.
Abstract translation: 本发明涉及一种在通信网络中认证用户设备的方法。 该方法涉及将消息从网络实体发送到用户设备。 该消息包括用于通过用户设备和网络实体之间的第一接口认证互联网协议通信的认证过程的一组选项; 所述选项包括基于“共享密钥”的认证过程。 该方法还涉及从集合中选择一个选项。 在选择“基于共享密钥”的认证过程的情况下,通过在通用引导体系结构(GBA)中建立的安全密钥的共享密钥在用户设备和引导服务功能之间的第二接口上生成。 然后,共享秘密用于在基于密钥的认证过程中通过第一接口进行通信的计算和验证认证有效载荷。
-
Search Results
2
records
(took 0.019 seconds)
