-
公开(公告)号:US20120297474A1
公开(公告)日:2012-11-22
申请号:US13564173
申请日:2012-08-01
申请人: Dongmei ZHANG , Aiqin Zhang , Xiaoyu Bi , Jing Liu
发明人: Dongmei ZHANG , Aiqin Zhang , Xiaoyu Bi , Jing Liu
IPC分类号: G06F21/20
CPC分类号: H04W12/06 , H04L9/3263 , H04L63/0823 , H04W76/15
摘要: Embodiments of the present invention disclose a relay node authentication method, apparatus, and system. The method provided in an embodiment of the present invention includes: sending, by a relay node, an authentication request message to a peer node, where the authentication request message includes a certificate of the relay node, so that the peer node authenticates the relay node according to the certificate of the relay node, where the peer node is a network side node or a security gateway in a security domain where the network side node is located; and receiving, by the relay node, an authentication response message sent by the peer node, where the authentication response message includes a certificate of the peer node, and authenticating the peer node according to the certificate of the peer node.
摘要翻译: 本发明的实施例公开了一种中继节点认证方法,装置和系统。 本发明实施例提供的方法包括:由中继节点将认证请求消息发送给对等节点,其中认证请求消息包括中继节点的证书,使得对等节点认证中继节点 根据中继节点的证书,其中对等节点是网络侧节点或网络侧节点所在的安全域中的安全网关; 并且由所述中继节点接收由所述对等节点发送的认证响应消息,所述认证响应消息包括所述对等节点的证书,并且根据所述对等节点的证书认证所述对等节点。
-
公开(公告)号:US09027111B2
公开(公告)日:2015-05-05
申请号:US13564173
申请日:2012-08-01
申请人: Dongmei Zhang , Aiqin Zhang , Xiaoyu Bi , Jing Liu
发明人: Dongmei Zhang , Aiqin Zhang , Xiaoyu Bi , Jing Liu
CPC分类号: H04W12/06 , H04L9/3263 , H04L63/0823 , H04W76/15
摘要: Embodiments of the present invention disclose a relay node authentication method, apparatus, and system. The method provided in an embodiment of the present invention includes: sending, by a relay node, an authentication request message to a peer node, where the authentication request message includes a certificate of the relay node, so that the peer node authenticates the relay node according to the certificate of the relay node, where the peer node is a network side node or a security gateway in a security domain where the network side node is located; and receiving, by the relay node, an authentication response message sent by the peer node, where the authentication response message includes a certificate of the peer node, and authenticating the peer node according to the certificate of the peer node.
摘要翻译: 本发明的实施例公开了一种中继节点认证方法,装置和系统。 本发明实施例提供的方法包括:由中继节点将认证请求消息发送给对等节点,其中认证请求消息包括中继节点的证书,使得对等节点认证中继节点 根据中继节点的证书,其中对等节点是网络侧节点或网络侧节点所在的安全域中的安全网关; 并且由所述中继节点接收由所述对等节点发送的认证响应消息,所述认证响应消息包括所述对等节点的证书,并且根据所述对等节点的证书认证所述对等节点。
-
公开(公告)号:US20110072488A1
公开(公告)日:2011-03-24
申请号:US12886949
申请日:2010-09-21
申请人: Xiaoyu BI , Aiqin Zhang , Dongmei Zhang
发明人: Xiaoyu BI , Aiqin Zhang , Dongmei Zhang
IPC分类号: G06F21/00
CPC分类号: H04L63/20 , H04L9/0844 , H04L63/108 , H04L2209/80 , H04W4/90 , H04W12/00 , H04W12/04 , H04W12/06 , H04W36/0038 , H04W48/02 , H04W48/08 , H04W76/25 , H04W76/50 , H04W80/02
摘要: A method and an apparatus for authentication are disclosed. The method includes: deciding to release a connection or continue a current service according to native information and network policy after an AKA authentication procedure fails. When the EPS AKA authentication procedure fails, the connection is not released immediately in the present invention, but the connection is released or the current service is continued according to the native information and network policy, thus avoiding unnecessary release of connections and saving resources.
摘要翻译: 公开了一种认证方法和装置。 该方法包括:在AKA认证过程失败之后,根据本地信息和网络策略决定释放连接或继续当前服务。 当EPS AKA认证过程失败时,在本发明中不立即释放连接,而是根据本地信息和网络策略释放连接或继续当前服务,从而避免连接的不必要的释放和节省资源。
-
公开(公告)号:US09088616B2
公开(公告)日:2015-07-21
申请号:US12886949
申请日:2010-09-21
申请人: Xiaoyu Bi , Aiqin Zhang , Dongmei Zhang
发明人: Xiaoyu Bi , Aiqin Zhang , Dongmei Zhang
IPC分类号: G06F15/16 , G06F15/173 , G06F17/00 , G06F7/04 , H04M1/24 , H04M11/04 , H04L29/06 , H04W12/06 , H04W12/00 , H04W48/08 , H04W48/02 , H04L9/08 , H04W36/00 , H04W12/04 , H04W4/22 , H04W76/00 , H04W76/04 , H04W80/02
CPC分类号: H04L63/20 , H04L9/0844 , H04L63/108 , H04L2209/80 , H04W4/90 , H04W12/00 , H04W12/04 , H04W12/06 , H04W36/0038 , H04W48/02 , H04W48/08 , H04W76/25 , H04W76/50 , H04W80/02
摘要: A method and an apparatus for authentication are disclosed. The method includes: deciding to release a connection or continue a current service according to native information and network policy after an AKA authentication procedure fails. When the EPS AKA authentication procedure fails, the connection is not released immediately in the present invention, but the connection is released or the current service is continued according to the native information and network policy, thus avoiding unnecessary release of connections and saving resources.
摘要翻译: 公开了一种认证方法和装置。 该方法包括:在AKA认证过程失败之后,根据本地信息和网络策略决定释放连接或继续当前服务。 当EPS AKA认证过程失败时,在本发明中不立即释放连接,而是根据本地信息和网络策略释放连接或继续当前服务,从而避免连接的不必要的释放和节省资源。
-
公开(公告)号:US08605908B2
公开(公告)日:2013-12-10
申请号:US13463444
申请日:2012-05-03
申请人: Dongmei Zhang , Xiaoyu Bi , Aiqin Zhang
发明人: Dongmei Zhang , Xiaoyu Bi , Aiqin Zhang
IPC分类号: H04L9/08
CPC分类号: H04W12/04 , H04L2463/061 , H04W84/047
摘要: A method and a device for obtaining a security key in a relay system are disclosed in the embodiment of the present invention. A node in the relay system obtains an initial key, according to the initial key, the node obtains a root key of an air interface protection key between the node and another node that is directly adjacent to the node, and according to the root key, the node obtains the air interface protection key between the node and said another node that is directly adjacent to the node. Therefore, according to the initial key, each lower-level node obtains a root key of an air interface protection key between each lower-level node, so that data of a UE on a Un interface link may be respectively protected, that is, each active UE has a set of security parameters on the Un interface link, and effective security protection is performed on data on each segment of an air interface.
摘要翻译: 在本发明的实施例中公开了一种在中继系统中获得安全密钥的方法和装置。 中继系统中的节点根据初始密钥获取初始密钥,节点获取节点与节点直接相邻的另一个节点之间的空中接口保护密钥的根密钥,根据根密钥, 该节点获得节点与直接相邻节点的另一个节点之间的空中接口保护密钥。 因此,根据初始密钥,每个下级节点获得每个下级节点之间的空中接口保护密钥的根密钥,从而可以分别保护Un接口链路上的UE的数据,即每个 主动UE在Un接口链路上具有一组安全参数,对空中接口的每个段上的数据执行有效的安全保护。
-
公开(公告)号:US20120213372A1
公开(公告)日:2012-08-23
申请号:US13463444
申请日:2012-05-03
申请人: Dongmei Zhang , Xiaoyu Bi , Aiqin Zhang
发明人: Dongmei Zhang , Xiaoyu Bi , Aiqin Zhang
CPC分类号: H04W12/04 , H04L2463/061 , H04W84/047
摘要: A method and a device for obtaining a security key in a relay system are disclosed in the embodiment of the present invention. A node in the relay system obtains an initial key, according to the initial key, the node obtains a root key of an air interface protection key between the node and another node that is directly adjacent to the node, and according to the root key, the node obtains the air interface protection key between the node and said another node that is directly adjacent to the node. Therefore, according to the initial key, each lower-level node obtains a root key of an air interface protection key between each lower-level node, so that data of a UE on a Un interface link may be respectively protected, that is, each active UE has a set of security parameters on the Un interface link, and effective security protection is performed on data on each segment of an air interface.
摘要翻译: 在本发明的实施例中公开了一种在中继系统中获得安全密钥的方法和装置。 中继系统中的节点根据初始密钥获取初始密钥,节点获取节点与节点直接相邻的另一个节点之间的空中接口保护密钥的根密钥,根据根密钥, 该节点获得节点与直接相邻节点的另一个节点之间的空中接口保护密钥。 因此,根据初始密钥,每个下级节点获得每个下级节点之间的空中接口保护密钥的根密钥,从而可以分别保护Un接口链路上的UE的数据,即每个 主动UE在Un接口链路上具有一组安全参数,对空中接口的每个段上的数据执行有效的安全保护。
-
公开(公告)号:US11240019B2
公开(公告)日:2022-02-01
申请号:US13323840
申请日:2011-12-13
申请人: Aiqin Zhang , Jing Chen , Xiaoyu Bi
发明人: Aiqin Zhang , Jing Chen , Xiaoyu Bi
IPC分类号: H04L9/08 , H04L29/06 , H04W12/041 , H04W36/00 , H04W88/14
摘要: Method, device, and system for deriving keys are provided in the field of mobile communications technologies. The method for deriving keys may be used, for example, in a handover process of a User Equipment (UE) from an Evolved Universal Terrestrial Radio Access Network (EUTRAN) to a Universal Terrestrial Radio Access Network (UTRAN). If a failure occurred in a first handover, the method ensures that the key derived by a source Mobility Management Entity (MME) for a second handover process of the UE is different from the key derived for the first handover process of the UE. This is done by changing input parameters used in the key derivation, so as to prevent the situation in the prior art that once the key used on one Radio Network Controller (RNC) is obtained, the keys on other RNCs can be derived accordingly, thereby enhancing the network security.
-
公开(公告)号:US20120077501A1
公开(公告)日:2012-03-29
申请号:US13323840
申请日:2011-12-13
申请人: Aiqin Zhang , Jing Chen , Xiaoyu Bi
发明人: Aiqin Zhang , Jing Chen , Xiaoyu Bi
CPC分类号: H04W12/04 , H04L9/0869 , H04L63/06 , H04L2209/80 , H04L2463/061 , H04W36/0011 , H04W88/14
摘要: Method, device, and system for deriving keys are provided in the field of mobile communications technologies. The method for deriving keys may be used, for example, in a handover process of a User Equipment (UE) from an Evolved Universal Terrestrial Radio Access Network (EUTRAN) to a Universal Terrestrial Radio Access Network (UTRAN). If a failure occurred in a first handover, the method ensures that the key derived by a source Mobility Management Entity (MME) for a second handover process of the UE is different from the key derived for the first handover process of the UE. This is done by changing input parameters used in the key derivation, so as to prevent the situation in the prior art that once the key used on one Radio Network Controller (RNC) is obtained, the keys on other RNCs can be derived accordingly, thereby enhancing the network security.
摘要翻译: 在移动通信技术领域提供了用于导出密钥的方法,设备和系统。 用于导出密钥的方法可以用于例如用户设备(UE)从演进的通用陆地无线电接入网络(EUTRAN)到通用陆地无线电接入网络(UTRAN)的切换过程。 如果在第一切换中发生故障,则该方法确保由UE的第二切换过程的源移动性管理实体(MME)导出的密钥与针对UE的第一切换过程导出的密钥不同。 这是通过改变在密钥推导中使用的输入参数来完成的,以便防止现有技术的情况,一旦获得了在一个无线电网络控制器(RNC)上使用的密钥,则可以相应地导出其他RNC上的密钥,由此 增强网络安全。
-
9.发明授权Method and device for establishing a security mechanism for an air interface link 有权用于建立空中接口链路的安全机制的方法和装置公开(公告)号:US09060270B2
公开(公告)日:2015-06-16
申请号:US13285321
申请日:2011-10-31
申请人: Jing Liu , Aiqin Zhang
发明人: Jing Liu , Aiqin Zhang
CPC分类号: H04W12/04 , H04L2463/061
摘要: A method, a device, and a system for establishing a security mechanism for an air interface are provided in embodiments of the present invention. The method includes: performing security processing for a shared key of an access link according to a shared key between a relay node and a mobility management entity; and sending the shared key of the access link after the security processing to the relay node to enable the relay node to obtain the shared key of the access link based on the shared key between the relay node and the mobility management entity. The present invention reduces the possibility at which the air interface link is hacked, thereby improving the security of the air interface link.
摘要翻译: 在本发明的实施例中提供了一种用于建立空中接口的安全机制的方法,设备和系统。 该方法包括:根据中继节点和移动性管理实体之间的共享密钥,对接入链路的共享密钥进行安全处理; 以及在所述安全处理之后将所述接入链路的共享密钥发送到所述中继节点,以使得所述中继节点能够基于所述中继节点和所述移动性管理实体之间的所述共享密钥来获得所述接入链路的共享密钥。 本发明减少了空中接口链路被入侵的可能性,从而提高了空中接口链路的安全性。
-
10.发明申请METHOD AND DEVICE FOR ESTABLISHING A SECURITY MECHANISM FOR AN AIR INTERFACE LINK 有权用于建立空中接口连接的安全机制的方法和装置公开(公告)号:US20120039472A1
公开(公告)日:2012-02-16
申请号:US13285321
申请日:2011-10-31
申请人: Jing LIU , Aiqin Zhang
发明人: Jing LIU , Aiqin Zhang
CPC分类号: H04W12/04 , H04L2463/061
摘要: A method, a device, and a system for establishing a security mechanism for an air interface are provided in embodiments of the present invention. The method includes: performing security processing for a shared key of an access link according to a shared key between a relay node and a mobility management entity; and sending the shared key of the access link after the security processing to the relay node to enable the relay node to obtain the shared key of the access link based on the shared key between the relay node and the mobility management entity. The present invention reduces the possibility at which the air interface link is hacked, thereby improving the security of the air interface link.
摘要翻译: 在本发明的实施例中提供了一种用于建立空中接口的安全机制的方法,设备和系统。 该方法包括:根据中继节点和移动性管理实体之间的共享密钥,对接入链路的共享密钥进行安全处理; 以及在所述安全处理之后将所述接入链路的共享密钥发送到所述中继节点,以使得所述中继节点能够基于所述中继节点和所述移动性管理实体之间的所述共享密钥来获得所述接入链路的共享密钥。 本发明减少了空中接口链路被入侵的可能性,从而提高了空中接口链路的安全性。
-
-
-
-
-
-
-
-
-
搜索结果
21 条记录 (耗时 0.02 秒)
