Certifying method and its device for radio network end-to-end communication

An authentication method and wireless network technology, applied in the field of wireless network end-to-end communication authentication, can solve the problems such as the inability to prevent password guessing attacks, the heavy burden of mobile terminals, and the easy interception and cracking of shared keys and tickets. , to achieve the effect of enhancing implementability and overcoming security threats

Active Publication Date: 2007-10-10
HUAWEI TECH CO LTD
View PDF0 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0027] 1. Since the user and the AS request authentication through passwords, password guessing attacks cannot be well prevented;
[0028] 2. In a wireless network, when the service requester is a mobile terminal, the transmission of shared keys and tickets over the air interface is easy to be intercepted and cracked; and
[0029] 3. It is necessary to apply for a ticket twice to obtain the service, which is too burdensome for the mobile terminal
[0030] Therefore, the Kerberos model of the above-mentioned related technologies cannot be well applied to wireless networks, and people need to provide a solution that can solve the problems in the above-mentioned related technologies

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Certifying method and its device for radio network end-to-end communication
  • Certifying method and its device for radio network end-to-end communication
  • Certifying method and its device for radio network end-to-end communication

Examples

Experimental program
Comparison scheme
Effect test

no. 1 example

[0139] Referring to FIG. 7 , the first embodiment of the present invention is described below: applying for SGT during mutual authentication between SS and EAC.

[0140] Fig. 7 shows a Kerberos end-to-end authentication mechanism based on mobile network service communication according to the first embodiment of the present invention.

[0141] The process of applying for SGT during mutual authentication between SS and EAC is as follows:

[0142] In step S402, when the service signatory SS sends the authentication or re-authentication request to the entity authentication center EAC, it carries the type label of the service it is about to apply for or frequently uses, and the public identity of the service provider providing the service Parameters such as UID are sent to EAC.

[0143] In step S404, the EAC and the SS negotiate an authentication method supported by both parties according to the operator's policy, the authentication information in the subscription information of t...

no. 2 example

[0154] The second embodiment according to the present invention will be described below with reference to FIG. 8: the SS and the EAC mutually authenticate and then apply for the SGT.

[0155] Fig. 8 shows a Kerberos end-to-end authentication mechanism based on mobile network service communication according to the second embodiment of the present invention.

[0156] The process of applying for SGT after mutual authentication between SS and EAC is as follows:

[0157] In step S502, when the service signatory SS needs to request a certain service, if it does not save the SGT abstract proving that it has the right to apply for this service locally, it should first send a service permission ticket request to the entity authentication center EAC, The message carries parameters such as its own ISR-ID, the type label of the service to be applied for, and the public identity UID of the service provider providing the service.

[0158] In step S504, after the EAC receives the ticket req...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Being in use to implement authentication end-to-end in Kerberos model of wireless network, the method includes following steps: (1) the party to a contract of service sends authentication request (AR) to entity authentication center (EAC); AR includes id of public identity of service provider corresponding to services requested by the party to a contract; (2) EAC makes out authentication response corresponding to AR based on information contained in AR; (3) if authentication response validates AR, then EAC sends out service request carrying certification that the party to a contract of service has passed authentication, and credence entitled to the use the service; (4) the party to a contract of service makes out service response to the service request; (5) if service response is successful, corresponding service starts to carry out between the party to a contract of service and the service provider.

Description

technical field [0001] The present invention relates to the field of wireless communication, and more specifically relates to a method and a device for applying the Kerberos model to wireless network end-to-end communication authentication. Background technique [0002] In end-to-end communication of wireless network services, in order to protect communication content, a communication authentication scheme has been developed. The method for end-to-end communication authentication of wireless network services in the related art will be described below with reference to FIG. 1 . [0003] FIG. 1 is a schematic diagram of an end-to-end communication authentication framework 100 in a related art wireless mobile network. This framework is applicable to different mobile network standards, and its role is to establish mutual trust relationships between different types of entities. A truly universal authentication framework. In addition to the three types of business entities invol...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/32H04L29/06
Inventor 范絮妍位继伟李超
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap