Method and system for multicast and broadcast service authentication and authorization

A multicast broadcast service and multicast broadcast technology are applied in the field of realizing multicast broadcast service authentication, which can solve the problems of wasting broadband resources, user terminal authentication and authentication failure, and user terminal being unable to access the network, etc., to prevent illegal attacks. Threats, prevention of illegal attacks, and shortened authentication time

Active Publication Date: 2010-10-27
XFUSION DIGITAL TECH CO LTD
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] 1. The MBS server and the user terminal need to interact with four messages to complete the MBS service authentication, which takes a long time for authentication and wastes broadband resources;
[0006] 2. In message interaction, without message integrity protection and verification, user terminal authentication will fail: when an attacker fakes a user terminal and sends a service request message containing digest A" to the MBS server, the MBS server receives this After receiving the message, the MBS server generates a digest A' according to the pre-stored authentication key MRK, which will cause the two digests A' and A" to not match, so that the service request sent by the legitimate user terminal cannot pass the verification, so that the user terminal cannot Access to the network; similarly, the attacker can also send a tampered service request message, which contains the digest A", which will also cause the digest to not match, so that the service request sent by the legitimate user terminal cannot pass the verification, and the user terminal cannot access the network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for multicast and broadcast service authentication and authorization
  • Method and system for multicast and broadcast service authentication and authorization
  • Method and system for multicast and broadcast service authentication and authorization

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0050] Such as figure 2 As shown, when the authentication authentication uses the AAA server, the user terminal sends the MBS service request to the MBS server, and the request includes security information for verifying the legitimacy of the identity of the user terminal;

[0051] The attribute value for preventing replay attack contained in the security information and the message authentication code for integrity authentication of the message do not affect the implementation of the present invention;

[0052] The method for generating security information is specifically as follows:

[0053] The user terminal uses the extended master session key EMSK obtained in the access authentication process to generate a multicast broadcast service root key (MBS-RK) and its context (MBS-RK context);

[0054] The AAA server uses the extended master session key obtained during the access authentication process to generate the root key of the multicast broadcast service and its context,...

Embodiment 2

[0094] Such as image 3 As shown, the difference between this embodiment and embodiment 1 is:

[0095] When the authentication authentication user is a third-party authentication server, the key context generation method including security information is as in embodiment 1;

[0096] When the third-party authentication server sends a response message to the MBS server, the NASID is not included in the message, because the service provider or the third-party authentication and authorization server does not provide access authentication and authorization for the user's bearer network, and cannot know the user's current authenticator;

[0097] Parts that are the same as those in Embodiment 1 will not be described again here.

Embodiment 3

[0099] Such as figure 2 As shown, the difference between this embodiment and embodiment 1 is:

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

This invention provides a method and a system for realizing authentication authorization of MBS service including: a user terminal sends a MBS service authentication request to the MBS server including safety information used in verifying validity of user terminal identity, MBS enquires if it holds the safety information, if so, it judges if it is legal, if not, the MBS sends an authentication request to AAA server or a server of a third party to ask for verifying if the user terminal is a signed user and if the authentication request information to the AAA server or the third party server bythe MBS is legal, which reduces time of authority authentication of MBS service and prevents illegal attack effectively.

Description

technical field [0001] The invention relates to the field of wireless communication, in particular to a method and system for realizing multicast broadcast service authentication in a wireless network. Background technique [0002] Multicast broadcast service (Multicast & Broadcast Service) MBS service refers to the service in which the air interface sends the same information content to some or all end users in a wireless network, which is conducive to realizing network resource sharing and improving the utilization rate of network resources. In the CDMA 3GPP network, there are descriptions for MBS service authentication and authentication. However, in wireless networks, how to realize MBS service authentication and authentication, effectively ensure that MBS services are only for authorized users, and prevent MBS services from being stolen. Wireless network standards Haven't set foot yet. [0003] Such as figure 1 As shown, in the CDMA 3GPP network, the MBS server pre-st...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/32H04L12/18H04L29/06
CPCH04L63/08H04W12/06H04L63/0892H04W12/069
Inventor 何贤会单长虹
Owner XFUSION DIGITAL TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap