Method, device and system for authenticating terminal based on home base station network

A home base station and terminal technology, applied in the field of network communication, can solve the problems of RAND security risks, unfavorable users and communication counterparties, malicious user utilization, etc.

Active Publication Date: 2010-01-20
SHANGHAI HUAWEI TECH CO LTD
View PDF4 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, during the creation process of the present invention, the inventor found that there are at least the following problems in the prior art: there is a certain security risk in the RAND generated by the Femto Cell access point, because the Femto Cell access point is located in the home or office and is vulnerable to attacks, or exploited by malicious users
If the content of the MS communication is confidential or very sensitive, it is very disadvantageous for the user and the other party

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and system for authenticating terminal based on home base station network
  • Method, device and system for authenticating terminal based on home base station network
  • Method, device and system for authenticating terminal based on home base station network

Examples

Experimental program
Comparison scheme
Effect test

no. 1 example approach

[0035] see image 3 , based on the method flowchart of the first embodiment of the present invention.

[0036] In the network structure of this embodiment, the external interface of the Femto Cell access point is the BSC and MSC interface, that is, the A1 / A1p interface, and the terminal is the MS. In this embodiment, the random number RAND is generated by the Femto Cell security gateway, and this method needs to extend the Internet Key Exchange message (IKE, Internet KeyExchange).

[0037] 101. In order to ensure the security of the Femto network signaling and user data transmitted by the Femto Cell access point and the Femto Cell security gateway, the Femto Cell access point first negotiates with the Femto Cell security gateway through the IKE protocol for IPsec security associations (SA, Security Association), and use the SA to protect signaling and user data.

[0038] 102. The Femto Cell access point requests the random number RAND from the Femto Cell security gateway thr...

Embodiment 2

[0053] see Figure 4 , based on the method flowchart of the second embodiment of the present invention.

[0054] Embodiment 2 is the processing flow when the RAND is different when the step 107 in the embodiment 1 checks, wherein the steps 201-206 are the same as the steps 101-106 in the embodiment 1, and will not be repeated here, only the subsequent processing flow is described. as follows:

[0055] 207. The Femto Cell security gateway sends the updated RAND to the Femto Cell access point through the IKE message.

[0056] 208. The Femto Cell access point broadcasts the RAND to the MS after receiving the RAND. The MS can resend the origination message, using the updated RAND. Its work flow is the same as that of Embodiment 1.

[0057] The IKE message in this embodiment is preferably an IKE information exchange message, and of course other types of IKE messages can also be selected to implement this method.

Embodiment 3

[0059] see Figure 5 , based on the method flowchart of the third embodiment of the present invention.

[0060] Same as Embodiment 1, in the network structure of this embodiment, the external interface of the Femto Cell access point is the BSC and MSC interface, that is, the A1 / A1p interface, and the terminal is the MS. Different from Embodiment 1, in this embodiment, the random number RAND is generated by the MSC, and this method needs to extend A1 / A1p.

[0061] Step 301 is the same as step 101 in Embodiment 1, and will not be repeated here.

[0062] 302. The Femto Cell access point requests a random number RAND from the MSC through an A1 / A1p message, where the A1 / A1p message carries an identifier (FAP ID, Femto Access PointIdentifier) ​​of the Femto Cell access point.

[0063] 303. The MSC generates a RAND, and sends the RAND and the lifetime of the RAND to the Femto Cell access point through an A1 / A1p message.

[0064] Steps 304-305 are the same as steps 104-105 in Embod...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method, a device and a system for authenticating a terminal based on a home base station network. The method comprises the following steps: generating a random number; sending the random number to the terminal through a home base station access point; receiving a request which is sent by the terminal and carries an authentication response parameter and the random number;and checking whether the random number carried by the request is the same as the random number sent to the terminal, and if so, sending an authentication request message to a location register or an authentication center and starting a terminal authenticating flow and corresponding device and system. The random number required by terminal authentication is generated by an entity on a network sideof which the security is ensured, so that attacks to the authentication by attackers through the home base station access point are avoided, and further that the attackers acquire corresponding communication content is avoided.

Description

technical field [0001] The present invention relates to the technical field of network communication, in particular to a method, device and system for authenticating a terminal based on a home base station network. Background technique [0002] The home base station is a small cellular base station, also known as Femto Cell or Home NodeB, which is a cutting-edge technology in the 3G field. The Femto Cell allows residential mobile users to connect to the 3G network through a wired broadband network to obtain enhanced mobile voice, video and data services, and can be seamlessly connected to the original macrocell base station (Macrocell) of the operator, which can fully utilize The user's existing broadband access resources finally provide the user with a mobile and fixed network convergence (FMC, Fixed Mobile Convergence) service. Through 3G home base stations, a large number of mobile services are absorbed by indoor Femto Cells, which can greatly reduce the number of operat...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04W12/06
Inventor 赵洁
Owner SHANGHAI HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap