Method and system for safeguarding user access

A security protection and user technology, applied in security devices, wireless communications, electrical components, etc., can solve problems such as failure to communicate normally, normal communication interference, and failure to activate security mechanisms. The effect of security protection

Active Publication Date: 2010-09-15
ZTE CORP
View PDF6 Cites 35 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0028] In this way, there will be a security problem: since the NAS security mode reject message returned by the UE to the MME and the AS security mode failure message of the eNB have not been protected, a network attacker can completely fake the UE and send these two messages to the MME or eNB, and the MME Or after eNB receives a fake NAS security mode reject message or AS security mode failure message, it will try to restart the NAS\AS SMC process, but it will still receive a fake message without security protection
In the end, because the security mechanism cannot be activated, the connection between the UE and the network side will be disconnected
As a result, the normal communication between the UE and the network side will be seriously interfered, making it impossible to communicate normally

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for safeguarding user access
  • Method and system for safeguarding user access
  • Method and system for safeguarding user access

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0053] The basic idea of ​​the present invention is to add screening information to the activation failure message sent to the network side when the user equipment fails to initiate access security activation when accessing the LTE network, so that the network side can identify fake activation failures based on the screening information information.

[0054] The preferred embodiments of the present invention will be described below in conjunction with the accompanying drawings. It should be understood that the preferred embodiments described here are only used to illustrate and explain the present invention, and are not intended to limit the present invention.

[0055] image 3 It is a schematic diagram of a user access security protection system according to an embodiment of the present invention. As shown in the figure, the system of this embodiment includes a UE and a network element device on the network side. The network element device may be an MME or an eNB.

[0056] T...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method and a system for safeguarding user access. The method is applied to an LTE (Long Term Evolution) system. UE accessing the LTE system issues an access safety activating command, verifies the integrity of a safe mode command message in an activating process and sends a verification failure message to a network side if verification fails, wherein preset discrimination information is added to the verification failure message, and the network side receives the verification failure message, detects whether the discrimination information is legal or not and restores the configuration before activation if the discrimination information is legal. In traditional NAS (Network Attached Storage) SMC (Self-Modifying Code) and AS SMC flows, the safeguarding of the verification failure message is enhanced so that the network side is hardly attacked by false messages.

Description

technical field [0001] The invention relates to the field of mobile communication, in particular to a method and system for user access security protection. Background technique [0002] 3GPP (Third Generation Partnership Project, Third Generation Partnership Project) long-term evolution (Long Term Evolution, referred to as LTE) system / system architecture evolution (System Architecture Evolution, referred to as SAE) communication access security adopts a layered security architecture mechanism, according to The hierarchical structure is divided into a Non Access Stratum (NAS for short) security mechanism and an Access Stratum (AS for short) security mechanism, each of which has its own independent security context. Among them, MME (Mobility Management Entity, mobile management entity) is responsible for initial establishment, configuration and management of the security context of NAS layer; eNB (evolved Node B, evolved node) is responsible for initial establishment, configu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04W12/06H04W12/08H04W12/106H04W12/122
Inventor 徐浩
Owner ZTE CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap