IMS single sign-on combination authentication method and system

A single sign-on and single sign-on technology, which is applied in the field of scene interoperability of mobile communication systems, can solve the problems that the SSO architecture cannot be integrated and interoperable

Inactive Publication Date: 2013-09-11
ZTE CORP
View PDF3 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0013] In view of this, the main purpose of the present invention is to provide an IMS single sign-on combined authentication method and syst

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IMS single sign-on combination authentication method and system
  • IMS single sign-on combination authentication method and system
  • IMS single sign-on combination authentication method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0113] image 3 The overall process of realizing the SSO function of the IMS terminal accessing the AS for the integration and interworking of the SSO architecture and the identity federation architecture (ID-FF) is described in detail as follows:

[0114] Step 301: the IMS terminal sends an HTTP application request message to the SP;

[0115] Step 302: the SP obtains the address of the L_IdP;

[0116] Step 303: The SP sends a response message to the IMS terminal, requiring it to go to the corresponding L_IdP for ID authentication first, and the response message includes the ID authentication request information (AuthnRequest) and the address information of the L_IdP.

[0117] Step 304: The IMS terminal sends an HTTP service request message to the L_IdP according to the address information of the L_IdP in the response message, which carries the AuthnRequest obtained in step 303 and also carries an identifier indicating that the IMS terminal supports the SSO_APS authentication...

Embodiment 2

[0144] When the HTTP authentication success response message returned by IdP (SSO Server) / L_IdP to the IMS terminal contains Artifact, the IMS single sign-on combined authentication process of the present invention is as follows: Figure 4 shown, including:

[0145] Steps 401 to 4017 are completely the same as steps 301-3017 in the first embodiment, and will not be repeated here.

[0146] Step 4018: IdP (SSO Server) / L_IdP generates the Artifact and Assertion of the IMS terminal, and saves after associating the Artifact and Assertion; then IdP (SSO Server) / L_IdP returns an HTTP authentication success response message to the IMS terminal, and the AuthnResponse carries Artifact.

[0147] Step 4019: The IMS terminal re-initiates an HTTP application request message to the SP, and the AuthnResponse in the message carries the corresponding Artifact.

[0148] Step 4020: SP sends to IdP (SSO Server) / L_IdP an HTTP request message encapsulated by SOAP protocol; Artifact is carried in i...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an IMS single sign-on combination authentication method and system. The functions of an identity authentication provider entity (L_IdP) of a freedom union framework are added in an identity authentication provider entity (IdP) of an SSO in an SSO_APS, and the IdP and the L_IdP form a specific functional entity. An SP provides an identity label AuthnRequest and address information of the specific functional entity for an IMS terminal. The IMS terminal sends HTTP service request information to the specific functional entity according to the address information of the specific functional entity, wherein the HTTP service request information carries the AuthnRequest. The specific functional entity informs the IMS terminal of adopting an authentication method of the SSO framework in the SSO_APS to conduct authentication of the specific functional entity. After the authentication of the IMS terminal is successful, the specific functional entity conducts identity label authentication on the IMS terminal. If the authentication is successful, a security union is built up between the specific functional entity and the IMS terminal. Then, the specific functional entity and the SP form an identity label union. According to the IMS single sign-on combination authentication method and system, the fusion of the SSO framework and the free union framework can be achieved.

Description

technical field [0001] The invention relates to the field of scenario interworking of mobile communication systems, in particular to an IMS single sign-on combined authentication method and system. Background technique [0002] Now the third generation partnership project (3GPP, 3 rd There is a research project in the Generation Partnership Project) organization: Using the Session Initiation Protocol Digest (SIP Digest) authentication mechanism to realize the unified IP Multimedia System (IMS, IP Multimedia Subsystem) terminal access application server in a non-Universal Integrated Circuit Card (UICCless) environment (AS, Application Server) single sign-on (SSO, Single Sign On) function. [0003] Among them, a designed SSO architecture in SSO_APS (Application Support Sublayer) can realize the above functions. The SSO architecture is usually composed of a unified IMS terminal, a user home server (HSS), an AS, and an identity authentication provider entity (IdP )composition....

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04W12/06H04W12/069
CPCH04L65/1016H04L63/0815H04W12/069H04W12/068
Inventor 夏正雪张孟旺田甜
Owner ZTE CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap