Information security authentication method and system based on 5G network

By using segmented decomposition and time-series nested verification methods, the problem of insufficient resource utilization in 5G network information security authentication is solved, achieving a high degree of matching between efficient and secure authentication process and air interface transmission.

CN122395592APending Publication Date: 2026-07-14SHENZHEN ZHIBOTONG ELECTRONICS CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
SHENZHEN ZHIBOTONG ELECTRONICS CO LTD
Filing Date
2026-05-12
Publication Date
2026-07-14

AI Technical Summary

Technical Problem

In the current 5G network information security authentication process, resource utilization is insufficient, resulting in inadequate compatibility between the authentication process and data transmission. This easily leads to resource waste and redundant verification processes, failing to meet the requirements of high security and high efficiency.

Method used

By collecting interactive signaling and identity messages from the 5G bidirectional communication link, segmenting and generating 5G link authentication base data, extracting terminal access identifiers and writing them into hidden fields of the air interface interaction fragments, a 5G authentication feature bearer unit is formed. Combining the timing characteristics of the 5G authentication feature bearer unit, field misalignment nesting verification and partitioned hierarchical retrieval are performed to achieve a high degree of matching between the authentication process and air interface transmission.

Benefits of technology

It achieves a concealed connection of authentication identifiers, without occupying regular interaction resources or interfering with normal communication. Furthermore, the authentication process is perfectly matched with transmission resources, avoiding resource waste and redundancy.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122395592A_ABST
    Figure CN122395592A_ABST
Patent Text Reader

Abstract

The present application relates to the technical field of wireless communication network, and more particularly to a 5G network-based information security authentication method and system. The method comprises the following steps: collecting the interactive signaling and identity message of the 5G bidirectional communication link, and segmenting and disassembling the interactive signaling and identity message; splitting the fixed identification field and the dynamic transmission field to generate 5G link authentication base data; extracting the terminal access identifier and the air interface interaction segment from the 5G link authentication base data, writing the terminal access identifier into the hidden field of the air interface interaction segment, and generating a 5G authentication feature bearing unit; and taking the 5G authentication feature bearing unit as the object, verifying the field dislocation nesting of the bearing units in front and back time sequence. The present application hides the terminal access identifier by screening the 5G air interface idle code bit layout hidden field, realizes the precise adaptation of authentication identifier hidden transmission and authentication action, and thus enhances the efficiency of 5G network link transmission.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of wireless communication network technology, and in particular to an information security authentication method and system based on 5G networks. Background Technology

[0002] The rapid popularization of 5G network technology, with its high speed, low latency, and wide connectivity, has led to its widespread application in various scenarios. The security of interactive signaling and identity message transmission in 5G bidirectional communication links has become a core requirement for ensuring network operation. Currently, in the 5G network information security authentication process, it is typically necessary to collect, analyze, and verify various types of data in the link to complete the identification and authentication of the terminal's identity, thereby preventing security risks such as data leakage and identity forgery.

[0003] In existing technologies, when processing 5G link data, the focus is often solely on the transmission and parsing of routine interactive data, lacking a comprehensive consideration of the utilization of various code point resources within the link. This can easily lead to resource consumption and interactive interference issues during the carrying and transmission of authentication identifiers. Furthermore, the authentication verification process typically employs a standardized processing model, failing to fully consider the timing characteristics of 5G code streams and the inherent differences in bearer units. This results in insufficient adaptability between the authentication process and data transmission and storage, easily leading to redundancy in the verification process and resource waste. It is difficult to balance authentication security with link transmission efficiency, and thus cannot fully meet the high-security, high-efficiency authentication requirements of 5G networks. Summary of the Invention

[0004] Therefore, it is necessary to provide an information security authentication method and system based on 5G networks to solve at least one of the above-mentioned technical problems.

[0005] To achieve the above objectives, a 5G network-based information security authentication method is provided, comprising the following steps: Step S1: Collect interactive signaling and identity messages from the 5G two-way communication link, and segment and decompose the interactive signaling and identity messages; separate the fixed identification field and the dynamic transmission field to generate 5G link authentication base data; Step S2: Extract the terminal access identifier and air interface interaction fragment from the 5G link authentication base data, write the terminal access identifier into the hidden field of the air interface interaction fragment, and generate a 5G authentication feature bearer unit. Step S3: Taking the 5G authentication feature bearer unit as the object, perform field misalignment and nesting verification on the bearer units in the preceding and following time sequences, and synchronously record the field association information generated during the verification process; Step S4: Divide the transmission partitions based on the 5G authentication feature bearer unit, and assign the field association information to the corresponding transmission partitions; retrieve the information inside the transmission partitions in layers, and perform access identity level verification in sequence to complete the 5G network information security authentication.

[0006] The present invention also provides an information security authentication system based on a 5G network, used to execute the above-described information security authentication method based on a 5G network, the information security authentication system based on a 5G network comprising: The link data straightening and processing module is used to collect interactive signaling and identity messages from the 5G two-way communication link, segment and decompose the interactive signaling and identity messages; separate fixed identification fields and dynamic transmission fields to generate 5G link authentication base data; The feature carrier encapsulation and construction module is used to extract the terminal access identifier and air interface interaction fragment from the 5G link authentication base data, write the terminal access identifier into the hidden field of the air interface interaction fragment, and generate a 5G authentication feature carrier unit. The time-series field nesting verification module is used to perform field misalignment nesting verification on the bearer units of the preceding and following time sequences, taking the 5G authentication feature bearer unit as the object, and synchronously recording the field association information generated during the verification process; The partitioned and hierarchical authentication execution module is used to divide the transmission partitions based on the 5G authentication feature bearer unit, and assign the field association information to the corresponding transmission partition; it retrieves the information inside the transmission partition layer by layer, and performs access identity level verification in sequence to complete the 5G network information security authentication.

[0007] The beneficial effects of this invention are: On the one hand, this invention focuses on the concealment of idle code bits in 5G air interface code stream transmission. It specifically detects the full-domain encoding of air interface interaction segments, selects continuous idle code bit intervals that do not participate in regular interaction parsing as the scope for hidden field deployment, and records the terminal access identifier into this interval bit by bit, while strictly maintaining the original arrangement structure and order of the explicit encoding interval. This design is not a simple field embedding, but is based on the native transmission logic of 5G air interface code stream "explicit interaction + idle redundancy". It embeds the authentication core identifier into the redundant idle interval, so that the terminal access identifier does not enter the regular interaction parsing link, forming a concealed identifier bearing mode that is deeply integrated with the air interface transmission logic. This functional development of idle code bits breaks away from the inherent perception that code bits are only used for regular data transmission, and achieves a seamless and concealed connection between the authentication identifier and air interface interaction. It achieves the effect that the identifier transmission does not occupy regular interaction resources and does not interfere with normal air interface communication.

[0008] On the other hand, this invention, based on the core characteristics of the timing correlation of the code stream and the coding differences of the bearer unit in 5G authentication, designs a collaborative architecture of three-stage gradient verification and partitioned hierarchical retrieval. First, it divides the transmission into independent partitions according to the hidden field deployment features. Then, it wakes up and reads the ports layer by layer, collecting information segment by segment. Finally, it completes identity verification according to the gradient of "hidden field → boundary transition → full-domain encoding." Each step of the operation conforms to the coding structure and timing arrangement rules of the bearer unit. This design, based on the objective existence of coding differences among different types of bearer units, abandons the unified verification and retrieval mode, ensuring that the verification scope of each level and each port wake-up precisely match the coding features and storage location of the bearer unit. This makes the authentication action highly synchronized with the transmission and storage logic of the 5G air interface code stream, forming a unique authentication path of "partition adaptation, hierarchical verification, and timing linkage." This achieves the ultimate matching between the authentication process and air interface transmission resources, making the verification action non-redundant and not occupying additional transmission bandwidth. Attached Figure Description

[0009] Figure 1 This is a flowchart illustrating the steps of an information security authentication method based on a 5G network. Figure 2 This is a schematic diagram of the segmentation of 5G bidirectional communication link interaction signaling and identity message in one embodiment; Figure 3 This is a schematic diagram illustrating the splitting of 5G link authentication base data fields in one embodiment; Figure 4 This is a schematic diagram of 5G bidirectional communication link code stream boundary node identification in one embodiment; The realization of the objective, functional features and advantages of the present invention will be further explained in conjunction with the embodiments and with reference to the accompanying drawings. Detailed Implementation

[0010] The technical method of the present invention will now be clearly and completely described with reference to the accompanying drawings. Obviously, the described embodiments are only some, not all, of the embodiments of the present invention. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without inventive effort are within the scope of protection of the present invention.

[0011] Furthermore, the accompanying drawings are merely illustrative of the invention and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and therefore repeated descriptions of them will be omitted. Some block diagrams shown in the drawings are functional entities and do not necessarily correspond to physically or logically independent entities. These functional entities can be implemented in software, in one or more hardware modules or integrated circuits, or in different network and / or processor methods and / or microcontroller methods.

[0012] It should be understood that although the terms "first," "second," etc., may be used herein to describe various units, these units should not be limited by these terms. These terms are used merely to distinguish one unit from another. For example, without departing from the scope of the exemplary embodiments, a first unit may be referred to as a second unit, and similarly, a second unit may be referred to as a first unit. The term "and / or" as used herein includes any and all combinations of one or more of the associated listed items.

[0013] To achieve the above objectives, please refer to Figures 1 to 4 An information security authentication method based on a 5G network, the method comprising the following steps: Preferably, step S1: collect the interactive signaling and identity messages of the 5G two-way communication link, and segment and decompose the interactive signaling and identity messages; separate the fixed identification field and the dynamic transmission field to generate 5G link authentication base data; Optionally, step S1, which involves segmenting and decomposing the interactive signaling and identity messages, includes: Collect interactive signaling and identity messages from the 5G two-way communication link; Identify the code stream boundary nodes of interactive signaling and identity messages in 5G two-way communication links; The truncation interval is defined based on the location of the bitstream boundary node, and a continuous bitstream interval is divided along the bitstream boundary node; The original marker bits within the continuous bitstream interval are retained, and the encoding arrangement order within a single bitstream interval is determined based on the original marker bits.

[0014] In this embodiment, the 5G air interface data capture component is connected to the uplink and downlink bidirectional transmission link of the 5G network. The sampling frequency is set to 100MHz, and the single sampling data volume is 1024 bytes. It continuously captures 5G interactive signaling data and terminal identity message data in the 5G bidirectional communication link. All captured data is uniformly converted into binary code stream format and stored in a dedicated 32GB cache module. The cache module uses DDR4 memory with a read / write rate of 2400MHz. The code stream boundary identification component is activated, using code stream feature matching technology. The code stream boundary identification threshold is set to 8 bits. The captured binary code stream is scanned bit by bit to identify the code position coordinates corresponding to the 5G data frame header identifier (0x1A). This coordinate is marked as the code stream boundary start node, and the code position sequence number of the boundary node (range 0x0000-0xFFFF) is recorded synchronously, completing the code stream boundary node identification of the 5G bidirectional communication link interactive signaling and identity message.

[0015] It should be noted that, based on the identified coordinates of the bitstream boundary nodes, truncation interval parameters are set. The truncation interval for signaling bitstreams is 0x0000-0x0FFF, and for identity message bitstreams, it is 0x1000-0x1FFF. Bitstream segmentation is performed along the boundary node coordinates, maintaining continuous bitstream transmission during the segmentation process. After segmentation, the length of a single bitstream segment is controlled between 512 bits and 1024 bits. Each bitstream segment retains its original marker bits (8 bits in total, encoded as 0x00-0x07). The original marker bits of each bitstream segment are read, and the encoding sorting identifier is extracted from the marker bits. According to the sorting rules corresponding to the identifier, the internal encoding order of each bitstream segment is determined, with a sorting step size of 1 bit. The encoding arrangement calibration of each bitstream segment is completed sequentially, with the calibration error controlled within ±1 bit, ensuring that the internal encoding arrangement of each bitstream corresponds consistently to the original marker bits, thus completing the segmentation and decomposition of interactive signaling and identity messages.

[0016] In another embodiment, see Figure 2 The presentation showcases the segmentation process of interactive signaling and identity messages in a 5G two-way communication link: the sending and receiving ends transmit interactive signaling and identity messages through a two-way link, and then perform three core processes in sequence: first, identify the code stream boundary nodes in the continuous signal waveform; then, define the truncation interval based on the node position, with the interval spanning 512 bits to 1024 bits; finally, retain the original marker bits (a total of 8 bits, with an encoding range of 0x00-0x07), and complete the encoding calibration of a single segment of the code stream according to the sorting identifier of the marker bits, with the calibration error controlled within ±1 bit, fully demonstrating the entire process of data acquisition from the link to structured segmentation.

[0017] In another embodiment, see Figure 3 By scanning the binary code stream bit by bit, matching the hexadecimal frame header identifier code (such as 0x51A, corresponding to the binary sequence 101000110101), locking its code position coordinates in the code stream (in the example, bits 128-131), setting the recognition threshold to 8 bits, and recording the code position sequence number of the boundary node (range 0x0000-0xFFFF).

[0018] Optionally, the separation of fixed identification fields and dynamic transmission fields in step S1 includes: Scan all encoded regions within a single segment of the bitstream that has been divided, mark the range of continuous code points whose encoded content remains constant, and mark the range of continuous code points whose encoded content changes with communication interactions. The boundary position between the continuous code point range where the encoded content remains constant and the continuous code point range where the encoded content changes with communication interaction is located, and the transition code element at the boundary position is separated. The code points are divided into regions where the encoded content remains constant and regions where the encoded content changes with communication interactions. The code points are reorganized according to the arrangement order of fixed coding regions first and dynamic coding regions last, forming the 5G link authentication base data.

[0019] In this embodiment, a full-domain traversal detection is performed on the segmented 5G signaling and identity message code stream using 1 bit as the basic scanning unit. Using 32 consecutive transmission cycles as the statistical period, the symbol values ​​of all encoded points within the code stream are collected bit by bit. The numerical changes of each symbol point within multiple transmission cycles are statistically analyzed. Continuous code point intervals with no fluctuation in symbol values ​​within multiple cycles are locked, with interval spans set to two fixed values: 64 bits and 96 bits. The starting and ending code point coordinates of this type of interval are simultaneously marked. Simultaneously, continuous code point intervals with continuously changing symbol values ​​within multiple cycles are locked, with interval spans covering a range from 128 bits to 256 bits. The boundary coordinates of dynamic code point intervals are recorded simultaneously, and the original encoded point information of both types of code point intervals is simultaneously retained.

[0020] The boundary coordinate data of the constant code position interval and the dynamic code position interval are retrieved, and the intersection point where the two types of coding intervals are connected is captured. An 8-bit transition code element segment is reserved at the intersection position. This code element segment does not belong to the composition range of the fixed identification field and the dynamic transmission field. The transition code element at the intersection position is stripped separately to cut off the code position connection relationship between the transition code element and the code position of the functional coding intervals on both sides, so that the constant coding interval and the dynamic coding interval form an independent coding structure. The stripping operation is strictly performed in accordance with the boundary code position coordinates, and only the transition code element segment is isolated and divided without changing the code element arrangement and point distribution of the main coding intervals on both sides.

[0021] In one embodiment, the isolated constant coding interval and dynamic coding interval are spatially partitioned. The partitioning process is completed by dividing the region into independent code segments. The constant coding interval is allocated to a separate static coding storage area, and the dynamic coding interval is allocated to a separate dynamic coding storage area. Independent code point arrangement channels are set for the two types of storage areas. Code point reassembly is performed according to the arrangement logic of fixed coding interval before dynamic coding interval. The reference code points of the two types of coding intervals are aligned with 16 bits as the arrangement alignment unit. The static coding segment and the dynamic coding segment are sequentially spliced ​​along the extension direction of the code stream to unify the code point arrangement reference of the reassembled code stream and regulate the continuous arrangement structure of the overall code stream. The splicing process maintains the original arrangement order of the code elements within each coding segment. The regulated integrated code stream constitutes the structured arrangement of 5G link authentication base data.

[0022] In another embodiment, see Figure 4The left side shows the code stream structure before splitting, including a fixed-length constant code bit interval (spanning 64 bits or 96 bits, carrying device identifiers, timestamps, and other information) and a variable-length dynamic code bit interval (spanning 128 bits to 256 bits, carrying authentication parameters, encryption vectors, and other interactive information). The right side shows the transition code element stripping process, which uses a shift register to filter the 8-bit transition code elements (redundant check codes and padding bits) between the two types of intervals, making the constant and dynamic coding intervals form independent structures, and showing the parameter settings and structural changes of field splitting.

[0023] Preferably, step S2: extract the terminal access identifier and air interface interaction fragment from the 5G link authentication base data, write the terminal access identifier into the hidden field of the air interface interaction fragment, and generate a 5G authentication feature bearer unit. Optionally, the extraction of the terminal access identifier and air interface interaction fragment from the 5G link authentication base data in step S2 specifically involves: Identify the encoding range covered by the fixed identification fields within the 5G link authentication base data, and locate the continuous encoding sequence generated during the terminal's network access interaction phase; Lock the start and end code positions of the continuous encoded sequence, and extract the encoded content of the start and end code positions of the continuous encoded sequence; Identify the encoding range covered by the dynamic transmission field within the 5G link authentication base data, and locate the continuous code stream continuously generated during the 5G air interface interaction process; Lock the start and end code points of the continuous bitstream and extract the encoded content of the start and end code points of the continuous bitstream.

[0024] In this embodiment, a partitioned search is performed on the established 5G link authentication base data using 1 bit as the basic search unit. The preset code position interval of the fixed identification field inside the base data is retrieved. This interval is set to 64 bits or 96 bits. The search proceeds bit by bit along the horizontal arrangement direction of the code stream, matching the exclusive coding features of the terminal network access interaction stage. Within the coverage of the fixed identification field, the continuous coding sequence generated synchronously during the network access registration process is locked. The relative offset coordinates of this coding sequence in the overall code stream are recorded synchronously. The distribution positions of the same type of coding sequence are collected at a batch interval of 10ms. All code position coordinate data generated by positioning are recorded synchronously throughout the process.

[0025] Read the start and end code bit values ​​of the continuous encoding sequence of the terminal entering the network. The single segment of the identifier encoding sequence occupies a code length range of 48 bits to 64 bits. The two boundary code bits are used as the truncation limits. The closed encoding interval is delineated along the extension direction of the code bits. The encoding content is truncated strictly according to the boundary code bit coordinates. The truncation operation only applies to the code elements inside the closed interval. The adjacent code bits outside the interval maintain the original encoding arrangement. The truncated encoding data is stored separately in a temporary cache partition. The storage capacity of a single segment of the cache partition is set to 128 bits. The partition only stores the encoding data of the same type of terminal.

[0026] The search target is switched to the dynamic transmission field area of ​​the 5G link authentication base data. The code length range of the dynamic transmission field is set to 192 bits to 256 bits. The bit-by-bit search mechanism is used. Within the coding range covered by the dynamic transmission field, the code stream generation characteristics corresponding to the real-time interaction of the 5G air interface are matched to locate the continuously generated transmission code stream within the wireless interaction cycle. The distribution range and location information of the dynamic code stream are marked. The wireless interaction cycle is fixed at 20ms. The location marks of all dynamic code streams are synchronously recorded in the code position record table.

[0027] Referring to the marker positions of the dynamic continuous bitstream, the start and end boundary code positions of the dynamic transmission bitstream are locked. The boundary code position interval value corresponds to the actual code length occupied by the dynamic bitstream. The dynamic encoded content is directionally intercepted. The intercepted air interface interaction segments are allocated to an independent data storage area and stored separately from the terminal access identifier encoding partition. The two types of intercepted data retain the original code element arrangement.

[0028] Optionally, the hidden fields in step S2 for writing the terminal access identifier into the air interface interaction segment include: Detect the full-domain encoding coverage of air interface interaction segments, filter out continuous idle code bit intervals that have not participated in regular interaction parsing calls, and delineate the idle code bit intervals as the scope for hidden field deployment; The overall code length of the terminal access identifier is used to match the code span of the hidden field deployment interval; The identifier encoding sequence is entered code by code along the code position extension direction to maintain the code position arrangement structure of the explicit encoding interval of the air interface interaction segment and maintain the code position arrangement order of the explicit encoding interval.

[0029] In this embodiment, radio resource control signaling, non-access stratum signaling, and terminal identification messages in the link are continuously collected every 10ms. The link transmission timing is strictly followed during the collection process, and the original data encoding format is not changed. All collected data is uniformly converted into binary code streams and stored in an 8GB DDR4 cache module. The read and write rate of the cache module is set to 2400MT / s.

[0030] The binary code stream stored in the cache module is scanned bit by bit. Using code-by-code comparison technology, based on the fixed boundary characteristics of 5G data frames, the 8-bit fixed identifier code of the frame header and the 8-bit check code of the frame tail are identified one by one to determine the start and end positions of each frame data. The identified frame header and frame tail positions are recorded as boundary nodes. Each boundary node corresponds to a unique code point coordinate with the coordinate precision accurate to a single code element. The timing information of each boundary node is recorded synchronously.

[0031] In one embodiment, a single continuous code stream interval is defined based on the code position coordinates of the boundary node. The interval code length is set to three gradients: 512 bits, 1024 bits, and 1536 bits. Radio resource control signaling corresponds to a 512-bit code length interval, non-access stratum signaling corresponds to a 1024-bit code length interval, and terminal identity messages correspond to a 1536-bit code length interval. Each interval is independently divided, with an 8-bit interval reserved between intervals. The native marker code position within each code stream interval is extracted. This marker code position is a fixed 16-bit encoding, where the first 8 bits are the frame type identifier and the last 8 bits are the sorting identifier. Based on the encoding rules of the sorting identifier, the arrangement direction of a single code stream segment is determined and uniformly adjusted to an arrangement order from high to low bits. During the adjustment process, the original code element values ​​are not changed; only the arrangement logic of the code stream is standardized to ensure that the encoding order of each code stream segment is consistent.

[0032] Of particular importance is that the specific steps for generating the 5G authentication feature bearer unit in step S2 are as follows: Based on the air interface interaction segment of the input terminal access identifier code, the arrangement benchmark of the hidden field code position range and the explicit code range is aligned. The arrangement reference position of multiple coding segments is unified, the boundary code position of adjacent coding segments is connected, and the transition code elements between processing segments are connected, so that multiple coding segments form a coherent and connected whole code stream. The combined and connected whole code stream is used as the 5G authentication feature bearer unit.

[0033] In this embodiment, the air interface interaction segment that completes the terminal access identifier encoding writing operation is used as the core carrier. The starting offset coordinates of the code position interval where the hidden field is located and the explicit encoding interval are retrieved respectively. The first code position of the explicit encoding interval is selected as the unified layout reference point. The offset values ​​of all code positions of the hidden field are corrected with reference to this reference point. The hidden field interval usually occupies a range of 32 bits to 64 bits. For example, 48 bits is selected as the normal layout length. The horizontal alignment of the encoding intervals on both sides is completed according to the reference point. All code positions are arranged and calibrated according to the unified offset scale. The code position offset scale is set to 1 bit unit per group.

[0034] The base data is divided into multiple independent coding intervals. The boundary code position parameters of each coding interval are read. With a unified layout reference point as a reference, the starting layout position of each coding interval is adjusted synchronously to eliminate the code position misalignment difference between different coding intervals. The misalignment difference fluctuation range is controlled between 0 bits and 16 bits. Fixed identification coding segment, hidden field coding segment, and dynamic interactive coding segment are arranged in sequence according to the natural transmission order of the code stream. The coordinates of the boundary point of each adjacent coding interval are locked in sequence.

[0035] The boundary code positions connecting adjacent coding intervals are located, and the naturally generated transition code elements at the boundary positions are extracted. The transition code elements are usually set as a continuous code position combination of 4 bits to 8 bits. The transition code elements are processed to maintain the original coding arrangement form of the transition code elements, and are arranged in a straight line according to the code position extension direction of the preceding and following coding intervals. The blank code position intervals at the connection positions of adjacent coding intervals are filled, the code position gaps between coding intervals are eliminated, and the segmented independent coding content forms a continuous linear arrangement structure.

[0036] The code content that has been fully aligned and connected is integrated, and the multiple code intervals arranged in segments are merged into a single continuous code stream. The merging process maintains the original code element arrangement order within each code segment and does not change the code content or code position distribution. The integrated complete code stream is arranged in a fixed order of fixed fields, hidden fields, and dynamic fields. The total length of the overall code stream can be taken as 256 bits as the standard deployment specification. The overall code stream is finalized and combined according to this integrated structure. The integrated code stream is defined as the 5G authentication feature bearer unit.

[0037] Preferably, step S3: taking the 5G authentication feature bearer unit as the object, perform field misalignment and nesting verification on the bearer units in the preceding and following time sequences, and synchronously record the field association information generated during the verification process; Optionally, the field misalignment nesting verification of the bearer units in the preceding and following time series in step S3 is specifically as follows: Retrieve two sets of 5G authentication feature bearer units that are adjacent in timing sequence, and offset the code bit alignment reference of the two sets of 5G authentication feature bearer units. The hidden field encoding range of the first group of 5G authentication feature bearer units is cross-corresponded with the regular transmission encoding range of the second group of 5G authentication feature bearer units. Read the encoded content under the cross-corresponding state segment by segment, record the code position association relationship formed by cross-matching of different encoding intervals, and summarize the code position association content to form field association information.

[0038] In this embodiment, two sets of 5G authentication feature bearer units arranged continuously in the time dimension are extracted according to the time sequence sorting rules. The unit data of adjacent batches are retrieved sequentially according to the storage order of the code stream time sequence cache. The two sets of bearer units are marked as the pre-time sequence bearer unit and the post-time sequence bearer unit, respectively. The code length of the unit can adopt two conventional specifications: 192 bits and 256 bits. 1 bit is used as the minimum code position measurement scale. The global alignment coordinates of the two sets of bearer units in the initial state are read, and the reference code position values ​​of the explicit coding interval and the hidden coding interval are recorded. The preset global alignment origin of the two sets of bearer units is changed, and the offset of the code position reference is adjusted horizontally. The offset value is set to a fixed value in the range of 16 bits to 32 bits. The reference point of the two sets of bearer units is changed synchronously according to the same direction offset rule. The code position offset is performed in a linear translation manner throughout the process, and the position of the code element arrangement inside the coding interval does not change.

[0039] Read the boundary code bit data of the hidden field encoding interval inside the pre-sequence bearer unit. This type of interval is fixed and concentrated in the code bit range of the middle section of the bearer unit. The interval span is selected as a 64-bit standard specification. Simultaneously retrieve the start and end code bit parameters of the regular transmission encoding interval inside the post-sequence bearer unit. The regular transmission encoding interval occupies the code bit area of ​​the front and rear sections of the bearer unit. The interval span is selected as a 128-bit standard specification. Based on the position difference generated by the code bit reference offset, make the hidden field encoding interval of the pre-sequence unit and the regular transmission encoding interval of the post-sequence unit overlap. The overlap coverage length is set to a fixed value of 32 bits. Keep the encoding structure of the two sets of bearer units unchanged and complete the interval cross arrangement only by relying on the reference offset.

[0040] Using a 32-bit segment reading span, all code element content within the overlapping area is read segment by segment along the code position extension direction. The segment reading action proceeds sequentially from the low-order code position to the high-order code position. Bidirectional encoded data at the corresponding positions of the intersections are collected segment by segment, and the corresponding coordinates of each intersection matching point are marked simultaneously. The corresponding combination forms of the hidden field code positions of the front unit and the regular transmission code positions of the rear unit are recorded. The point binding relationships generated by the intersection matching of different intervals are registered one by one, and the code position corresponding data in the entire intersection area are continuously collected. The code position binding data registered throughout the process are classified and organized, and the cross-matching records of each group are arranged in chronological order. The scattered point-related entries are integrated, and the arrangement order of the related data is unified and standardized. The code position corresponding relationships formed by all intersection matchings are integrated into a coherent dataset.

[0041] Preferably, step S4: Divide the transmission partition based on the 5G authentication feature bearer unit, and assign the field association information to the corresponding transmission partition; retrieve the information inside the transmission partition in layers, and perform access identity level verification in sequence to complete the 5G network information security authentication.

[0042] Optionally, step S4, which involves dividing the transmission partition based on the 5G authentication feature bearer unit, includes: The code bit range of the hidden field inside each 5G authentication feature bearer unit is detected, and the unit category is distinguished based on the difference in the coding interval combination of each bearer unit. By dividing the bearer units with the same encoding interval combination into the same interval range, defining the independent bitstream storage boundary of each interval range, distinguishing the storage intervals of different types of bearer units, and dividing them into multiple independent transmission interval structures.

[0043] In this embodiment, all established 5G authentication feature bearer units are scanned bit by bit, with a focus on detecting the code bit intervals of the hidden fields within each bearer unit. Using 1 bit as the detection unit, the start code bit, end code bit, and total code length of the hidden field of each bearer unit are recorded. The code length of the hidden field is conventionally set to three specifications: 32 bits, 48 ​​bits, and 64 bits. For example, some bearer units have a hidden field with a start code bit of the 33rd bit and an end code bit of the 80th bit, for a total code length of 48 bits; others have a hidden field with a start code bit of the 33rd bit and an end code bit of the 64th bit, for a total code length of 32 bits. The coding interval combination form of each bearer unit is read simultaneously to clarify the code bit distribution, interval span, and arrangement order of the fixed identification field, hidden field, and dynamic transmission field of each bearer unit. The coding interval combination form of each bearer unit is recorded completely one by one.

[0044] Based on the combination of encoding intervals of each bearer unit, the hidden field code length, fixed identification field span, and dynamic transmission field arrangement position of different bearer units are compared. Bearer units with the same hidden field code length, the same fixed identification field span, and the same dynamic transmission field arrangement position are grouped into the same category. The classification process is carried out in a unit-by-unit comparison manner. After each comparison of a bearer unit is completed, it is assigned to the corresponding category. The category division proceeds in the order of hidden field code length first, followed by fixed identification field span. A total of 3 types of bearer units are divided, corresponding to 32-bit, 48-bit, and 64-bit hidden field code length specifications, respectively.

[0045] It should be noted that for each type of bearer unit, an independent bitstream storage interval is defined. The start and end bits of the storage interval are set separately for each category. For example, the storage interval for a 32-bit hidden field bearer unit starts at bit 0 and ends at bit 102400; the storage interval for a 48-bit hidden field bearer unit starts at bit 102401 and ends at bit 204800; and the storage interval for a 64-bit hidden field bearer unit starts at bit 204801 and ends at bit 307200. A 1024-bit blank interval is reserved in each storage interval. This blank interval does not store any data and is used to distinguish different categories of storage intervals.

[0046] Boundary delineation is based on the set start and end code positions, and a dedicated boundary marker is marked at the boundary position, with the marker occupying 8 code positions. Each type of bearer unit is written to the corresponding storage interval in chronological order. The writing process is carried out unit by unit in 16-bit increments, with the writing rate controlled at 100Mbps. This ensures that the arrangement order of the bearer units in the storage interval is consistent with the original timing, without changing the encoding structure and code position arrangement of the bearer units themselves. Finally, three independent and clearly defined transmission interval structures are formed, with each transmission interval storing only 5G authentication feature bearer units of the same type of encoding interval combination.

[0047] Optionally, in step S4, the field association information is assigned to the corresponding transmission partition as follows: Bind the field association information with the encoding association data of the corresponding 5G authentication feature bearer unit, extract the deployment code bit data of the hidden field inside the 5G authentication feature bearer unit, and connect to the code stream storage boundary defined by each transmission partition. The continuous encoded sequence of the field association information is split, and the encoded sequence length and the span occupied by the storage segment are matched according to the preset independent storage sub-segments within the transmission partition. The encoded content is then entered sequentially along the starting code position of the storage sub-segment. Based on the temporal arrangement of the 5G authentication feature bearer unit, the storage locations of all associated information within the partition are arranged in an orderly manner, thus completing the directional collection and arrangement of associated information and transmission partition.

[0048] In this embodiment, a data binding operation is initiated first, binding the field association information one-to-one with the encoded association data of the corresponding 5G authentication feature bearer unit. The binding process strictly follows the code point correspondence relationship to ensure that each piece of field association information corresponds to a unique 5G authentication feature bearer unit. Simultaneously, the deployment code point data of the hidden fields within the 5G authentication feature bearer unit is extracted, clarifying the start code point, end code point, and total code length of the hidden fields. The extracted code point data is precisely matched with the code stream storage boundaries defined by each transmission partition to ensure that the field association information matches the storage requirements of the corresponding transmission partition. During the matching process, the original form of any data is not changed; only data association matching is completed.

[0049] The continuous encoded sequence of the field association information is split into several encoded segments that adapt to the storage sub-segments of the transmission partition, with each segment consisting of 16 bits. The length of each encoded segment after splitting is consistent with the preset storage sub-segment span of the corresponding transmission partition. The encoded segment adapted to the 32-bit storage sub-segment has a length of 32 bits, and the encoded segment adapted to the 64-bit storage sub-segment has a length of 64 bits, ensuring that the split encoded segments can be directly entered into the corresponding storage sub-segments.

[0050] According to the preset storage rules within the transmission partition, the split field association information encoding segments are entered sequentially along the starting code position of the corresponding storage sub-segment. The entry process strictly follows the order of "high bit first, low bit last". For each encoding segment entered, the corresponding storage position is recorded synchronously. The entry rate is controlled at 10 bits / ms to ensure that no code position misalignment occurs during the entry process. After the entry is completed, the entered content is checked bit by bit to ensure consistency with the original field association information.

[0051] Based on the original temporal arrangement of the 5G authentication feature bearer units, the field association information within each transmission partition is arranged in an orderly manner. The association information is stored sequentially according to the collection order of the bearer units, ensuring that the association information within the same transmission partition is consistent with the storage location of the corresponding bearer unit, preventing overlapping storage. The association information within each transmission partition is arranged in chronological order of entry time. After entry is completed, access permissions for each storage sub-segment are locked to prevent data misoperation. The entire process strictly adheres to preset parameters without any subjective adjustments, ensuring that the targeted collection and arrangement of association information meets the storage requirements of the transmission partition.

[0052] Optionally, step S4, which involves retrieving information from the internal layers of the transmission partition, includes: Collect the code bit arrangement order of each transmission partition storage segment, and combine it with the distribution range of the storage segment to divide it into multiple continuous retrieval levels according to the time distribution span; The corresponding partition data read ports are woken up one by one, and a single storage sub-segment is limited to be read at a time. Field association information is collected segment by segment along the code position arrangement direction. After the data acquisition is completed, the data connection of the current storage segment is cut off, and the system switches to the next storage segment at the same level. After all segments at the same level have been acquired, the system jumps to the next level of retrieval and repeats the port switching and code segment acquisition actions.

[0053] In this embodiment, the stored 5G authentication feature bearer unit data in each transmission partition is retrieved, and the field distribution of each bearer unit is checked bit by bit to clarify the total code length, hidden field code position range and regular transmission field code position of each bearer unit. The total code length of a single bearer unit is set to 256 bits, the hidden field occupies 64 bits, the regular transmission field occupies 192 bits, and an 8-bit blank interval is reserved between fields to avoid code position overlap.

[0054] The coding structure of each bearer unit is scanned bit by bit to distinguish the specific positions of fixed fields and dynamic fields. The code positions corresponding to fixed fields are 1-192 bits, the code positions corresponding to dynamic fields are 193-256 bits, and the code positions corresponding to hidden fields are 257-320 bits. The code positions of each field are strictly distinguished and there is no overlap. The start and end coordinates of each code position are clearly marked.

[0055] Each hidden field of the bearer unit is checked one by one to confirm the start and end code positions of the hidden field. The encoded content corresponding to the terminal access identifier is entered into the hidden field bit by bit at an input speed of 1 bit / time. During the input process, the encoded content is kept consistent with the original identifier, and the characters and arrangement order of the encoding itself are not changed. After the input is completed, the consistency between the input content and the original identifier is checked bit by bit.

[0056] Most importantly, the access identity level verification performed in step S4 is as follows: The gradient code cover interval is divided according to the three-segment timing retrieval level. The first verification interval is limited to the code interval of the hidden field itself, and the code span is controlled within the range of 28 to 36 bits. The sequence content is compared in parallel bit by bit along the code arrangement direction. The second verification interval extends outward by 12 to 20 bits of code width, integrates the hidden field boundary code position and the air interface interaction segment transition code segment, splits the code segment into units of 4 to 6 consecutive bits and completes the structural alignment; The third verification interval covers all the coding of the bearing unit, and the overall code element interval is controlled within the range of 120 to 144 bits. The entire domain coding arrangement is matched in parallel. The multi-interval coding alignment operation is carried out segment by segment according to the order of the code element coverage from narrow to wide, and the original coding correspondence of each interval code element alignment process is recorded in real time.

[0057] In this embodiment, the air interface interaction segments related to 5G link authentication are scanned bit by bit to determine the code range of the hidden field. Operations are performed in 1-bit units, recording the start and end code positions of the hidden field. The hidden field typically occupies 32 bits. The encoding length corresponding to the terminal access identifier is consistent with the hidden field's code length. The encoding structure of the terminal access identifier, including the terminal device's unique identifier and network access verification code, is recorded synchronously, and the encoding correspondence is sorted in a fixed order. A three-stage verification process is followed. The first stage focuses on the hidden field itself, comparing the encoding correspondence between the hidden field and the terminal access identifier bit by bit. Each bit of encoding corresponds to a unique code position. Starting from the start code position, the encoding content of the hidden field is read bit by bit and compared bit by bit with the original encoding of the terminal access identifier. The encoding content of each code position is recorded without adding any extra encoding or modifying the original code element content. For the entire carrier unit's encoded content, the entire encoded sequence is read bit by bit, and compared one by one with the original encoding of the terminal access identifier. The correspondence of each code bit is recorded, the encoded content corresponding to different code bits is clarified, the code bit range of fixed fields and dynamic fields is distinguished, and the original encoding arrangement order is not changed.

[0058] The present invention also provides an information security authentication system based on a 5G network, used to execute the above-described information security authentication method based on a 5G network, the information security authentication system based on a 5G network comprising: The link data straightening and processing module is used to collect interactive signaling and identity messages from the 5G two-way communication link, segment and decompose the interactive signaling and identity messages; separate fixed identification fields and dynamic transmission fields to generate 5G link authentication base data; The feature carrier encapsulation and construction module is used to extract the terminal access identifier and air interface interaction fragment from the 5G link authentication base data, write the terminal access identifier into the hidden field of the air interface interaction fragment, and generate a 5G authentication feature carrier unit. The time-series field nesting verification module is used to perform field misalignment nesting verification on the bearer units of the preceding and following time sequences, taking the 5G authentication feature bearer unit as the object, and synchronously recording the field association information generated during the verification process; The partitioned and hierarchical authentication execution module is used to divide the transmission partitions based on the 5G authentication feature bearer unit, and assign the field association information to the corresponding transmission partition; it retrieves the information inside the transmission partition layer by layer, and performs access identity level verification in sequence to complete the 5G network information security authentication.

[0059] Therefore, the embodiments should be considered as exemplary and non-limiting in all respects, and the scope of the invention is defined by the appended claims rather than the foregoing description. Thus, all variations falling within the meaning and scope of the equivalents of the application are intended to be included within the invention.

[0060] The above description is merely a specific embodiment of the present invention, enabling those skilled in the art to understand or implement the invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the general principles defined herein may be implemented in other embodiments without departing from the spirit or scope of the invention. Therefore, the present invention is not to be limited to the embodiments shown herein, but is to be accorded the widest scope consistent with the principles and novel features of the invention herein.

Claims

1. An information security authentication method based on a 5G network, characterized in that, Includes the following steps: Step S1: Collect interactive signaling and identity messages from the 5G two-way communication link, and segment and decompose the interactive signaling and identity messages; separate the fixed identification field and the dynamic transmission field to generate 5G link authentication base data; Step S2: Extract the terminal access identifier and air interface interaction fragment from the 5G link authentication base data, write the terminal access identifier into the hidden field of the air interface interaction fragment, and generate a 5G authentication feature bearer unit. Step S3: Taking the 5G authentication feature bearer unit as the object, perform field misalignment and nesting verification on the bearer units in the preceding and following time sequences, and synchronously record the field association information generated during the verification process; Step S4: Divide the transmission partitions based on the 5G authentication feature bearer unit, and assign the field association information to the corresponding transmission partitions; retrieve the information inside the transmission partitions in layers, and perform access identity level verification in sequence to complete the 5G network information security authentication.

2. The information security authentication method based on 5G network according to claim 1, characterized in that, Step S1 involves segmenting and decomposing the interactive signaling and identity messages, including: Collect interactive signaling and identity messages from the 5G two-way communication link; Identify the code stream boundary nodes of interactive signaling and identity messages in 5G two-way communication links; The truncation interval is defined based on the location of the bitstream boundary node, and a continuous bitstream interval is divided along the bitstream boundary node; The original marker bits within the continuous bitstream interval are retained, and the encoding arrangement order within a single bitstream interval is determined based on the original marker bits.

3. The information security authentication method based on a 5G network according to claim 2, characterized in that, Step S1 involves separating the fixed identification field from the dynamic transmission field, including: Scan all encoded regions within a single segment of the bitstream that has been divided, mark the range of continuous code points whose encoded content remains constant, and mark the range of continuous code points whose encoded content changes with communication interactions. The boundary position between the continuous code point range where the encoded content remains constant and the continuous code point range where the encoded content changes with communication interaction is located, and the transition code element at the boundary position is separated. The code points are divided into regions where the encoded content remains constant and regions where the encoded content changes with communication interactions. The code points are reorganized according to the arrangement order of fixed coding regions first and dynamic coding regions last, forming the 5G link authentication base data.

4. The information security authentication method based on a 5G network according to claim 1, characterized in that, In step S2, extracting the terminal access identifier and air interface interaction fragment from the 5G link authentication base data specifically involves: Identify the encoding range covered by the fixed identification fields within the 5G link authentication base data, and locate the continuous encoding sequence generated during the terminal's network access interaction phase; Lock the start and end code positions of the continuous encoded sequence, and extract the encoded content of the start and end code positions of the continuous encoded sequence; Identify the encoding range covered by the dynamic transmission field within the 5G link authentication base data, and locate the continuous code stream continuously generated during the 5G air interface interaction process; Lock the start and end code points of the continuous bitstream and extract the encoded content of the start and end code points of the continuous bitstream.

5. The information security authentication method based on a 5G network according to claim 4, characterized in that, The hidden fields in step S2 that write the terminal access identifier into the air interface interaction segment include: Detect the full-domain encoding coverage of air interface interaction segments, filter out continuous idle code bit intervals that have not participated in regular interaction parsing calls, and delineate the idle code bit intervals as the scope for hidden field deployment; The overall code length of the terminal access identifier is used to match the code span of the hidden field deployment interval; The identifier encoding sequence is entered code by code along the code position extension direction to maintain the code position arrangement structure of the explicit encoding interval of the air interface interaction segment and maintain the code position arrangement order of the explicit encoding interval.

6. The information security authentication method based on a 5G network according to claim 1, characterized in that, Step S3 specifically involves verifying the field misalignment and nesting of the bearer units in the preceding and following time sequences as follows: Retrieve two sets of 5G authentication feature bearer units that are adjacent in timing sequence, and offset the code bit alignment reference of the two sets of 5G authentication feature bearer units. The hidden field encoding range of the first group of 5G authentication feature bearer units is cross-corresponded with the regular transmission encoding range of the second group of 5G authentication feature bearer units. Read the encoded content under the cross-corresponding state segment by segment, record the code position association relationship formed by cross-matching of different encoding intervals, and summarize the code position association content to form field association information.

7. The information security authentication method based on a 5G network according to claim 1, characterized in that, Step S4, which involves dividing the transmission partition based on the 5G authentication feature bearer unit, includes: The code bit range of the hidden field inside each 5G authentication feature bearer unit is detected, and the unit category is distinguished based on the difference in the coding interval combination of each bearer unit. By dividing the bearer units with the same coding interval combination into the same interval range, defining the independent bitstream storage boundary of each interval range, distinguishing the storage intervals of different types of bearer units, and dividing them into multiple independent transmission interval structures.

8. The information security authentication method based on a 5G network according to claim 7, characterized in that, In step S4, the field association information is assigned to the corresponding transmission partition as follows: Bind the field association information with the encoding association data of the corresponding 5G authentication feature bearer unit, extract the deployment code bit data of the hidden field inside the 5G authentication feature bearer unit, and connect to the code stream storage boundary defined by each transmission partition. The continuous encoded sequence of the field association information is split, and the encoded sequence length and the span occupied by the storage segment are matched according to the preset independent storage sub-segments within the transmission partition. The encoded content is then entered sequentially along the starting code position of the storage sub-segment. Based on the temporal arrangement of the 5G authentication feature bearer unit, the storage locations of all associated information within the partition are arranged in an orderly manner, thus completing the directional collection and arrangement of associated information and transmission partition.

9. The information security authentication method based on a 5G network according to claim 8, characterized in that, Step S4, which involves retrieving information from the internal layers of the transmission partition, includes: Collect the code bit arrangement order of each transmission partition storage segment, and combine it with the distribution range of the storage segment to divide it into multiple continuous retrieval levels according to the time distribution span; The corresponding partition data read ports are woken up one by one, and a single storage sub-segment is limited to be read at a time. Field association information is collected segment by segment along the code position arrangement direction. After the data acquisition is completed, the data connection of the current storage segment is cut off, and the system switches to the next storage segment at the same level. After all segments at the same level have been acquired, the system jumps to the next level of retrieval and repeats the port switching and code segment acquisition actions.

10. An information security authentication system based on a 5G network, characterized in that, For executing the information security authentication method based on a 5G network as described in claim 1, the information security authentication system based on a 5G network includes: The link data straightening and processing module is used to collect interactive signaling and identity messages from the 5G two-way communication link, segment and decompose the interactive signaling and identity messages; separate fixed identification fields and dynamic transmission fields to generate 5G link authentication base data; The feature carrier encapsulation and construction module is used to extract the terminal access identifier and air interface interaction fragment from the 5G link authentication base data, write the terminal access identifier into the hidden field of the air interface interaction fragment, and generate a 5G authentication feature carrier unit. The time-series field nesting verification module is used to perform field misalignment nesting verification on the bearer units of the preceding and following time sequences, taking the 5G authentication feature bearer unit as the object, and synchronously recording the field association information generated during the verification process; The partitioned and hierarchical authentication execution module is used to divide the transmission partitions based on the 5G authentication feature bearer unit, and assign the field association information to the corresponding transmission partition; it retrieves the information inside the transmission partition layer by layer, and performs access identity level verification in sequence to complete the 5G network information security authentication.