41 results about "Handover authentication" patented technology

A handover authentication method includes performing, by a wireless network server, a first authentication between a client and the wireless network server via a first network gateway; obtaining first authentication keys for the wireless network server and the client based on the first authentication; determining, by the wireless network server, a need to handover the client from the first network gateway to a second network gateway; deriving, by the wireless network server and from the first authentication keys, a handover authentication key shared by the client and the wireless network server; obtaining, by the wireless network server, second authentication keys for the network server and the client; and serving, by the wireless network server, the client via the second network gateway.

The invention discloses an authentication switching method with privacy protection in an LTE (long term evolution) / LTE-A (LTE-advanced) network. After ME (mobile equipment) is accessed to the LTE / LTE-A network for the first time and successfully finishes access authentication with an AAA (authentication, authorizing and accounting) server, the AAA server generates a pseudonym set for the ME. When the ME needs to be switched to a new AP (access point) due to movement, only one unused pseudonym needs to be selected from the pseudonym set to perform identity authentication, the real identity of the ME does not need to be provided, so that leakage of a user identity and position privacy can be avoided, and anonymity and untraceability are realized. In the authentication switching process, key agreement is realized based on a Diffie-Hellman key exchange algorithm, the mutual authentication process is finished by hash function value verification, bilinear pairing operation is omitted, and authentication delay is reduced.

The invention belongs to the technical field of network security communication, and discloses an access and switching authentication method and system in a satellite network interrupted connection scene. The access and switching authentication method has the advantages that: simple hash and XOR operations are used for operation, and meanwhile, a terminal is guaranteed to be safely accessed to a satellite network through using a timestamp, a message authentication code, a random number and RES, and bidirectional authentication is realized while the communication overhead and the calculation overhead are reduced; based on a current session key of a mobile user UE and a satellite network, rapid communication recovery authentication after the UE and the satellite network are disconnected is realized, the unnecessary access authentication frequency is reduced, and the burden of the system is reduced; safe switching is achieved through utilizing random numbers and hash functions, and safe switching is achieved while the communication cost in the satellite switching process is reduced; and the user achieves anonymity by generating a temporary identity, and each successful authentication is refreshed for the next authentication.

The invention discloses an identity-based authentication method for a space-based network, and aims to solve the problem of security authentication of a ground terminal and a satellite in the space-based network and improve the security of space-based network communication. According to the technical scheme, the method comprises the following steps: firstly, constructing an identity-based authentication system for a space-based network consisting of a ground terminal, a key generation center (KGC) and a low-orbit satellite; by an initialization calculation module of the KGC, calculating a system master key and public parameters; and by a private key calculation module of the KGC, calculating a corresponding private key and distributing the private key and the public parameters to the ground terminal and the satellite. When a terminal TEA gets access, bidirectional authentication and session key negotiation of a current overhead satellite LEOA and the TEA are carried out, then the LEOA and the TEA normally communicate with each other, if the LEOA determines that the LEOA is about to leave a current area at the end of service, inter-satellite switching authentication is carried out, if the LEOA determines that the LEOA is not about to leave the current area at the end of service, the LEOA and the TEA continue to communicate with each other. According to the invention, the size of the transmitted message is effectively reduced, and fast switching authentication and session key negotiation are realized while the security is ensured.

The invention discloses a combined handover authentication method and system used for goods escorting. The method is characterized by including the following steps that: (a) handover task information is pre-stored to a remote server; (b) handheld terminals transmit handover requests through a wireless network, detect geographic positions where signals are transmitted, and after conformation between the geographic positions and geographic positions pre-stored in the remote server are confirmed, opening codes are send back; (c) the handheld terminals open authentication interface display, and read several pieces of authentication tag information, are coupled with the remote server through the wireless network, and judge whether the obtained authentication tag information is correct or not through comparison, at the same time, download personnel information, and the method enters a manual authentication phase; and (d) physical handover is performed, and tag information of handover items is uploaded, and the handover terminates. The system can keep real-time communication with the remote server through the wireless network. According to the combined handover authentication method and system, an electronic fence is set, and information can be uploaded and downloaded on line, and the controllability, timeliness and reliability of a handover process can be ensured, and situations such as handover errors and omissions can be avoided; and the whole handover process has traceability, so that the whole handover process is safer and more reliable.

The invention discloses a quick switching authentication method for a low-orbit satellite communication network, which comprises the following steps that: a user terminal and a satellite terminal carry satellite inherent equipment information to register in a ground management center, and an original satellite selects a satellite switched by the user terminal according to the periodicity of the satellite to send a switching application request message; if successfully decrypting the authentication information of the user terminal, the switching satellite repliess a switching permission response message to the original satellite; the original satellite receives the switching permission response message of the switching satellite, generates switching preparation information and sends the switching preparation information to the user terminal; the user terminal receives the switching preparation message, determines the switching time, and sends a switching authentication request message to the switching satellite; the switching satellite receives the switching authentication request message and sends switching authentication response information to the user terminal; the user terminalreceives and verifies the switching authentication response information to complete a switching authentication process; According to the method, the security of the switching authentication process of the user terminal is ensured while the switching authentication time delay and the calculation overhead are reduced.

The invention provides a two-way access authentication method for a multi-layer-MAP oriented HMIPv6 network. The two-way access authentication method comprises the following steps that: a root PKG server is used as a trusted third party; a trusted channel is established among the root PKG server, PKG servers and AR routers in various layers; the root PKG server generates common parameters and private keys; the root PKG server issues the private keys to the PKG servers in the various layers according to identity information of the PKG servers in the various layers; the PKG server in each layer distributes the private key to the AR router in this layer according to identity information of the AR router in this layer; when a mobile node MN leaves a home homework and is accessed to the AR router under a certain MAP in the HMIPv6 network for the first time, initial two-way access authentication is carried out; and, when the mobile node MN is in a currently accessed foreign network and the AR router in the current MAP domain is switched into another MAP domain or another AR router, switching authentication is carried out. The invention provides a short signature scheme based on node certificate hierarchical identity; the security is based on the h-CDH problem; the short signature scheme has the advantages that: the lengths of the private keys are reduced along with increasing of hierarchical levels; and the lengths of the private keys are independent of the hierarchical levels.

According to the data feedback method and system provided by the invention, after the mobile terminal calls out the authentication code, the pose data of the mobile terminal is acquired through the sensor of the mobile terminal, and the code scanning authentication state prompt signal of the authentication equipment is acquired through the signal acquisition equipment of the mobile terminal; whether the mobile terminal performs a code scanning authentication action or not is judged according to the pose data; and a code scanning authentication result is judged according to the acquired code scanning authentication state prompt signal, and the authentication result is displayed on a page of the mobile terminal. According to the method and the system, the code scanning authentication resultcan be fed back to the mobile terminal in real time in an offline state of the authentication equipment or the mobile terminal, and the mobile terminal is prompted to switch the authentication code after the code scanning is failed. Therefore, real-time feedback of data in an offline state is realized, and the user experience is improved.

The invention belongs to the technical field of communication network security, and discloses a group access authentication and switching authentication method and application suitable for space-ground integration; the method comprises a terminal registration process, a group member registration process, a group owner discovery process, a group access authentication process, a group switching process, a group member joining process, and a group member quitting process. The invention discloses a privacy-protected group access authentication and switching authentication method. The method can beapplied to space-ground integrated group access authentication and switching scenes; the group owner discovery process is executed offline, so that the group owner can be selected regularly; massiveterminal access authentication and switching authentication are supported; joining and quitting of members in the group can be supported through the joining and quitting process of the group members,and the flexibility of the system is improved; through group authentication, the communication overhead, the calculation overhead and the signaling overhead can be effectively reduced; in addition, the privacy of the identity information of the terminal can be realized through a privacy-protected group access authentication and switching authentication method.

The invention belongs to the technical field of communication network security, and discloses a multi-type terminal access and handover authentication method and system, equipment and application. Themethod comprises the steps of entity registration; ground-based common terminal access authentication; space-based special terminal access authentication; ka terminal access authentication; terminalhandover authentication. According to the method, a common terminal can safely and efficiently access a ground network by executing a ground-based common terminal access authentication process; for special terminals, such as important / high-speed users and the like, a space-based special terminal access authentication process can be used to quickly access a network by presetting an authentication vector in advance without participation of a home network, so that the problem that network service cannot be provided due to faults of the home network is avoided; the access authentication process based on the Ka terminal is used for the Ka terminal, so that high reliability of network access of the Ka terminal is guaranteed, the access authentication efficiency is greatly improved, and access authentication and handover of various different types of terminals are realized.

The invention belongs to the technical field of network communication, and discloses a multi-user authentication method and system for a mobile communication scene and an information processing terminal. An initial authentication stage; and switching the authentication stage. According to the method, a multi-user authentication scheme is designed by using an aggregation message authentication code with a detection function and a contribution-based broadcast encryption technology based on MEC and SDN technologies, so that the channel congestion probability is reduced, the calculation overhead and communication overhead of switching authentication are reduced, the switching authentication time delay is reduced, and the safety performance of group authentication is improved. According to the invention, the network architecture integrated by the SDN and the MEC server can monitor the network state in real time according to the dynamic topology of the user in advance to make a switching decision, a large amount of calculation overhead can be completed before switching authentication, and the switching authentication time delay is effectively reduced. And the group messages are aggregated, so that the number of times of signaling interaction can be effectively reduced, and the possibility of channel congestion is reduced.

The invention discloses a handover authentication method with privacy protection in an LTE / LTE-A network. After an ME accesses the LTE / LTE-A network for the first time and successfully completes access authentication with an AAA server, the AAA server generates a Pseudonym set; when ME needs to switch to a new AP due to movement, it only needs to select an unused pseudonym from the pseudonym set for identity authentication without providing the real identity of ME, thereby avoiding the leakage of user identity and location privacy , to achieve anonymity and untraceability. In the handover authentication process, the method negotiates keys based on the Diffie-Hellman key exchange algorithm, completes the mutual authentication process through hash function value verification, does not use bilinear pairing operations, and reduces authentication delay.

The invention discloses a safety certification method based on a chameleon hash function, which relates to the field of wireless communication safety certification of heterogeneous wireless networks and mainly comprises the following operation steps of: firstly, system initialization is performed on a key generation center to select the system public parameters and finish system establishment; the home domain network server HS completes registration; the foreign region network server FS completes registration; the mobile terminal MT completes registration; the home domain network server HS distributes switching authorization information to a legal and credible mobile terminal MT; and the mobile terminal MT and the foreign region network server FS complete authentication switching and session key negotiation. According to the method, the security real-time authentication of the mobile terminal and the foreign region network in the heterogeneous wireless network can be effectively realized, and the identity privacy of the mobile terminal and the resistance to temporary private key leakage and replay attacks are ensured. Moreover, in the authentication process, the mobile terminal consumes less resources.

The invention discloses a group pre-switching authentication method and device based on a trusted relay, and the method comprises the steps: carrying out the group authentication of a user terminal through the trusted relay, and recording the information of the user terminal passing the authentication to a pre-switching set; predicting the track of the user terminal in the pre-switching set to obtain a target base station of the user terminal; and comparing the current base station coverage range of the user terminal with the position information of the user terminal, and switching the user terminal to a target base station by using a trusted relay when the position of the user terminal exceeds the current base station coverage range. The group pre-switching technology and the trusted execution technology are combined, group switching can be rapidly and safely carried out, it is guaranteed that the 5G network can provide smooth and safe communication experience for users in the train running process, the switching problem of mass terminal devices in the current 5G network in the high-speed moving process is solved, and the user experience is improved. The method is high in applicability and safety, and switching overhead consumption is reasonable.

The invention discloses a network security authentication method. The method comprises the following steps: S1, establishing an IPSec communication system; S2, carrying out matrix-based key pre-distribution; and S3, establishing a secret sharing mechanism. The beneficial effects are as follows: the method is suitable for an IKEv2 initial exchange process improvement protocol in a wireless networkenvironment. The protocol has obvious performance advantages. The method can be applied to a wireless Internet network environment; in addition, a quick switching authentication method based on a neighbor graph and a pre-distribution method based on a matrix key are adopted, a rapid switching authentication scheme of the wireless Mesh network is provided, the problem of quick switching authentication failure caused by the mobility of the Mesh access point can be solved, through a self-healing group key distribution scheme, a safety channel does not need to be established between a group administrator and each group member to distribute personal secret information of the group members, and safety of storage overhead and communication overhead is achieved.

The present invention proposes a blockchain-based data encryption working method, including: S1, establishing an encryption channel for each node in the blockchain network, and setting a first information interaction terminal and a second information interaction terminal for each encryption channel terminal, the first information interaction terminal is used to distribute instructions to encrypted information, and the second information interaction terminal is used to receive encrypted information and record the random number containing specific identification information in encrypted information; S2, the first information exchange terminal after passing the encrypted information authentication The second information interaction terminal opens the encryption channel, performs data call and data mining, S3, after encrypting the output, selects random numbers to update the encryption parameters through switching authentication, and forwards the information received by the second information interaction terminal to the smart terminal, through the hash operation Generate local parameters for the smart terminal master key, use the master key identity parameters to update the authentication key KEY, and encrypt and encapsulate the key.