[go: up one dir, main page]

CN101540998A - Mobile station identifier distribution method and system in wireless communication system - Google Patents

Mobile station identifier distribution method and system in wireless communication system Download PDF

Info

Publication number
CN101540998A
CN101540998A CN200910137603A CN200910137603A CN101540998A CN 101540998 A CN101540998 A CN 101540998A CN 200910137603 A CN200910137603 A CN 200910137603A CN 200910137603 A CN200910137603 A CN 200910137603A CN 101540998 A CN101540998 A CN 101540998A
Authority
CN
China
Prior art keywords
mobile station
terminal
capability negotiation
base station
station identifier
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN200910137603A
Other languages
Chinese (zh)
Inventor
冯成燕
滕志猛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN200910137603A priority Critical patent/CN101540998A/en
Publication of CN101540998A publication Critical patent/CN101540998A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

本发明无线通信系统中移动台标识分发方法和系统,在终端初始入网或重入网的过程中,基站为终端分配唯一的移动台标识STID,并在认证后的能力协商过程将移动台标识发送给终端。本发明方法和系统,使终端能够安全地获得网络为其分配的移动台标识。

Figure 200910137603

The method and system for distributing mobile station identifiers in the wireless communication system of the present invention, in the process of initial network entry or re-entry of a terminal, the base station assigns a unique mobile station identifier STID to the terminal, and sends the mobile station identifier to the terminal during the capability negotiation process after authentication . The method and system of the invention enable the terminal to securely obtain the mobile station identification assigned to it by the network.

Figure 200910137603

Description

Distributing mobile station identifications method and system in the wireless communication system
Technical field
The present invention relates to the communications field, distributing mobile station identifications method and system in a kind of wireless communication system.
Background technology
IEEE is the abbreviation of electronic motor engineering association (Institute of Electrical and Electronic Engineers).Except the relevant community activity of specialty, IEEE also formulates the standard of electronic equipment, comprises the standard of various different communication technologies.Wherein, the IEEE 802 main standards of formulating electronic engineering and computer realm are called LMSC (LAN/MAN Standards Committee, local area network (LAN)/metropolitan area network standard committee) again.And 802.16 standards systems mainly are at metropolitan area network, its main target is wireless access system air interface physical layer (PHY) and medium access control layer (MAC) standard of development in 2~66GHz frequency band, also has uniformity test relevant with air interface protocol and the coexistence standard between the different radio connecting system simultaneously.
According to whether supporting mobility, IEEE 802.16 standards can be divided into that fixed broadband wireless inserts air-interface standard and mobile broadband wireless inserts air-interface standard, wherein 802.16,802.16a, 802.16c, 802.16d belong to the fixed wireless access air-interface standard.802.16d be to 802.16, the revision of 802.16a and 802.16c, pass in IEEE 802 committees, with the title issue of IEEE 802.16-2004 in June, 2004.And 802.16e belongs to mobile broadband wireless access air-interface standard.This standard passed in IEEE 802 committees in November, 2005, with the title issue of IEEE802.16-2005.WiMAX promptly is based on the standard of IEEE 802.16 air interfaces, has become the wireless access wide band technology of influence power maximum in the world at present.
IEEE is working out the 802.16m standard at present.This standard is in order to study next step evolution path of WiMAX, target is to become the next generation mobile communication technology, and finally submit to the technology motion to become one of IMT-Advanced standard of ITU (International Telecommunication Unit, International Telecommunications Union) to ITU.This standard is with the existing 802.16e standard of compatibility.
The system description document of present 802.16m (System Description Document, SDD) in, defined moving station mark (Station ID).It is in the process that initial network enters or network reenters, and by the identifier that is used to discern this terminal that base station (ABS) distributes for each terminal (AMS), this identifier is unique in the scope of base station.Each all has the STID of an appointment in the terminal of network registry.System can reserve that some specific STID is used for for example broadcasting, multicast and ranging.
Need safeguard the mapping relations of STID and terminal MAC Address (AMS MAC Address) at network side, these mapping relations need be protected.Therefore when ABS need be distributed as the STID of AMS appointment, the message of this appointment need be encrypted.
Stipulate simultaneously that in SDD STID specifies, and the distribution of STID needs protection mechanism after terminal completes successfully initial authentication or re-authentication process.The three-way handshake process or the registration process that have patent to propose behind verification process are distributed STID.If issue STID in three-way handshake process, owing to the message of three-way handshake process only has integrity protection not have Confidentiality protection, and the transmission of STID needs protection mechanism.Therefore we have to adopt for example separately to the STID method of encrypting, and can increase the expense of system so undoubtedly.If issue STID,, concerning going up from the time, the protection of terminal privacy a little a bit postpones though avoided issuing increase problem to overhead in three-way handshake process in registration process.
Summary of the invention
The technical problem to be solved in the present invention provides distributing mobile station identifications method and system in a kind of wireless communication system, makes terminal can obtain the mobile station identification of network for its distribution safely.
For solving the problems of the technologies described above, the invention provides distributing mobile station identifications method in a kind of wireless communication system, in the process of terminal initial networking or network re-entry, this method comprises:
Terminal is to base station transmitting capacity negotiation request message;
After described base station receives described message for requesting capability negotiation,, wherein carry the mobile station identification that described base station is described terminal distribution to described terminal transmitting capacity negotiate response message.
Further, described response message of capability negotiation is an encrypting messages, or the mobile station identification that described response message of capability negotiation carries utilizes key-encrypting key KEK or traffic encryption key TEK to encrypt the back transmission according to cryptographic algorithm.
Further, the cryptographic algorithm of described mobile station identification presets, or described base station and terminal are held consultation in three-way handshake process.
For solving the problems of the technologies described above, the present invention also provides distributing mobile station identifications method in a kind of wireless communication system, in the process of terminal initial networking or network re-entry, the base station is the unique mobile station identification STID of terminal distribution, and in the capability negotiation process after authentication described mobile station identification is sent to terminal.
Further, described response message of capability negotiation is an encrypting messages, or the mobile station identification that described response message of capability negotiation carries utilizes key-encrypting key KEK or traffic encryption key TEK to encrypt the back transmission.
For solving the problems of the technologies described above, the present invention also provides distributing mobile station identifications system in a kind of wireless communication system, this system comprises terminal and the base station that connects by wireless network, described base station comprises interconnective mobile station identification distribution module and distributing mobile station identifications module, wherein, the mobile station identification distribution module is used for being the terminal distribution mobile station identification in terminal initial networking or re-networking process; The distributing mobile station identifications module, the capability negotiation process that is used for after authentication sends to terminal with mobile station identification STID.
Terminal is used to receive the mobile station identification of base station assigns.
Further, described terminal also is used for to described base station transmitting capacity negotiation request message, and receives described mobile station identification by the response message of capability negotiation that receives the transmission of described base station; Described base station also comprises receiver module, be used to receive the message for requesting capability negotiation that described terminal sends, and handling capacity negotiate response message sends described mobile station identification to described terminal; The mobile station identification distribution module of described base station completes successfully Certificate Authority operation back in terminal and is described terminal distribution mobile station identification.
Further, described response message of capability negotiation is that Confidentiality protection is arranged, and described mobile station identification directly sends in the message of encrypting.
Further, after the mobile station identification that carries of described response message of capability negotiation utilizes key-encrypting key KEK or traffic encryption key TEK to encrypt according to cryptographic algorithm.
Further, the cryptographic algorithm of described mobile station identification presets, or described base station and terminal are held consultation in three-way handshake process.
Compared to prior art; mobile station identification STID is distributed to terminal in the inventive method and the system in the capability negotiation process; and the capability negotiation process follows closely after the three-way handshake process; therefore can more early protect the privacy of terminal; terminal can obtain the mobile station identification STID of network for its distribution safely; and capability negotiation message is generally encrypted transmission, compares the independent encryption of STID like this and can reduce overhead undoubtedly.
Description of drawings
Fig. 1 is that distributing mobile station identifications method of the present invention utilizes the capability negotiation process to issue the schematic diagram that STID gives terminal.
Fig. 2 is that distributing mobile station identifications method of the present invention utilizes the capability negotiation process to issue the instantiation that STID gives terminal.
Embodiment
As shown in Figure 1, the distributing mobile station identifications method is in terminal initial networking or network re-entry process in the wireless communication system of the present invention, the base station is the unique mobile station identification STID of terminal distribution, and the capability negotiation process after authentication sends to terminal with mobile station identification.
As shown in Figure 2, terminal has been described in the process of initial network entry or network re-entry, the capability negotiation process of base station after authentication is handed down to STID the process of terminal.The distributing mobile station identifications method may further comprise the steps in the wireless communication system of the present invention:
Step 201: initial authentication or re-authentication process are carried out in terminal and base station;
Step 202: three-way handshake process is carried out in terminal and base station, checking authorization key AK (Authorization Key);
Step 203: terminal is carried the ability parameter that will consult to base station transmitting capacity negotiation request message;
Step 204: the base station is to terminal transmitting capacity negotiate response message, and wherein carrying the base station is the STID of terminal distribution and the ability parameter of negotiation;
If this message has Confidentiality protection, STID can directly send in the message of encrypting so; If this message is not done Confidentiality protection, then use KEK or TEK that STID is encrypted the back alternatively and send.When using secret key encryption STID that it is protected transmission, security parameters such as STID cryptographic algorithm can be undertaken pre-configured or held consultation in the SA-TEK three-way handshake process by system.
Step 205: terminal sends login request message to the base station, registers to the base station;
Step 206: the base station sends registration reply message to terminal, finishes registration process.
For realizing above method, the present invention also provides distributing mobile station identifications system in a kind of wireless communication system, and this system comprises base station and the terminal that connects by wireless network, wherein,
The base station is used for being the unique mobile station identification STID of terminal distribution in terminal initial networking or re-networking process, and in the capability negotiation process after authentication mobile station identification STID is sent to terminal.
The base station further comprises: interconnective mobile station identification distribution module and distributing mobile station identifications module, wherein
The mobile station identification distribution module is used for networking or re-networking process at terminal initial, after terminal completes successfully the Certificate Authority operation, is the terminal distribution mobile station identification;
The distributing mobile station identifications module, the capability negotiation process that is used for after authentication sends to terminal with mobile station identification STID, and concrete handling capacity negotiate response message sends mobile station identification;
Receiver module is used for the message for requesting capability negotiation that receiving terminal sends;
Terminal, terminal are used for to base station transmitting capacity negotiation request message and receive the response message of capability negotiation that the base station sends, and wherein carry the mobile station identification of base station assigns.
Described response message of capability negotiation is that Confidentiality protection is arranged, and described mobile station identification directly sends in the message of encrypting, or after utilizing key-encrypting key KEK or traffic encryption key TEK to encrypt according to cryptographic algorithm.
The cryptographic algorithm of described mobile station identification presets, or described base station and terminal are held consultation in three-way handshake process.
The above only is the preferred embodiments of the present invention.The present invention program is not limited to the IEEE802.16 system, its associative mode can be applied in other wireless communication system.For a person skilled in the art, the present invention can have various changes and variation.Within the spirit and principles in the present invention all, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Mobile station identification STID is distributed to terminal in the inventive method and the system in the capability negotiation process; and the capability negotiation process follows closely after the three-way handshake process; therefore can more early protect the privacy of terminal; terminal can obtain the mobile station identification STID of network for its distribution safely; and capability negotiation message is generally encrypted transmission, compares the independent encryption of STID like this and can reduce overhead undoubtedly.

Claims (10)

1、一种无线通信系统中移动台标识分发方法,其特征在于:在终端初始入网或重入网的过程中,该方法包括:1. A method for distributing mobile station identifiers in a wireless communication system, characterized in that: during the initial network entry or re-entry process of a terminal, the method includes: 终端向基站发送能力协商请求消息;The terminal sends a capability negotiation request message to the base station; 所述基站接收所述能力协商请求消息后,向所述终端发送能力协商响应消息,其中携带所述基站为所述终端分配的移动台标识。After receiving the capability negotiation request message, the base station sends a capability negotiation response message to the terminal, which carries the mobile station identifier assigned by the base station to the terminal. 2、如权利要求1所述的方法,其特征在于:所述能力协商响应消息是加密消息,或所述能力协商响应消息携带的移动台标识是根据加密算法利用密钥加密密钥KEK或传输加密密钥TEK加密后发送的。2. The method according to claim 1, characterized in that: the capability negotiation response message is an encrypted message, or the mobile station identifier carried in the capability negotiation response message is encrypted with a key KEK or transmitted according to an encryption algorithm. The encryption key TEK is encrypted and sent. 3、如权利要求2所述的方法,其特征在于:所述移动台标识的加密算法是预置的,或是所述基站与终端在三次握手过程中进行协商的。3. The method according to claim 2, characterized in that: the encryption algorithm of the mobile station ID is preset, or negotiated between the base station and the terminal during the three-way handshake process. 4、一种无线通信系统中移动台标识分发方法,其特征在于:在终端初始入网或重入网的过程中,基站为终端分配唯一的移动台标识STID,并在认证后的能力协商过程中将所述移动台标识发送给终端。4. A method for distributing mobile station IDs in a wireless communication system, characterized in that: during the initial network entry or re-entry process of a terminal, the base station assigns a unique mobile station ID STID to the terminal, and assigns the STID to the terminal during capability negotiation after authentication. The mobile station ID is sent to the terminal. 5、如权利要求4所述的方法,其特征在于:所述能力协商响应消息是加密消息,或所述能力协商响应消息携带的移动台标识是利用密钥加密密钥KEK或传输加密密钥TEK加密后的发送的。5. The method according to claim 4, characterized in that: the capability negotiation response message is an encrypted message, or the mobile station identifier carried in the capability negotiation response message is encrypted using a key encryption key KEK or a transmission encryption key sent after TEK encryption. 6、一种无线通信系统中移动台标识分发系统,该系统包括通过无线网络连接的终端和基站,其特征在于:6. A mobile station identification distribution system in a wireless communication system, the system includes a terminal and a base station connected through a wireless network, characterized in that: 所述基站包括相互连接的移动台标识分配模块和移动台标识分发模块,移动台标识分配模块,用于在终端初始入网或重新入网的过程中为终端分配移动台标识;移动台标识分发模块,用于在认证后的能力协商过程将移动台标识STID发送给终端;The base station includes a mobile station identifier distribution module and a mobile station identifier distribution module connected to each other, the mobile station identifier distribution module is used to assign a mobile station identifier to the terminal during the initial network entry or re-entry process of the terminal; the mobile station identifier distribution module, Used to send the mobile station identifier STID to the terminal during the capability negotiation process after authentication; 终端,用于接收基站分配的移动台标识。The terminal is configured to receive the mobile station identifier assigned by the base station. 7、如权利要求6所述的系统,其特征在于:所述终端还用于向所述基站发送能力协商请求消息,以及通过接收所述基站发送的能力协商响应消息接收所述移动台标识;所述基站还包括接收模块,用于接收所述终端发送的能力协商请求消息,以及通过能力协商响应消息向所述终端发送所述移动台标识;所述基站的移动台标识分配模块是在终端成功完成认证授权操作后为所述终端分配移动台标识的。7. The system according to claim 6, wherein the terminal is further configured to send a capability negotiation request message to the base station, and receive the mobile station identifier by receiving a capability negotiation response message sent by the base station; The base station also includes a receiving module, configured to receive the capability negotiation request message sent by the terminal, and send the mobile station identifier to the terminal through a capability negotiation response message; the mobile station identifier allocation module of the base station is in the terminal A mobile station identifier is assigned to the terminal after the authentication and authorization operation is successfully completed. 8、如权利要求6所述的系统,其特征在于:所述能力协商响应消息是有机密性保护,所述移动台标识直接在加密的消息中发送。8. The system according to claim 6, wherein the capability negotiation response message is protected with confidentiality, and the mobile station ID is sent directly in the encrypted message. 9、如权利要求6所述的系统,其特征在于:所述能力协商响应消息携带的移动台标识是根据加密算法利用密钥加密密钥KEK或传输加密密钥TEK加密后的。9. The system according to claim 6, characterized in that: the mobile station identifier carried in the capability negotiation response message is encrypted with a key encryption key KEK or a transmission encryption key TEK according to an encryption algorithm. 10、如权利要求9所述的系统,其特征在于:所述移动台标识的加密算法是预置的,或是所述基站与终端在三次握手过程中进行协商的。10. The system according to claim 9, characterized in that: the encryption algorithm of the mobile station ID is preset, or negotiated between the base station and the terminal during the three-way handshake process.
CN200910137603A 2009-04-23 2009-04-23 Mobile station identifier distribution method and system in wireless communication system Pending CN101540998A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN200910137603A CN101540998A (en) 2009-04-23 2009-04-23 Mobile station identifier distribution method and system in wireless communication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN200910137603A CN101540998A (en) 2009-04-23 2009-04-23 Mobile station identifier distribution method and system in wireless communication system

Publications (1)

Publication Number Publication Date
CN101540998A true CN101540998A (en) 2009-09-23

Family

ID=41123921

Family Applications (1)

Application Number Title Priority Date Filing Date
CN200910137603A Pending CN101540998A (en) 2009-04-23 2009-04-23 Mobile station identifier distribution method and system in wireless communication system

Country Status (1)

Country Link
CN (1) CN101540998A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102404722A (en) * 2010-09-12 2012-04-04 三星电子株式会社 Method and apparatus for resource map transmission in wireless communication system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101150472A (en) * 2007-10-22 2008-03-26 华为技术有限公司 Authentication method, authentication server and terminal in WIMAX
US20080192931A1 (en) * 2005-06-22 2008-08-14 Seok-Heon Cho Method For Allocating Authorization Key Identifier For Wireless Portable Internet System

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080192931A1 (en) * 2005-06-22 2008-08-14 Seok-Heon Cho Method For Allocating Authorization Key Identifier For Wireless Portable Internet System
CN101150472A (en) * 2007-10-22 2008-03-26 华为技术有限公司 Authentication method, authentication server and terminal in WIMAX

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
IEEE 802.16 BROADBAND WIRELESS ACCESS WORKING GROUP: "《IEEE 802.16m System Description Document [Draft]》", 10 April 2009 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102404722A (en) * 2010-09-12 2012-04-04 三星电子株式会社 Method and apparatus for resource map transmission in wireless communication system
CN102404722B (en) * 2010-09-12 2015-08-05 三星电子株式会社 For the method and apparatus of resource map transmission in wireless communication system

Similar Documents

Publication Publication Date Title
CN101375243B (en) System and method for wireless network profile provisioning
US8107629B2 (en) Method of providing security for relay station
JP3961462B2 (en) Computer apparatus, wireless LAN system, profile updating method, and program
JP3570310B2 (en) Authentication method and authentication device in wireless LAN system
US8000478B2 (en) Key handshaking method and system for wireless local area networks
EP2506491B1 (en) Encryption information transmission terminal
US20100211790A1 (en) Authentication
CN101133592A (en) Key distribution control device, wireless base station device and communication system
CN101296138B (en) Wireless terminal configuration generating method, system and device
CN101689990A (en) Method for generating traffic encryption key
CN101895882A (en) Data transmission method, system and device in WiMAX system
CN106465101A (en) System and method for wireless network access protection and security architecture
Maccari et al. Security analysis of IEEE 802.16
CN108882233B (en) An IMSI encryption method, core network and user terminal
WO2025102782A1 (en) Bluetooth communication method, apparatus and system, and storage medium and electronic device
CN101588576B (en) A kind of method and system of system for protecting terminal privacy in wireless communication
WO2011003352A1 (en) Method and device for protecting terminal privacy
CN101431408A (en) Encryption apparatus capable of implementing connection between communication terminal and wireless local area network
CN101510825B (en) Protection method and system for management message
CN101540998A (en) Mobile station identifier distribution method and system in wireless communication system
CN101999240B (en) Communication method, device and communication system between base stations
CN103200004B (en) Send the method for message, the method for establishing secure connection, access point and work station
KR20120117731A (en) Method and system for service flow encrypton processing
Mishra et al. Privacy and security in WiMAX networks
CN101668289B (en) Method and system for updating air interface secret key in wireless communication system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20090923