CN101883362B - A kind of method and apparatus realizing authentication - Google Patents
A kind of method and apparatus realizing authentication Download PDFInfo
- Publication number
- CN101883362B CN101883362B CN201010221243.XA CN201010221243A CN101883362B CN 101883362 B CN101883362 B CN 101883362B CN 201010221243 A CN201010221243 A CN 201010221243A CN 101883362 B CN101883362 B CN 101883362B
- Authority
- CN
- China
- Prior art keywords
- authentication vector
- terminal
- authentication
- level
- vlr
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 42
- 239000013598 vector Substances 0.000 claims abstract description 166
- 230000008569 process Effects 0.000 claims description 21
- 238000012545 processing Methods 0.000 claims description 16
- 238000012423 maintenance Methods 0.000 claims description 12
- 238000004891 communication Methods 0.000 abstract description 7
- 238000010586 diagram Methods 0.000 description 4
- 230000006855 networking Effects 0.000 description 4
- 230000007704 transition Effects 0.000 description 2
- 238000004846 x-ray emission Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000002349 favourable effect Effects 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a kind of method and apparatus realizing authentication, all for the terminal being assigned with inferior grade authentication vector, authentication vector can be added for this terminal and obtain mark; When described terminal accesses high-level network, obtain mark according to the authentication vector of this terminal and obtain the high-grade authentication vector being applicable to high-level network.The present invention realizes the method and apparatus of authentication, all can avoid meaningless failed authentication, is conducive to the proper communication of terminal, improves user satisfaction.
Description
Technical Field
The invention relates to the field of communication, in particular to a method and a device for realizing authentication.
Background
Although 3G networks are becoming more popular, operators often adopt a gradual transition strategy for marketing and cost reasons, and thus a 2G &3G mobile switching center/visitor location register (MSC/VLR) co-networking scenario arises. In a mobile communication network in a transition stage, the situation of the original 2G MSC/VLR and the newly-built 2G &3G MSC/VLR hybrid networking usually occurs.
Under the network conditions described above, the terminal may roam from a 2G MSC/VLR to a 2G &3G MSC/VLR, and likewise may roam from a 2G network to a 3G network within a 2G &3G MSC/VLR. In the roaming process, the MSC/VLR needs to handle the authentication process. There are two key points in handling the authentication process: the first is to obtain and store the authentication vector, and the second is to select the right authentication vector to initiate the authentication process.
For the acquisition of the authentication vector, the MSC/VLR is mainly acquired through two channels:
the home location register/authentication center (HLR/Auc) is responsible for generating the authentication vector of the terminal, and the MSC/VLR can acquire the authentication vector from the HLR/Auc and store the authentication vector. Of course, to avoid repeated multiple acquisitions of authentication vectors, the HLR/Auc may provide multiple sets of authentication vectors at once.
Besides obtaining the authentication vector from the HLR/Auc, when the MSC/VLR processes the location updating process across VLRs, the MSC/VLR can obtain the authentication vector from the previous MSC/VLR through a MAP-SEND-IDENTIFICATION message in a 3GPP TS 29.002 protocol and store the authentication vector.
For a 2G terminal, an authentication vector generated by the HLR/Auc is a triple consisting of a random number RAND, an expected response XRES and an encryption key CK; for the 3G terminal, the authentication vector generated by the HLR/Auc is a five-tuple consisting of RAND, XRES, CK, integrity key IK, and authentication token AUTN.
When obtaining the authentication vector to the previous MSC/VLR, if the MSC/VLR is connected by using a lower MAP protocol version, only the triplet can be transmitted in the MAP-SEND-IDENTIFICATION message under the limitation of the version. Of course, for the MSC/VLR, the triplet can be derived from the quintuple, whereas it is not. Therefore, even if a 3G terminal is available, the 2G MSC/VLR can only provide the converted triad to the 2G &3G MSC/VLR for use. After the authentication vector is obtained, before the MSC/VLR initiates the authentication process, it is necessary to select a proper authentication vector according to the current wireless access type and terminal type of the terminal to ensure successful authentication.
As mentioned above, after the terminal roams from the 2G MSC/VLR to the 2G &3G MSC/VLR, the authentication vector obtained by the 2G &3GMSC/VLR from the 2G MSC/VLR can only be a triplet.
The 2G &3G MSC/VLR can be connected with a Base Station Controller (BSC) of the 2G and a Radio Network Controller (RNC) of the 3G at the same time, if the terminal is accessed through the BSC at the moment, successful authentication can be carried out by using the triple according to the definition of a 3GPP TS 33.102 protocol, and the authentication vector obtained by the 2G &3G MSC/VLR from the 2GMSC/VLR is available. However, if the terminal roams from BSC under 2G &3G MSC/VLR to RNC again, then the authentication will fail if the stored triplet is still used for authentication. Or the terminal roams directly from the 2G MSC/VLR to the RNC under the 2G &3G MSC/VLR, the authentication will also fail for the same reason.
In another case, if the MSC/VLR or the HLR and the 2G M SC/VLR are connected by using a lower MAP protocol version, and limited by the version, only the triplet can be transferred in the MAP-SEND-identity message, and the MSC/VLR of the higher-level network can only acquire the triplet no matter which level of network the terminal first accesses, as long as the terminal roams to the higher-level network (e.g. the RNC in the 3G network or the RNC in the 2G &3G network). Once the triplet authentication vector is used, the result is also an authentication failure.
In short, if the MAP protocol version is a high version, as long as the terminal roams from the low-level network to the high-level network, the MSC/VLR of the high-level network can only obtain the authentication vector of the terminal when obtaining the authentication vector from the MSC/VLR of the previous network. If the MAP protocol version is a low version, no matter where the terminal roams to the high-level network, the MSC/VLR of the high-level network can only obtain the triplet authentication vector when obtaining the authentication vector of the terminal from the MSC/VLR of the previous network.
The networking scenario currently involving the above-described authentication procedure is shown in fig. 1. In FIG. 1, the 2G MSC/VLR 100 supports only connection with BSC 120, while the 2G &3G MSC/VLR 110 supports access by both BSC 121 and RNC 122. The connection S220 between the 2G MSC/VLR 100 and the 2G &3G MSC/VLR 110 is limited by the equipment capability and can only adopt a MAP protocol with a lower version for communication; and, the 2G &3GMSC/VLR 110 may obtain the authentication vector of the terminal from the 2G MSC/VLR 100 through the connection.
The 2G MSC/VLR 100 and the 2G &3G MSC/VLR 110 are respectively connected with the HLR/Auc through S200 and S222, and the MAP protocol is also adopted. Of course, S200 may also be limited by the capability of the device, and only the MAP protocol with the lower version can be used for communication. The 2G MSC/VLR 100 and the 2G &3GMSC/VLR 110 will obtain the authentication vector of the terminal from the HLR/Auc through their respective connections.
When the terminal 000 roams from the 2G MSC/VLR 100 to the 2G &3G MSC/VLR 110, the specific application scenario is shown in fig. 2, and the flow shown in fig. 2 includes the following steps:
step 201: the 3G terminal roams from 2G MSC/VLR to 2G &3G MSC/VLR, accessing the network through RNC. The terminal initiates a location update procedure to provide information of the previous location area.
Step 202: and the 2G &3G MSC/VLR acquires the address of the 2G MSC/VLR according to the location area information, SENDs a MAP-SEND-IDENTIFICATION request message and acquires the user IDENTIFICATION and the authentication vector from the 2G MSC/VLR.
Step 203: because the 2G &3G MSC/VLR and the 2G MSC/VLR are connected by adopting a low-version MAP protocol, the authentication vector returned by the 2G MSC/VLR is triple information.
Step 204: and the 2G &3G MSC/VLR judges that the terminal is a 3G terminal and the RNC is accessed, if the authentication vector is triple information, the authentication vector is not stored but is directly discarded, and a new authentication vector is acquired from the HLR/Auc through MAP information.
Step 205: and the HLR/Auc returns the authentication vector of the terminal.
Step 206: the 2G &3G MSC/VLR initiates an authentication process using the authentication vector obtained from the HLR/Auc.
It can be seen that in the scenario shown in fig. 2, in the terminal authentication process, an unnecessary authentication failure may be caused because a proper authentication vector is not obtained. This is obviously disadvantageous to the normal communication of the terminal, reducing user satisfaction.
Disclosure of Invention
In view of the above, the main objective of the present invention is to provide a method and an apparatus for implementing authentication, which avoid meaningless authentication failure.
In order to achieve the purpose, the technical scheme of the invention is realized as follows:
a method of implementing authentication, the method comprising:
aiming at a terminal distributed with a low-level authentication vector, adding an authentication vector acquisition mark for the terminal; and when the terminal accesses the high-level network, acquiring a high-level authentication vector suitable for the high-level network according to the authentication vector acquisition mark of the terminal.
The process of obtaining the authentication vector according to the authentication vector obtaining mark comprises the following steps:
and judging that the terminal is a terminal corresponding to the high-level network, searching an authentication vector acquisition mark set for the terminal, and acquiring a high-level authentication vector suitable for the high-level network when the authentication vector acquisition mark is found.
The method further comprises the following steps:
and deleting the low-level authentication vector saved for the terminal, and clearing the authentication vector acquisition mark added for the terminal.
And after the authentication vector is obtained according to the authentication vector obtaining mark, the authentication vector is further applied to initiate an authentication process.
The terminal is a 3G terminal, and the high-level network is a 2G &3G network.
A device for realizing authentication comprises an authentication vector acquisition mark maintenance unit and an authentication vector processing unit; wherein,
the authentication vector acquisition mark maintenance unit is used for adding an authentication vector acquisition mark for a terminal which is distributed with a low-level authentication vector;
and the authentication vector processing unit is used for acquiring a high-level authentication vector suitable for the high-level network according to the authentication vector acquisition mark of the terminal added in the authentication vector acquisition mark maintenance unit when the terminal accesses the high-level network.
The authentication vector processing unit is configured to determine that the terminal is a terminal corresponding to a high-level network, search for an authentication vector acquisition flag set for the terminal, and acquire a high-level authentication vector applicable to the high-level network when the authentication vector acquisition flag is found.
The authentication vector processing unit is further to:
and deleting the low-level authentication vector saved for the terminal, and informing the authentication vector acquisition mark maintenance unit to clear the authentication vector acquisition mark added for the terminal.
The device further comprises an authentication unit for initiating an authentication process according to the high-level authentication vector which is acquired by the authentication vector processing unit and is applicable to the high-level network.
The device is arranged in a functional entity which comprises a mobile switching center/a visiting location register (MSC/VLR) and can carry out authentication management processing on the terminal;
the terminal is a 3G terminal, and the high-level network is a 2G &3G network.
The method and the device for realizing the authentication can avoid meaningless authentication failure, are favorable for normal communication of the terminal and improve the satisfaction degree of users.
Drawings
FIG. 1 is a prior art hybrid networking architecture diagram;
FIG. 2 is a prior art authentication flow diagram;
FIG. 3 is a flowchart illustrating authentication according to an embodiment of the present invention;
FIG. 4 is a simplified authentication process of the present invention;
fig. 5 is a diagram of an authentication apparatus according to an embodiment of the invention.
Detailed Description
In practical application, under the condition of hybrid networking, if the authentication vector acquired by the 2G &3G MSC/VLR from the 2GMSC/VLR is a triplet, in order to reduce the probability of subsequent authentication failure, the 2G &3GMSC/VLR may process the authentication vector according to the following principle:
when the terminal is a 3G terminal and is accessed through a 2G network, the 2G &3G MSC/VLR may set an authentication vector acquisition flag associated with the user to indicate that the terminal stores an authentication vector due to the 2G network access. When the terminal roams to a 3G network and accesses a 2G &3G MSC/VLR, the terminal can be judged whether to be provided with an authentication vector acquisition mark, if so, the authentication vector stored for the terminal is an inapplicable triple, so the authentication vector is directly deleted, the authentication vector acquisition mark can be removed, and the HLR/Auc is returned to obtain the authentication vector applicable to the 3G network.
Since the authentication vector applicable to the 3G network in the form of the five-tuple is obtained, the meaningless authentication failure shown in fig. 2 can be avoided.
The above operation concept can be represented as shown in fig. 3. Referring to fig. 3, fig. 3 illustrates an authentication procedure for the first access from the 2G network after the terminal roams to the 2G &3G MSC/VLR. The most central points are as follows: and the 2G &3G MSC/VLR sets an authentication vector acquisition mark according to the terminal type and the access type, deletes the stored authentication vector which is not suitable for the 3G network by judging the authentication vector acquisition mark when the terminal roams to the 3G network again, and acquires the authentication vector which is suitable for the 3G network from the HLR/Auc so as to avoid authentication failure. The process shown in FIG. 3 includes the following steps:
step 301: the terminal is a 3G terminal, roams from a 2G MSC/VLR to a 2G &3G MSC/VLR, and accesses the network through the BSC. The terminal initiates a location update procedure to provide information of the previous location area.
Step 302: and the 2G &3G MSC/VLR acquires the address of the 2G MSC/VLR according to the location area information, SENDs a MAP-SEND-IDENTIFICATION request message and acquires the user IDENTIFICATION and the authentication vector from the 2G MSC/VLR.
Step 303: because the 2G &3G MSC/VLR and the 2G MSC/VLR are connected by adopting a low-version MAP protocol, the authentication vector returned by the 2G MSC/VLR is triple information.
Step 304: the 2G &3G MSC/VLR judges that the terminal is a 3G terminal and accesses through the BSC, so that the authentication vector is stored according to the prior art, and an authentication vector acquisition mark is set for the terminal in the self record to indicate that the authentication vector is stored in the terminal due to 2G network access.
Step 305: the 2G &3G MSC/VLR initiates an authentication process.
Step 306: the terminal continues to roam from the 2G network to the 3G network of the 2G &3G MSC/VLR and initiates a location update procedure.
Step 307: the 2G &3G MSC/VLR judges that the terminal is a 3G terminal and is accessed through the RNC, so that the authentication vector acquisition mark set for the terminal is searched in the self record, and when the authentication vector acquisition mark is searched, the fact that the authentication vector stored for the terminal before is an inapplicable triple is indicated, so that the authentication vector can be directly deleted, and the authentication vector acquisition mark can be removed.
Step 308: and the 2G &3G MSC/VLR acquires the authentication vector applicable to the 3G network from the HLR/Auc through the MAP message.
Step 309: the HLR/Auc returns the authentication vector for the subscriber.
Step 310: the 2G &3G MSC/VLR initiates an authentication process using the authentication vector applicable to the 3G network obtained from the HLR/Auc.
As can be seen from the above description, when a terminal such as a 3G terminal corresponding to a high-level network such as 2G &3G accesses through a low-level network such as 2G, an authentication vector acquisition flag may be added to the terminal; and when the terminal accesses the high-level network, acquiring the authentication vector suitable for the high-level network according to the authentication vector acquisition mark of the terminal.
It should be noted that, if the MAP protocol version is a low version, no matter where the terminal roams to the higher-level network, when the MSC/VLR of the higher-level network acquires the authentication vector of the terminal from the MSC/VLR of the previous network, only the triplet authentication vector as the lower-level authentication vector may be acquired, but the high-level authentication vector applicable to the higher-level network, which is embodied as the quintuple authentication vector, may not be acquired. In this case, an authentication vector acquisition flag may also be added to the terminal; and when the terminal accesses the high-level network, acquiring the authentication vector suitable for the high-level network according to the authentication vector acquisition mark of the terminal.
The above operation idea can be represented as a flow shown in fig. 4, and the flow shown in fig. 4 includes the following steps:
step 410: and adding an authentication vector acquisition mark for the terminal which is allocated with the low-level authentication vector. Such as: when a terminal corresponding to a high-level network is accessed through a low-level network, adding an authentication vector acquisition mark for the terminal; alternatively, an authentication vector acquisition flag is added to a terminal that has communicated via the low-version MAP protocol.
Step 420: and when the terminal accesses the high-level network, acquiring a high-level authentication vector suitable for the high-level network according to the authentication vector acquisition mark of the terminal.
In order to ensure that the above operation can be smoothly performed, a device as shown in fig. 5 may be provided. Referring to fig. 5, fig. 5 is a diagram of an authentication apparatus according to an embodiment of the present invention, the apparatus includes an authentication vector acquisition mark maintaining unit, an authentication vector processing unit, and further may include an authentication unit. The device can be arranged in functional entities such as MSC/VLR and the like which can carry out processing such as authentication management and the like on the terminal.
In a specific application, the authentication vector acquisition mark maintenance unit may add an authentication vector acquisition mark to a terminal to which a low-level authentication vector is assigned. The authentication vector processing unit can search the authentication vector acquisition mark set for the terminal from the authentication vector acquisition mark maintenance unit when the terminal is accessed to a high-level network; and when the authentication vector acquisition mark is found, acquiring a high-level authentication vector suitable for a high-level network according to the authentication vector acquisition mark.
Further, the obtained high-level authentication vector applicable to the high-level network may be sent to an authentication unit, and the authentication unit initiates an authentication process for the terminal.
In addition, when the authentication vector processing unit determines that a high-level authentication vector suitable for a high-level network needs to be acquired, the low-level authentication vector previously stored for the terminal can be deleted; and can inform the authentication vector acquisition mark maintenance unit to clear the authentication vector acquisition mark added for the terminal, and the authentication vector acquisition mark maintenance unit clears the authentication vector acquisition mark added for the terminal according to the received notice.
The operations that can be implemented by the above units are disclosed in detail in the foregoing technical description, and are not described in detail herein.
In summary, the technology of the present invention for implementing authentication, regardless of the method or the device, can avoid meaningless authentication failure as shown in fig. 2, and is beneficial to normal communication of the terminal, thereby improving the user satisfaction.
The above description is only exemplary of the present invention and should not be taken as limiting the scope of the present invention, and any modifications, equivalents, improvements, etc. that are within the spirit and principle of the present invention should be included in the present invention.
Claims (8)
1. A method for performing authentication, the method comprising:
aiming at a terminal distributed with a low-level authentication vector, adding an authentication vector acquisition mark set according to a terminal type and an access type for the terminal; when the terminal accesses a high-level network, acquiring a high-level authentication vector suitable for the high-level network according to an authentication vector acquisition mark of the terminal;
wherein, the process of obtaining the authentication vector according to the authentication vector obtaining mark comprises the following steps:
and judging that the terminal is a terminal corresponding to the high-level network, searching an authentication vector acquisition mark set for the terminal, and acquiring a high-level authentication vector suitable for the high-level network when the authentication vector acquisition mark is found.
2. The method of claim 1, further comprising:
and deleting the low-level authentication vector saved for the terminal, and clearing the authentication vector acquisition mark added for the terminal.
3. The method of claim 1, wherein after obtaining the authentication vector according to the authentication vector obtaining flag, the authentication vector is further applied to initiate an authentication process.
4. A method according to any one of claims 1 to 3, wherein the terminal is a 3G terminal and the high-level network is a 2G &3G network.
5. A device for realizing authentication is characterized in that the device comprises an authentication vector acquisition mark maintenance unit and an authentication vector processing unit; wherein,
the authentication vector acquisition mark maintenance unit is used for adding an authentication vector acquisition mark set according to the terminal type and the access type for the terminal which is distributed with the low-level authentication vector;
the authentication vector processing unit is used for acquiring a mark according to the authentication vector acquisition mark of the terminal added in the authentication vector acquisition mark maintenance unit when the terminal accesses the high-level network, and acquiring a high-level authentication vector suitable for the high-level network;
the authentication vector processing unit is configured to determine that the terminal is a terminal corresponding to a high-level network, search for an authentication vector acquisition flag set for the terminal, and acquire a high-level authentication vector applicable to the high-level network when the authentication vector acquisition flag is found.
6. The apparatus of claim 5, wherein the authentication vector processing unit is further configured to:
and deleting the low-level authentication vector saved for the terminal, and informing the authentication vector acquisition mark maintenance unit to clear the authentication vector acquisition mark added for the terminal.
7. The apparatus of claim 5, further comprising an authentication unit, configured to initiate an authentication process according to the high-level authentication vector applicable to the high-level network obtained by the authentication vector processing unit.
8. The apparatus according to any of claims 5 to 7, wherein the apparatus is disposed in a functional entity capable of performing authentication management processing on the terminal, including a mobile switching center/visitor location register MSC/VLR;
the terminal is a 3G terminal, and the high-level network is a 2G &3G network.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010221243.XA CN101883362B (en) | 2010-06-29 | 2010-06-29 | A kind of method and apparatus realizing authentication |
| PCT/CN2011/071783 WO2012000327A1 (en) | 2010-06-29 | 2011-03-14 | Method and device for realizing authentication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010221243.XA CN101883362B (en) | 2010-06-29 | 2010-06-29 | A kind of method and apparatus realizing authentication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101883362A CN101883362A (en) | 2010-11-10 |
| CN101883362B true CN101883362B (en) | 2015-09-16 |
Family
ID=43055212
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010221243.XA Expired - Fee Related CN101883362B (en) | 2010-06-29 | 2010-06-29 | A kind of method and apparatus realizing authentication |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN101883362B (en) |
| WO (1) | WO2012000327A1 (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101883362B (en) * | 2010-06-29 | 2015-09-16 | 中兴通讯股份有限公司 | A kind of method and apparatus realizing authentication |
| CN102137459B (en) * | 2011-02-21 | 2013-12-04 | 华为技术有限公司 | Method as well as related system and device for ensuring CS (circuit-switched) domain of one-card double-standby terminal to reside in two networks simultaneously |
| CN111405557B (en) * | 2020-03-19 | 2022-03-15 | 中国电子科技集团公司第三十研究所 | A method and system for enabling 5G network to flexibly support multiple primary authentication and authentication algorithms |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6671507B1 (en) * | 2000-06-16 | 2003-12-30 | Siemens Aktiengesellschaft | Authentication method for inter-system handover between at least two radio communications systems |
| CN1642083A (en) * | 2004-09-23 | 2005-07-20 | 华为技术有限公司 | Network side anthority-discrimination-mode selecting method |
| CN101132279A (en) * | 2006-08-24 | 2008-02-27 | 华为技术有限公司 | An authentication method and authentication system |
| CN101426233A (en) * | 2007-11-02 | 2009-05-06 | 华为技术有限公司 | Roaming user equipment gradation controlling method and gateway equipment for access service network |
| CN101645901A (en) * | 2009-09-03 | 2010-02-10 | 烽火通信科技股份有限公司 | Method for deciding user authentication mode by IMS network based on terminal capabilities |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101883362B (en) * | 2010-06-29 | 2015-09-16 | 中兴通讯股份有限公司 | A kind of method and apparatus realizing authentication |
-
2010
- 2010-06-29 CN CN201010221243.XA patent/CN101883362B/en not_active Expired - Fee Related
-
2011
- 2011-03-14 WO PCT/CN2011/071783 patent/WO2012000327A1/en active Application Filing
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6671507B1 (en) * | 2000-06-16 | 2003-12-30 | Siemens Aktiengesellschaft | Authentication method for inter-system handover between at least two radio communications systems |
| CN1642083A (en) * | 2004-09-23 | 2005-07-20 | 华为技术有限公司 | Network side anthority-discrimination-mode selecting method |
| CN101132279A (en) * | 2006-08-24 | 2008-02-27 | 华为技术有限公司 | An authentication method and authentication system |
| CN101426233A (en) * | 2007-11-02 | 2009-05-06 | 华为技术有限公司 | Roaming user equipment gradation controlling method and gateway equipment for access service network |
| CN101645901A (en) * | 2009-09-03 | 2010-02-10 | 烽火通信科技股份有限公司 | Method for deciding user authentication mode by IMS network based on terminal capabilities |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101883362A (en) | 2010-11-10 |
| WO2012000327A1 (en) | 2012-01-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11290974B2 (en) | Connection processing method and apparatus in multi-access scenario | |
| KR101700448B1 (en) | Method and system for managing security in mobile communication system | |
| US20220159606A1 (en) | Policy Control Function Network Element Selection Method, Apparatus, System, and Storage Medium | |
| US8706085B2 (en) | Method and apparatus for authenticating communication device | |
| US8144696B2 (en) | Mobile management entity operating in communications network and selection method therefor | |
| CN101572864B (en) | Method, system and device for notifying user information | |
| TWI606740B (en) | An Electronic Device, System and Method for Registering Network | |
| EP3335452B1 (en) | A node and method for handling a mobility procedure for a wireless device | |
| CN101904188B (en) | Method and system for preventing use of stolen terminal through forced location re-registration | |
| CN108419270A (en) | A kind of service distributing implementation method and device | |
| US9100796B2 (en) | Methods, systems, and computer readable media for seamless roaming between diameter and non-diameter networks | |
| CN110138580B (en) | PDU session updating method and network side equipment | |
| CA3011969A1 (en) | Access point name determination for mission critical services | |
| ES2542766T3 (en) | Method and system to select a mobility management entity from a group of terminals | |
| CN108243631B (en) | A method and device for accessing a network | |
| US11991781B2 (en) | Subscriber data management method and apparatus | |
| CN101883362B (en) | A kind of method and apparatus realizing authentication | |
| US10285100B2 (en) | Indication of IMEISV over map for inter-MSC handover | |
| US11792633B2 (en) | Device authentication verification for device registration | |
| EP2883346B1 (en) | Methods and devices for roaming charging for cs fallback mtrf call | |
| US20140241241A1 (en) | Method and apparatus for supporting short message services for packet switched devices | |
| CN101938746A (en) | Method and device for anti-cloning of subscriber identity module | |
| CN101420691A (en) | Authentication method, system and apparatus for communication | |
| KR20180008694A (en) | A mobile communication system, a mobile management apparatus, a communication method, a mobile communication terminal, and a non-transitory computer readable medium | |
| KR20100021690A (en) | Method and system for supporting authentication and security protected non-access stratum protocol in mobile telecommunication system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20150916 Termination date: 20170629 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |