CN100450295C - Method of controlling position renewing - Google Patents
Method of controlling position renewing Download PDFInfo
- Publication number
- CN100450295C CN100450295C CNB2005100929080A CN200510092908A CN100450295C CN 100450295 C CN100450295 C CN 100450295C CN B2005100929080 A CNB2005100929080 A CN B2005100929080A CN 200510092908 A CN200510092908 A CN 200510092908A CN 100450295 C CN100450295 C CN 100450295C
- Authority
- CN
- China
- Prior art keywords
- message
- information
- serving
- paging controller
- primary importance
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The present invention relates to mobile communication technology, which provides a location update controlling method so as to solve the problem that the replay of a location update message can not be prevent in the prior art. The method of the present invention comprises that the update of the context information of an authentication and authorization key of a first location update request message is completed on a paging controller, and the generation of the air interface information of a location update response is also completed on the paging controller; an SBS only carries out simple message transmission in the process of the interaction of the location update messages. The method of the present invention comprises that the authentication of a second location update message is carried out on the SBS, and the context information of the updated authorization key is transmitted to the paging controller through subsequent information interaction after authentication is passed so as to ensure that next location update can be safely carried out. The method of the present invention utilizes the sequence number information in a management message to judge whether a message is a replay message so as to effectively prevent a replay management message from passing the authentication, which enhances network security.
Description
Technical field
The present invention relates to mobile communication technology, disclose the control method of mobile terminal position updating under a kind of idle condition especially.
Background technology
Idle pulley is a kind of terminal work mode in the mobile wide-band wire-less accessing system of IEEE 802.16e standard definition.Under the idle pulley, MSS (Mobile Subscribe Station, mobile contracted user) can in a very big zone, move, receive the downlink broadcast service message every certain cycle, whether MSS has downlink business to send by the broadcast notice, MSS in the roam procedure, needn't register to the BS (Base Station, base station) of this sub-district in the sub-district of roaming in this zone.Simultaneously, when MSS roams into different districts, the normal running flow process such as needn't switch, thereby help saving MSS power and interface-free resources.
A plurality of BS can form a group, are called paging group (Paging Group).The purpose of paging group is to constitute a continuous zone, and MSS there is no need to send uplink service in this zone, but can judge whether to send to its downlink business by descending paging channel.Paging group must be enough greatly to guarantee that most of MSS remain in the same paging group scope in a long time; Paging group is enough little again, to guarantee that be rational a paging group to the expense that MSS carries out paging.
With the course of normal operation of certain Serving cell (Serving BS is hereinafter to be referred as SBS) in, MSS can enter idle pulley by sending message request.Similarly, SBS also can initiatively require MSS to enter idle pulley by sending message.No matter be that MSS initiatively initiates to ask to enter idle pulley, or SBS initiatively requires MSS to enter idle pulley by sending message, MSS will finish the process of registering, entering idle pulley in official hour.
WiMAX (the Worldwide Interoperability for MicrowaveAccess that is formulating at present, inserting of microwave whole world interoperability) standard definition the paging reference model under the idle pulley, PC (Paging Controller, paging controller) be that this entity of network entity of controlling the activity of MSS idle pulley is a logic entity in the network architecture of present WiMAX, with another logic entity Authenticator (may in same physical NE, realize) in close relations as a part of logic function of Authenticator.Its physical location may be arranged in the physical NE ASN GW of WiMAX network, also may be positioned at another independently physical NE.In addition, because paging controller need be initiated beep-page message according to the paging group at current MSS place, therefore, need a location register (LR) to preserve state information, paging information and the service flow relevant information of MSS.In general, a corresponding LR (Location Register, the location register) logic entity of PC logic entity meeting, and two logic entities are realized in same physical NE.
Do not consider other physical NE and logic entity in the WiMAX network, we will adopt WiMAX paging reference model (but the technology that this patent provided includes but not limited to the application in the WiMAX system) shown in Figure 1 when technical description subsequently.
Paging reference model according to Fig. 1, when going up active request at BS1 (Serving BS), MSS enters idle pulley, when perhaps BS1 instruct MS S enters idle pulley, MSS is by MSS and BS1, BS1 and rear end network element ASN GW (Access Service Network Gateway, access service network gateway) interacting message between, notice paging controller PC (realizing in ASN GW1) enters idle pulley, and PC preserves state information, paging information and the service stream information of MSS in the LR of correspondence.MSS can carry information that need to ask reservation when it enters idle pulley in issuing the idle-mode request message of BS1, BS1 also can be provided with similar information in the idle mode request response message, be used for the relevant information of notifying MSS in LR, to be kept, and with paging controller sign (PCID) notice MSS.In addition, after MSS enters idle pulley, need discharge corresponding R4, R6 interface, but need to keep the Interface R3 between HA (Home Agent, home agent) and the FA (Foreign Agent, Foreign Agent).
Under idle pulley, MSS needs periodically to initiate the position updating request idle message to the BS at current place, carries PCID and BSID in this message.BS receives after this message according to PCID and sends the location update message of back-end network to corresponding paging controller paging controller judges according to the BSID in this message whether MSS enters new paging group, if then upgrade the corresponding information among the LR.
In the prior art scheme, the position under the idle pulley of WiMAX definition more new technological process comprises the steps: as shown in Figure 2
S1, when the position update condition that defines among the IEEE 802.16e satisfies, MSS initiates position updating request by send RNG REQ message to SBS (Serving BS), carry MSSID, PCID in this message, in order to realize authentication, also carried message authentication code HMAC in the message to message;
S2, SBS send LU Request message to SGW (Serving Gate Way, gateway), carry MSSID, PCID, BSID in this message;
S3, SGW send LU Request message to the ASN GW of the PC/LR function that has realized the MSS correspondence, carry MSSID, PCID, BSID in the message;
Preserve each BS among S4, the PC and belonged to the information of which paging group, PC/LR/Authenticator determines that according to the BSID in the LU Request message whether MSS is to a new paging group, send a LU Response message to SGW simultaneously, comprise in the message: MSSID, BSID, PGID, AK (n) and AK Context, PCID;
PC/LR/Authenticator three's relation is: PC has controlled signaling processes such as position renewal under the MSS idle pulley as paging controller, preserve among the LR be for MSS can be set up rapidly when idle pulley withdraws from and BS between normal running and the parameter that needs, Authenticator does not participate in the activity control under the idle pulley substantially, but because Authenticator is an authentication entity, and the information of the activity of PC and LR control and reservation is a lot of relevant with safety and key, so these two entities and Authenticator are realized in same physical NE.
AK (n) is the AK of the AK sequence number correspondence in the location update request message RNG REQ message that sends with terminal.
If effective AK of the MSS of SBS last this moment of neither one correspondence, SBS can send an AK Request message on SGW on the R6 passage, S-GW sends to AnchorAuthenticator (anchor authentication person), i.e. Authenticator among the PC/LR/Authenticator by the R4 passage with this message.
Anchor Authenticator need verify the legitimacy of this secret key request message.If legal, Auchor Authenticator sends an AK TRA message by SGW to SBS, has carried effective AK of MSS correspondence in the message.
In Fig. 2, AK REQAK TRA message merges with LU REQ/LU RSP message, that is to say, in LU REQ message, use the TLV coding to carry the related content of AK REQ message, in LU RSP message, use the TLV coding to carry the relevant content of AK TRA message.Therefore, do not use independent AK REQ/AK TRA message among the figure;
S5, SGW send to SBS with LU RSP;
S6, SBS use AK that the RNG REQ message of receiving from MSS is authenticated, if this message is believable, SBS will send a RNG RSP to MSS and respond, and has carried message authentication code in this message so that MSS also can authenticate message; Otherwise SBS will think this " renewal of unsafe position ", carries out network and reentries or re-authentication thereby trigger MSS;
If AS7 is believable from the RNG REQ message of MSS, SBS also can send a position to SGW and upgrade successfully indication (LU CON) message, show that position updating request that MSS initiates has been passed through authentication and verification process completes successfully, carry MSSID and BSID in this message;
S8, SGW send to APC/LR with LU CON message;
After APC/LR receives LU CON message, according to the positional information of MSS among MSSID and the BSID renewal LR.
The Location Update Request/Response/Confirm message of using in the said process may use the MSS/Session Information Request/Response/Report message that has defined on the R4/R6 to realize.
Define more new technological process of the position under the idle pulley in the prior art, and considered safety issue wherein.But the scheme that provides exists the hidden danger on the safety.Because in the authentication to the location update request message RNG REQ that eats dishes without rice or wine is to be undertaken by the AK to the Authenticator request.Though this can verify the legitimacy of message, can't stop Replay Attack.Consider a kind of like this scene, still as shown in Figure 1, when MSS at certain BS (BS1, belong to paging group 2) go up when initiating position updating request, the assailant intercepts and captures the RNG REQ that eats dishes without rice or wine get off, when MSS roams into a new BS (BS2, belong to another paging group 3) and carried out after once new position upgrades, on BS1, the reset RNGREQ message of its intercepting and capturing of assailant, at this moment, BS1 understands whereabouts Authenticator request key equally, because this message is a message playback, at last still can be by authentication, the positional information of MSS is updated back the paging group at BS1 place again.Thereby the assailant has carried out once new position updating process by a message playback, and the positional information of MSS is updated to paging group 2 again among the LR, and in fact, at this moment MSS is physically located in the paging group 3, will cause MSS pagedly not arrive like this.
Summary of the invention
The invention provides more new control method of a kind of position, can not prevent the problem that location update message is reset to solve in the prior art.
A kind of position is new control method more, comprises the steps:
After A1, serving BS receive the primary importance update inquiry information of portable terminal, obtain the contextual information of the current KI of this portable terminal from paging controller;
A2, serving BS determine that according to administrative messag sequence number corresponding in administrative messag sequence number that carries in the primary importance update inquiry information and the described contextual information described primary importance update inquiry information is not the administrative messag sequence number that upgrades after the message playback in the described contextual information;
A3, serving BS return the contextual information that primary importance upgrades response message and will upgrade the administrative messag sequence number to portable terminal and send to described paging controller.
In the described steps A 1, serving BS obtains current authentication key contexts information of this portable terminal and current KI from paging controller;
In the described steps A 2, serving BS also authenticates the Message Authentication Code that carries in the described primary importance update inquiry information according to described current KI.
Described steps A 1 comprises the steps: that serving BS sends secret key request message to the paging controller of the described paging controller sign of correspondence, carries mobile terminal identification in the described secret key request message; Paging controller extracts the contextual information of described KI and is carried in the cipher key delivery message according to mobile terminal identification and sends to serving BS.
Perhaps, described steps A 1 comprises the steps: that serving BS carries the content of secret key request message and sends to paging controller in second place update inquiry information or information of mobile terminal request message; Paging controller extracts the contextual information of described KI according to mobile terminal identification, and carries the content of the cipher key delivery message that comprises described contextual information and send to serving BS in second place renewal response message or information of mobile terminal request response.
In the described steps A 3, the described contextual information that serving BS will upgrade is carried in second place renewal acknowledge message or the information of mobile terminal report message and sends to paging controller.
The present invention also provides more new control method of a kind of position, comprises the steps:
After B1, serving BS receive the primary importance update inquiry information of portable terminal, the primary importance updating message is carried in second place updating message or the information of mobile terminal request message sends to paging controller;
B2, paging controller extract the contextual information of the current KI of this portable terminal and determine that this primary importance update inquiry information is not to upgrade described contextual information after the message playback;
B3, paging controller generate primary importance and upgrade response message, and are carried at the second place and upgrade in response message or the information of mobile terminal request response and send to serving BS;
B4, serving BS upgrade from the second place and parse second place renewal response message response message or the information of mobile terminal request response and send to portable terminal.
Among the described step B2, paging controller also authenticates the Message Authentication Code that carries in the described primary importance update inquiry information according to described current KI; And determine according to administrative messag sequence number corresponding in administrative messag sequence number that carries in the described primary importance update inquiry information and the described contextual information whether this primary importance update inquiry information is message playback; And upgrade administrative messag sequence number in the described contextual information.
Described method also comprises step B5 after step B4: serving BS sends the second place to paging controller and upgrades acknowledge message or information of mobile terminal reporting message.
In the described method, among the step B1, also carry the content in the secret key request message of serving BS in second place update inquiry information or the information of mobile terminal request message simultaneously; Among the step B3, the second place is upgraded the content of also having carried the cipher key delivery message that has comprised described authentication key contexts information in response message or the information of mobile terminal response message simultaneously; And among the step B4, serving BS upgrades response message or the information of mobile terminal response message from the second place and parses the content of cipher key delivery message and obtain described authentication key contexts information.
Described method also comprised step B0 before step B1: portable terminal sends the primary importance update inquiry information to serving BS, carries mobile terminal identification, paging controller sign, administrative messag sequence number information in this message and Message Authentication Code that the cipher key calculation that derives from according to the current KI that portable terminal is preserved generates.
Utilize more new control method of position of the present invention, when location update message is authenticated, except will verifying the legitimacy of message by message authentication code, also need according to the information of preserving in the authentication key contexts, and the sequence number information in the administrative messag judges whether message is message playback, effectively prevent the playback of administrative messag, improved the fail safe of network.
Description of drawings
Fig. 1 is the paging reference model among the WiMAX;
Fig. 2 is in the prior art, and in the WiMAX network, flow chart is upgraded in the position under the MSS idle pulley;
Fig. 3 is the flow chart of the method for the invention embodiment one;
Fig. 4 is the flow chart of the method for the invention embodiment two;
Fig. 5 is the flow chart of the method for the invention embodiment three.
Embodiment
In existing IEEE 802.16e standard, defined a kind of mechanism that is used to prevent the administrative messag playback.Judge with base station side whether upstream message is that message playback is an example, terminal is safeguarded a up management message SN CMAC_PN_U in its AK Context, carry sequence number CMAC_PN_U in the administrative messag that terminal sends and use key that whole message body is comprised the Message Authentication Code (CMAC value) that sequence number calculates, sequence number CMAC_PN_U in the message equals the currency of the CMAC_PN_U that safeguards among the terminal AK Context, and after message sent successfully, terminal increased progressively certain numerical value with the CMAC_PN_U among its AK Context.
A up management message SN CMAC_PN_U is safeguarded in the base station in the AK of correspondence Context, this sequence number has been preserved a last value that correctly receives and pass through the CMAC_PN_U in the up administrative messag that authenticates, after the base station whenever receives a up administrative messag, the CMAC_PN that comprises in the up administrative messag that utilization receives, the CMAC value, and the CMAC_PN_U value of preserving among the AK Context, whether can judge this up administrative messag is message playback, if determining message is not that message playback and verification message are carried out respective handling after legal, the CMAC_PN_U among the AK Context is changed to the value of the CMAC_PN_U in the up administrative messag that receives.
Whether the down management message that the terminal judges base station sends is that the process and the principle of message playback is similar, and just the sequence number that uses on terminal and the base station this moment is CMAC_PN_D.
The information such as KI that the CMAC_PN_D/CMAC_PN_U that uses in the said process, calculating CMAC use all can be kept in the corresponding authentication key contexts (AK Context).
The present invention utilizes above-mentioned authentication mechanism just, a kind of method that prevents that effectively administrative messag from resetting is provided, when location update message is authenticated, except will verifying the legitimacy of message by message authentication code, also need according to the information of preserving in the authentication key contexts, and the sequence number information in the administrative messag judges whether message is message playback.
In addition and since to the authentication of location update message by after also need the contextual information of AK is upgraded, the AK contextual information after the renewal must in time be saved among the LR, so that the position is upgraded and also can be carried out safely next time.
Based on above technical conceive, the present invention program provides following two kinds of methods:
1, to finishing on the authentication of location update request message and the contextual PC of being updated in of AK, the position is upgraded the generation of the idle message of response and is also finished on PC, and SBS only does simple message transmission in location update message reciprocal process;
2, the authentication of location update message is carried out on SBS, so, authentication by after AK contextual information after needing will upgrade by follow-up interacting message send to APC/LR, can carry out safely to guarantee the renewal of next position.
With specific embodiment and be described with reference to the accompanying drawings, wherein the abbreviation of using in each message is described as follows: REQ:Request below; RSP:Response; LU:Location Update; INFO:Information; RPT:Report; CON:Confirm; TRA:Transfer.
Embodiment one
After SBS receives position updating request RNG REQ message from MSS, SBS does not authenticate message, has carried the complete RNG REQ message (message body and Message Authentication Code) that SBS receives but send location update request message LU REQ/MSS INFO REQ message to APC/LR.APC/LR receives that the key that at first uses AK to derive from after this message authenticates the RNG REQ message of carrying in the message, authentication is by back structure RNG RSP message (message body and Message Authentication Code), upgrade the contextual relevant information of AK then, specifically, the contextual information that may upgrade has only CMAC_PN_D and CMAC_PN_U, and, carried complete RNG RSP message in the message to SBS transmission location update request message LU RSP/MSS INFO RSP.SBS parses RNG RSP and sends to MSS after receiving this message, continues more new technological process of follow-up position.
In this embodiment, the SBS side does not go for asks the AK context, also can not keep any AK information, receive RNG REQ message at every turn after, SBS passes to it APC/LR and goes up by it and finish authentication and structure RNG RSP message.
As shown in Figure 3, specifically comprise the steps:
S101, MSS send position updating request (RNG REQ) message to SBS, carry MSSID, PCID, BSID in this message;
S102~S103, SBS send location update request message (LU REQ)/mobile station information request message (MSS INFO REQ) message by SGW to APC/LR, carry MSSID, PCID, BSID and complete RNG REQ message in this message, LU REQ/MSS INFO REQ message uses the TLV coding to carry RNG REQ message;
After APC/LR receives this LU REQ/MSS INFO REQ message, the key that at first uses AK to derive from authenticates the RNG REQ message of carrying in the message, and judge according to sequence number information in the message and AK contextual information whether message is message playback, authentication by and determine that message is not structure RNG RSP message (comprising message body and Message Authentication Code) after the message playback, upgrades the contextual relevant information of AK then;
If authentication not by or judge that message is message playback, failure is upgraded in the position, APC/LR can select not respond any message, also may respond a failure Indication message.
S104~S105, APC/LR send position updating request response message (LURSP)/mobile station information request response (MSS INFO RSP) by SGW to SBS, use the TLV coding to carry complete RNG RSP message in the LU RSP/MSS INFO RSP message;
S106, SBS parse RNG RSP and send to MSS;
S107~S108, SBS upgrade successful acknowledge message (LU Confirm) by SGW with the position and send to APC/LR; After APC/LR receives LU Confirm message, according to the positional information of MSS among MSSID and the BSID renewal LR.
By above-mentioned steps, on PC, realized the authentication of location update request message and can judge whether location update request message is message playback, thereby prevented Replay Attack.
Embodiment two:
After SBS receives position updating request RNG REQ message from MSS, SBS does not authenticate message, but send AK REQ message to APC/LR, except carrying the required information of request AK key, also carried the complete RNG REQ message (message body and Message Authentication Code) that SBS receives in the message.APC/LR receives that the key that at first uses AK to derive from after this AK REQ message authenticates the RNG REQ message of carrying in the message, and authentication is upgraded the contextual relevant information of AK by the back, and sends AK TRA message to SBS, has carried corresponding effectively AK in the message.SBS continues more new technological process of follow-up position after receiving this message.
In Fig. 4, AK REQ/AK TRA message merges with LU REQ/LU RSP message, that is to say that use the TLV coding to carry the content of AK REQ message, use TLV coding carries the related content in the AK TRA message in LU RSP message in LU REQ message.Therefore, there is not independent AK REQ/AK TRA message interaction process in the flow process.
S201, MSS send position updating request (RNG REQ) message to SBS, carry MSSID, PCID, BSID in this message;
S202~S203, SBS send LU REQ/MSS INFO REQ message by SGW to APC/LR, carry MSSID, PCID, BSID and complete RNG REQ message and AKRequest message in this message, LU REQ/MSS INFO REQ message uses the TLV coding to carry RNG REQ message and AK Request message;
After APC/LR receives this LU REQ/MSS INFO REQ message, the key that at first uses AK to derive from authenticates the RNG REQ message of carrying in the message, and judge according to sequence number information in the message and AK contextual information whether message is message playback, authentication by and determine that message is not to upgrade the contextual relevant information of AK after the message playback;
If authentication not by or judge that message is message playback, failure is upgraded in the position, APC/LR can select not respond any message, also may respond a failure Indication message.
S204~S205, APC/LR send LU RSP/MSS INFO RSP by SGW to SBS, the related content of having carried AK TRA message in the LURSP/MSS INFO RSP message comprises effective AK, structure RNG RSP message and message authentication code after SBS receives this message and obtains AK.;
S206, SBS send RNG RSP message to MSS;
SBS can carry AK Transfer message related content and judges that whether authentication is passed through, and also can be provided with clear and definite indication information in message according to having or not.
S207~S208, SBS send to APC/LR by SGW with LU CON message; After APC/LR receives LU Confirm message, according to the positional information of MSS among MSSID and the BSID renewal LR.
By above-mentioned steps, on PC, realized the authentication of location update request message and can judge whether location update request message is message playback, thereby prevented Replay Attack.
Embodiment three
When SBS receive upgrade from the position of MSS eat dishes without rice or wine to ask RNG REQ message after, as MSS when for the first time enterprising line position upgrades in certain base station, SBS is last not to have effective AK of corresponding MSS then to send an AK REQ message to APC/LR this moment, APC/LR sends to SBS with AK and contextual information thereof by AK TRA message after receiving this message, SBS uses key and the sequence number information in AK and the contextual information thereof to authenticate RNG REQ message, and judges whether message is message playback.When message by after authentication and determining to be not message playback, SBS upgrades the AK contextual information, and the AK context-related information after using subsequently network side location update message to upgrade is notified APC/LR.After process is mutual for the first time, corresponding AK has just been arranged on the BS.
In Fig. 5, AK REQ/AK TRA message merges with LU REQ/LU RSP message, that is to say that use the TLV coding to carry the content of AK REQ message, use TLV coding carries the related content in the AK TRA message in LU RSP message in LU REQ message.Therefore, there is not independent AK REQ/AK TRA message interaction process in the flow process.
S301, MSS send position updating request (RNG REQ) message to SBS, carry MSSID, PCID, BSID in this message;
S302~S303, SBS send LU REQ/MSS INFO REQ message by SGW to APC/LR, carry the related content of MSSID, PCID, BSID and AK REQ message in this message, LU REQ/MSS INFO REQ message use TLV coding carries the related content in the AK REQ message;
After S304~S305, APC/LR receive this message, send LU RSP/MSSINFO REQ message by SGW to SBS, carry MSSID and AK RSP message in this message, LU REQ/MSS INFOREQ message use TLV coding carries the related content in the AK TRA message, comprises AK and contextual information thereof;
Perhaps, directly use AK REQ/AK TRA message request.
S306, SBS use key and the sequence number information in AK and the contextual information thereof to authenticate RNGREQ message, and judge according to sequence number information in the RNG REQ message and AK contextual information whether this message is message playback, when message by after authentication and determining to be not message playback, SBS upgrades the AK contextual information, and sends RNG RSP message to MSS;
S307~S308, and use the AK context-related information after upgrading in subsequently the LU CON/ mobile station information request report message (MSS INFORPT) to notify APC/LR.
Utilize more new control method of position of the present invention, when location update message is authenticated, except will verifying the legitimacy of message by message authentication code, also need according to the information of preserving in the authentication key contexts, and the sequence number information in the administrative messag judges whether message is message playback, prevented that effectively the playback administrative messag is by authentication, the fail safe that has improved network.
Obviously, those skilled in the art can carry out various changes and modification to the present invention and not break away from the spirit and scope of the present invention.Like this, if of the present invention these are revised and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification interior.
Claims (14)
1, a kind of position new control method more is characterized in that, comprises the steps:
After A1, serving BS receive the primary importance update inquiry information of portable terminal, obtain the current authentication key contexts information of this portable terminal from paging controller;
A2, serving BS determine that according to administrative messag sequence number corresponding in administrative messag sequence number that carries in the primary importance update inquiry information and the described contextual information described primary importance update inquiry information is not the administrative messag sequence number that upgrades after the message playback in the described contextual information;
A3, serving BS return the contextual information that primary importance upgrades response message and will upgrade the administrative messag sequence number to portable terminal and send to described paging controller.
2, the method for claim 1, it is characterized in that, also comprise steps A 0 before the steps A 1: portable terminal sends the primary importance update inquiry information to serving BS, carries mobile terminal identification, paging controller sign, administrative messag sequence number in this message and Message Authentication Code that the cipher key calculation that derives from according to the current KI that portable terminal is preserved generates;
In the described steps A 1, serving BS obtains current authentication key contexts information of this portable terminal and current KI from paging controller;
In the described steps A 2, serving BS also authenticates the Message Authentication Code that carries in the described primary importance update inquiry information according to described current KI.
3, the method for claim 1 is characterized in that, described steps A 1 comprises the steps:
Serving BS sends secret key request message to the paging controller of the described paging controller sign of correspondence, carries mobile terminal identification in the described secret key request message;
Paging controller extracts the contextual information of described KI and is carried in the cipher key delivery message according to mobile terminal identification and sends to serving BS.
4, the method for claim 1 is characterized in that, described steps A 1 comprises the steps:
Serving BS carries the content of secret key request message and sends to paging controller in second place update inquiry information or information of mobile terminal request message;
Paging controller extracts the contextual information of described KI according to mobile terminal identification, and carries the content of the cipher key delivery message that comprises described contextual information and send to serving BS in second place renewal response message or information of mobile terminal request response.
5, as claim 2 or 3 described methods, it is characterized in that, in the described steps A 3,
The described contextual information that serving BS will upgrade is carried in second place renewal acknowledge message or the information of mobile terminal report message and sends to paging controller.
6, method as claimed in claim 4 is characterized in that, passes through the intermediate NE interaction message between serving BS and the paging controller.
7, the method for claim 1, it is characterized in that described primary importance is upgraded the Message Authentication Code that cipher key calculation that the administrative messag sequence number that carries in the response message in the described contextual information and serving BS derive from according to described current KI generates.
8, a kind of position new control method more is characterized in that, comprises the steps:
After B1, serving BS receive the primary importance update inquiry information of portable terminal, the primary importance updating message is carried in second place updating message or the information of mobile terminal request message sends to paging controller;
B2, paging controller extract the contextual information of the current KI of this portable terminal and determine that this primary importance update inquiry information is not to upgrade described contextual information after the message playback;
B3, paging controller generate primary importance and upgrade response message, and are carried at the second place and upgrade in response message or the information of mobile terminal request response and send to serving BS;
B4, serving BS upgrade from the second place and parse second place renewal response message response message or the information of mobile terminal request response and send to portable terminal.
9, method as claimed in claim 8 is characterized in that, among the described step B2,
Paging controller also authenticates the Message Authentication Code that carries in the described primary importance update inquiry information according to described current KI; And determine according to administrative messag sequence number corresponding in administrative messag sequence number that carries in the described primary importance update inquiry information and the described contextual information whether this primary importance update inquiry information is message playback; And upgrade administrative messag sequence number in the described contextual information.
10, method as claimed in claim 8 is characterized in that, described method also comprises step B5 after step B4: serving BS sends the second place to paging controller and upgrades acknowledge message or information of mobile terminal reporting message.
11, method as claimed in claim 8 is characterized in that,
Among the step B1, also carry the content in the secret key request message of serving BS in second place update inquiry information or the information of mobile terminal request message simultaneously;
Among the step B3, the second place is upgraded the content of also having carried the cipher key delivery message that has comprised described authentication key contexts information in response message or the information of mobile terminal response message simultaneously; And
Among the step B4, serving BS upgrades response message or the information of mobile terminal response message from the second place and parses the content of cipher key delivery message and obtain described authentication key contexts information.
12, method as claimed in claim 8 is characterized in that, also comprises step B0 before the step B1:
Portable terminal sends the primary importance update inquiry information to serving BS, carries mobile terminal identification, paging controller sign, administrative messag sequence number information in this message and Message Authentication Code that the cipher key calculation that derives from according to the current KI that portable terminal is preserved generates.
13, method as claimed in claim 8 is characterized in that, passes through the intermediate NE interaction message between serving BS and the paging controller.
14, method as claimed in claim 8 is characterized in that, carries administrative messag sequence number information and the serving BS Message Authentication Code according to the cipher key calculation generation of described current KI derivation in the described primary importance renewal response message.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2005100929080A CN100450295C (en) | 2005-08-24 | 2005-08-24 | Method of controlling position renewing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2005100929080A CN100450295C (en) | 2005-08-24 | 2005-08-24 | Method of controlling position renewing |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1794873A CN1794873A (en) | 2006-06-28 |
| CN100450295C true CN100450295C (en) | 2009-01-07 |
Family
ID=36806081
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2005100929080A Expired - Fee Related CN100450295C (en) | 2005-08-24 | 2005-08-24 | Method of controlling position renewing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100450295C (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101106801A (en) * | 2006-07-12 | 2008-01-16 | 华为技术有限公司 | A re-positioning method and system for terminal under idle mode in communication system |
| CN101330747B (en) * | 2007-07-26 | 2011-07-13 | 中兴通讯股份有限公司 | Optimization method for acquiring authentication cryptographic key during position updating process |
| CN101771940A (en) * | 2008-12-29 | 2010-07-07 | 华为技术有限公司 | Method and system for maintaining group information of mobile station in idle mode and service base station |
| US20110111771A1 (en) * | 2009-11-06 | 2011-05-12 | Futurewei Technologies, Inc. | Method and System for Location Update in Mobile Network |
| CN102065417B (en) * | 2009-11-16 | 2014-02-19 | 华为技术有限公司 | Method, equipment and system for realizing security context information synchronization |
| CN107835145B (en) * | 2016-09-21 | 2019-12-31 | 炫彩互动网络科技有限公司 | Method for preventing replay attack and distributed system |
| WO2018176230A1 (en) * | 2017-03-28 | 2018-10-04 | 北京小米移动软件有限公司 | Method and apparatus for updating notification area |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1320341A (en) * | 1998-09-29 | 2001-10-31 | 艾利森公司 | System and method for an internet telephone cell to mobile terminal |
| US6587680B1 (en) * | 1999-11-23 | 2003-07-01 | Nokia Corporation | Transfer of security association during a mobile terminal handover |
| CN1545295A (en) * | 2003-11-17 | 2004-11-10 | 中国科学院计算技术研究所 | A method for user-oriented remote access control of network file system |
| CN1630404A (en) * | 2003-12-18 | 2005-06-22 | 中国电子科技集团公司第三十研究所 | Method of cipher key management, distribution, and transfer during subscriber switch in digital cellular mobile communication system |
-
2005
- 2005-08-24 CN CNB2005100929080A patent/CN100450295C/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1320341A (en) * | 1998-09-29 | 2001-10-31 | 艾利森公司 | System and method for an internet telephone cell to mobile terminal |
| US6587680B1 (en) * | 1999-11-23 | 2003-07-01 | Nokia Corporation | Transfer of security association during a mobile terminal handover |
| CN1545295A (en) * | 2003-11-17 | 2004-11-10 | 中国科学院计算技术研究所 | A method for user-oriented remote access control of network file system |
| CN1630404A (en) * | 2003-12-18 | 2005-06-22 | 中国电子科技集团公司第三十研究所 | Method of cipher key management, distribution, and transfer during subscriber switch in digital cellular mobile communication system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1794873A (en) | 2006-06-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1980466B (en) | Paying group network and terminal place renewing method | |
| CN100450295C (en) | Method of controlling position renewing | |
| CN1960567B (en) | Communication method for terminal to enter to and exit from idle mode | |
| US7831253B2 (en) | Method and system for error handling in wireless communication networks | |
| CN101043741B (en) | Network-exit processing method of terminal under idle mode | |
| EP3300408B1 (en) | Secure method for mtc device triggering | |
| CN101432717A (en) | System and method for implementing fast reauthentication | |
| WO2007137519A1 (en) | A method and system for a ue in spare mode logging out a network | |
| CN103262625A (en) | IP-based paging for DSDS | |
| CN102014103A (en) | Machine type communication method and terminal | |
| CN102783218A (en) | Method and apparatus for redirecting data traffic | |
| CN102457844A (en) | Method and system for managing group key in M2M (machine-to-machine) group authentication | |
| CN103139769B (en) | A kind of wireless communications method and network subsystem | |
| WO2019233432A1 (en) | Network validity verification method and device and computer storage medium | |
| CN101371602A (en) | Pre-expiration purging of authentication key contexts | |
| CN109041054A (en) | A kind of network side initiates the method for secret protection of number change | |
| WO2019233444A1 (en) | Method and device for enhancing ue identifier security and computer storage medium | |
| US8219120B2 (en) | Information management method and system | |
| CN101047946B (en) | Network reaccess procedure leaded by network | |
| US20160198432A1 (en) | Paging procedure in a control node | |
| CN1997212A (en) | Method for location update in the wireless communication network | |
| CN102158862B (en) | A kind of terminal triggering idle condition carries out the method for discrimination weight | |
| CN101420678B (en) | Terminal closedown register method used for PHS system and PHS system implementing the method | |
| CN100571435C (en) | Processing method under a kind of idle pulley behind the paging failure | |
| EP1843523B1 (en) | A method of performing a location update of a mobile station to a mobile communication network, a mobile station, and a mobile communication network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090107 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |