Patent application number | Description | Published |
20080205343 | Method And System For Allocating SFID In A Worldwide Interoperability Microwave Access Network - A method for allocating an SFID in a WiMAX network including an ASN and a CSN may include: establishing, by the CSN a service flow in response to a service flow creation request from an MSS, and sending the service flow to the ASN; and allocating, by the ASN, a value that currently is not used by the MSS as an SFID of the service flow requested by the MSS. A system for allocating an SFID in a WiMAX network is also provided. According to the method and system for allocating an SFID in a WiMAX network, after an MSS performs a handover, it is not necessary to notify a function module generating an SFID to release the SFID, thereby simplifying the SFID management. | 08-28-2008 |
20100056156 | METHOD AND APPARATUS FOR NEGOTIATING SECURITY DURING HANDOVER BETWEEN DIFFERENT RADIO ACCESS TECHNOLOGIES - A method and apparatus of security negotiation for handover between different radio access technologies are provided. The method includes: transmitting the security information of the NAS and AS selected by the target system to the UE when the UE hands over between different radio access technologies. Therefore, the UE can perform security negotiation with the target system according to the security information of the NAS and AS. Through the embodiments of the present invention, the UE may obtain the key parameter information of the NAS and AS selected by the LTE system and perform security negotiation with the LTE system when the UE hands over from a different system, such as a UTRAN, to an LTE system. | 03-04-2010 |
20110023094 | METHOD, APPARATUS, AND SYSTEM FOR PREVENTING ABUSE OF AUTHENTICATION VECTOR - A method for preventing abuse of an Authentication Vector (AV) and a system and apparatus for implementing the method are provided. Access network information of a non-3rd Generation Partnership Project (3GPP) access network where a user resides is bound to an AV of the user, so that when the user accesses an Evolved Packet System (EPS) through the non-3GPP access network, even if an entity in the non-3GPP access network is breached, or an Evolved Packet Data Gateway (ePDG) connected to an untrusted non-3GPP access network is breached, the stolen AV cannot be applied to other non-3GPP access networks by an attacker. | 01-27-2011 |
20110044455 | Method, Apparatus and System for Key Derivation - A method, an apparatus and a system for key derivation are disclosed. The method includes the following steps: a target base station) receives multiple keys derived by a source base station, where the keys correspond to cells under control of the target base station; the target base station selects a key corresponding to the target cell after knowing a target cell that a user equipment (UE) wants to access. An apparatus for key derivation and a communications system are also provided. | 02-24-2011 |
20110165870 | Method, Apparatus and System for Key Derivation - A method, an apparatus and a system for key derivation are disclosed. The method includes the following steps: a target base station) receives multiple keys derived by a source base station, where the keys correspond to cells under control of the target base station; the target base station selects a key corresponding to the target cell after knowing a target cell that a user equipment (UE) wants to access. An apparatus for key derivation and a communications system are also provided. | 07-07-2011 |
20110287773 | Method, Apparatus and System for Key Derivation - A method, an apparatus and a system for key derivation are disclosed. The method includes the following steps: a target base station) receives multiple keys derived by a source base station, where the keys correspond to cells under control of the target base station; the target base station selects a key corresponding to the target cell after knowing a target cell that a user equipment (UE) wants to access. An apparatus for key derivation and a communications system are also provided. | 11-24-2011 |
20120066737 | METHOD AND APPARATUS FOR SECURITY ALGORITHM SELECTION PROCESSING, NETWORK ENTITY, AND COMMUNICATION SYSTEM - Embodiments of the present invention disclose a method and an apparatus for security algorithm selection processing, a network entity, and a communication system. The method includes: receiving a service request message sent by user equipment; and according to a security protection requirement of the service request message, selecting a security algorithm from a security algorithm list supported by both the user equipment and a network entity, where security algorithm lists supported by the user equipment and/or the network entity are set separately based on different security protection requirements, or security algorithm lists supported by the user equipment and the network entity are used for indicating security capability of the user equipment and the network entity respectively. | 03-15-2012 |
20120077501 | METHOD, DEVICE, AND SYSTEM FOR DERIVING KEYS - Method, device, and system for deriving keys are provided in the field of mobile communications technologies. The method for deriving keys may be used, for example, in a handover process of a User Equipment (UE) from an Evolved Universal Terrestrial Radio Access Network (EUTRAN) to a Universal Terrestrial Radio Access Network (UTRAN). If a failure occurred in a first handover, the method ensures that the key derived by a source Mobility Management Entity (MME) for a second handover process of the UE is different from the key derived for the first handover process of the UE. This is done by changing input parameters used in the key derivation, so as to prevent the situation in the prior art that once the key used on one Radio Network Controller (RNC) is obtained, the keys on other RNCs can be derived accordingly, thereby enhancing the network security. | 03-29-2012 |
20130079014 | Method, Apparatus and System for Key Derivation - A method, an apparatus and a system for key derivation are disclosed. The method includes the following steps: a target base station) receives multiple keys derived by a source base station, where the keys correspond to cells under control of the target base station; the target base station selects a key corresponding to the target cell after knowing a target cell that a user equipment (UE) wants to access. An apparatus for key derivation and a communications system are also provided. | 03-28-2013 |
20130128866 | METHOD, APPARATUS, AND SYSTEM FOR SECURITY PROCESSING IN HANDOVER PROCESS - A method, an apparatus, and a system for security processing in a handover process in the field of communication technologies are provided, including: in a handover preparation and handover execution processes performed by a user equipment UE and a source node and a target node on a network side, obtaining, by the target node, security capability information of the UE provided by the source node or a security verification entity, where the security verification entity includes a gateway in case of UE handover under a NodeB or a donor NodeB in case of UE handover under a relay node; and if the source node provides the security capability information of the UE. | 05-23-2013 |
20130136145 | TIME MESSAGE PROCESSING METHOD, APPARATUS AND SYSTEM - A time message processing method, apparatus and system are provided by the embodiments of the present. The method includes: receiving a time message transmitted from a transmitter; determining whether the time message is an event message according to the identifier information in the time message, wherein the identifier information is the information carried in the field which is not encrypted with the Internet protocol security by the transmitter. With the method, apparatus and system provided by the embodiments of the present, after receiving the time message, the time message receiver can directly determine whether the time message is the event message according to the identifier information carried in the field which is not encrypted by the Internet protocol security in the time message, without any decryption, thereby solving the problem in the prior art that it cannot be determined whether the time message is an event message. | 05-30-2013 |
20130305386 | METHOD FOR PROTECTING SECURITY OF DATA, NETWORK ENTITY AND COMMUNICATION TERMINAL - The present invention relates to communication technologies and discloses a method and an apparatus for protecting security of data, so as to solve the problem of the prior art in which the security of data transmission between a communication terminal which has a characteristic of small data transmission and the network cannot be guaranteed. Information relevant to security context is stored if a communication terminal has a characteristic of small data transmission; current security context is obtained according to the information relevant to security context; and security protection of communication data is performed by employing the current security context. The embodiments of the present invention may be applied to a communication system having a characteristic of small data transmission, such as an MTC and the like. | 11-14-2013 |
20150026787 | AUTHENTICATION METHOD, DEVICE AND SYSTEM FOR USER EQUIPMENT - Disclose are an authentication method, device and system for a user equipment. The method comprises: first, a user equipment receiving a random value RAND and a cognitive code AUTN in an evolved packet system (EPS) authentication vector sent by a network side device; when an operating mode of the user equipment is a long-term evolved node LTE Hi operating mode, the user equipment performing authentication based on the RAND and the AUTN. In the authentication process, the user equipment ignores a verification result of a separation bit of an authentication management field (AMF) in the AUTN; or, the user equipment does not verify the separation bit of the AMF. The present disclosure is applicable to the field of communication systems. | 01-22-2015 |
20150082393 | SECURE ESTABLISHMENT METHOD, SYSTEM AND DEVICE OF WIRELESS LOCAL AREA NETWORK - The embodiments of the present invention provide a secure establishment method, system and device of a wireless local area network. The method includes: acquiring, by a UE, a first key; the first key is a shared key of the UE and a network element equipment in a mobile communication network to which the UE is accessed when implementing air interface security, or is derived according to the shared key; deriving, by the UE, according to the first key and a derivation parameter to acquire a derivation key; establishing, by the UE, according to the derivation key, secure connection with a WLAN node acquiring a derivation key, wherein the derivation key acquired by the WLAN node is the same as the derivation key acquired by the UE. | 03-19-2015 |