[go: up one dir, main page]

CN104735027B - A kind of safety certifying method and authentication server - Google Patents

A kind of safety certifying method and authentication server Download PDF

Info

Publication number
CN104735027B
CN104735027B CN201310711221.5A CN201310711221A CN104735027B CN 104735027 B CN104735027 B CN 104735027B CN 201310711221 A CN201310711221 A CN 201310711221A CN 104735027 B CN104735027 B CN 104735027B
Authority
CN
China
Prior art keywords
user
authentication
terminal
authentication server
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310711221.5A
Other languages
Chinese (zh)
Other versions
CN104735027A (en
Inventor
孙枕戈
田锋
张军
岳旭鹏
陈亚红
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing ZTE New Software Co Ltd
Original Assignee
Nanjing ZTE New Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing ZTE New Software Co Ltd filed Critical Nanjing ZTE New Software Co Ltd
Priority to CN201310711221.5A priority Critical patent/CN104735027B/en
Priority to PCT/CN2014/078232 priority patent/WO2015089996A1/en
Publication of CN104735027A publication Critical patent/CN104735027A/en
Application granted granted Critical
Publication of CN104735027B publication Critical patent/CN104735027B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0884Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/72Subscriber identity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention discloses a kind of safety certifying method and authentication servers, are included in terminal and establish in bearer connection, activate User Status by authentication server;In end-user access Campus Networks in application, application server authenticates user identity by authentication server.Safety certifying method through the invention, safety certification is completed by the equipment in network, reduce the participation of user, authentication efficiency is significantly improved, the user authentication time is saved, it is often more important that, safety certification activation is carried out by the Campus Networks (referring to the organized network such as government, enterprise, public utilities) with carrier class, it is horizontal carrier class safety certification is reached, i.e. SIM card+authentication server authentication, hence it is evident that improve user experience.

Description

A kind of safety certifying method and authentication server
Technical field
The present invention relates to network security technology, espespecially a kind of safety certifying method and authentication server.
Background technique
With global information and the communication technology (ICT, Information and Communication Technology) The fast development of industry (including telecommunications service, information service, the combination of IT service and application), network security and information peace One of key problem concerned by people is had become entirely.How reliably to be authenticated, to protect information, finance, trade secret Etc. key areas safety, become one of the most important technology of communication and information industry.
Currently, there are many kinds of the authentications of industry prevalence, following most basic four kinds can be summarized as: one is The security mechanism of user name+password (static and dynamic), wherein dynamic password generally includes short message password, dynamic token (usually Based on time synchronizing method, generate new password at a certain time interval), handset token (pass through mobile phone client software Generate dynamic password) etc.;General internet business generallys use static password authentication, and bank and payment class business generally use Dynamic password;Second is digital certificate authentication (USBKEY), and the authentication mode is usually taken in the Internet bank;The third is to be based on The authentication mode of shared key, such as universal guiding authenticate (GBA, Generic Bootstrapping Authentication), i.e., based on shared key in mobile Universal Integrated Circuit Card (UICC) and home subscriber server (HSS) The authentication mode of K, such as China Mobile's mobile phone TV services use this authentication mode;4th kind is recognizing based on biological characteristic Card: such as fingerprint, iris, face.In general, system will use the combination of above-mentioned multiple authentication modes, that is, often say mostly because Element certification, to increase the security intensity of certification.
Network layer network element is logically completely separate with layer network is applied in traditional OSI7 layers of structure of network, network The connection that layer is mainly responsible for network is established and is deleted;Application layer is mainly responsible for the foundation and deletion of service application, in traditional side There are the agreement process of identification safety authentication, and not cross-reference for two layers of this in case respectively.Currently, above-mentioned all existing authenticating parties Case is realized in application layer.Moreover, existing authentication there is a problem of using complexity, for example, for USBKEY mode, It just must additionally carry U-shield;For another example, for the mode of dynamic short message password, realization is more complicated, and user needs to wait 5~20 It is inputted after second according still further to the short message password of short massage notice, reduces user experience.
Based on above-mentioned authentication, existing government and enterprises' application is all the authentication realized in application layer, such as empty Quasi- dedicated network (VPN), digital certificate etc., security level is lower, is easy to be cracked.And existing recognizing for garden user Card, needs generally to use in the various terminals of different hardware platform and operating system, and adaptation Comparision is cumbersome, certification effect Rate is low, reduces user experience.
Summary of the invention
In order to solve the above technical problem, the present invention provides a kind of safety certifying method and authentication servers, can Simply and efficiently realize certification, and security classification is high.
In order to reach the object of the invention, the present invention provides a kind of safety certifying methods, comprising: establishes carrying in terminal and connects In connecing, User Status is activated by authentication server;
In end-user access Campus Networks in application, application server carries out user identity by authentication server Certification.
It is described to be established in bearer connection in terminal, include: by authentication server activation User Status
It is described to establish the packet gateway in bearer connection in terminal, dynamic IP addressing is distributed for legitimate user, and judge to ask Ask whether the terminal for establishing bearer connection is garden network users, if so, the authentication server into Campus Networks issues note Volume request, and the IP address of the international mobile subscriber identity IMSI of terminal and distribution are carried to authentication server;
The authentication server can complete user's activation according to IMSI, store the IP address.
The authentication server can complete user's activation according to IMSI
The authentication server determines whether terminal user belongs to authentication service according to the IMSI of the terminal The legitimate user of the affiliated Campus Networks of device, if so, authentication username password, with confirm the corresponding terminal user of IMSI whether with ask User name matching in asking;Whether and it is correct to verify the corresponding password of user name.
After the completion of certification, if matching and correct, authenticate success, the authentication server by the IP address with IMSI, employee information are associated, and register response to packet gateway return as the information that succeeds in registration.
It is described by authentication server to user identity carry out certification include:
The IP address received is carried and is sent to authentication server in application access request by the application server; After the authentication server completes certification, by the corresponding user information of the IP address, application server is returned to;
The password of the self terminal user in application server future submits to authentication server, the authentication clothes Business device verify to password and verification result is returned to application server.
It is described terminal user disconnect Campus Networks when, this method further include:
The packet gateway sends de-registration request to authentication server, wherein carrying the IMSI of terminal, IP address;
The authentication server removes IP address and the IMSI of the terminal of itself preservation, user information is associated with System, and returned to the packet gateway and nullify response;
The packet gateway returns to terminal and nullifies response, so that terminal disconnects Campus Networks.
The present invention also provides a kind of authentication servers to activate User Status for establishing in bearer connection in terminal; In end-user access Campus Networks in application, being authenticated to user identity.
The authentication server includes at least authentication module, authentication module, wherein
Authentication module completes user's activation according to terminal IMSI for receiving the registration request from packet gateway And IP address with shadow is stored, safety certification is carried out to user terminal and to packet gateway return authentication result;
Authentication module, for receive from application server application access request when, according to authentication module Authentication result, complete further certification after, return to the corresponding user information of the IP address to application server;Come receiving When the password that self-application server is submitted, verification result is returned to application server after verifying.
The authentication module is also used to receiving the de-registration request from packet gateway, removes the request of itself preservation The IP address and IMSI, user information of the terminal of cancellation, and returned to packet gateway and nullify response.
The authentication server is the authentication server in the Campus Networks of the side IT.
Compared with prior art, technical scheme offer is included in terminal and establishes in bearer connection, is recognized by authentication It demonstrate,proves server and activates User Status;In end-user access Campus Networks in application, application server passes through authentication server User identity is authenticated.Safety certifying method through the invention, safety certification are completed by the equipment in network, are reduced The participation of user, hence it is evident that improve authentication efficiency, save the user authentication time, it is often more important that, by with carrier class Campus Networks (referring to the organized network such as government, enterprise, public utilities) carry out safety certification activation, have reached telecommunications level security I.e. present invention employs SIM card+authentication server authentications for authentication level, hence it is evident that improves user experience.
Other features and advantages of the present invention will be illustrated in the following description, also, partly becomes from specification It obtains it is clear that understand through the implementation of the invention.The objectives and other advantages of the invention can be by specification, right Specifically noted structure is achieved and obtained in claim and attached drawing.
Detailed description of the invention
The drawings described herein are used to provide a further understanding of the present invention, constitutes part of this application, this hair Bright illustrative embodiments and their description are used to explain the present invention, and are not constituted improper limitations of the present invention.In the accompanying drawings:
Fig. 1 is the flow chart of safety certifying method of the present invention;
Fig. 2 is the flow chart for the embodiment that terminal establishes bearer connection in safety certifying method of the present invention;
Fig. 3 is the flow chart of the embodiment of Campus Networks certification in safety certifying method of the present invention;
Fig. 4 is the flow chart for the embodiment that user accesses Campus Networks application in safety certification of the present invention;
Fig. 5 is the flow chart of the embodiment of terminal log-down Campus Networks of the present invention access;
Fig. 6 is the composed structure schematic diagram of authentication server of the present invention.
Specific embodiment
To make the objectives, technical solutions, and advantages of the present invention clearer, below in conjunction with attached drawing to the present invention Embodiment be described in detail.It should be noted that in the absence of conflict, in the embodiment and embodiment in the application Feature can mutual any combination.
Fig. 1 is the flow chart of safety certifying method of the present invention, as shown in Figure 1, the present invention is applied to use mobile terminal SIM In the scene of card, such as the data card of the equipment such as mobile phone, PAD, laptop, PC.The following steps are included:
Step 100: being established in bearer connection in terminal, User Status is activated by authentication server.
In this step, terminal and by communication network, including base station, mobile management unit (MME), gateway (SGW), Packet gateway (LGW/PGW), establishes bearer connection with network, and in existing bearer connection establishment process, Campus Networks are used Family, in the present invention can authentication server into Campus Networks issue certification request.Campus Networks refer to government, enterprise, public The organized network such as cause.
Fig. 2 is the flow chart for the embodiment that terminal establishes bearer connection in safety certifying method of the present invention, as shown in Fig. 2, Include:
Step 200: user's booting, triggering terminal (UE) adhere to the process of network, and UE sends network attachment request to MME (Attach Request) message.Herein, it if UE has adhered to success, needs first to initiate separation process, then initiates attached Process.
Default bearing process is established in step 201:MME triggering, sends session request (Create Session to SGW Request) message.
Session request (Create Session Request) message is forwarded to LGW/PGW by step 202:SGW.
Step 203~step 204:LGW/PGW is that legitimate user distributes dynamic IP addressing, and judges that request is established carrying and connected Whether the terminal connect is garden network users, is asked if so, authentication server of the LGW/PGW into Campus Networks issues registration It asks, and the IP address of the international mobile subscriber identity of terminal (IMSI) and distribution is carried to authentication server, and reflect User's activation can be completed according to IMSI by weighing certificate server, store the IP address.
In this step, Campus Networks refer to the organized network such as government, enterprise, public utilities.Garden user refer to such as with Family is arranged to the gardens such as APN network users.In this step, authentication server can be the authentication in the Campus Networks of the side IT Certificate server (Authentication Server).From this step as it can be seen that carrying out attachment in terminal establishes the same of bearer connection When, the activation of carrier class safety certification is carried out by Campus Networks, so that entire safety certification is provided with higher security level.
Step 205: meanwhile, LGW/PGW returns to conversational response (Create Session Response) message to SGW, The IP address of distribution is carried in conversational response message.
The conversational response received (Create Session Response) message is transmitted to MME by step 206:SGW.
Step 207:MME adheres to the attachment for successfully, sending the IP address for carrying distribution to UE and responds (Attach Accept) message.After user adheres to successfully, i.e. completion terminal bearer connection is established.
Fig. 3 is the flow chart of the embodiment of Campus Networks certification in safety certifying method of the present invention, as shown in figure 3, LGW/PGW Certification request is issued to authentication server to specifically include:
Step 300: terminal user sends registration request to LGW/PGW, and LGW/PGW is by the IMSI of the terminal and IP of distribution Address carries and is sent to authentication server in the registration request.
Further, the corresponding account of terminal and encrypted message are also carried in a registration request message.
Step 301: authentication server carries out safety certification to user terminal.It specifically includes:
Firstly, determining whether terminal user belongs to the conjunction of the affiliated Campus Networks of authentication server according to the IMSI of terminal Method user, if so, further authentication username password, with confirm the corresponding terminal user of IMSI whether with the user in request Name matching;Whether and it is correct to verify the corresponding password of user name.
After the completion of certification, if authenticated successfully, i.e., above-mentioned inspection is correct, then such as by IP address and IMSI, employee information Employee's work number is associated, and registers response to LGW/PGW return as the information that succeeds in registration;Otherwise, it returns and registers to LGW/PGW Response is registration failure information.
For step 302:LGW/PGW according to the registration reply message of acquisition, whether confirmation terminal can secure accessing Campus Networks.
The IP address carrying of distribution is returned to UE by step 303:LGW/PGW in the registration response, so that garden is added in UE Net.
From step 100 as can be seen that in safety certifying method provided by the invention, garden network users every time terminal with When establishing carrying between network, on the one hand LGW/PGW will distribute dynamic IP addressing for user terminal on the other hand will also be to mirror It weighs certificate server and initiates the request of activation User Status, while the IP address of the IMSI of terminal and distribution are pushed to authentication and recognized It demonstrate,proves server and carries out safety certification.It realizes while terminal adhere to and establishes bearer connection, by with carrier class Campus Networks carry out safety certification, so that entire safety certification is provided with higher security level.
Step 101: in end-user access Campus Networks in application, application server passes through authentication server to user Identity is authenticated.In this step, application server can be the application server in the Campus Networks of the side IT (Application Server).
The specific implementation of this step is as shown in Figure 4, comprising:
Step 400: terminal is initiated to carry the application of own IP address to the application server of Campus Networks by Transmission Control Protocol Access request, to request access Campus Networks.
Step 401: the IP address received is carried and is sent to authentication clothes in application access request by application server Business device is authenticated.
Step 402: after authentication server completes certification, by the corresponding user information of the IP address such as employee's work number, Return to application server.
Step 403: the user information received such as employee's work number and certification page are pushed to terminal by application server.
Step 404: user passes through certification page at the terminal, according to user information typing password, and submits to using clothes Business device.
Step 405: the password of acquisition is submitted to authentication server by application server.
Step 406: authentication server, which verifies the password received, returns to application service for verification result Device.How to be a common technical means of those skilled in the art using the realization of password realization certification, which is not described herein again.
Step 407: it is authenticated successfully in verification result display, i.e., when password is corresponding and correct with user information, application service Campus Networks application page is pushed to terminal by device.
In Fig. 4, Campus Networks application can be mentioned according to the information such as user name pre-registered, the information such as IMSI in conjunction with Campus Networks The IMSI and IP address information of confession, so that it may judge the corresponding true user information such as member of the IP address of each terminal user Work information or user name etc.;And Campus Networks application can require cipher authentication to user by true username information, with complete At user identity authentication.
From step 101 as it can be seen that in user terminal access Campus Networks in application, system has been obtained for user identity, only need Password confirming is carried out, without inputting account information, certification and existing way one of the application service grade to user identity again It causes.And the Campus Networks with carrier class in step 100 carry out safety certification activation, much higher than the safety certification of general Campus Networks Grade, the safety certification of the 3G and 4G cellular mobile communication technology relied primarily on, so that entire safety certification is provided with more High security level.
When terminal user leaves Campus Networks, the method for the present invention further include:
Step 102: when terminal user disconnects Campus Networks, user identity being unregistered by authentication server. Specific implementation is as shown in Figure 5, comprising:
Step 500: terminal user sends de-registration request to LGW/PGW, and LGW/PGW is by the IMSI of the terminal and IP of distribution Address carries and is sent to authentication server in de-registration request.
Step 501~step 502: the IP address and IMSI, user information that authentication server removes itself preservation are such as The incidence relation of employee's work number, and returned to LGW/PGW and nullify response.
Step 503:LGW/PGW is returned to UE and is nullified response, so that UE disconnects Campus Networks.
Safety certifying method through the invention, safety certification are completed by the equipment in network, reduce the participation of user, Authentication efficiency is significantly improved, the user authentication time is saved, it is often more important that, pacified by the Campus Networks with carrier class Full certification activation, has reached carrier class safety certification level i.e. SIM card+authentication server authentication, hence it is evident that Improve user experience.
Fig. 6 is the composed structure schematic diagram of authentication server of the present invention, as shown in fig. 6, for holding in terminal foundation It carries in connection, activates User Status;In end-user access Campus Networks in application, being authenticated to user identity.It includes at least Authentication module, authentication module, wherein
Authentication module is completed user according to the IMSI of terminal and is swashed for receiving the registration request from packet gateway It lives and stores the IP address with shadow, safety certification is carried out to user terminal and to packet gateway return authentication result;
Authentication module is also used to receiving the de-registration request from packet gateway, and the request for removing itself preservation is nullified Terminal IP address and IMSI, user information, and to packet gateway return nullify response.
Authentication module, for receive from application server application access request when, according to authentication module Authentication result, complete further certification after, return to the corresponding user information of the IP address to application server;Come receiving When the password that self-application server is submitted, verification result is returned to application server after verifying.
The above, preferred embodiments only of the invention, is not intended to limit the scope of the present invention.It is all this Within the spirit and principle of invention, any modification, equivalent substitution, improvement and etc. done should be included in protection model of the invention Within enclosing.

Claims (8)

1. a kind of safety certifying method characterized by comprising established in bearer connection in terminal, pass through authentication service Device activates User Status;
In end-user access Campus Networks in application, application server recognizes user identity by authentication server Card;
Wherein, described to be established in bearer connection in terminal, include: by authentication server activation User Status
It is described to establish the packet gateway in bearer connection in terminal, dynamic IP addressing is distributed for legitimate user, and judge that request is built Whether the terminal of vertical bearer connection is garden network users, is asked if so, the authentication server into Campus Networks issues registration It asks, and the IP address of the international mobile subscriber identity IMSI of terminal and distribution is carried to authentication server;
The authentication server can complete user's activation according to IMSI, store the IP address.
2. safety certifying method according to claim 1, which is characterized in that the authentication server can be according to IMSI Completing user's activation includes:
The authentication server determines whether terminal user belongs to authentication server institute according to the IMSI of the terminal The legitimate user for belonging to Campus Networks, if so, authentication username password, with confirm the corresponding terminal user of IMSI whether in request User name matching;Whether and it is correct to verify the corresponding password of user name;
After the completion of certification, if matching and correct, authenticate success, the authentication server by the IP address with IMSI, employee information are associated, and register response to packet gateway return as the information that succeeds in registration.
3. safety certifying method according to claim 2, which is characterized in that it is described by authentication server to user Identity carries out certification
The IP address received is carried and is sent to authentication server in application access request by the application server;It is described After authentication server completes certification, by the corresponding user information of the IP address, application server is returned to;
The password of the self terminal user in application server future submits to authentication server, the authentication server Password verify and verification result is returned into application server.
4. described in any item safety certifying methods according to claim 1~3, which is characterized in that disconnect garden in terminal user When net, this method further include:
The packet gateway sends de-registration request to authentication server, wherein carrying the IMSI of terminal, IP address;
The authentication server removes the IP address of the terminal of itself preservation and the incidence relation of IMSI, user information, And it is returned to the packet gateway and nullifies response;
The packet gateway returns to terminal and nullifies response, so that terminal disconnects Campus Networks.
5. a kind of authentication server, which is characterized in that for establishing in bearer connection in terminal, activate User Status;? End-user access Campus Networks are in application, authenticate user identity;
Wherein, the authentication server includes at least authentication module, wherein
Authentication module is activated and is deposited according to terminal IMSI completion user for receiving the registration request from packet gateway The dynamic IP addressing for storing up packet gateway distribution carries out safety certification to user terminal and to packet gateway return authentication knot Fruit.
6. authentication server according to claim 5, which is characterized in that the authentication server includes at least Authentication module, wherein
Authentication module, for receive from application server application access request when, according to recognizing for authentication module After card is as a result, complete further certification, the corresponding user information of the IP address is returned to application server;It is answered receiving to come from When the password submitted with server, verification result is returned to application server after verifying.
7. authentication server according to claim 6, which is characterized in that the authentication module is also used to receiving The de-registration request of arrival self-grouping gateway removes the IP address and IMSI, user information of the terminal of the request cancellation of itself preservation, And it is returned to packet gateway and nullifies response.
8. according to the described in any item authentication servers of claim 5~7, which is characterized in that the authentication service Device is the authentication server in the Campus Networks of the side IT.
CN201310711221.5A 2013-12-20 2013-12-20 A kind of safety certifying method and authentication server Active CN104735027B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201310711221.5A CN104735027B (en) 2013-12-20 2013-12-20 A kind of safety certifying method and authentication server
PCT/CN2014/078232 WO2015089996A1 (en) 2013-12-20 2014-05-23 Security authentication method and authorization authentication server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310711221.5A CN104735027B (en) 2013-12-20 2013-12-20 A kind of safety certifying method and authentication server

Publications (2)

Publication Number Publication Date
CN104735027A CN104735027A (en) 2015-06-24
CN104735027B true CN104735027B (en) 2019-09-13

Family

ID=53402039

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310711221.5A Active CN104735027B (en) 2013-12-20 2013-12-20 A kind of safety certifying method and authentication server

Country Status (2)

Country Link
CN (1) CN104735027B (en)
WO (1) WO2015089996A1 (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105446149B (en) * 2015-12-04 2019-01-22 美的集团股份有限公司 Household electrical appliance match network method, household electrical appliance and mobile terminal
CN105446148A (en) * 2015-12-04 2016-03-30 美的集团股份有限公司 Network distribution method for household electrical appliance, household electrical appliance and mobile terminal
CN107367946B (en) * 2016-05-11 2021-05-04 珠海格力电器股份有限公司 Method and device for controlling equipment
CN106302475B (en) * 2016-08-18 2019-09-10 中国联合网络通信集团有限公司 Family's Internet service authorization method and server
CN106534091B (en) * 2016-10-26 2019-07-23 浙江中控软件技术有限公司 Pid parameter setting method and device based on cloud
CN106657045B (en) * 2016-12-13 2020-10-13 翁印嵩 Multi-network integrated security and authentication method and system
CN109246160B (en) * 2017-06-15 2022-01-21 阿里巴巴集团控股有限公司 Method, device, system and equipment for accessing internet application
CN107360164B (en) * 2017-07-13 2020-11-10 上海司南卫星导航技术股份有限公司 User name authentication method and non-differential correction distributed processing system
CN110753362B (en) * 2019-10-25 2023-04-07 恒安嘉新(北京)科技股份公司 Base station optimization method, terminal registration method, device, base station and storage medium
CN111385154A (en) * 2020-03-18 2020-07-07 成都千立网络科技有限公司 Internet of things control system and method based on authentication linkage mechanism
CN114500066B (en) * 2022-02-08 2025-05-16 北京沃东天骏信息技术有限公司 Information processing method, gateway and communication system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20040049188A (en) * 2002-12-05 2004-06-11 엘지전자 주식회사 Inter-working Method Between Wireless Local Area Network and Universal Mobile Telecommunication System Network
EP1624639A1 (en) * 2004-08-02 2006-02-08 Service Factory SF AB Sim-based authentication
CN1855933A (en) * 2005-04-06 2006-11-01 神州数码网络(北京)有限公司 System and method for certification and charge of network
CN101511086A (en) * 2009-04-01 2009-08-19 神州数码网络(北京)有限公司 Wireless safety networking system and method for financial grid point terminal
CN101651682A (en) * 2009-09-15 2010-02-17 杭州华三通信技术有限公司 Method, system and device of security certificate
CN102892110A (en) * 2012-09-19 2013-01-23 邦讯技术股份有限公司 Method and system for keeping consistency of user identifications of terminal in different networks

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7324489B1 (en) * 2003-02-18 2008-01-29 Cisco Technology, Inc. Managing network service access
CN101547095B (en) * 2009-02-11 2011-05-18 广州杰赛科技股份有限公司 Application service management system and management method based on digital certificate
US8600355B1 (en) * 2012-05-17 2013-12-03 Cellco Partnership Systems and methods for authenticating applications for access to secure data using identity modules

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20040049188A (en) * 2002-12-05 2004-06-11 엘지전자 주식회사 Inter-working Method Between Wireless Local Area Network and Universal Mobile Telecommunication System Network
EP1624639A1 (en) * 2004-08-02 2006-02-08 Service Factory SF AB Sim-based authentication
CN1855933A (en) * 2005-04-06 2006-11-01 神州数码网络(北京)有限公司 System and method for certification and charge of network
CN101511086A (en) * 2009-04-01 2009-08-19 神州数码网络(北京)有限公司 Wireless safety networking system and method for financial grid point terminal
CN101651682A (en) * 2009-09-15 2010-02-17 杭州华三通信技术有限公司 Method, system and device of security certificate
CN102892110A (en) * 2012-09-19 2013-01-23 邦讯技术股份有限公司 Method and system for keeping consistency of user identifications of terminal in different networks

Also Published As

Publication number Publication date
WO2015089996A1 (en) 2015-06-25
CN104735027A (en) 2015-06-24

Similar Documents

Publication Publication Date Title
CN104735027B (en) A kind of safety certifying method and authentication server
KR102466166B1 (en) Processing electronic tokens
US8495714B2 (en) Systems and methods for authenticating users accessing unsecured wifi access points
US20030061503A1 (en) Authentication for remote connections
KR101243713B1 (en) Wireless lan access point and method for accessing wireless lan
CN104469765B (en) Terminal authentication method and device used in mobile communication system
US20150327073A1 (en) Controlling Access of a User Equipment to Services
EP2826004A1 (en) Mobile phone takeover protection system and method
US9001977B1 (en) Telephone-based user authentication
CN104159225A (en) Wireless network based real-name registration system management method and system
CN103945374A (en) Method of mobile terminal equipment and user authentication based on PKI technology
WO2017054617A1 (en) Wifi network authentication method, device and system
CN107277812A (en) A kind of wireless network authentication method and system based on Quick Response Code
CN107864475A (en) The quick authentication methods of WiFi based on Portal+ dynamic passwords
CN107113613A (en) Server, mobile terminal, real-name network authentication system and method
KR101916342B1 (en) System and Method for Location based Marketing Information Service Using the AP
CN103138935B (en) An Identity Authentication System Based on Telecom Operators
KR20170070379A (en) cryptograpic communication method and system based on USIM card of mobile device
CN102149079A (en) Method, device and system for obtaining user identity identifier
CN110582085B (en) Communication method, device and system
CN101848228B (en) Method and system for authenticating computer terminal server ISP identity by using SIM cards
CN104683979B (en) A kind of authentication method and equipment
CN105554757A (en) Wireless access authentication method based on cloud
CN110381486A (en) Method for sharing VoWiFi service through NFC, Tag label and terminal
Nobu et al. Implementation of a User Account Provisioning System Based on NFC for Public Wi-Fi Services

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20190809

Address after: Yuhuatai District of Nanjing City, Jiangsu province 210012 Bauhinia Road No. 68

Applicant after: Nanjing Zhongxing New Software Co., Ltd.

Address before: 518057 Nanshan District Guangdong high tech Industrial Park, South Road, science and technology, ZTE building, Ministry of Justice

Applicant before: ZTE Corporation

TA01 Transfer of patent application right
GR01 Patent grant
GR01 Patent grant