[go: up one dir, main page]

CN1602109A - A Method for Improving Handover Performance of Mobile Terminals in Wireless IP System - Google Patents

A Method for Improving Handover Performance of Mobile Terminals in Wireless IP System Download PDF

Info

Publication number
CN1602109A
CN1602109A CNA2004100732311A CN200410073231A CN1602109A CN 1602109 A CN1602109 A CN 1602109A CN A2004100732311 A CNA2004100732311 A CN A2004100732311A CN 200410073231 A CN200410073231 A CN 200410073231A CN 1602109 A CN1602109 A CN 1602109A
Authority
CN
China
Prior art keywords
access node
portable terminal
certificate
mobile terminal
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CNA2004100732311A
Other languages
Chinese (zh)
Other versions
CN1225942C (en
Inventor
郭宏
赖晓龙
叶续茂
黄振海
张变玲
曹军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Iwncomm Co Ltd
Original Assignee
China Iwncomm Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Iwncomm Co Ltd filed Critical China Iwncomm Co Ltd
Priority to CNB2004100732311A priority Critical patent/CN1225942C/en
Publication of CN1602109A publication Critical patent/CN1602109A/en
Application granted granted Critical
Publication of CN1225942C publication Critical patent/CN1225942C/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

本发明涉及一种改善无线IP系统移动终端越区切换性能的方法。其包括以下步骤:1)未与任何接入节点关联的移动终端和接入节点关联后,进行WAI过程;2)完成WAI过程后,接入节点将它的邻接接入节点列表发送给移动终端;3)移动终端与收到的邻接接入节点列表中的每一个接入节点通过当前接入节点进行预认证。预认证完成后,移动终端和邻接接入节点列表中的每一个接入节点将预认证的结果和协商出的单播密钥各自在本地存储;4)当移动终端从当前接入节点切换到邻接接入节点列表中的某个邻接接入节点AP*时,该邻接接入节点AP*向移动终端通告组播密钥。本发明解决了背景技术中的无线IP系统移动终端越区切换时延过长的技术问题。

Figure 200410073231

The invention relates to a method for improving the handoff performance of a mobile terminal in a wireless IP system. It includes the following steps: 1) after the mobile terminal not associated with any access node associates with the access node, perform the WAI process; 2) after completing the WAI process, the access node sends its adjacent access node list to the mobile terminal ; 3) The mobile terminal performs pre-authentication with each access node in the received adjacent access node list through the current access node. After the pre-authentication is completed, the mobile terminal and each access node in the adjacent access node list store the result of the pre-authentication and the negotiated unicast key respectively locally; 4) when the mobile terminal switches from the current access node to When adjacent to a certain adjacent access node AP* in the access node list, the adjacent access node AP* notifies the mobile terminal of the multicast key. The invention solves the technical problem of too long handover time delay of the wireless IP system mobile terminal in the background technology.

Figure 200410073231

Description

一种改善无线IP系统移动终端越区切换性能的方法A Method for Improving Handover Performance of Mobile Terminals in Wireless IP System

一、技术领域1. Technical field

本发明涉及一种无线IP技术,尤其是一种改善移动终端越区切换性能的方法。The invention relates to a wireless IP technology, in particular to a method for improving the handover performance of a mobile terminal.

二、背景技术2. Background technology

无线IP网络(Wireless IP Network)不仅支持移动计算,而且具有构架的灵活性、快捷性及可扩展性。它主要由移动终端MT(Mobile Terminal)、接入节点AP(Access Point)及认证服务器AS(Authentication Server)等设备构成,其中移动终端可在网中任意移动,接入节点实现包括越区切换在内的小区管理、对移动终端的管理及桥接功能,认证服务器实现无线接入终端的认证和网间漫游管理。无线IP网络应用非常广泛,在商务网络、机构用户网络、小区网、远程监测或集中监控、临时网络、户外移动用户、布线不易的场合和需要经常变动的场合等都非常有用。Wireless IP Network (Wireless IP Network) not only supports mobile computing, but also has the flexibility, speed and scalability of the framework. It is mainly composed of mobile terminal MT (Mobile Terminal), access node AP (Access Point) and authentication server AS (Authentication Server). Inner cell management, mobile terminal management and bridging functions, the authentication server implements wireless access terminal authentication and network roaming management. Wireless IP networks are widely used, and are very useful in business networks, institutional user networks, community networks, remote monitoring or centralized monitoring, temporary networks, outdoor mobile users, occasions where wiring is not easy, and occasions that require frequent changes.

对于无线IP网络而言,其安全问题远比有线以太网严重的多。无线局域网是无线IP系统的重要实现形式,无线局域网国家标准GB 15629.11是目前我国在无线IP系统领域惟一获得批准的标准。标准中包含了全新的无线局域网鉴别与保密基础结构WAPI(WLAN Authentication and Privacy Infrastructure),这种安全机制由无线局域网鉴别基础结构WAI(WLAN AuthenticationInfrastructure)和无线局域网保密基础结构WPI(WLAN PrivacyInfrastructure)两部分组成,分别实现对用户身份的鉴别和对传输的数据保密。For wireless IP networks, its security issues are much more serious than wired Ethernet. Wireless local area network is an important form of realization of wireless IP system. The national standard GB 15629.11 of wireless local area network is currently the only standard approved in the field of wireless IP system in my country. The standard includes a new wireless local area network authentication and privacy infrastructure WAPI (WLAN Authentication and Privacy Infrastructure). This security mechanism consists of two parts: WAI (WLAN Authentication Infrastructure) and WPI (WLAN Privacy Infrastructure). Composition, respectively realize the identification of the user's identity and the confidentiality of the transmitted data.

WAI的工作过程如下:The working process of WAI is as follows:

1)移动终端关联到接入节点后,接入节点把鉴别激活消息发给移动终端。1) After the mobile terminal associates with the access node, the access node sends an authentication activation message to the mobile terminal.

2)移动终端向接入节点发送接入鉴别请求消息,消息包括移动终端的证书和接入鉴别请求时间。2) The mobile terminal sends an access authentication request message to the access node, and the message includes the certificate of the mobile terminal and the time of the access authentication request.

3)接入节点收到消息后,将移动终端的证书、接入鉴别请求时间和自己的证书一起用自己的私钥形成签名,并将这个签名连同移动终端的证书、接入鉴别请求时间和接入节点的证书一起形成证书鉴别请求消息发给认证服务器。3) After the access node receives the message, it uses its own private key to form a signature with the certificate of the mobile terminal, the access authentication request time and its own certificate, and uses this signature together with the certificate of the mobile terminal, the access authentication request time and The certificates of the access nodes together form a certificate authentication request message and send it to the authentication server.

4)当认证服务器收到接入节点发来的证书鉴别请求消息后,验证接入节点的签名证书以及移动终端的证书。验证完成之后,构造证书鉴别响应消息,包括接入节点的证书鉴别结果信息、移动终端的证书鉴别结果信息和认证服务器对前两者的签名,发送给接入节点。4) After receiving the certificate authentication request message sent by the access node, the authentication server verifies the signature certificate of the access node and the certificate of the mobile terminal. After the verification is completed, a certificate authentication response message is constructed, including the certificate authentication result information of the access node, the certificate authentication result information of the mobile terminal and the authentication server's signature on the former two, and sent to the access node.

5)接入节点验证认证服务器的签名并判断证书鉴别响应消息中的移动终端的证书鉴别结果信息,若证书鉴别结果成功,则根据证书鉴别响应消息生成接入鉴别响应消息,消息内容和证书鉴别响应消息相同,发送给移动终端,然后进入密钥协商阶段;否则解除与移动终端的链路验证。5) The access node verifies the signature of the authentication server and judges the certificate authentication result information of the mobile terminal in the certificate authentication response message, if the certificate authentication result is successful, then generates an access authentication response message according to the certificate authentication response message, message content and certificate authentication The response message is the same, sent to the mobile terminal, and then enters the key negotiation stage; otherwise, the link verification with the mobile terminal is released.

6)移动终端收到消息后,验证认证服务器的签名并判断接入节点的证书鉴别结果信息,成功后进入密钥协商阶段;否则解除与接入节点的链路验证。6) After receiving the message, the mobile terminal verifies the signature of the authentication server and judges the certificate authentication result information of the access node, and enters the key negotiation stage after success; otherwise, the link verification with the access node is released.

7)移动终端和接入节点进行单播密钥协商;7) The mobile terminal and the access node perform unicast key negotiation;

8)接入节点向移动终端通告组播密钥。8) The access node notifies the mobile terminal of the multicast key.

一个无线IP系统一般包含多个接入节点,构成一个扩展服务集ESS(Extended Service Set),移动终端在扩展服务集ESS中工作时,可以从当前关联的接入节点APi切换到另一个接入节点APj,这就是越区切换(Handoff)。按照无线局域网国家标准GB 15629.11的规定,移动终端在切换时要进行重新认证,也就是要完成WAI过程。对于语音和多媒体流等连续业务而言,它们要求的切换时延很小,一般在50毫秒左右,而在目前常用的软硬件环境下,完成一个完整的WAI过程用时大约为1秒,这会造成在切换时通信中断时间过长。A wireless IP system generally includes multiple access nodes, forming an extended service set ESS (Extended Service Set). When a mobile terminal works in the extended service set ESS, it can switch from the currently associated access node AP i to another access node. Ingress node AP j , this is handoff (Handoff). According to the provisions of GB 15629.11, the national standard for wireless local area networks, the mobile terminal needs to re-authenticate when switching, that is, to complete the WAI process. For continuous services such as voice and multimedia streams, the switching delay required by them is very small, generally about 50 milliseconds, and in the current commonly used hardware and software environment, it takes about 1 second to complete a complete WAI process, which will Causes the communication to be interrupted for too long when switching.

三、发明内容3. Contents of the invention

本发明解决了背景技术中的无线IP系统移动终端越区切换时延过长的技术问题。The invention solves the technical problem of too long handover time delay of the wireless IP system mobile terminal in the background technology.

本发明的技术解决方案是:本发明为一种改善无线IP系统移动终端越区切换性能的方法,其特殊之处在于:该方法包括以下步骤:The technical solution of the present invention is: the present invention is a kind of method for improving the handover performance of wireless IP system mobile terminal, and its special feature is: this method comprises the following steps:

1)未与任何接入节点关联的移动终端和接入节点关联后,进行WAI过程;1) After the mobile terminal not associated with any access node is associated with the access node, the WAI process is performed;

2)完成WAI过程后,接入节点将它的邻接接入节点列表发送给移动终端;2) After completing the WAI process, the access node sends its adjacent access node list to the mobile terminal;

3)移动终端与收到的邻接接入节点列表中的每一个接入节点通过当前接入节点进行预认证。预认证完成后,移动终端和邻接接入节点列表中的每一个接入节点将预认证的结果和协商出的单播密钥各自在本地存储;3) The mobile terminal performs pre-authentication with each access node in the received adjacent access node list through the current access node. After the pre-authentication is completed, the mobile terminal and each access node in the adjacent access node list store the pre-authentication result and the negotiated unicast key locally;

4)当移动终端从当前接入节点切换到邻接接入节点列表中的某个邻接接入节点AP*时,该邻接接入节点AP*向移动终端通告组播密钥。4) When the mobile terminal switches from the current access node to an adjacent access node AP* in the adjacent access node list, the adjacent access node AP* notifies the mobile terminal of the multicast key.

上述步骤1)中移动终端和接入节点关联后进行WAI过程的步骤如下:The steps of performing the WAI process after the mobile terminal and the access node are associated in the above step 1) are as follows:

1.1)移动终端关联到接入节点后,接入节点把鉴别激活消息发给移动终端。1.1) After the mobile terminal associates with the access node, the access node sends an authentication activation message to the mobile terminal.

1.2)移动终端向接入节点发送接入鉴别请求消息,消息包括移动终端的证书和接入鉴别请求时间。1.2) The mobile terminal sends an access authentication request message to the access node, and the message includes the certificate of the mobile terminal and the time of the access authentication request.

1.3)接入节点收到消息后,将移动终端的证书、接入鉴别请求时间和自己的证书一起用自己的私钥形成签名,并将这个签名连同移动终端的证书、接入鉴别请求时间和接入节点的证书一起形成证书鉴别请求消息发给认证服务器。1.3) After the access node receives the message, it forms a signature with the certificate of the mobile terminal, the access authentication request time and its own certificate with its own private key, and uses this signature together with the certificate of the mobile terminal, the access authentication request time and The certificates of the access nodes together form a certificate authentication request message and send it to the authentication server.

1.4)当认证服务器收到接入节点发来的证书鉴别请求消息后,验证接入节点的签名和证书以及移动终端的证书。验证完成之后,构造证书鉴别响应消息,包括接入节点的证书鉴别结果信息、移动终端的证书鉴别结果信息和认证服务器对前两者的签名,发送给接入节点。1.4) After receiving the certificate authentication request message sent by the access node, the authentication server verifies the signature and certificate of the access node and the certificate of the mobile terminal. After the verification is completed, a certificate authentication response message is constructed, including the certificate authentication result information of the access node, the certificate authentication result information of the mobile terminal and the authentication server's signature on the former two, and sent to the access node.

1.5)接入节点验证认证服务器的签名并判断证书鉴别响应消息中的移动终端的证书鉴别结果信息,若证书鉴别结果成功,则根据证书鉴别响应消息生成接入鉴别响应消息,消息内容和证书鉴别响应消息相同,发送给移动终端,然后进入密钥协商阶段;否则解除与移动终端的链路验证。1.5) The access node verifies the signature of the authentication server and judges the certificate authentication result information of the mobile terminal in the certificate authentication response message, if the certificate authentication result is successful, then generates an access authentication response message according to the certificate authentication response message, message content and certificate authentication The response message is the same, sent to the mobile terminal, and then enters the key negotiation stage; otherwise, the link verification with the mobile terminal is released.

1.6)移动终端收到消息后,验证认证服务器的签名并判断接入节点的证书鉴别结果信息,成功后进入密钥协商阶段;否则解除与接入节点的链路验证。1.6) After receiving the message, the mobile terminal verifies the signature of the authentication server and judges the certificate authentication result information of the access node, and enters the key negotiation stage after success; otherwise, the link verification with the access node is released.

1.7)移动终端和接入节点进行单播密钥协商;1.7) The mobile terminal and the access node perform unicast key negotiation;

1.8)接入节点向移动终端通告组播密钥。1.8) The access node notifies the mobile terminal of the multicast key.

上述步骤2)的具体流程如下:The specific process of the above step 2) is as follows:

2.1)移动终端向接入节点发送邻接接入节点列表请求;2.1) The mobile terminal sends an adjacent access node list request to the access node;

2.2)接入节点向移动终端发送它的邻接接入节点列表。2.2) The access node sends its neighbor access node list to the mobile terminal.

上述步骤3)的具体流程如下:The specific process of the above step 3) is as follows:

3.1)移动终端和邻接接入节点列表中的每一个接入节点进行步骤1.2)-1.7),这些步骤中的消息都通过移动终端当前关联的接入节点转发;3.1) The mobile terminal and each access node in the adjacent access node list perform steps 1.2)-1.7), and the messages in these steps are all forwarded by the access node currently associated with the mobile terminal;

3.2)移动终端和邻接接入节点列表中的每一个接入节点都将预认证的结果和协商出的单播密钥本地存储下来。3.2) The mobile terminal and each access node in the adjacent access node list store the pre-authentication result and the negotiated unicast key locally.

上述步骤4)的具体流程如下The specific process of above-mentioned step 4) is as follows

4.1)当移动终端移动到邻接接入节点列表中的某个接入节点AP*的服务范围内或需要关联至接入节点(AP*)时,移动终端关联到该接入节点AP*;4.1) When the mobile terminal moves to the service range of a certain access node AP* in the adjacent access node list or needs to be associated with the access node (AP*), the mobile terminal associates with the access node AP*;

4.2)接入节点AP*检查自己的缓存,若移动终端的预认证结果为有效,则接入节点AP*直接和移动终端进行组播密钥通告,组播密钥通告成功后,允许移动终端接入;若缓存中没有移动终端的预认证结果或结果为无效,则接入节点AP*向移动终端发送鉴别激活消息,进行步骤1.1)-1.8)。4.2) The access node AP* checks its own cache. If the pre-authentication result of the mobile terminal is valid, the access node AP* directly announces the multicast key to the mobile terminal. After the multicast key announcement is successful, the mobile terminal is allowed to Access; if there is no pre-authentication result of the mobile terminal in the cache or the result is invalid, the access node AP* sends an authentication activation message to the mobile terminal, and proceeds to steps 1.1)-1.8).

本发明基于中国无线局域网国家标准GB 15629.11,并兼容无线局域网国家标准GB 15629.11。邻接接入节点关系由接入节点进行维护,移动终端向接入节点发送邻接接入节点列表请求,并从AP处获得该列表,使得移动终端不需使用复杂的方法去感知邻接接入节点,同时保证了邻接接入节点关系的全面性。本发明分为四个阶段,在进行接入节点间的越区切换时,只需进行第四阶段的过程。这使得切换时的安全控制过程不必经过接入节点和认证服务器之间的长时延链路,也不必进行具有大量的耗时公钥运算的单播密钥协商,从而在发生接入节点区切换时,切换时延在可预知的范围内,有效地降低了越区切换时延。The present invention is based on the national standard GB 15629.11 of the wireless local area network in China, and is compatible with the national standard GB 15629.11 of the wireless local area network. The relationship between adjacent access nodes is maintained by the access node. The mobile terminal sends a request for the list of adjacent access nodes to the access node and obtains the list from the AP, so that the mobile terminal does not need to use complicated methods to perceive the adjacent access nodes. At the same time, the comprehensiveness of the relationship between adjacent access nodes is guaranteed. The present invention is divided into four stages, and only needs to carry out the process of the fourth stage when performing handover between access nodes. This makes the security control process during the handover unnecessary to go through the long-delay link between the access node and the authentication server, and does not need to perform unicast key negotiation with a large amount of time-consuming public key calculations, so During the handover, the handover delay is within a predictable range, effectively reducing the handover delay.

四、附图说明4. Description of drawings

附图为应用本发明的系统逻辑结构图。Accompanying drawing is the logical structural diagram of the system applying the present invention.

五、具体实施方式5. Specific implementation

参见附图,MT是移动终端,AP是接入节点,虚线表示物理的邻接关系,即移动终端可以在有虚线连接的接入节点之间切换,接入节点之间的邻接关系可以通过自动学习或管理员手工管理的方法来建立。Referring to the attached figure, MT is a mobile terminal, and AP is an access node. The dotted line indicates the physical adjacency relationship, that is, the mobile terminal can switch between access nodes connected by dotted lines, and the adjacency relationship between access nodes can be learned automatically Or manually managed by the administrator to create.

本发明的方法是:The method of the present invention is:

1)未与任何接入节点关联的移动终端和当前接入节点关联后,进行WAI过程;1) After the mobile terminal not associated with any access node is associated with the current access node, the WAI process is performed;

2)完成WAI过程后,接入节点将它的邻接接入节点列表发送给移动终端;2) After completing the WAI process, the access node sends its adjacent access node list to the mobile terminal;

3)移动终端与收到的邻接接入节点列表中的每一个接入节点通过当前接入节点进行预认证。预认证完成后,MT和邻接接入节点列表中的每一个接入节点将预认证的结果和协商出的单播密钥各自在本地存储;3) The mobile terminal performs pre-authentication with each access node in the received adjacent access node list through the current access node. After the pre-authentication is completed, the MT and each access node in the adjacent access node list store the pre-authentication result and the negotiated unicast key locally;

4)当移动终端从当前接入节点切换到某个邻接接入节点AP*(在邻接接入节点列表中)时,该邻接接入节点AP*向移动终端通告组播密钥。4) When the mobile terminal switches from the current access node to an adjacent access node AP* (in the adjacent access node list), the adjacent access node AP* notifies the mobile terminal of the multicast key.

其具体过程分为四个阶段。The specific process is divided into four stages.

第一阶段:The first stage:

1.1)移动终端关联到接入节点后,接入节点把鉴别激活消息发给移动终端。1.1) After the mobile terminal associates with the access node, the access node sends an authentication activation message to the mobile terminal.

1.2)移动终端向接入节点发送接入鉴别请求消息,消息包括移动终端的证书和接入鉴别请求时间。1.2) The mobile terminal sends an access authentication request message to the access node, and the message includes the certificate of the mobile terminal and the time of the access authentication request.

1.3)接入节点收到消息后,将移动终端的证书、接入鉴别请求时间和自己的证书一起用自己的私钥形成签名,并将这个签名连同移动终端的证书、接入鉴别请求时间和接入节点的证书一起形成证书鉴别请求消息发给认证服务器。1.3) After the access node receives the message, it forms a signature with the certificate of the mobile terminal, the access authentication request time and its own certificate with its own private key, and uses this signature together with the certificate of the mobile terminal, the access authentication request time and The certificates of the access nodes together form a certificate authentication request message and send it to the authentication server.

1.4)当认证服务器收到接入节点发来的证书鉴别请求消息后,验证接入节点的签名和证书以及移动终端的证书。验证完成之后,构造证书鉴别响应消息,包括接入节点的证书鉴别结果信息、移动终端的证书鉴别结果信息和认证服务器对前两者的签名,发送给接入节点。1.4) After receiving the certificate authentication request message sent by the access node, the authentication server verifies the signature and certificate of the access node and the certificate of the mobile terminal. After the verification is completed, a certificate authentication response message is constructed, including the certificate authentication result information of the access node, the certificate authentication result information of the mobile terminal and the authentication server's signature on the former two, and sent to the access node.

1.5)接入节点验证认证服务器的签名并判断证书鉴别响应消息中的移动终端的证书鉴别结果信息,若证书鉴别结果成功,则根据证书鉴别响应消息生成接入鉴别响应消息,消息内容和证书鉴别响应消息相同,发送给移动终端,然后进入密钥协商阶段;否则解除与移动终端的链路验证。1.5) The access node verifies the signature of the authentication server and judges the certificate authentication result information of the mobile terminal in the certificate authentication response message, if the certificate authentication result is successful, then generates an access authentication response message according to the certificate authentication response message, message content and certificate authentication The response message is the same, sent to the mobile terminal, and then enters the key negotiation stage; otherwise, the link verification with the mobile terminal is released.

1.6)移动终端收到消息后,验证认证服务器的签名并判断接入节点的证书鉴别结果信息,成功后进入密钥协商阶段;否则解除与接入节点的链路验证。1.6) After receiving the message, the mobile terminal verifies the signature of the authentication server and judges the certificate authentication result information of the access node, and enters the key negotiation stage after success; otherwise, the link verification with the access node is released.

1.7)移动终端与接入节点进行单播密钥协商;1.7) The mobile terminal performs unicast key negotiation with the access node;

1.8)接入节点向移动终端通告组播密钥。1.8) The access node notifies the mobile terminal of the multicast key.

第二阶段:second stage:

2.1)移动终端向接入节点发送邻接接入节点列表请求;2.1) The mobile terminal sends an adjacent access node list request to the access node;

2.2)接入节点向移动终端发送邻接接入节点列表。2.2) The access node sends the adjacent access node list to the mobile terminal.

第三阶段:The third phase:

3.1)移动终端和邻接接入节点列表中的每一个接入节点进行步骤1.2)-1.7),这些步骤中的消息都通过移动终端当前关联的接入节点转发;3.1) The mobile terminal and each access node in the adjacent access node list perform steps 1.2)-1.7), and the messages in these steps are all forwarded by the access node currently associated with the mobile terminal;

3.2)移动终端和邻接接入节点列表中的每一个接入节点都将预认证的结果和协商出的单播密钥本地存储下来。3.2) The mobile terminal and each access node in the adjacent access node list store the pre-authentication result and the negotiated unicast key locally.

第四阶段fourth stage

4.1)当移动终端移动到邻接接入节点列表中的某个接入节点AP*的服务范围内或需要关联至AP*时,移动终端关联到该接入节点AP*;4.1) When the mobile terminal moves to the service range of a certain access node AP* in the adjacent access node list or needs to be associated with the AP*, the mobile terminal associates with the access node AP*;

4.2)接入节点AP*检查自己的缓存,若移动终端的预认证结果为有效,则接入节点AP*直接和移动终端进行组播密钥通告,组播密钥通告成功后,允许移动终端接入;若缓存中没有移动终端的预认证结果或结果为无效,则接入节点AP*向移动终端发送鉴别激活消息,进行步骤1.1)-1.8)。4.2) The access node AP* checks its own cache. If the pre-authentication result of the mobile terminal is valid, the access node AP* directly announces the multicast key to the mobile terminal. After the multicast key announcement is successful, the mobile terminal is allowed to Access; if there is no pre-authentication result of the mobile terminal in the cache or the result is invalid, the access node AP* sends an authentication activation message to the mobile terminal, and proceeds to steps 1.1)-1.8).

Claims (5)

1, a kind of method of improving mobile terminal handover switching performance in radio IP system, it is characterized in that: this method may further comprise the steps:
1) not related portable terminal and access node with any access node related after, carry out the WAI process;
2) finish the WAI process after, access node sends to portable terminal with it in abutting connection with access node tabulation;
3) portable terminal carries out pre-authentication with each access node in the access node tabulation of receiving by current access node.After pre-authentication was finished, portable terminal and each access node in the access node tabulation were stored the result of pre-authentication and each the comfortable this locality of singlecast key that negotiates;
4) when portable terminal switches in abutting connection with the access node tabulation certain in abutting connection with access node (AP*) from current access node, this in abutting connection with access node (AP*) to portable terminal announcement multicast key.
2, the method for improving mobile terminal handover switching performance in radio IP system according to claim 1 is characterized in that: portable terminal is as follows with the step of carrying out the WAI process after access node is related in the described step 1):
1.1) after portable terminal was associated with access node, access node was differentiating that activating message issues portable terminal.
1.2) portable terminal is to access node transmission access discriminating request message, message comprises the certificate of portable terminal and inserts the discriminating request time.
1.3) after access node receives message, with the certificate of portable terminal, insert and differentiate that request time and oneself certificate one reinstate own private key and form signature, and this signature formed request of certificate authentication message together with the certificate of certificate, access discriminating request time and the access node of portable terminal issue certificate server.
1.4) after certificate server is received the request of certificate authentication message that access node sends, the signature of checking access node and the certificate of certificate and portable terminal.After checking was finished, structure certificate identification response message comprised that the certificate identification result information of certificate identification result information, portable terminal of access node and certificate server to the above two signature, send to access node.
1.5) signature of access node authentication verification server and the certificate identification result information of the portable terminal in the judgement certificate identification response message, if certificate identification result success, then generate and insert identification response message according to the certificate identification response message, message content is identical with the certificate identification response message, send to portable terminal, enter the key agreement stage then; Otherwise remove link verification with portable terminal.
1.6) after portable terminal received message, the signature of authentication verification server was also judged the certificate identification result information of access node, enters the key agreement stage after the success; Otherwise remove link verification with access node.
1.7) portable terminal and access node carry out unicast key agreement;
1.8) access node announces multicast key to portable terminal.
3, the method for improving mobile terminal handover switching performance in radio IP system according to claim 1 and 2, it is characterized in that: idiographic flow described step 2) is as follows:
2.1) portable terminal sends in abutting connection with the access node list request to access node;
2.2) access node sends tabulating in abutting connection with access node of it to portable terminal.
4, the method for improving mobile terminal handover switching performance in radio IP system according to claim 1 and 2, it is characterized in that: the idiographic flow of described step 3) is as follows:
3.1) portable terminal and each access node in access node tabulation carry out step 1.2)-1.7), the message in these steps all pass through the access node forwarding of the current association of portable terminal;
3.2) portable terminal and each access node in access node tabulation all store the result of pre-authentication and the singlecast key this locality that negotiates.
5, the method for improving mobile terminal handover switching performance in radio IP system according to claim 1 and 2, it is characterized in that: the idiographic flow of described step 4) is as follows:
4.1) when maybe needing to be associated to access node (AP*) in portable terminal moves to the service range of certain access node (AP*) in access node tabulation, portable terminal is associated with this access node (AP*);
4.2) access node (AP*) is checked own buffer memory, if the pre-authentication result of portable terminal be effectively, then access node (AP*) directly and portable terminal carry out multicast key notification, after multicast key notification is successful, the access of permission portable terminal; If it is invalid not having the pre-authentication result of portable terminal or result in the buffer memory, then access node (AP*) sends to portable terminal and differentiates activation message, carry out step 1.1)-1.8).
CNB2004100732311A 2004-11-04 2004-11-04 Method of improving mobile terminal handover switching performance in radio IP system Expired - Lifetime CN1225942C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB2004100732311A CN1225942C (en) 2004-11-04 2004-11-04 Method of improving mobile terminal handover switching performance in radio IP system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2004100732311A CN1225942C (en) 2004-11-04 2004-11-04 Method of improving mobile terminal handover switching performance in radio IP system

Publications (2)

Publication Number Publication Date
CN1602109A true CN1602109A (en) 2005-03-30
CN1225942C CN1225942C (en) 2005-11-02

Family

ID=34666885

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2004100732311A Expired - Lifetime CN1225942C (en) 2004-11-04 2004-11-04 Method of improving mobile terminal handover switching performance in radio IP system

Country Status (1)

Country Link
CN (1) CN1225942C (en)

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101222772B (en) * 2008-01-23 2010-06-09 西安西电捷通无线网络通信有限公司 Wireless multi-hop network authentication access method based on ID
CN101779480A (en) * 2007-08-17 2010-07-14 高通股份有限公司 Handoff at an ad-hoc mobile service provider
WO2010115326A1 (en) * 2009-04-08 2010-10-14 中兴通讯股份有限公司 Wireless local area network terminal pre-authentication method and wireless local area network system
WO2010145273A1 (en) * 2009-11-03 2010-12-23 中兴通讯股份有限公司 Handoff method and system for mobile terminal
CN1964259B (en) * 2005-11-07 2011-02-16 华为技术有限公司 A method to manage secret key in the course of switch-over
CN102083065A (en) * 2011-02-14 2011-06-01 宇龙计算机通信科技(深圳)有限公司 Method and device for managing certificates
CN101442773B (en) * 2007-11-21 2011-08-17 上海寰创通信科技有限公司 Rapid switching method for wireless netted network
CN102164368A (en) * 2011-03-07 2011-08-24 北京新岸线无线技术有限公司 Method for accessing a wireless local area network and communication system
CN101155396B (en) * 2006-09-25 2012-03-28 联想(北京)有限公司 Terminal node switching method
US8190155B2 (en) 2005-05-11 2012-05-29 Interdigital Technology Corporation Method and system for reselecting an access point
CN101902722B (en) * 2009-05-25 2013-05-08 南京中兴软件有限责任公司 Method for realizing roaming authentication of mobile terminal in wireless local area network and access point
US8644206B2 (en) 2007-08-17 2014-02-04 Qualcomm Incorporated Ad hoc service provider configuration for broadcasting service information
US8688974B2 (en) 2008-01-23 2014-04-01 China Iwncomm Co., Ltd. Method for managing wireless multi-hop network key
US9179367B2 (en) 2009-05-26 2015-11-03 Qualcomm Incorporated Maximizing service provider utility in a heterogeneous wireless ad-hoc network
CN105050146A (en) * 2015-05-28 2015-11-11 上海精吉通讯技术有限公司 Roaming switching method

Cited By (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8190155B2 (en) 2005-05-11 2012-05-29 Interdigital Technology Corporation Method and system for reselecting an access point
US8391866B2 (en) 2005-05-11 2013-03-05 Interdigital Technology Corporation Method and system for reselecting an access point
CN1964259B (en) * 2005-11-07 2011-02-16 华为技术有限公司 A method to manage secret key in the course of switch-over
CN101155396B (en) * 2006-09-25 2012-03-28 联想(北京)有限公司 Terminal node switching method
CN101779480A (en) * 2007-08-17 2010-07-14 高通股份有限公司 Handoff at an ad-hoc mobile service provider
US9398453B2 (en) 2007-08-17 2016-07-19 Qualcomm Incorporated Ad hoc service provider's ability to provide service for a wireless network
US9392445B2 (en) 2007-08-17 2016-07-12 Qualcomm Incorporated Handoff at an ad-hoc mobile service provider
US9167426B2 (en) 2007-08-17 2015-10-20 Qualcomm Incorporated Ad hoc service provider's ability to provide service for a wireless network
US8644206B2 (en) 2007-08-17 2014-02-04 Qualcomm Incorporated Ad hoc service provider configuration for broadcasting service information
CN101442773B (en) * 2007-11-21 2011-08-17 上海寰创通信科技有限公司 Rapid switching method for wireless netted network
CN101222772B (en) * 2008-01-23 2010-06-09 西安西电捷通无线网络通信有限公司 Wireless multi-hop network authentication access method based on ID
US8688974B2 (en) 2008-01-23 2014-04-01 China Iwncomm Co., Ltd. Method for managing wireless multi-hop network key
US8533461B2 (en) 2009-04-08 2013-09-10 Zte Corporation Wireless local area network terminal pre-authentication method and wireless local area network system
WO2010115326A1 (en) * 2009-04-08 2010-10-14 中兴通讯股份有限公司 Wireless local area network terminal pre-authentication method and wireless local area network system
CN101902722B (en) * 2009-05-25 2013-05-08 南京中兴软件有限责任公司 Method for realizing roaming authentication of mobile terminal in wireless local area network and access point
US9179367B2 (en) 2009-05-26 2015-11-03 Qualcomm Incorporated Maximizing service provider utility in a heterogeneous wireless ad-hoc network
CN101702802B (en) * 2009-11-03 2012-10-17 中兴通讯股份有限公司 Mobile terminal handover method
US8879505B2 (en) 2009-11-03 2014-11-04 Zte Corporation Handoff method and system for mobile terminal
WO2010145273A1 (en) * 2009-11-03 2010-12-23 中兴通讯股份有限公司 Handoff method and system for mobile terminal
CN102083065B (en) * 2011-02-14 2013-11-13 宇龙计算机通信科技(深圳)有限公司 Method and device for managing certificates
CN102083065A (en) * 2011-02-14 2011-06-01 宇龙计算机通信科技(深圳)有限公司 Method and device for managing certificates
CN102164368A (en) * 2011-03-07 2011-08-24 北京新岸线无线技术有限公司 Method for accessing a wireless local area network and communication system
CN102164368B (en) * 2011-03-07 2016-09-07 北京新岸线移动多媒体技术有限公司 A kind of method accessing WLAN and communication system
CN105050146A (en) * 2015-05-28 2015-11-11 上海精吉通讯技术有限公司 Roaming switching method

Also Published As

Publication number Publication date
CN1225942C (en) 2005-11-02

Similar Documents

Publication Publication Date Title
CN1186906C (en) Wireless LAN safety connecting-in control method
CN1602109A (en) A Method for Improving Handover Performance of Mobile Terminals in Wireless IP System
CN101056177B (en) Radio mesh re-authentication method based on the WLAN secure standard WAPI
CN101079891A (en) Wireless switching network re-authentication method based on wireless LAN secure standard WAPI
CN1783773A (en) A method for automatic setting and automatic sorting of wireless security network
CN1619604A (en) Layer 2 switch device with verification management table
CN1968117A (en) Method for adding LAN subscriber into group communication in instant communication
WO2009140902A1 (en) Method, system and femto gateway for implementing communication between femto cell network and macro network
CN101060716A (en) Group call method and group call register for the third generation partner program network
CN101902722B (en) Method for realizing roaming authentication of mobile terminal in wireless local area network and access point
CN1889611A (en) Real-time speech communicating method and real-time speech communicating system
CN101160833A (en) Method, system and terminal for accessing wireless local area network terminal to network
CN1992637A (en) Wimax network control and management system and method
CN101299830B (en) Method and device for updating Iu interface concurrent multimedia broadcast multicast service conversation
CN1253054C (en) Global trusting roaming access method of mobile terminal in radio IP system
CN1223155C (en) Method for realizing 802.1 X communication based on group management
CN1527557A (en) A method for transparently transmitting 802.1X authentication packets by bridge devices
CN1735050A (en) Method for managing multicast service in access device
CN101051967A (en) Communication system and its method for user's device in user's network
CN118804369B (en) Communication method, communication device, electronic equipment and storage medium
CN1652538A (en) Agency testing method
CN1992606A (en) NGN network system and method for implementing mobility management
CN1728635A (en) Authentication method in use for digital clustering operation in CDMA system
CN101043414A (en) Method for guarantying consistency of quality of service configuration of wireless LAN and sealed packet data gateway
CN1859768A (en) Method for switching between cut-in nets at user's terminal in communication network

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C56 Change in the name or address of the patentee

Owner name: XI'AN IWNCOMM CO., LTD.

Free format text: FORMER NAME: XIDIAN JIETONG WIRELESS NETWORK COMMUNICATION CO LTD, XI'AN

CP01 Change in the name or title of a patent holder

Address after: 710075 4F.C building, No. 12, No. two, hi tech Road, Shaanxi, Xi'an

Patentee after: CHINA IWNCOMM Co.,Ltd.

Address before: 710075 4F.C building, No. 12, No. two, hi tech Road, Shaanxi, Xi'an

Patentee before: CHINA IWNCOMM Co.,Ltd.

EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: BEIJING ZHIXIANG TECHNOLOGY Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2016610000049

Denomination of invention: Method of improving mobile terminal handover switching performance in radio IP system

Granted publication date: 20051102

License type: Common License

Record date: 20161117

LICC Enforcement, change and cancellation of record of contracts on the licence for exploitation of a patent or utility model
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: BEIJING FENGHUO LIANTUO TECHNOLOGY Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2017610000001

Denomination of invention: Method of improving mobile terminal handover switching performance in radio IP system

Granted publication date: 20051102

License type: Common License

Record date: 20170106

LICC Enforcement, change and cancellation of record of contracts on the licence for exploitation of a patent or utility model
EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: SHANGHAI YU FLY MILKY WAY SCIENCE AND TECHNOLOGY CO.,LTD.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2017610000005

Denomination of invention: Method of improving mobile terminal handover switching performance in radio IP system

Granted publication date: 20051102

License type: Common License

Record date: 20170317

EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: Beijing next Technology Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2017610000014

Denomination of invention: Method of improving mobile terminal handover switching performance in radio IP system

Granted publication date: 20051102

License type: Common License

Record date: 20170601

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: HYTERA COMMUNICATIONS Corp.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2017610000015

Denomination of invention: Method of improving mobile terminal handover switching performance in radio IP system

Granted publication date: 20051102

License type: Common License

Record date: 20170602

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: Beijing Hua Xinaotian network technology Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2017610000028

Denomination of invention: Method of improving mobile terminal handover switching performance in radio IP system

Granted publication date: 20051102

License type: Common License

Record date: 20171122

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: ALPINE ELECTRONICS, Inc.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2017990000497

Denomination of invention: Method of improving mobile terminal handover switching performance in radio IP system

Granted publication date: 20051102

License type: Common License

Record date: 20171222

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: SHENZHEN RAKWIRELESS TECHNOLOGY CO.,LTD.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2018610000006

Denomination of invention: Method of improving mobile terminal handover switching performance in radio IP system

Granted publication date: 20051102

License type: Common License

Record date: 20180226

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: BLACKSHARK TECHNOLOGIES (NANCHANG) Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2018610000012

Denomination of invention: Method of improving mobile terminal handover switching performance in radio IP system

Granted publication date: 20051102

License type: Common License

Record date: 20180404

EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: Sony Mobile Communications AB

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2018990000306

Denomination of invention: Method of improving mobile terminal handover switching performance in radio IP system

Granted publication date: 20051102

License type: Common License

Record date: 20181123

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: SHENZHEN UCLOUDLINK NEW TECHNOLOGY Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: X2019610000002

Denomination of invention: Method of improving mobile terminal handover switching performance in radio IP system

Granted publication date: 20051102

License type: Common License

Record date: 20191010

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: HANGZHOU STRONG EDUCATION TECHNOLOGY Co.,Ltd.

Assignor: China IWNCOMM Co.,Ltd.

Contract record no.: X2021610000001

Denomination of invention: A method to improve handoff performance of mobile terminal in wireless IP system

Granted publication date: 20051102

License type: Common License

Record date: 20210125

EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: EKC communication technology (Shenzhen) Co.,Ltd.

Assignor: China IWNCOMM Co.,Ltd.

Contract record no.: X2021610000008

Denomination of invention: A method to improve handoff performance of mobile terminal in wireless IP system

Granted publication date: 20051102

License type: Common License

Record date: 20210705

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: Guangzhou nengchuang Information Technology Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: X2021610000011

Denomination of invention: A method for improving handoff performance of mobile terminal in wireless IP system

Granted publication date: 20051102

License type: Common License

Record date: 20211104

Application publication date: 20050330

Assignee: Xinruiya Technology (Beijing) Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: X2021610000012

Denomination of invention: A method for improving handoff performance of mobile terminal in wireless IP system

Granted publication date: 20051102

License type: Common License

Record date: 20211104

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: SHENZHEN ZHIKAI TECHNOLOGY Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: X2022610000005

Denomination of invention: A method for improving handoff performance of mobile terminal in wireless IP system

Granted publication date: 20051102

License type: Common License

Record date: 20220531

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: HISCENE INFORMATION TECHNOLOGY Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: X2023610000003

Denomination of invention: A method to improve the handover performance of mobile terminals in wireless IP system

Granted publication date: 20051102

License type: Common License

Record date: 20230207

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: Beijing baicaibang Technology Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: X2023610000005

Denomination of invention: A method to improve the handover performance of mobile terminals in wireless IP systems

Granted publication date: 20051102

License type: Common License

Record date: 20230329

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: Shenzhen wisky Technology Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: X2023610000008

Denomination of invention: A method to improve the handover performance of mobile terminals in wireless IP systems

Granted publication date: 20051102

License type: Common License

Record date: 20230522

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: Beijing Digital Technology (Shanghai) Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: X2023610000012

Denomination of invention: A method to improve the handover performance of mobile terminals in wireless IP systems

Granted publication date: 20051102

License type: Common License

Record date: 20231114

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: SHENZHEN JINGYI SMART TECHNOLOGY CO.,LTD.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: X2024610000002

Denomination of invention: A method to improve the handover performance of mobile terminals in wireless IP systems

Granted publication date: 20051102

License type: Common License

Record date: 20240520

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20050330

Assignee: Nanjing Wanxin Donglian Intelligent Technology Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: X2024610000005

Denomination of invention: A method for improving the handover performance of mobile terminals in wireless IP systems

Granted publication date: 20051102

License type: Common License

Record date: 20241025

CX01 Expiry of patent term
CX01 Expiry of patent term

Granted publication date: 20051102