[go: up one dir, main page]

WO2018171486A1 - Procédé et dispositif de mise à jour de position d'un terminal mobile - Google Patents

Procédé et dispositif de mise à jour de position d'un terminal mobile Download PDF

Info

Publication number
WO2018171486A1
WO2018171486A1 PCT/CN2018/079032 CN2018079032W WO2018171486A1 WO 2018171486 A1 WO2018171486 A1 WO 2018171486A1 CN 2018079032 W CN2018079032 W CN 2018079032W WO 2018171486 A1 WO2018171486 A1 WO 2018171486A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
ccf
information
information content
generated based
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2018/079032
Other languages
English (en)
Chinese (zh)
Inventor
谢振华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Publication of WO2018171486A1 publication Critical patent/WO2018171486A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud

Definitions

  • the present disclosure relates to the field of communications technologies, and, for example, to a method and apparatus for location update of a mobile terminal.
  • FIG. 1 is a schematic diagram of a process for updating a location of a mobile terminal according to the related art, as shown in FIG.
  • the terminal UE sends an attach request to a core network Call Control Function (CCF) (such as a Mobility Management Entity (MME), or an Access Management Function (AMF)).
  • CCF Core Network Call Control Function
  • MME Mobility Management Entity
  • AMF Access Management Function
  • an Attach Request message is sent, and the message carries the identifier 1 of the UE.
  • the identifier 1 may be a Temporary Mobile Subscriber Identity (TMSI) or an International Mobile Subscriber Identity (IMSI).
  • the CCF sends an authentication data request to a Home Network Function (HF), such as a Unified Data Manager (UDM) or a Home Subscriber Server (HSS), such as sending an Authentication.
  • HF Home Network Function
  • UDM Unified Data Manager
  • HSS Home Subscriber Server
  • the data request message carries the identifier 2, for example, the identifier 2 is the IMSI.
  • the identifier 1 is the TMSI
  • the identifier 1 can be converted into the identifier 2 by the CCF.
  • the HF sends an authentication data response to the CCF, such as sending an Authentication Data Response message carrying Auth, Xres, and Key, where Auth is authentication information, such as AUTN for the UE authentication network and RAND for the UE to generate Res.
  • Xres is an expected response, such as for the CCF to determine whether the Res sent by the UE is equal to Xres to authenticate the UE, and the Key is used by the CCF for secure communication between the UE and the CCF.
  • step 104 the CCF sends a user authentication request to the UE, for example, sending a User Authentication Request message carrying the AUTN and the RAND.
  • step 105 the UE checks the AUTN to authenticate the network. If the authentication is successful, the Res is generated based on the RAND, and a user authentication response is sent to the CCF, such as sending a User Authentication Response message carrying the Res.
  • step 106 the CCF checks the Res using Xres, and if the two are the same, sends a location update to the HF, such as sending an Update Location message.
  • the HF receiving the message can know the current location information of the UE and consider that the UE has access to the mobile network using the service.
  • step 106 If the CCF does not perform steps 104 and 105, but directly performs step 106, that is, the CCF uses Xres as the Res to notify the HF that the UE has been authenticated, the HF can be spoofed to let the HF assume that the UE has accessed the network, which may cause the home network to occur as a UE. The risk of incorrect billing.
  • the present disclosure provides a method and apparatus for updating a location of a mobile terminal, so as to at least solve the problem that the CCF can initiate a legal location update without authenticating the UE in the related art.
  • the present disclosure provides a method for updating a location of a mobile terminal, which is applied to a core network control function CCF, including: after receiving an attach request message from a user terminal UE, the CCF sends a request message to the home network function HF, where the The request message is used to request to acquire the first information content IE1 and the second information content IE2, where the IE1 includes an encryption key Key, and the IE2 includes at least one of the following: challenge information and key generation information; the CCF is at the receiving station.
  • the CCF After the IE1 and the IE2 sent by the HF, send the IE2 to the UE, and receive a fourth information content IE4 from the UE, where the IE4 is generated based on the IE2, where the IE4 is at least Include one of: an actual key and an actual response; the CCF verifies the Key based on the IE1 and the IE4; based on the result of the verification, the CCF sends a location update message to the HF, wherein the location The update message carries a fifth information content IE5 generated based on the Key.
  • the IE1 is generated based on a third information content IE3 and a key Key, the IE3 being generated based on the IE2, the IE3 comprising at least one of: a desired key and a desired response.
  • the method further includes: the CCF verifying the Key based on the IE1 and the IE4, the CCF receiving the IE3 from the HF; and the CCF verifying the IE4 After the IE3 is successfully matched, the Key is verified based on the IE1 and the IE4.
  • the method before the CCF initiates a location update message to the HF, the method further comprises: the CCF receiving a sixth information content IE6 from the HF, wherein the IE6 includes verification information The check information is used to check the IE4; after the CCF determines the Key, the IE6 is verified based on the Key and the IE4.
  • the present disclosure also provides another method for updating a location of a mobile terminal, which is applied to a home network function HF.
  • the method includes: receiving, by the HF, a request message sent by the core network control function CCF for the user terminal UE, where the request message is used by the HF.
  • the HF Requesting to acquire the first information content IE1 and the second information content IE2; the HF transmitting the first information content IE1 and the second information content IE2 to the CCF, wherein the IE1 includes an encryption key Key,
  • the IE2 includes at least one of: challenge information and key generation information; the challenge information includes a random number challenge RAND; the HF receives a location update message sent by the CCF, where the location update message is carried There is a fifth information content IE5 generated based on the Key; the HF verifies the IE5 based on the Key.
  • the IE1 is generated based on a third information content IE3 and a key Key, the IE3 being generated based on the IE2, the IE3 comprising at least one of: a desired key and a desired response.
  • the HF before the HF receives the location update message sent by the CCF, the HF further includes: sending, by the HF, the IE3 to the CCF.
  • the HF before the HF receives the location update message sent by the CCF, the HF further includes: the HF sending a sixth content information IE6 to the CCF, where the IE6 includes verification information, the school The verification information is used to check IE4, and the IE4 is generated based on the IE2, wherein the IE4 includes at least one of the following: an actual key and an actual response.
  • the present disclosure further provides an apparatus for updating a location of a mobile terminal, which is applied to a core network control function CCF, and the apparatus includes: a requesting module, configured to: after receiving an attach request message from the user terminal UE, to the home network function HF Sending a request message, wherein the request message is used to request to acquire the first information content IE1 and the second information content IE2, where the IE1 includes an encryption key Key, and the IE2 includes at least one of the following: challenge information and key generation And a transmission module, configured to: after receiving the IE1 and the IE2 sent by the HF, send the IE2 to the UE, and receive a fourth information content IE4 from the UE, where the IE4 is The UE is generated based on the IE2, where the IE4 includes at least one of the following: an actual key and an actual response; a first verification module, configured to verify the Key based on the IE1 and the IE4; and an update module, Set to be based on the result
  • the IE1 is generated based on a third information content IE3 and a key Key, the IE3 being generated based on the IE2, the IE3 comprising at least one of: a desired key and a desired response.
  • the first receiving module is configured to receive the IE3 from the HF; the first verification module is configured to, after verifying that the IE4 and the IE3 are successfully matched, based on the IE1 And verifying the Key with the IE4.
  • the apparatus further comprises: a second receiving module, configured to receive a sixth information content IE6 from the HF before the update module initiates a location update message to the HF, wherein the The IE6 includes verification information, and the verification information is used to verify the IE4.
  • the second verification module is configured to verify the IE6 based on the Key and the IE4 after determining the Key.
  • the present disclosure further provides another apparatus for updating a location of a mobile terminal, which is applied to a home network function HF, the apparatus comprising: a first receiving module, configured to receive a request message sent by a core network control function CCF for a user terminal UE, The request message is used to request to acquire the first information content IE1 and the second information content IE2, and send the first information content IE1 and the second information content IE2 to the CCF, where the IE1 includes an encryption key.
  • a first receiving module configured to receive a request message sent by a core network control function CCF for a user terminal UE, The request message is used to request to acquire the first information content IE1 and the second information content IE2, and send the first information content IE1 and the second information content IE2 to the CCF, where the IE1 includes an encryption key.
  • the IE2 includes at least one of the following: challenge information and key generation information; and a second receiving module, configured to receive a location update message sent by the CCF, where the location update message is carried based on the The fifth information content IE5 generated by the Key; the verification module is configured to verify the IE5 based on the Key.
  • the IE1 is generated based on a third information content IE3 and a key Key, the IE3 being generated based on the IE2, the IE3 comprising at least one of: a desired key and a desired response.
  • the apparatus further includes: a first sending module, configured to send the IE3 to the CCF before receiving the location update message sent by the CCF.
  • the apparatus further includes: a second sending module, configured to send a sixth content information IE6 to the CCF before receiving the location update message sent by the CCF, where the IE6 includes a school
  • the verification information is used to check IE4, and the IE4 is generated based on the IE2, wherein the IE4 includes at least one of the following: an actual key and an actual response.
  • the present disclosure also provides a storage medium.
  • the storage medium is arranged to store program code for performing the following steps:
  • the request message After receiving the attach request message from the user terminal UE, the request message is sent to the home network function HF, where the request message is used to request to acquire the first information content IE1 and the second information content IE2, where the IE1 includes the encryption key.
  • the IE2 includes at least one of the following: challenge information and key generation information;
  • the IE4 includes at least one of the following: an actual key and an actual response;
  • the method and the device for updating the location of the mobile terminal provided by the present disclosure can solve the problem that the CCF can initiate a legal location update without the UE being authenticated in the related art, and prevent the CCF from spoofing the home network when the UE does not access the network. happening.
  • FIG. 1 is a schematic diagram of a mobile terminal location update process in the related art
  • FIG. 2 is a flowchart of a method for updating a location of a mobile terminal according to an embodiment
  • FIG. 3 is a flowchart of another method for updating a location of a mobile terminal according to an embodiment
  • FIG. 4 is a structural block diagram of an apparatus for updating a location of a mobile terminal according to an embodiment
  • FIG. 5 is a structural block diagram of another apparatus for updating a location of a mobile terminal according to an embodiment
  • FIG. 6 is a schematic diagram of a mobile terminal location update process according to an embodiment
  • FIG. 7 is a schematic diagram of another mobile terminal location update process according to an embodiment.
  • FIG. 2 is a flowchart of a method for updating a location of a mobile terminal according to the embodiment. As shown in FIG. The process includes the following steps:
  • step 202 after receiving the attach request message from the user terminal UE, the CCF sends a request message to the home network function HF, where the request message is used to request to acquire the first information content (IE) IE1 and The second information content IE2, wherein the IE1 includes an encryption key Key, and the IE2 includes at least one of the following: challenge information and key generation information.
  • IE information content
  • IE2 includes at least one of the following: challenge information and key generation information.
  • the CCF After receiving the IE1 and IE2 sent by the HF, the CCF sends the IE2 to the UE, and receives the fourth information content IE4 from the UE.
  • the IE4 is generated based on the IE2, where the IE4 includes at least one of the following: Key and actual response.
  • step 206 the CCF verifies the Key based on IE1 and IE4.
  • step 208 based on the result of the verification, the CCF sends a location update message to the HF, where the location update message carries the fifth information content IE5 generated based on the Key.
  • the CCF After receiving the message from the user terminal UE, the CCF requests the first information content IE1 and the second information content IE2 from the home network function HF, where the IE1 includes an encryption key, and the IE2 includes at least one of the following: The information and the key generation information; the CCF sends the IE2 to the UE, and receives the fourth information content IE4 from the UE, and the IE4 is generated based on the IE2, wherein the IE4 includes at least one of the following: the actual key and the actual response; the CCF is based on the IE1 and the IE4 Verifying the Key; when the verification is passed, the CCF sends a fifth information content IE5 generated based on the Key to the HF, and initiates a location update to the HF.
  • the IE1 includes an encryption key
  • the IE2 includes at least one of the following: The information and the key generation information
  • the CCF sends the IE2 to the UE, and receives the fourth information content
  • the CCF Since the CCF carries the authentication information generated based on the key in the location update, the key must be in the After the UE is authenticated, the CCF can not initiate a legal location update without authenticating the UE. This solves the problem that the CCF can initiate a legal location update without the UE being authenticated in the related art, and prevents the CCF from being in the UE. The case of spoofing the home network when accessing the network.
  • the execution body of the above steps may be an entity or software related to the CCF.
  • IE1 is generated based on the third information content IE3 and the key Key
  • IE3 is generated based on IE2
  • IE3 includes at least one of the following: a desired key and a desired response.
  • the CCF verifies the Key based on the IE1 and the IE4, including:
  • the CCF receives the IE3 from the HF.
  • the CCF After the CCF verifies that the IE4 matches the IE3, the Key is verified based on the IE1 and the IE4.
  • the method further includes:
  • the CCF receives IE3 from HF.
  • the method before the CCF initiates the location update message to the HF, the method further includes:
  • the CCF receives the sixth information content IE6 from the HF, wherein the IE6 includes verification information, wherein the verification information is used to verify the IE4 in this embodiment.
  • the CCF After the CCF determines the Key, it verifies IE6 based on Key and IE4.
  • FIG. 3 is a flowchart of another method for updating a location of a mobile terminal according to the embodiment. As shown in FIG. The process includes the following steps:
  • the HF receives a request message sent by the core network control function CCF for the user terminal UE, the request message is used to request to acquire the first information content IE1 and the second information content IE2; the HF sends the IE1 and the IE2 to the CCF, where IE1 includes an encryption key Key, and IE2 includes at least one of the following: challenge information and key generation information;
  • the HF receives a location update message carrying the fifth information content IE5 from the CCF for the UE, where the IE5 is generated based on the Key;
  • step 306 HF verifies IE5 based on Key.
  • IE1 is generated based on the third information content IE3 and the key Key
  • IE3 is generated based on IE2
  • IE3 includes at least one of the following: a desired key and a desired response.
  • the method further comprises: before the HF receives the location update message sent by the CCF, the HF sends the IE3 to the CCF.
  • the method further includes: before the HF receives the location update message sent by the CCF, the HF sends the sixth content information IE6 to the CCF, where the IE6 includes verification information, and the verification information is used to verify the IE4.
  • the method of the foregoing embodiment can be implemented by means of software plus a necessary general hardware platform, and can also be implemented by hardware, and can be embodied in the form of a software product, which can be stored in a storage medium (such as ROM/RAM, disk or optical disk, etc., includes a number of instructions for causing a terminal device (which may be a mobile phone, a computer, a server, or a network device, etc.) to perform the method of the above embodiments.
  • a terminal device which may be a mobile phone, a computer, a server, or a network device, etc.
  • a device for updating a location of a mobile terminal is also provided, and the device may perform the method provided in the foregoing embodiment, and details are not described herein.
  • the term "module" can be a combination of at least one of software and hardware that implements a predetermined function.
  • the apparatus described in the following embodiments may be implemented in software, but hardware, or a combination of software and hardware, is also possible and conceivable.
  • FIG. 4 is a structural block diagram of an apparatus for updating a location of a mobile terminal according to the embodiment, which is applied to a CCF. As shown in FIG. 4, the apparatus includes:
  • the requesting module 40 is configured to, after receiving the attach request message from the user terminal UE, send a request message requesting the first information content IE1 and the second information content IE2 to the home network function HF, where the IE1 includes an encryption key Key, IE2 includes at least one of the following: challenge information and key generation information;
  • the transmission module 42 is configured to: after receiving the IE1 and the IE2 sent by the HF, send the IE2 to the UE, and receive the fourth information content IE4 from the UE, where the IE4 is generated based on the IE2, where the IE4 includes at least one of the following: an actual key and Actual response
  • the first verification module 44 is configured to verify the Key based on IE1 and IE4 by the CCF;
  • the update module 46 is configured to, when the verification passes, send a fifth information content IE5 carrying the Key-based generation to the HF, and initiate a location update message to the HF.
  • IE1 is generated based on the third information content IE3 and the key Key
  • IE3 is generated based on IE2
  • IE3 includes at least one of the following: a desired key and a desired response.
  • the apparatus further includes: a first receiving module configured to receive the IE3 from the HF; and a first verification module configured to verify that the IE4 and the IE3 match successfully, and verify the IE1 and the IE4 based on the IE1 and the IE4 Key.
  • the first update module is further configured to set a CCF to verify that the IE4 and the IE3 match successfully, and initiate a location update message to the HF.
  • the apparatus further comprises: a second receiving module, configured to receive the sixth information content IE6 from the HF before the update module initiates the location update to the HF, wherein the IE6 includes verification information, the verification information For verifying the IE4; the second verification module is configured to verify the IE6 based on the Key and IE4 after determining the Key.
  • a second receiving module configured to receive the sixth information content IE6 from the HF before the update module initiates the location update to the HF, wherein the IE6 includes verification information, the verification information For verifying the IE4; the second verification module is configured to verify the IE6 based on the Key and IE4 after determining the Key.
  • FIG. 5 is a structural block diagram of another apparatus for updating a location of a mobile terminal according to an embodiment of the present invention, which is applied to an HF. As shown in FIG. 5, the apparatus includes:
  • the first receiving module 50 is configured to receive a request message sent by the core network control function CCF for the user terminal UE, where the request message is used to request to acquire the first information content IE1 and the second information content IE2, and send the first message to the CCF.
  • the second receiving module 52 is configured to receive a location update message carrying the fifth information content IE5 from the CCF for the UE, where the IE5 is generated based on the Key;
  • the verification module 54 is set to verify the IE 13 based on the Key.
  • IE1 is generated based on the third information content IE3 and the key Key
  • IE3 is generated based on IE2
  • IE3 includes at least one of the following: a desired key and a desired response.
  • the apparatus further comprises: a first sending module, configured to send the IE3 to the CCF before receiving the location update message sent by the CCF.
  • the apparatus further includes: a second sending module, configured to send the sixth content information IE6 to the CCF before receiving the location update message sent by the CCF, where the IE6 includes the check information, the check information Used to verify IE4.
  • the IE4 is generated based on the IE2, wherein the IE4 includes at least one of the following: an actual key and an actual response.
  • modules may be implemented by software or hardware.
  • the modules may be implemented in the same manner: the modules are located in different processors in any combination. in.
  • FIG. 6 is a schematic diagram of a mobile terminal location update process according to the embodiment.
  • the process may include the following steps: Steps 601-602 are the same as steps 101-102 in FIG.
  • the HF sends an authentication data response to the CCF, such as sending an Authentication Data Response message carrying Auth, Seed, Xres, and Encl, where Auth is authentication information, such as AUTN for UE authentication network and Res for UE generation.
  • Auth is authentication information, such as AUTN for UE authentication network and Res for UE generation.
  • RAND Xres is the expected response, such as for CCF to determine whether the Res sent by the UE is equal to Xres to authenticate the UE
  • Seed for HF to generate Xkey2 and UE to generate key2 (if the UE is legal, Xkey2 will be equal to key2)
  • Encl is based on Xkey2 And Key1 is generated, and Key1 is used by the CCF for secure communication between the UE and the CCF.
  • step 604 the CCF sends a user authentication request to the UE, such as sending a User Authentication Request message carrying the AUTN, RAND, and Seed.
  • step 605 the UE checks the AUTN to authenticate the network. If the authentication succeeds, the Res is generated based on the RAND, the key2 is generated based on the Seed, and the user authentication response is sent to the CCF, for example, a User Authentication Response message is sent, carrying Res and key2.
  • HF generates Xverification based on Xkey2 and checks if Xverification is equal to Verification, or HF calculates Xkey3 based on Verification and checks if Xkey3 is equal to Xkey2.
  • FIG. 7 is a schematic diagram of another mobile terminal location update process provided by this embodiment.
  • the process includes the following steps: Steps 701-702 are the same as steps 101-102 in FIG.
  • the HF sends an authentication data response to the CCF, such as sending an Authentication Data Response message carrying Auth, Verification1, and Enc, where Auth is authentication information, such as AUTN for the UE authentication network and RAND for the UE to generate Res.
  • Verification1 is response verification information, based on expected response Xres generation, Xres is generated based on RAND, Enc is generated based on Xres and Key, and Key is used by CCF for secure communication between UE and CCF.
  • step 704 the CCF sends a user authentication request to the UE, such as sending a User Authentication Request message carrying the AUTN and the RAND.
  • step 705 the UE checks the AUTN to authenticate the network. If the authentication is successful, the Res is generated based on the RAND, and a user authentication response is sent to the CCF, such as sending a User Authentication Response message carrying the Res.
  • Verification1 such as calculating Xverification1 based on XKey and comparing it with Verification1, or calculating Xres based on Verification1 and comparing it with Res
  • the CCF sends a location update to the HF, such as sending an Update Location message, carrying the verification information Verification2 generated based on the Key.
  • the HF that receives the message is based on the Key Verification Verification 2. If the verification succeeds, it can be known that the current location information of the UE is legal, and that the UE has accessed the mobile network to use the service, and the verification operation can be performed as follows:
  • HF generates Xverification2 based on Key and checks if Xverification2 is equal to Verification2, or HF calculates XKey2 based on Verification2 and checks if XKey2 is equal to Key.
  • the CCF needs to carry the authentication information generated by the key in the location update, and the key must be obtained after the UE is authenticated, so that the CCF cannot be initiated without authenticating the UE.
  • a legitimate location update prevents the CCF from spoofing the home network without the UE accessing the network.
  • This embodiment provides a storage medium.
  • the above storage medium may be configured to store program code for performing the following steps:
  • the IE1 includes an encryption key
  • the IE2 is at least Includes one of the following: challenge information and key generation information
  • the IE4 includes at least one of the following: an actual key and an actual response;
  • the foregoing storage medium may include: a U disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a mobile hard disk, a magnetic disk, or an optical disk.
  • ROM Read-Only Memory
  • RAM Random Access Memory
  • mobile hard disk a magnetic disk
  • magnetic disk a magnetic disk
  • optical disk a medium in which the program code is stored.
  • the processor may, after receiving the message from the user terminal UE, request the first information content IE1 and the second information content IE2 from the home network function HF according to the stored program code in the storage medium, where
  • the IE1 includes an encryption key
  • the IE2 includes at least one of the following: challenge information and key generation information;
  • the processor performs to send the IE2 to the UE according to the stored program code in the storage medium, and receives a fourth information content IE4 from the UE, where the IE4 is generated based on the IE2, where The IE4 includes at least one of the following: an actual key, an actual response;
  • the processor performs verification based on the IE1 and the IE4 to verify the Key according to the stored program code in the storage medium;
  • the processor performs, according to the stored program code in the storage medium, sending a fifth information content IE5 generated based on the Key to the HF to initiate a location update to the HF when the verification passes.
  • the modules or steps provided by the above embodiments may be implemented by a general-purpose computing device, which may be centralized on a single computing device or distributed over a network of multiple computing devices. In one embodiment, they may be calculated.
  • the program code executable by the apparatus is implemented such that they may be stored in a storage device by a computing device, and in some cases, the steps shown or described may be performed in an order different than that herein, or They are fabricated separately for each integrated circuit module, or a plurality of modules or steps thereof are fabricated into a single integrated circuit module.
  • the present disclosure provides a method and a device for updating a location of a mobile terminal, which can solve the problem that the CCF can initiate a legal location update without authenticating the UE, and reduce the risk that the home network is incorrectly charged by the UE.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un procédé et un dispositif de mise à jour de la position d'un terminal mobile. Le procédé est applicable à une fonction de commande de réseau central (CCF), et comprend les étapes suivantes : lors de la réception d'un message provenant d'un équipement utilisateur (UE), une CCF envoie un message de demande à une fonction de réseau domestique (HF), le message de demande étant utilisé pour demander un premier contenu d'informations (IE1) et un second contenu d'informations (IE2), lors de la réception des IE1 et IE2 envoyées par le HF, envoyer l'IE2 à l'UE, et recevoir un quatrième contenu d'informations (IE4) de l'UE, l'IE4 étant généré sur la base de l'IE2 ; la CCF vérifiant une clé sur la base de l'IE1 et de l'IE4 ; et sur la base du résultat de la vérification, la CCF envoie un message de mise à jour de position au HF, le message de mise à jour de position transportant un cinquième contenu d'informations (IE5) généré sur la base de la clé.
PCT/CN2018/079032 2017-03-21 2018-03-14 Procédé et dispositif de mise à jour de position d'un terminal mobile Ceased WO2018171486A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201710170950.2A CN108632818A (zh) 2017-03-21 2017-03-21 移动终端位置更新的方法及装置
CN201710170950.2 2017-03-21

Publications (1)

Publication Number Publication Date
WO2018171486A1 true WO2018171486A1 (fr) 2018-09-27

Family

ID=63585010

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/079032 Ceased WO2018171486A1 (fr) 2017-03-21 2018-03-14 Procédé et dispositif de mise à jour de position d'un terminal mobile

Country Status (2)

Country Link
CN (1) CN108632818A (fr)
WO (1) WO2018171486A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050250474A1 (en) * 2004-05-07 2005-11-10 Samsung Electronics Co., Ltd. System and method for controlling idle mode location in a broadband wireless access communication system
CN1997212A (zh) * 2006-01-05 2007-07-11 华为技术有限公司 无线通信网络中实现位置更新的方法
CN101330747A (zh) * 2007-07-26 2008-12-24 中兴通讯股份有限公司 一种位置更新过程中获取鉴权密钥的优化方法
CN102595400A (zh) * 2012-03-19 2012-07-18 中兴通讯股份有限公司 检测uicc是否在授权设备上使用的方法、系统和用户设备
CN104093132A (zh) * 2013-04-01 2014-10-08 华为技术有限公司 数据处理方法、移动管理网元、归属用户服务器和系统

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050250474A1 (en) * 2004-05-07 2005-11-10 Samsung Electronics Co., Ltd. System and method for controlling idle mode location in a broadband wireless access communication system
CN1997212A (zh) * 2006-01-05 2007-07-11 华为技术有限公司 无线通信网络中实现位置更新的方法
CN101330747A (zh) * 2007-07-26 2008-12-24 中兴通讯股份有限公司 一种位置更新过程中获取鉴权密钥的优化方法
CN102595400A (zh) * 2012-03-19 2012-07-18 中兴通讯股份有限公司 检测uicc是否在授权设备上使用的方法、系统和用户设备
CN104093132A (zh) * 2013-04-01 2014-10-08 华为技术有限公司 数据处理方法、移动管理网元、归属用户服务器和系统

Also Published As

Publication number Publication date
CN108632818A (zh) 2018-10-09

Similar Documents

Publication Publication Date Title
US11825303B2 (en) Method for performing verification by using shared key, method for performing verification by using public key and private key, and apparatus
US11405780B2 (en) Method for performing verification by using shared key, method for performing verification by using public key and private key, and apparatus
US9292670B2 (en) Systems and methods for generating and authenticating one time dynamic password based on context information
US8375432B2 (en) Methods, apparatus, and computer program products for subscriber authentication and temporary code generation
CN106899410B (zh) 一种设备身份认证的方法及装置
US9270672B2 (en) Performing a group authentication and key agreement procedure
US20180199205A1 (en) Wireless network connection method and apparatus, and storage medium
US11159940B2 (en) Method for mutual authentication between user equipment and a communication network
AU2017405089A1 (en) Enhanced registration procedure in a mobile system supporting network slicing
WO2011127810A1 (fr) Procédé et appareil d'authentification de dispositifs de communication
CN111630882B (zh) 用户设备、认证服务器、介质、及确定密钥的方法和系统
CN111641498A (zh) 密钥的确定方法及装置
WO2019056971A1 (fr) Procédé et dispositif d'authentification
CN109845185A (zh) 一种数据传输方法、终端、节点设备以及系统
CN110719292A (zh) 边缘计算设备与中心云平台的连接认证方法及系统
WO2013023566A1 (fr) Procédé, système et dispositif de commande de validation d'autorisation de serveur mtc
US11223954B2 (en) Network authentication method, device, and system
CN104796255A (zh) 一种客户端的安全认证方法、设备及系统
US11974129B2 (en) Token-based security risk assessment for multi-factor authentication
US12177666B2 (en) Enhancement of authentication
CN113569210A (zh) 分布式身份认证方法、设备访问方法及装置
CN106657034B (zh) 一种业务鉴权的方法及鉴权能力开放服务器
CN109429225A (zh) 消息接收、发送方法及装置、终端、网络功能实体
WO2012000313A1 (fr) Procédé et système de certification de passerelle de rattachement
CN112887979A (zh) 一种网络接入方法及相关设备

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18771751

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18771751

Country of ref document: EP

Kind code of ref document: A1