Patent application number | Description | Published |
20120039472 | METHOD AND DEVICE FOR ESTABLISHING A SECURITY MECHANISM FOR AN AIR INTERFACE LINK - A method, a device, and a system for establishing a security mechanism for an air interface are provided in embodiments of the present invention. The method includes: performing security processing for a shared key of an access link according to a shared key between a relay node and a mobility management entity; and sending the shared key of the access link after the security processing to the relay node to enable the relay node to obtain the shared key of the access link based on the shared key between the relay node and the mobility management entity. The present invention reduces the possibility at which the air interface link is hacked, thereby improving the security of the air interface link. | 02-16-2012 |
20120066737 | METHOD AND APPARATUS FOR SECURITY ALGORITHM SELECTION PROCESSING, NETWORK ENTITY, AND COMMUNICATION SYSTEM - Embodiments of the present invention disclose a method and an apparatus for security algorithm selection processing, a network entity, and a communication system. The method includes: receiving a service request message sent by user equipment; and according to a security protection requirement of the service request message, selecting a security algorithm from a security algorithm list supported by both the user equipment and a network entity, where security algorithm lists supported by the user equipment and/or the network entity are set separately based on different security protection requirements, or security algorithm lists supported by the user equipment and the network entity are used for indicating security capability of the user equipment and the network entity respectively. | 03-15-2012 |
20120077501 | METHOD, DEVICE, AND SYSTEM FOR DERIVING KEYS - Method, device, and system for deriving keys are provided in the field of mobile communications technologies. The method for deriving keys may be used, for example, in a handover process of a User Equipment (UE) from an Evolved Universal Terrestrial Radio Access Network (EUTRAN) to a Universal Terrestrial Radio Access Network (UTRAN). If a failure occurred in a first handover, the method ensures that the key derived by a source Mobility Management Entity (MME) for a second handover process of the UE is different from the key derived for the first handover process of the UE. This is done by changing input parameters used in the key derivation, so as to prevent the situation in the prior art that once the key used on one Radio Network Controller (RNC) is obtained, the keys on other RNCs can be derived accordingly, thereby enhancing the network security. | 03-29-2012 |
20120213372 | METHOD AND DEVICE FOR OBTAINING SECURITY KEY IN RELAY SYSTEM - A method and a device for obtaining a security key in a relay system are disclosed in the embodiment of the present invention. A node in the relay system obtains an initial key, according to the initial key, the node obtains a root key of an air interface protection key between the node and another node that is directly adjacent to the node, and according to the root key, the node obtains the air interface protection key between the node and said another node that is directly adjacent to the node. Therefore, according to the initial key, each lower-level node obtains a root key of an air interface protection key between each lower-level node, so that data of a UE on a Un interface link may be respectively protected, that is, each active UE has a set of security parameters on the Un interface link, and effective security protection is performed on data on each segment of an air interface. | 08-23-2012 |
20120297474 | RELAY NODE AUTHENTICATION METHOD, APPARATUS, AND SYSTEM - Embodiments of the present invention disclose a relay node authentication method, apparatus, and system. The method provided in an embodiment of the present invention includes: sending, by a relay node, an authentication request message to a peer node, where the authentication request message includes a certificate of the relay node, so that the peer node authenticates the relay node according to the certificate of the relay node, where the peer node is a network side node or a security gateway in a security domain where the network side node is located; and receiving, by the relay node, an authentication response message sent by the peer node, where the authentication response message includes a certificate of the peer node, and authenticating the peer node according to the certificate of the peer node. | 11-22-2012 |
20150043564 | PACKET-SWITCHED NETWORK ACCESS METHOD, WLAN ACCESS SYSTEM AND USER EQUIPMENT - The present invention discloses a packet-switched network access method, a WLAN access system and a user equipment. The packet-switched network access method includes: receiving indication information sent by a user equipment attached to a WLAN or sent by an HSS/AAA, where the indication information is used to indicate whether the user equipment is capable of providing information of accessing a PS network; and determining, according to the indication information, whether establishing a PDN connection after authentication is successful or after a layer 3 message sent by the user equipment is received, so that the user equipment accesses a PS network by using the WLAN. | 02-12-2015 |
20150104020 | Method, Network Element, and Mobile Station for Negotiating Encryption Algorithms - A method, network element, and mobile station (MS) are disclosed. The method includes: obtaining information that a plug-in card of the MS does not support a first encryption algorithm; deleting the first encryption algorithm from an encryption algorithm list permitted by a core network element according to the information that the plug-in card of the MS does not support the first encryption algorithm; sending the encryption algorithm list excluding the first encryption algorithm to an access network element, so that the access network element selects an encryption algorithm according to the encryption algorithm list excluding the first encryption algorithm and the MS capability information sent from the MS and sends the selected encryption algorithm to the MS. By using the method, network element, and MS, errors due to the fact that the plug-in card of the MS does not support an encryption algorithm may be avoided during the encryption process. | 04-16-2015 |
20150350981 | Method, Apparatus and System for Key Derivation - A method, an apparatus and a system for key derivation are disclosed. The method includes the following steps: a target base station) receives multiple keys derived by a source base station, where the keys correspond to cells of the target base station; the target base station selects a key corresponding to the target cell after knowing a target cell that a user equipment (UE) wants to access. An apparatus for key derivation and a communications system are also provided. | 12-03-2015 |