[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN100459804C - Device, system and method of authenticating when terminal to access second system network - Google Patents

Device, system and method of authenticating when terminal to access second system network Download PDF

Info

Publication number
CN100459804C
CN100459804C CNB2005101206816A CN200510120681A CN100459804C CN 100459804 C CN100459804 C CN 100459804C CN B2005101206816 A CNB2005101206816 A CN B2005101206816A CN 200510120681 A CN200510120681 A CN 200510120681A CN 100459804 C CN100459804 C CN 100459804C
Authority
CN
China
Prior art keywords
grid
authentication
network
hybrid terminal
multimode hybrid
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB2005101206816A
Other languages
Chinese (zh)
Other versions
CN1874598A (en
Inventor
徐杰
刘文宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CNB2005101206816A priority Critical patent/CN100459804C/en
Publication of CN1874598A publication Critical patent/CN1874598A/en
Application granted granted Critical
Publication of CN100459804C publication Critical patent/CN100459804C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The method comprises: the multi-mode hybrid terminal initiates a logon or service access process based on a first system network to the authentication agent apparatus through an access network; said authentication agent apparatus makes the user to log on at the first system network, and as required, makes an authentication process based on the first system network; after the authentication process based on the first system network is passed, the multi-mode hybrid terminal initiates a logon procedure based on the second system network. The invention also provides an apparatus and a system thereof.

Description

The device of authenticating when terminal to access second system network, system and method
Technical field
The present invention relates to a kind of device, system and method for authenticating when terminal to access second system network, carry out device, the system and method for authentication during in particular a kind of non-IMS terminal accessing IP multimedia sub-system IMS (IP MultimediaSubsystem) network.
Background technology
At present the core net development trend of future generation of mobile communications network is IP Multimedia System (IMS), and it is responsible on the packet domain connection basis providing relevant controlling mechanism for IP-based multimedia service such as VoIP, video conferencing service etc.But the basis of these controlling mechanisms is terminal will at first want to pass through the IMS network when inserting the IMS network authentications.
The authentication arithmetic of IMS network is to adopt the algorithm of a kind of Digest-AKAv1-MD5 of being called (being called for short AKA) to carry out according to standard definition, and at present a lot of terminal is not support this authentication arithmetic.These terminals comprise the group mode terminal of supporting the SIP signaling still not support the AKA authentication arithmetic, also comprise all unsupported circuit-mode terminal of SIP signaling at all.
Had at present more technology to solve and do not supported the terminal access to IMS system of AKA authentication arithmetic to enjoy the IMS business these, the Early IMS method that proposes such as the 3GPP normal structure can insert the sip terminal of not supporting the AKA algorithm AGCF (IAD controller) technology that IMS territory, TISPAN normal structure propose can be with circuit-mode terminal access to IMS territory etc.But these insert agent apparatus itself and all do not solve the authentication problem of terminal in the IMS territory, need other scheme and finish.
In the IMS consensus standard that 3GPP formulates, for the GPRS user that can only use SIM card can use the IMS network, defined the process of a kind of Early of being named as IMS, specifically referring to 3GPP agreement TR33.878.Its implementation is that the user is adopted IP address and IMSI (InternationalMobile Subscriber Identifier, international mobile subscriber identifier) number is bound, as shown in Figure 1: when the user inserts GPRS network, at GGSN (Gateway GPRS Support Node, Gateway GPRS Support Node) user has been distributed after the IP address, GGSN can pass through the Gi interface of a redetermination with IP address and user IMSI or MSISDN (Mobile Station International ISDNNumber, Mobile Subscriber International ISDN number) notice HSS (Home Subscriber Server, home subscriber server), preserve by HSS.Then when the user initiates the registration operation in the IMS territory, S-CSCF (Serving CSCF, serving CSCF; CSCF, Call Session Control Function, CSCF) can check whether the IP address that the user inserts is consistent with the IP address that HSS preserves, if unanimity then authentication are passed through, otherwise with regard to failed authentication, the user registers and does not pass through.
This simple use IP carries out the address way of legitimacy judgement and does not carry out any authentication arithmetic, it can only be a kind of very elementary safety measure, be not a kind of real " authentication ", and this measure is easy to be broken through by the method for Simulation with I P address by illegal terminal, so its fail safe is extremely low.
Summary of the invention
The object of the present invention is to provide a kind of device, system and method for authenticating when terminal to access second system network; solve above-mentioned prior art problems; multimode hybrid terminal that a kind of replacement can not carry out the second grid authentication arithmetic is provided, preserves its algorithm KI and carry out corresponding authentication arithmetic and carry out the authentication computing; thereby the replacement user carries out the method for authenticating based on the IMS territory, and this method is safe.
Technical scheme of the present invention comprises:
A kind of multimode hybrid terminal carries out the device of authentication when inserting second grid; wherein; described device is an authentication agent device; be used to preserve the authentication arithmetic key of multimode hybrid terminal; and obtain the log-on message of multimode hybrid terminal on first grid; and replace terminal to carry out authentication computing based on corresponding algorithm, insert one second grid.
Described device, wherein, described authentication agent device also comprises:
One outside signaling interface module is used for linking to each other with second grid with described first grid;
One first grid register and authentication module is used for obtaining user's registration information and handling from outside signaling interface module;
One second grid register and authentication module is used for from the authentication calculations request of outside signaling interface module reception based on second grid, and returns authentication calculations result response;
One user data associate management module is used for related multimode hybrid terminal user in the user ID of first grid and second grid and carry out the required key of authentication.
Described device, wherein, described authentication agent device is also registered the multimode hybrid terminal and authentication on first grid.
Described device, wherein, described outside signaling interface module also comprises:
One first grid interface module is responsible for and first grid carries out signalling interworking;
One second grid interface module is used for being connected with described second grid, is responsible for carrying out signalling interworking with second grid.
Described device, wherein, described first grid is gsm system, cdma system circuit-domain network or pstn telephone network.
Described device, wherein, described second grid is WCDMA network, cdma system EVDO network, wlan network, isdn network or IMS network.
Described device, wherein, described authentication arithmetic is general CHAP/PAP authentication of AKA, packet network or Digest authentication.
A kind of system that adopts described authentication agent device, wherein, it comprises at least one multimode hybrid terminal, an authentication agent device, second grid;
Described authentication agent device is used to allow multimode hybrid terminal with the second grid authentication arithmetic ability authorizing procedure by this second grid, inserts at second grid.
Described system wherein, also comprises:
One inserts agent apparatus, and the multimode hybrid terminal that is used for not having based on the signaling processing ability of second grid inserts second grid.
Described system, wherein, described first grid is gsm system, cdma system circuit-domain network or pstn telephone network.
Described system, wherein, described second grid is WCDMA network, cdma system EVDO network, wlan network, isdn network or IMS network.
A kind of multimode hybrid terminal carries out the method for authentication when inserting second grid, it may further comprise the steps:
A, described multimode hybrid terminal carry out register and authentication at first grid, by after, described authentication agent device gets access to user's register and authentication result;
When B, described multimode hybrid terminal were registered at second grid, described authentication agent device was acted on behalf of described multimode hybrid terminal at the authentication process of second grid execution based on second grid.
Described method, wherein, described authentication process comprises:
B1, described second grid return the response message that requires to carry out authentication to the multimode hybrid terminal, have authentication challenge random number in the message;
B2, multimode hybrid terminal send to described authentication agent device with authentication challenge random number and other authentication relevant parameters that second grid returns by first signaling, require this authentication agent device to assist to carry out authentication based on second grid.
Described method, wherein, described authentication process also comprises:
B3, described authentication agent device replace the user to carry out the authentication arithmetic of the second grid requirement after obtaining authentication challenge random number and relevant parameter, calculate authenticating result;
B4, described authentication agent device return to the multimode hybrid terminal with authenticating result;
The authenticating result that B5, described multimode hybrid terminal obtain from described authentication agent device is inserted the registration message based on the second grid signaling, and the registration message that will contain authenticating result sends to second grid;
B6, described second grid to authenticating result authenticate by after return the response of succeeding in registration.
Described method, wherein, described step B5 comprises that also the registration message that will contain authenticating result by this Security Association sends to second grid according to having set up Security Association between the second grid requirement and second grid.
Described method, wherein, described multimode hybrid terminal can insert agent equipment by it and carry out authentication process.
Described method, wherein, first signaling that is adopted among the described step B2 is the MAP signaling in the circuit domain signaling, or, be Session initiation Protocol, Diameter, the RADIUS signaling in the packet domain signaling.
Described method, wherein, the authentication arithmetic of described authentication agent device is the AKA algorithm, CHAP/PAP authentication that packet network is general or Digest authentication.
Described method, wherein, described authentication agent device also carries out described multimode hybrid terminal the registration process based on first grid as required.
Described method, wherein, described first grid is gsm system, cdma system circuit-domain network or pstn telephone network.
Described method, wherein, described second grid is WCDMA network, cdma system EVDO network, wlan network, isdn network or IMS network.
Device, the system and method for a kind of multimode hybrid terminal access authentication provided by the present invention, owing to adopt the authentication agent device to realize replacing the authentication process of multimode hybrid terminal in second grid, its realization is safe, realizes simple and reliable.
Description of drawings
Authorizing procedure schematic diagram when Fig. 1 is the multimode hybrid terminal access network of prior art;
Fig. 2 is the structural representation of authentication agent device of the present invention;
Fig. 3 is the schematic flow sheet of multimode hybrid terminal access authentication of the present invention;
Fig. 4 is the authorizing procedure schematic diagram that the multimode hybrid terminal in the preferred embodiment of the inventive method inserts the IP Multimedia System network;
Fig. 5 is the schematic diagram of the topology example of IP Multimedia System of the present invention;
Fig. 6 is the schematic diagram of another example of structure of IP Multimedia System of the present invention.
Embodiment
Below in conjunction with accompanying drawing, will carry out comparatively detailed explanation to each preferred embodiment of the present invention.
Multimode hybrid terminal of the present invention carries out authentication when inserting device is a newly-increased functional entity " authentication agent device " in second grid, this authentication agent device comprising as shown in Figure 2: outside signaling interface module, be used for linking to each other with described first grid, this outside signaling interface module comprises: one first grid interface module, link to each other with first grid by interface a, be responsible for carrying out signalling interworking with first grid; One is the second grid interface module, as the IMS Network Interface Module, by the interface b and second grid, as the IMS network, is responsible for carrying out signalling interworking with the IMS network; One is the first grid register and authentication module, obtains user's registration information there and handles from the first grid interface module, can carry out registration or authentication based on the first grid mode to the multimode hybrid terminal; One is the second grid register and authentication module, as IMS network registry authentication module, obtain user's registration information there and handle from the second grid interface module or the first grid interface module, replace multimode hybrid terminal user to carry out register and authentication based on the IMS territory; One is user data associate management module, and multimode hybrid terminal user is carried out related and management at first grid with the user ID in second grid.
It is noted that multimode hybrid terminal of the present invention is meant a kind of terminal that can insert a plurality of grids, it can comprise various conventional terminals on connotation.
First grid of the present invention can be legacy networks such as gsm system, cdma system circuit-domain network or pstn telephone network; Described second grid can be WCDMA network, cdma system EVDO network, wlan network, isdn network or IMS network etc.Described multimode hybrid terminal is meant the terminal that can distinguish or insert above-mentioned two systems simultaneously.Described authentication arithmetic except that the AKA algorithm, also has the general CHAP/PAP authentication (being user name+pin mode) of packet network according to the difference of second system, and Digest authenticates scheduling algorithm.
In following description embodiment of the present invention, its first grid is a CDMA2000 1x circuit-domain network, or is called legacy network, and second grid is the IMS network, therefore, below may directly use legacy network or IMS network that specific embodiments of the invention are described in the description.
The process of described association and management can comprise: set up user's linked database, carry out one by one corresponding with public identifier Public Identity or privately owned sign Private Identity in the IMS network IMSI or the MDN number of user in legacy network.When the user who uses certain IMSI number after the success of legacy network register and authentication (carrying out authentication not necessarily) at legacy network, the authentication agent device promptly is prepared as its corresponding Private Identity and is identified at the IMS network and carries out authentication agent.
This authentication agent module is responsible for following function: when the user inserts legacy network, the user is carried out authentication based on legacy network; The user inserts the IMS network, when the IMS network requirement is carried out authentication to the user, replaces the user to carry out the authentication computing and return authenticating result.
The system of the described authentication agent device of employing of the present invention, as shown in Figure 5 and Figure 6, wherein, it comprises at least one multimode hybrid terminal, an authentication agent device, IP Multimedia System network; Described multimode hybrid terminal carries out authentication by described authentication agent device and inserts the IP Multimedia System network; allow multimode hybrid terminal with the IP Multimedia System network authentication algorithm ability authorizing procedure by the IP Multimedia System network, in the IP Multimedia System network insertion.If this multimode hybrid terminal does not have the Session initiation Protocol signalling capability, then be provided with one and insert agent apparatus, insert agent apparatus agency access IP Multimedia System network by described authentication agent device and this, as shown in Figure 6.
Multimode hybrid terminal of the present invention carry out when inserting authentication method authorizing procedure as shown in Figure 3, comprise following several steps:
1. the multimode hybrid terminal is initiated registration or service access process based on legacy network by access network to this authentication agent device;
2. described authentication agent device registers a user in the legacy network, in this process, might need to carry out the authentication process based on legacy network;
3. after the authentication process based on legacy network passes through, multimode hybrid terminal self or insert agent equipment by it and initiate register flow path based on the IMS territory to the IMS network.The IMS network returns the response message that requires to carry out authentication to multimode hybrid terminal or its access agency, has authentication challenge random number in the message.
4. multimode hybrid terminal or its access agency send to the authentication agent device with authentication challenge random number and other authentication relevant parameters that the IMS network returns; the authentication based on the IMS network is carried out in the assistance of requirement authentication agent device; first signaling that this step adopts can be circuit domain signaling such as MAP signaling, also can be packet domain signaling such as SIP, Diameter, RADIUS signaling etc.
5. described authentication agent device replaces the user to carry out the AKA authentication arithmetic that IMS requires after obtaining relevant parameter such as authentication challenge random number, calculates authenticating result.
6. authenticating result is returned to the multimode hybrid terminal to described authentication agent device or it inserts the agency.
7. multimode hybrid terminal or its access agency will insert the SIP registration message from the authenticating result that the authentication agent device obtains; and according to having set up security alliance SA (Security Association) between IMS network requirement and IMS network, the registration message that will contain authenticating result by Security Association sends to the IMS network then.The IMS network to authenticating result authenticate by after return the response of succeeding in registration.
Below will the specific embodiment of system and method for the present invention be elaborated, this embodiment is that example describes with the CDMA mobile communication system, traditional CDMA2000 1X circuit domain terminal is not supported the SIP signaling, and system of the present invention inserts the IMS network by inserting the agent apparatus agency.Insert agent apparatus and be placed on home domain, position and HLR (Home Location Register, attaching position register) are together.
As shown in Figure 4, the concrete steps of the inventive method are:
1. the multimode hybrid terminal is initiated authorizing procedure based on legacy network by access network to the authentication agent device;
2. described authentication agent device is by multimode hybrid terminal user's authentication;
3. described multimode hybrid terminal carries out register flow path based on legacy network by access network to inserting agent apparatus;
4. described access agent apparatus replaces the user to the registration of IMS network initiation based on the SIP signaling;
5. described IMS network returns 401 Unauthorized response for the access agent apparatus, has the random number of requirement authentication in the response;
6. insert agent apparatus and receive after 401 responses, by a MAP signaling process " base station query requests " authentication is challenged random number and send to the authentication agent device, this request message need be through expansion to support the random number of IMS network;
7. described authentication agent device carries out the authentication computing according to the authentication arithmetic of IMS network requirement and authentication challenge random number and obtains authenticating result, brings the access agent apparatus in the query response message of base station;
8. insert the registration message that agent apparatus is initiated to the IMS network again, and the authenticating result parameter that the authentication agent device calculates is inserted in the registration message;
9. described IMS network returns 200 OK response expression and succeeds in registration;
10. inserting agent apparatus upgrades successfully to multimode hybrid terminal home position.
Authentication agent device of the present invention can be preserved the AKA authentication arithmetic key of terminal, and the replacement terminal is carried out the authentication computing based on the AKA algorithm; The multimode hybrid terminal is registered at legacy network; And the ability of the multimode hybrid terminal being carried out authentication at legacy network.
Right discriminating system of the present invention; it comprises described authentication agent device; multimode hybrid terminal with the IMS network A KA authentication arithmetic ability authorizing procedure by the IMS network be can allow,, multimode hybrid terminal, authentication agent, IMS network also comprised in the IMS network insertion.This system comprises that also one inserts agent apparatus, and the multimode hybrid terminal that helps not have the SIP signalling capability inserts the IMS network.
Method for authenticating of the present invention can allow multimode hybrid terminal with the IMS network A KA authentication arithmetic ability authorizing procedure by the IMS network, in the IMS network insertion, and its access security height.
Should be understood that above-mentioned description at specific embodiment is comparatively detailed, can not therefore be interpreted as the restriction to scope of patent protection of the present invention, scope of patent protection of the present invention should be as the criterion with claims.

Claims (20)

  1. Carry out the device of authentication when 1, a kind of multimode hybrid terminal inserts second grid; it is characterized in that; described device is an authentication agent device; be used to preserve the authentication arithmetic key of multimode hybrid terminal; and obtain the log-on message of multimode hybrid terminal on first grid; and replace terminal to carry out authentication computing based on corresponding algorithm, and inserting one second grid, described authentication agent device comprises:
    One outside signaling interface module is used for linking to each other with second grid with described first grid;
    One first grid register and authentication module is used for obtaining user's registration information and handling from outside signaling interface module;
    One second grid register and authentication module is used for from the authentication calculations request of outside signaling interface module reception based on second grid, and returns authentication calculations result response;
    One user data associate management module is used for related multimode hybrid terminal user in the user ID of first grid and second grid and carry out the required key of authentication.
  2. 2, device according to claim 1 is characterized in that, described authentication agent device is also registered the multimode hybrid terminal and authentication on first grid.
  3. 3, device according to claim 1 is characterized in that, described outside signaling interface module also comprises:
    One first grid interface module is responsible for and first grid carries out signalling interworking;
    One second grid interface module is used for being connected with described second grid, is responsible for carrying out signalling interworking with second grid.
  4. According to the described device of one of claim 1 to 3, it is characterized in that 4, described first grid is gsm system, cdma system circuit-domain network or pstn telephone network.
  5. According to the described device of one of claim 1 to 3, it is characterized in that 5, described second grid is WCDMA network, cdma system EVDO network, wlan network, isdn network or IMS network.
  6. According to the described device of one of claim 1 to 3, it is characterized in that 6, described authentication arithmetic is general CHAP/PAP authentication of AKA, packet network or Digest authentication.
  7. 7, a kind of system that adopts according to the described authentication agent device of claim 1 is characterized in that it comprises at least one multimode hybrid terminal, an authentication agent device, second grid;
    Described authentication agent device is used to allow multimode hybrid terminal with the second grid authentication arithmetic ability authorizing procedure by this second grid, inserts at second grid, and described authentication agent device comprises:
    One outside signaling interface module is used for linking to each other with second grid with described first grid;
    One first grid register and authentication module is used for obtaining user's registration information and handling from outside signaling interface module;
    One second grid register and authentication module is used for from the authentication calculations request of outside signaling interface module reception based on second grid, and returns authentication calculations result response;
    One user data associate management module is used for related multimode hybrid terminal user in the user ID of first grid and second grid and carry out the required key of authentication.
  8. 8, system according to claim 7 is characterized in that, also comprises:
    One inserts agent apparatus, and the multimode hybrid terminal that is used for not having based on the signaling processing ability of second grid inserts second grid.
  9. According to the described system of one of claim 7 to 8, it is characterized in that 9, described first grid is gsm system, cdma system circuit-domain network or pstn telephone network.
  10. According to the described system of one of claim 7 to 8, it is characterized in that 10, described second grid is WCDMA network, cdma system EVDO network, wlan network, isdn network or IMS network.
  11. Carry out the method for authentication when 11, a kind of multimode hybrid terminal inserts second grid, it may further comprise the steps:
    A, described multimode hybrid terminal carry out register and authentication at first grid, by after, authentication agent device according to claim 1 gets access to user's register and authentication result;
    When B, described multimode hybrid terminal were registered at second grid, described authentication agent device was acted on behalf of described multimode hybrid terminal at the authentication process of second grid execution based on second grid.
  12. 12, method according to claim 11 is characterized in that, described authentication process comprises:
    B1, described second grid return the response message that requires to carry out authentication to the multimode hybrid terminal, have authentication challenge random number in the message;
    B2, multimode hybrid terminal send to described authentication agent device with authentication challenge random number and other authentication relevant parameters that second grid returns by first signaling, require this authentication agent device to assist to carry out authentication based on second grid.
  13. 13, method according to claim 12 is characterized in that, described authentication process also comprises:
    B3, described authentication agent device replace the user to carry out the authentication arithmetic of the second grid requirement after obtaining authentication challenge random number and relevant parameter, calculate authenticating result;
    B4, described authentication agent device return to the multimode hybrid terminal with authenticating result;
    The authenticating result that B5, described multimode hybrid terminal obtain from described authentication agent device is inserted the registration message based on the second grid signaling, and the registration message that will contain authenticating result sends to second grid;
    B6, described second grid to authenticating result authenticate by after return the response of succeeding in registration.
  14. 14, method according to claim 13, it is characterized in that, described step B5 comprises that also the registration message that will contain authenticating result by this Security Association sends to second grid according to having set up Security Association between the second grid requirement and second grid.
  15. According to the described method of one of claim 11 to 14, it is characterized in that 15, described multimode hybrid terminal can insert agent equipment by it and insert second grid.
  16. 16, method according to claim 15 is characterized in that, first signaling that is adopted among the described step B2 is the MAP signaling in the circuit domain signaling, or, be Session initiation Protocol, Diameter, the RADIUS signaling in the packet domain signaling.
  17. 17, method according to claim 16 is characterized in that, the authentication arithmetic of described authentication agent device is the AKA algorithm, CHAP/PAP authentication that packet network is general or Digest authentication.
  18. 18, method according to claim 16 is characterized in that, described authentication agent device also carries out described multimode hybrid terminal the registration process based on first grid as required.
  19. According to the described method of one of claim 11 to 14, it is characterized in that 19, described first grid is gsm system, cdma system circuit-domain network or pstn telephone network.
  20. According to the described method of one of claim 11 to 14, it is characterized in that 20, described second grid is WCDMA network, cdma system EVDO network, wlan network, isdn network or IMS network.
CNB2005101206816A 2005-12-13 2005-12-13 Device, system and method of authenticating when terminal to access second system network Expired - Fee Related CN100459804C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB2005101206816A CN100459804C (en) 2005-12-13 2005-12-13 Device, system and method of authenticating when terminal to access second system network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2005101206816A CN100459804C (en) 2005-12-13 2005-12-13 Device, system and method of authenticating when terminal to access second system network

Publications (2)

Publication Number Publication Date
CN1874598A CN1874598A (en) 2006-12-06
CN100459804C true CN100459804C (en) 2009-02-04

Family

ID=37484803

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2005101206816A Expired - Fee Related CN100459804C (en) 2005-12-13 2005-12-13 Device, system and method of authenticating when terminal to access second system network

Country Status (1)

Country Link
CN (1) CN100459804C (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101203030B (en) * 2006-12-13 2010-10-06 联想(北京)有限公司 Apparatus and method for identifying authority by mobile terminal multi-mode protocol stack
CN101330718B (en) * 2007-06-18 2015-04-22 中国电信股份有限公司 Single/double mode hand-hold terminal and implementing method thereof
DE102010007718B4 (en) * 2010-02-10 2011-10-27 Teveo Interactive Gmbh Method and device for authenticating users of a hybrid terminal
EP2721795A1 (en) * 2011-06-16 2014-04-23 Teveo Interactive GmbH Method and apparatus for authenticating users of a hybrid terminal
CN102769850B (en) * 2012-04-16 2015-10-28 中兴通讯股份有限公司 Single-card multi-mode multi-operator authentication method and device
CN103249046B (en) * 2013-05-15 2016-08-03 东莞宇龙通信科技有限公司 Multimode terminal and automatic network method for authenticating
CN110958598B (en) * 2018-09-26 2022-05-06 中国移动通信有限公司研究院 Binding authentication method and device for mobile terminal and SIM card

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020007460A1 (en) * 2000-07-14 2002-01-17 Nec Corporation Single sign-on system and single sign-on method for a web site and recording medium
US20030204608A1 (en) * 2002-04-26 2003-10-30 Markus Isomaki Authentication and protection for IP application protocols based on 3GPP IMS procedures
US20030210678A1 (en) * 2002-05-10 2003-11-13 Nokia Corporation Functionality split between mobile terminal and terminal equipment for internet protocol multimedia signal exchange
CN1464760A (en) * 2002-06-12 2003-12-31 广达电脑股份有限公司 System and method for identifying public network
CN1479493A (en) * 2002-08-31 2004-03-03 深圳市中兴通讯股份有限公司 Interconnectioin system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020007460A1 (en) * 2000-07-14 2002-01-17 Nec Corporation Single sign-on system and single sign-on method for a web site and recording medium
US20030204608A1 (en) * 2002-04-26 2003-10-30 Markus Isomaki Authentication and protection for IP application protocols based on 3GPP IMS procedures
US20030210678A1 (en) * 2002-05-10 2003-11-13 Nokia Corporation Functionality split between mobile terminal and terminal equipment for internet protocol multimedia signal exchange
CN1464760A (en) * 2002-06-12 2003-12-31 广达电脑股份有限公司 System and method for identifying public network
CN1479493A (en) * 2002-08-31 2004-03-03 深圳市中兴通讯股份有限公司 Interconnectioin system

Also Published As

Publication number Publication date
CN1874598A (en) 2006-12-06

Similar Documents

Publication Publication Date Title
Lin et al. One-pass GPRS and IMS authentication procedure for UMTS
CN102474523B (en) Methods and apparatuses for initiating provisioning of subscriber data in a hss of an IP multimedia subsystem network
ES2371109T3 (en) SYSTEM AND APPLIANCE FOR CS MOBILE USERS TO ACCESS THE IMS NETWORK AND THE REGISTRATION METHOD FOR ACCESS.
US8249554B2 (en) Methods for provisioning mobile stations and wireless communications with mobile stations located within femtocells
US8161098B2 (en) Method and system for service denial and termination on a wireless network
US8613058B2 (en) Systems, methods and computer program products for providing additional authentication beyond user equipment authentication in an IMS network
TWI362869B (en) Method of providing a service through a user equipment unit in an ip multimedia subsystem telecommunications network, including a user database server, service policy server and application server for use with said method
EP1861983A1 (en) Method and apparatuses for authenticating a user by comparing a non-network originated identities
RU2463710C2 (en) Simplified method for ims registration in event of emergency calls
US7600116B2 (en) Authentication of messages in a communication system
KR20150058534A (en) Transmitting authentication information
CN100428718C (en) Identification log-on method and device for access non IMS mobile terminal into IMS field
WO2006072219A1 (en) An ip multimedia subsystem network authentication system and the method thereof
CN102480487B (en) Multi-user on-line video game method based on authentication and system thereof
EP2520067B1 (en) Method for providing ip services to a user of a public network
CN100459804C (en) Device, system and method of authenticating when terminal to access second system network
CN100403692C (en) A method for processing register initial filter rule in IMS network
US20050159157A1 (en) Authentications in a communication system
CN104243422A (en) Login implement method for user terminal to have access to IMS network and IMS
CN101198148B (en) Information distribution method for mobile terminal
CN101232707B (en) Method for distinguishing subscriber terminal authority identifying type in IMS network and I-CSCF
CN106790055B (en) Registration method and device of IMS (IP multimedia subsystem)
CN101001145B (en) Authentication method for supporting terminal roaming of non-IP multimedia service subsystem
CN101001248B (en) Method for processing registration initial filter rule in IMS network
CN102857900B (en) Access method of access equipment to IMS (IP multimedia subsystem) network and AGCF (access gateway control function) and S-CSCF (serving-call session control function)

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20090204

Termination date: 20121213