CN114143788A - Method and system for realizing authentication control of 5G private network based on MSISDN - Google Patents
Method and system for realizing authentication control of 5G private network based on MSISDN Download PDFInfo
- Publication number
- CN114143788A CN114143788A CN202111507782.4A CN202111507782A CN114143788A CN 114143788 A CN114143788 A CN 114143788A CN 202111507782 A CN202111507782 A CN 202111507782A CN 114143788 A CN114143788 A CN 114143788A
- Authority
- CN
- China
- Prior art keywords
- private network
- authentication
- msisdn information
- msisdn
- intranet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 14
- 238000012795 verification Methods 0.000 claims abstract description 57
- 238000013507 mapping Methods 0.000 claims description 20
- 238000012545 processing Methods 0.000 claims description 12
- 238000012550 audit Methods 0.000 claims description 6
- 238000007726 management method Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000004069 differentiation Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
- H04W12/106—Packet or message integrity
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention provides a method and a system for realizing 5G private network authentication control based on MSISDN, which specifically comprises the following steps: enabling a header enhancement function by an SMF network element of the 5G core network, inserting MSISDN information into a standard N4 header and sending the MSISDN information to a UPF; adding MSISDN information in a data packet by a private network UPF; after receiving the data packet forwarded by the private network UPF, the private network authentication gateway identifies MSISDN information in the data packet and completes verification according to the MSISDN information. The private network authentication gateway is used for identifying the MSISDN information in the UPF forwarding data packet, so that the user validity is verified, frequent login is not needed, and the user experience is improved.
Description
Technical Field
The invention relates to the technical field of 5G, in particular to a method and a system for realizing authentication control of a 5G private network based on MSISDN.
Background
The cellular mobile communication technology evolved into the 5G era, and the 5G network has three characteristics of high speed, low delay and wide connection. The development of the 5G network is mainly used for differentiation of vertical industries, and the industry is assisted to complete digital transformation.
The 5G private network is a Local Area Network (LAN), is a private network which is created by using a 5G network slicing technology, has the functions of unifying connectivity, optimizing services and guaranteeing communication safety in a specific area, and provides professional communication services for specific users in the links of organization, management, production, scheduling and the like. The private network operator has independent management authority to the network, can establish a security policy of the private network operator, and improves the security and reliability of the network.
The service opening of the 5G private network user terminal is carried out by an operator, but for industrial users, the deployed 5G private network is equal to an industrial intranet, the requirement of the industrial users on access safety cannot be met only by one-time authentication of the operator, and the 5G private network cannot be used as a unique measure at least, particularly in the scenes of personal user access in universities, administrative districts and enterprises and the like. In addition, industry users also have diversified safety autonomous management requirements, such as resource access rights, behavior compliance auditing, and the like. Only the operator is relied on for safety access management, and the requirements of industry users cannot be met.
In this background technology, the chinese patent application with the application number of 2021112559990 of this company provides a solution to the technical defects that it is difficult for the existing 5G private network solution to implement the management of real-name authentication access and access authority according to the enterprise user requirements, and VPN equipment or NAT equipment needs to be additionally deployed from 5G private network access to the enterprise intranet.
However, the above patent application does not solve the problems that the existing 5G private network secondary authentication uses a simple WEB authentication function, needs frequent login, and has poor user experience.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide a method and a system for realizing authentication control of a 5G private network based on an MSISDN (Mobile station Integrated services digital network), and solves the problems of frequent login, poor user experience and the like when the secondary authentication security authentication of the 5G private network is carried out.
In order to achieve the purpose, the invention adopts the following specific technical scheme:
a method for realizing authentication control of a 5G private network based on an MSISDN (Mobile station identifier), specifically comprises the following steps:
s1, enabling a header enhancement function by an SMF network element of the 5G core network, inserting MSISDN information into a standard N4 header and sending the MSISDN information to a UPF;
s2, private network UPF adds MSISDN information in data packet;
s3, after receiving the data packet forwarded by the private network UPF, the private network authentication gateway identifies MSISDN information in the data packet, and completes verification according to the MSISDN information.
Preferably, the step S3 of completing the verification according to the MSISDN information specifically includes:
and the private network authentication gateway judges whether the local system has the mobile phone number corresponding to the MSISDN information, if so, the validity verification is executed in the local system, otherwise, the MSISDN information is packaged according to an authentication interface protocol and is sent to an intranet authentication platform to execute the validity verification.
Preferably, the authentication interface protocol includes LDAP, Radius or HTTP.
Preferably, if the private network authentication gateway encapsulates the MSISDN information according to the authentication interface protocol and sends the MSISDN information to the intranet authentication platform to perform validity verification, then access control and access log audit are performed according to a verification result returned by the intranet authentication platform.
Preferably, if the private network authentication gateway encapsulates the MSISDN information according to the authentication interface protocol and sends the MSISDN information to the intranet authentication platform to perform validity verification, the private network authentication gateway performs user online and IP address mapping processing according to a verification result returned by the intranet authentication platform.
A system for implementing authentication control of 5G private network based on MSISDN includes:
SMF network element, which is used to enable header enhancement function, insert MSISDN information in standard N4 header and send it to UPF;
private network UPF, which adds MSISDN information in the packet;
and the private network authentication gateway identifies MSISDN information in the data packet after receiving the data packet forwarded by the private network UPF, and completes verification according to the MSISDN information.
Preferably, completing the verification according to the MSISDN information specifically means:
and the private network authentication gateway judges whether the local system has the mobile phone number corresponding to the MSISDN information, if so, the validity verification is executed in the local system, otherwise, the MSISDN information is packaged according to an authentication interface protocol and is sent to an intranet authentication platform to execute the validity verification.
Preferably, the authentication interface protocol includes LDAP, Radius or HTTP.
Preferably, if the private network authentication gateway encapsulates the MSISDN information according to the authentication interface protocol and sends the MSISDN information to the intranet authentication platform to perform validity verification, then access control and access log audit are performed according to a verification result returned by the intranet authentication platform.
Preferably, if the private network authentication gateway encapsulates the MSISDN information according to the authentication interface protocol and sends the MSISDN information to the intranet authentication platform to perform validity verification, the private network authentication gateway performs user online and IP address mapping processing according to a verification result returned by the intranet authentication platform.
The invention has the beneficial effects that: and the private network authentication gateway is used for identifying MSISDN information in the UPF forwarding data packet, so that the user validity is verified, frequent login is not required, and the user experience is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a flow chart of a method for implementing 5G private network authentication control based on MSISDN of the present invention;
fig. 2 is a schematic block diagram of a system for implementing authentication control of a 5G private network based on MSISDN of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. Other embodiments, which can be derived by one of ordinary skill in the art from the embodiments given herein without any creative effort, shall fall within the protection scope of the present invention.
In the description of the present invention, it should be noted that the terms "vertical", "upper", "lower", "horizontal", and the like indicate orientations or positional relationships based on those shown in the drawings, and are only for convenience of describing the present invention and simplifying the description, but do not indicate or imply that the referred device or element must have a specific orientation, be constructed in a specific orientation, and be operated, and thus, should not be construed as limiting the present invention.
In the description of the present invention, it should also be noted that, unless otherwise explicitly specified or limited, the terms "disposed," "mounted," "connected," and "connected" are to be construed broadly and may, for example, be fixedly connected, detachably connected, or integrally connected; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood by those skilled in the art according to specific situations.
As shown in fig. 1, the present invention provides a method for implementing 5G private network authentication control based on MSISDN, which uses MSISDN (user mobile phone number) in a UPF transmission message as a user authentication identifier, and specifically includes the following steps:
s1, enabling a header enhancement function by an SMF network element of the 5G core network, inserting MSISDN information into a standard N4 header and sending the MSISDN information to a UPF;
s2, private network UPF adds MSISDN information in data packet;
s3, after receiving the data packet forwarded by the private network UPF, the private network authentication gateway identifies MSISDN information in the data packet, and completes verification according to the MSISDN information.
Preferably, the step S3 of completing the verification according to the MSISDN information specifically includes:
and the private network authentication gateway judges whether the local system has the mobile phone number corresponding to the MSISDN information, if so, the validity verification is executed in the local system, otherwise, the MSISDN information is packaged according to an authentication interface protocol and is sent to an intranet authentication platform to execute the validity verification. The authentication interface protocol comprises LDAP, Radius or HTTP.
Preferably, if the private network authentication gateway encapsulates the MSISDN information according to the authentication interface protocol and sends the MSISDN information to the intranet authentication platform to perform validity verification, then access control and access log audit are performed according to a verification result returned by the intranet authentication platform.
Preferably, if the private network authentication gateway encapsulates the MSISDN information according to the authentication interface protocol and sends the MSISDN information to the intranet authentication platform to perform validity verification, the private network authentication gateway performs user online and IP address mapping processing according to a verification result returned by the intranet authentication platform.
The working principle of the method is as follows:
the 5G terminal is distributed to a mobile IP after accessing a 5G network; enabling a Header enhancement (Header enhancement) function by an SMF network element of a 5G core network, inserting user MSISDN (user mobile phone number) information into a standard N4 Header, and sending the MSISDN to a UPF; the 5G terminal initiates access request data of the government-enterprise intranet application, and the access request data is distributed to a private network UPF by a core network; adding MSISDN information in the message when the private network UPF forwards the 5G terminal data packet; after receiving a data packet forwarded by a private network UPF, a private network authentication gateway identifies MSISDN information in the data packet, namely a user mobile phone number, firstly checks whether a local system of the gateway has the mobile phone number, and if not, encapsulates the mobile phone number into authentication interface protocols such as LDAP, Radius or HTTP and the like and sends the authentication interface protocols to an enterprise intranet authentication platform for verification; if the private network authentication gateway has the mobile phone number locally, the private network authentication gateway carries out verification locally. After the verification is passed, the private network authentication gateway carries out online processing on the mobile phone number and the mobile IP, and simultaneously carries out one-to-one mapping on the mobile IP and the intranet IP. If the verification fails, the mobile phone number and the mobile IP do not do online processing and address mapping processing on the private network authentication gateway. When the 5G terminal of the mobile phone number accesses the intranet application, the access data is forwarded to the private network authentication gateway through the private network UPF, the private network authentication gateway identifies that the mobile IP is matched with the online form user, then access control is carried out on the data packet according to the strategy, and meanwhile, the access behavior is audited, namely, the access behavior is recorded.
The specific flow of allocating the 5G terminal to the mobile IP after accessing the 5G network is as follows: the 5G terminal initiates a session establishment request of a session type corresponding to the IP stack protocol capability of the 5G terminal, the SMF network element of the 5G public network core network judges whether the session type exceeds the set IP stack capability or not, responds to accept of the session establishment request or refusal of the session establishment request, and if the session suggestion request is accepted, the SMF network element establishes a session and allocates an IP address to the 5G terminal.
And the private network authentication gateway judges whether to allow access or deny access according to a verification result returned by the intranet authentication platform.
In order to further ensure the data security of the government-enterprise intranet, the private network authentication gateway is also used for dynamically designing the user downloading permission and ensuring that unauthorized users cannot download intranet data. The user download authority designed by the private network authentication gateway comprises a user name, MSISDN information, a public key corresponding to the MSISDN information, a public key hash value and user authority.
A user accesses a URL address of a private network authentication gateway through a 5G terminal and sends a request for downloading application data of a government enterprise network;
the private network authentication gateway receiving the data downloading request identifies MSISDN information in the data request, verifies user permission corresponding to the MSISDN information and user permission required by data to be downloaded, judges whether the user has permission for downloading the data, if the user does not have the permission for downloading the data, the private network authentication gateway refutes the request for downloading application data of the government enterprise intranet, and if the user has the permission for downloading the data, the data to be downloaded is divided into a plurality of original data blocks which are set as { D1,D2......DnN is the code length, d original data blocks are selected from the n original data blocks, and the d original data blocks are encrypted by adopting an encryption algorithm to obtain an encrypted data block { E }1,E2......EmAnd (c) the step of (c) in which,
the original data blocks and the encrypted data blocks are blocks with the same size and have unique names, a mapping relation table of the n original data blocks and the n encrypted data blocks is established, and complete data to be downloaded can be recovered from the n encrypted data blocks according to the mapping relation table. Wherein the encryption algorithm is asymmetric encryption algorithm, the private key of the user is related to the MSISDN information, and the MSISDN information is generated through the private keyA public key is generated and thus corresponds to MSISDN information of the user. And the private network authentication gateway encrypts the d original data blocks by adopting a public key corresponding to the MSISDN information. The private network authentication gateway selects n encrypted data blocks and mapping information of the n encrypted data blocks and the original data blocks, sends the n encrypted data blocks and the mapping information of the n encrypted data blocks and the original data blocks to a 5G terminal of a user, the 5G terminal decrypts the encrypted data blocks according to a private key related to MSISDN information, and recombines the decrypted data blocks according to the mapping information to obtain data required to be downloaded.
As shown in fig. 2, the present invention further provides a system for implementing authentication control of a 5G private network based on MSISDN, including:
SMF network element, which is used to enable header enhancement function, insert MSISDN information in standard N4 header and send it to UPF;
private network UPF, which adds MSISDN information in the packet;
and the private network authentication gateway identifies MSISDN information in the data packet after receiving the data packet forwarded by the private network UPF, and completes verification according to the MSISDN information.
Preferably, completing the verification according to the MSISDN information specifically means:
and the private network authentication gateway judges whether the local system has the mobile phone number corresponding to the MSISDN information, if so, the validity verification is executed in the local system, otherwise, the MSISDN information is packaged according to an authentication interface protocol and is sent to an intranet authentication platform to execute the validity verification. The authentication interface protocol comprises LDAP, Radius or HTTP.
Preferably, if the private network authentication gateway encapsulates the MSISDN information according to the authentication interface protocol and sends the MSISDN information to the intranet authentication platform to perform validity verification, then access control and access log audit are performed according to a verification result returned by the intranet authentication platform.
Preferably, if the private network authentication gateway encapsulates the MSISDN information according to the authentication interface protocol and sends the MSISDN information to the intranet authentication platform to perform validity verification, the private network authentication gateway performs user online and IP address mapping processing according to a verification result returned by the intranet authentication platform.
The working principle of the invention is as follows:
the 5G terminal is distributed to a mobile IP after accessing a 5G network; enabling a Header enhancement (Header enhancement) function by an SMF network element of a 5G core network, inserting user MSISDN (user mobile phone number) information into a standard N4 Header, and sending the MSISDN to a UPF; the 5G terminal initiates access request data of the government-enterprise intranet application, and the access request data is distributed to a private network UPF by a core network; adding MSISDN information in the message when the private network UPF forwards the 5G terminal data packet; after receiving a data packet forwarded by a private network UPF, a private network authentication gateway identifies MSISDN information in the data packet, namely a user mobile phone number, firstly checks whether a local system of the gateway has the mobile phone number, and if not, encapsulates the mobile phone number into authentication interface protocols such as LDAP, Radius or HTTP and the like and sends the authentication interface protocols to an enterprise intranet authentication platform for verification; if the private network authentication gateway has the mobile phone number locally, the private network authentication gateway carries out verification locally. After the verification is passed, the private network authentication gateway carries out online processing on the mobile phone number and the mobile IP, and simultaneously carries out one-to-one mapping on the mobile IP and the intranet IP. If the verification fails, the mobile phone number and the mobile IP do not do online processing and address mapping processing on the private network authentication gateway. When the 5G terminal of the mobile phone number accesses the intranet application, the access data is forwarded to the private network authentication gateway through the private network UPF, the private network authentication gateway identifies that the mobile IP is matched with the online form user, then access control is carried out on the data packet according to the strategy, and meanwhile, the access behavior is audited, namely, the access behavior is recorded.
The specific flow of allocating the 5G terminal to the mobile IP after accessing the 5G network is as follows: the 5G terminal initiates a session establishment request of a session type corresponding to the IP stack protocol capability of the 5G terminal, the SMF network element of the 5G public network core network judges whether the session type exceeds the set IP stack capability or not, responds to accept of the session establishment request or refusal of the session establishment request, and if the session suggestion request is accepted, the SMF network element establishes a session and allocates an IP address to the 5G terminal.
In order to further ensure the data security of the government-enterprise intranet, the private network authentication gateway is also used for dynamically designing the user downloading permission and ensuring that unauthorized users cannot download intranet data. The user download authority designed by the private network authentication gateway comprises a user name, MSISDN information, a public key corresponding to the MSISDN information, a public key hash value and user authority.
A user accesses a URL address of a private network authentication gateway through a 5G terminal and sends a request for downloading application data of a government enterprise network;
the private network authentication gateway receiving the data downloading request identifies MSISDN information in the data request, verifies user permission corresponding to the MSISDN information and user permission required by data to be downloaded, judges whether the user has permission for downloading the data, if the user does not have the permission for downloading the data, the private network authentication gateway refutes the request for downloading application data of the government enterprise intranet, and if the user has the permission for downloading the data, the data to be downloaded is divided into a plurality of original data blocks which are set as { D1,D2......DnN is the code length, d original data blocks are selected from the n original data blocks, and the d original data blocks are encrypted by adopting an encryption algorithm to obtain an encrypted data block { E }1,E2......EmAnd (c) the step of (c) in which,
the original data blocks and the encrypted data blocks are blocks with the same size and have unique names, a mapping relation table of the n original data blocks and the n encrypted data blocks is established, and complete data to be downloaded can be recovered from the n encrypted data blocks according to the mapping relation table. The encryption algorithm is an asymmetric encryption algorithm, the private key of the user is related to the MSISDN information, and the public key is generated through the private key, so that the public key corresponds to the MSISDN information of the user. And the private network authentication gateway encrypts the d original data blocks by adopting a public key corresponding to the MSISDN information. The private network authentication gateway selects n encrypted data blocks and mapping information of the n encrypted data blocks and the original data blocks, sends the n encrypted data blocks and the mapping information of the n encrypted data blocks and the original data blocks to a 5G terminal of a user, the 5G terminal decrypts the encrypted data blocks according to a private key related to MSISDN information, and recombines the decrypted data blocks according to the mapping information to obtain data required to be downloaded.
The invention has the beneficial effects that: and the private network authentication gateway is used for identifying MSISDN information in the UPF forwarding data packet, so that the user validity is verified, frequent login is not required, and the user experience is improved.
In light of the foregoing description of the preferred embodiments of the present invention, those skilled in the art can now make various alterations and modifications without departing from the scope of the invention. The technical scope of the present invention is not limited to the contents of the specification, and must be determined according to the scope of the claims.
Claims (10)
1. A method for realizing authentication control of a 5G private network based on an MSISDN is characterized by comprising the following steps:
s1, enabling a header enhancement function by an SMF network element of the 5G core network, inserting MSISDN information into a standard N4 header and sending the MSISDN information to a UPF;
s2, private network UPF adds MSISDN information in data packet;
s3, after receiving the data packet forwarded by the private network UPF, the private network authentication gateway identifies MSISDN information in the data packet, and completes verification according to the MSISDN information.
2. The method of claim 1, wherein the step S3 of completing verification according to MSISDN information specifically includes:
and the private network authentication gateway judges whether the local system has the mobile phone number corresponding to the MSISDN information, if so, the validity verification is executed in the local system, otherwise, the MSISDN information is packaged according to an authentication interface protocol and is sent to an intranet authentication platform to execute the validity verification.
3. The method of claim 2, wherein the authentication interface protocol comprises LDAP, Radius, or HTTP.
4. The method of claim 2, wherein if the private network authentication gateway encapsulates the MSISDN information according to an authentication interface protocol and sends the MSISDN information to the intranet authentication platform to perform validity verification, then performs access control and audit of access logs according to a verification result returned by the intranet authentication platform.
5. The method of claim 2, wherein if the private network authentication gateway encapsulates the MSISDN information according to an authentication interface protocol and sends the MSISDN information to the intranet authentication platform to perform validity verification, then performs user online and IP address mapping processing according to a verification result returned by the intranet authentication platform.
6. A system for implementing authentication control of 5G private network based on MSISDN, comprising:
SMF network element, which is used to enable header enhancement function, insert MSISDN information in standard N4 header and send it to UPF;
private network UPF, which adds MSISDN information in the packet;
and the private network authentication gateway identifies MSISDN information in the data packet after receiving the data packet forwarded by the private network UPF, and completes verification according to the MSISDN information.
7. The system of claim 6, wherein the performing authentication according to the MSISDN information specifically includes:
and the private network authentication gateway judges whether the local system has the mobile phone number corresponding to the MSISDN information, if so, the validity verification is executed in the local system, otherwise, the MSISDN information is packaged according to an authentication interface protocol and is sent to an intranet authentication platform to execute the validity verification.
8. The system of claim 7, wherein the authentication interface protocol comprises LDAP, Radius, or HTTP.
9. The system according to claim 7, wherein if the private network authentication gateway encapsulates the MSISDN information according to an authentication interface protocol and sends the MSISDN information to the intranet authentication platform to perform validity verification, access control and access log audit are performed according to a verification result returned by the intranet authentication platform.
10. The system according to claim 7, wherein if the private network authentication gateway encapsulates the MSISDN information according to the authentication interface protocol and sends the MSISDN information to the intranet authentication platform to perform validity verification, then performs user online and IP address mapping processing according to the verification result returned by the intranet authentication platform.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111507782.4A CN114143788B (en) | 2021-12-10 | Method and system for realizing authentication control of 5G private network based on MSISDN |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111507782.4A CN114143788B (en) | 2021-12-10 | Method and system for realizing authentication control of 5G private network based on MSISDN |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114143788A true CN114143788A (en) | 2022-03-04 |
| CN114143788B CN114143788B (en) | 2024-05-31 |
Family
ID=
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115499825A (en) * | 2022-08-18 | 2022-12-20 | 广州爱浦路网络技术有限公司 | Method, equipment and storage medium for enhancing 5G message header based on secondary authentication |
| CN115866598A (en) * | 2023-02-27 | 2023-03-28 | 北京派网科技有限公司 | Zero-trust safe trusted access method of 5G dual-domain private network |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1867186A (en) * | 2006-02-14 | 2006-11-22 | 华为技术有限公司 | Method and apparatus for realizing user admittance control in wireless communication system |
| CN105873059A (en) * | 2016-06-08 | 2016-08-17 | 中国南方电网有限责任公司电网技术研究中心 | United identity authentication method and system for power distribution communication wireless private network |
| CN106789834A (en) * | 2015-11-20 | 2017-05-31 | 中国电信股份有限公司 | Method, gateway, PCRF network elements and system for identifying user identity |
| CN110234112A (en) * | 2018-03-05 | 2019-09-13 | 华为技术有限公司 | Message treatment method, system and user plane functions equipment |
| CN112312391A (en) * | 2019-07-26 | 2021-02-02 | 中国电信股份有限公司 | Authentication method, system and related equipment |
| CN113411286A (en) * | 2020-03-16 | 2021-09-17 | 北京沃东天骏信息技术有限公司 | Access processing method and device based on 5G technology, electronic equipment and storage medium |
| CN113765874A (en) * | 2020-11-09 | 2021-12-07 | 北京沃东天骏信息技术有限公司 | Private network and dual-mode networking method based on 5G mobile communication technology |
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1867186A (en) * | 2006-02-14 | 2006-11-22 | 华为技术有限公司 | Method and apparatus for realizing user admittance control in wireless communication system |
| CN106789834A (en) * | 2015-11-20 | 2017-05-31 | 中国电信股份有限公司 | Method, gateway, PCRF network elements and system for identifying user identity |
| CN105873059A (en) * | 2016-06-08 | 2016-08-17 | 中国南方电网有限责任公司电网技术研究中心 | United identity authentication method and system for power distribution communication wireless private network |
| CN110234112A (en) * | 2018-03-05 | 2019-09-13 | 华为技术有限公司 | Message treatment method, system and user plane functions equipment |
| CN112312391A (en) * | 2019-07-26 | 2021-02-02 | 中国电信股份有限公司 | Authentication method, system and related equipment |
| CN113411286A (en) * | 2020-03-16 | 2021-09-17 | 北京沃东天骏信息技术有限公司 | Access processing method and device based on 5G technology, electronic equipment and storage medium |
| CN113765874A (en) * | 2020-11-09 | 2021-12-07 | 北京沃东天骏信息技术有限公司 | Private network and dual-mode networking method based on 5G mobile communication technology |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115499825A (en) * | 2022-08-18 | 2022-12-20 | 广州爱浦路网络技术有限公司 | Method, equipment and storage medium for enhancing 5G message header based on secondary authentication |
| CN115499825B (en) * | 2022-08-18 | 2023-09-01 | 广州爱浦路网络技术有限公司 | Method, equipment and storage medium for enhancing 5G message header based on secondary authentication |
| CN115866598A (en) * | 2023-02-27 | 2023-03-28 | 北京派网科技有限公司 | Zero-trust safe trusted access method of 5G dual-domain private network |
| CN115866598B (en) * | 2023-02-27 | 2023-05-23 | 北京派网科技有限公司 | Zero-trust safe and reliable access method for 5G dual-domain private network |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11659385B2 (en) | Method and system for peer-to-peer enforcement | |
| US7913080B2 (en) | Setting information distribution apparatus, method, program, and medium, authentication setting transfer apparatus, method, program, and medium, and setting information reception program | |
| EP1658700B1 (en) | Personal remote firewall | |
| US7680878B2 (en) | Apparatus, method and computer software products for controlling a home terminal | |
| US6529513B1 (en) | Method of using static maps in a virtual private network | |
| CN101371550B (en) | Method and system for automatically and freely providing user of mobile communication terminal with service access warrant of on-line service | |
| EP1538779A1 (en) | Identification information protection method in wlan interconnection | |
| US20080162929A1 (en) | Communication system of client terminals and relay server and communication method | |
| CN103155512A (en) | System and method for providing secured access to services | |
| JP2006524017A (en) | ID mapping mechanism for controlling wireless LAN access with public authentication server | |
| US20100162348A1 (en) | Method and apparatus for providing network communication association information to applications and services | |
| CN102348210A (en) | Method and mobile security equipment for security mobile officing | |
| US20040243837A1 (en) | Process and communication equipment for encrypting e-mail traffic between mail domains of the internet | |
| CN113873510A (en) | Secure communication method, related device and system | |
| US20070226490A1 (en) | Communication System | |
| CN114143788B (en) | Method and system for realizing authentication control of 5G private network based on MSISDN | |
| CN114143788A (en) | Method and system for realizing authentication control of 5G private network based on MSISDN | |
| Rhee | Wireless Mobile Internet Security | |
| CN110351308B (en) | Virtual private network communication method and virtual private network device | |
| JP3344421B2 (en) | Virtual private network | |
| CN114614984A (en) | Time-sensitive network secure communication method based on state cryptographic algorithm | |
| CN115706977A (en) | Data transmission method and related equipment | |
| RU2316126C2 (en) | Personal remote inter-network screen | |
| Nishimura | A distributed authentication mechanism for sharing an overlay network among multiple organizations | |
| US20060173981A1 (en) | Secure web browser based system administration for embedded platforms |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant |