Method and apparatus for authenticating communication device
First Claim
1. A method for authenticating a machine type communication MTC device, comprising:
- receiving an attach request comprising a group identifier and sent by an MTC device to be authenticated, wherein the group identifier is a group identifier of an MTC group where the MTC device to be authenticated is located;
determining whether a first group authentication vector bound to the group identifier exists locally, wherein the first group authentication vector is an authentication vector used for authenticating MTC devices in the MTC group;
if the first group authentication vector bound to the group identifier exists, according to the first group authentication vector, authenticating the MTC device to be authenticated, and generating a system key for the MTC device to be authenticated;
wherein each MTC device in the MTC group has a device characteristic, and the device characteristic is used to uniquely identify the MTC device in the MTC group;
the attach request further comprises a second device characteristic used for identifying the MTC device to be authenticated;
after the determining that the first group authentication vector bound to the group identifier exists locally, the method further comprises;
determining whether the second device characteristic is the same as a locally stored first device characteristic, wherein the first device characteristic is a device characteristic bound to both the group identifier and the first group authentication vector; and
if the second device characteristic is different from the locally stored first device characteristic, executing the step of according to the first group authentication vector, authenticating the MTC device to be authenticated, and generating the system key of the MTC device to be authenticated.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the present invention disclose a method and an apparatus for authenticating a communication device, where the method includes: receiving an attach request including a group identifier and sent by an MTC device to be authenticated, where the group identifier is a group identifier of an MTC group where the MTC device to be authenticated is located; determining whether a first group authentication vector bound to the group identifier exists locally, where the first group authentication vector is an authentication vector used for authenticating MTC devices in the MTC group; and if existing, according to the first group authentication vector, authenticating the MTC device to be authenticated, and generating a system key of the MTC device to be authenticated. The technical solutions provided in the present invention can be applied to the technical field of authenticating the MTC device.
-
Citations
16 Claims
-
1. A method for authenticating a machine type communication MTC device, comprising:
-
receiving an attach request comprising a group identifier and sent by an MTC device to be authenticated, wherein the group identifier is a group identifier of an MTC group where the MTC device to be authenticated is located; determining whether a first group authentication vector bound to the group identifier exists locally, wherein the first group authentication vector is an authentication vector used for authenticating MTC devices in the MTC group; if the first group authentication vector bound to the group identifier exists, according to the first group authentication vector, authenticating the MTC device to be authenticated, and generating a system key for the MTC device to be authenticated; wherein each MTC device in the MTC group has a device characteristic, and the device characteristic is used to uniquely identify the MTC device in the MTC group; the attach request further comprises a second device characteristic used for identifying the MTC device to be authenticated; after the determining that the first group authentication vector bound to the group identifier exists locally, the method further comprises; determining whether the second device characteristic is the same as a locally stored first device characteristic, wherein the first device characteristic is a device characteristic bound to both the group identifier and the first group authentication vector; and if the second device characteristic is different from the locally stored first device characteristic, executing the step of according to the first group authentication vector, authenticating the MTC device to be authenticated, and generating the system key of the MTC device to be authenticated. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for authenticating an MTC device, comprising:
-
after authentication between a primary MTC device in an MTC group and a network side succeeds, receiving an attach request sent by a second MTC device in the MTC group, wherein an authentication vector generated in the process of authentication between the primary MTC device and the network side is taken as a group authentication vector of the MTC group; authenticating, by the primary MTC device, the second MTC device, and generating a system key for the second MTC device by using the group authentication vector; sending, by the primary MTC device, the system key to the second MTC device; establishing a binding relationship between the group authentication vector and a group identifier of the MTC group; the receiving the attach request sent by the second MTC device comprises; receiving the attach request comprising the group identifier and a device characteristic of the second MTC device and sent by the second MTC device; the generating the system key for the second MTC device by using the group authentication vector generated in the process of authentication between the primary MTC device and the network side comprises; acquiring the group authentication vector bound to the group identifier carried in the attach request; and generating the system key for the second MTC device by using the group authentication vector and the device characteristic which is of the second MTC device. - View Dependent Claims (7)
-
-
8. A method for authenticating an MTC device, comprising:
-
sending, by a primary MTC device in an MTC group, an attach request to a network side, wherein the attach request comprises a group identifier of the MTC group, device characteristics of the primary MTC and device characteristics of the other MTC devices to be authenticated in the MTC group; performing authentication between the primary MTC device and the network side, and by using a group authentication vector generated in the authentication process and the device characteristics of the other MTC devices to be authenticated, generating system keys for the other MTC devices to be authenticated; after the primary MTC device successfully authenticates the other MTC devices to be authenticated, sending, by the primary MTC device, the system keys to the other MTC devices to be authenticated; the performing the authentication between the primary MTC device and the network side comprises; performing authentication between the primary MTC device and the network side according to the device characteristic of the primary MTC device, and generating a system key of the primary MTC device.
-
-
9. A network side entity, comprising:
-
a first receiving unit, configured to receive an attach request comprising a group identifier and sent by an MTC device to be authenticated, wherein the group identifier is a group identifier of an MTC group where the MTC device to be authenticated is located; a first authentication unit, configured to, when a first group authentication vector bound to the group identifier received by the first receiving unit exists, according to the first group authentication vector, authenticate the MTC device to be authenticated, and generate a system key of the MTC device to be authenticated; a second acquisition unit, configured to, when the second device characteristic of the MTC device to be authenticated is the same as the locally stored first device characteristic, according to the group identifier received by the first receiving unit, acquire a second group authentication vector used for authenticating MTC devices in the MTC group; a second establishment unit, configured to establish a binding relationship among the group identifier received by the first receiving unit, the second device characteristic, and the second group authentication vector acquired by the second acquisition unit; and a third authentication unit, configured to; according to an expected response number generated by the second group authentication vector acquired by the second acquisition unit and the second device characteristic received by the first receiving unit, authenticate the MTC device to be authenticated, and generate a system key of the MTC device to be authenticated. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A device for authenticating an MTC device, comprising:
-
a third receiving unit, configured to, after authentication between the device and a network side succeeds, receive an attach request sent by a second MTC device in an MTC group where the device is located; a fourth authentication unit, configured to authenticate the second MTC device, and generate a system key for the second MTC device by using a group authentication vector generated in a process of authentication between the device and the network side; a second sending unit, configured to send the system key generated by the fourth authentication unit to the second MTC device; third establishment unit, configured to;
after the authentication between the device and the network side succeeds, establish a binding relationship between the group authentication vector and a group identifier of the MTC group;wherein when the attach request received by the third receiving unit comprises the group identifier and a device characteristic of the second MTC device, the fourth authentication unit comprises; a third acquisition unit, configured to acquire the group authentication vector bound to the group identifier received by the third receiving unit; and a third generating unit, configured to generate a system key for the second MTC device by using the group authentication vector acquired by the third acquisition unit and the device characteristic which is of the second MTC device and is received by the third receiving unit. - View Dependent Claims (15)
-
-
16. A device for authenticating an MTC device, comprising:
-
a third sending unit, configured to send an attach request to a network side, wherein the attach request comprises a group identifier of an MTC group where the device is located and a device characteristic of an MTC device to be authenticated in the MTC group; a fifth authentication unit, configured to perform two-way authentication between the device and the network side, and by using a group authentication vector and the device characteristic which is of the MTC device to be authenticated, generate a system key for the MTC device to be authenticated, wherein the group authentication vector is generated in the process of authentication between the device and the network side; a fourth sending unit, configured to, after the device successfully authenticates the MTC device to be authenticated, send the system key generated by the fifth authentication unit to the MTC device to be authenticated; and a fourth generating unit, configured to, when the attach request sent by the third sending unit comprises a device characteristic of the device, generate a system key of the device according to the device characteristic of the device.
-
Specification