[go: up one dir, main page]

WO2013117070A1 - Procédé, dispositif et système d'envoi d'informations de sécurité d'un système d'alarme public - Google Patents

Procédé, dispositif et système d'envoi d'informations de sécurité d'un système d'alarme public Download PDF

Info

Publication number
WO2013117070A1
WO2013117070A1 PCT/CN2012/077602 CN2012077602W WO2013117070A1 WO 2013117070 A1 WO2013117070 A1 WO 2013117070A1 CN 2012077602 W CN2012077602 W CN 2012077602W WO 2013117070 A1 WO2013117070 A1 WO 2013117070A1
Authority
WO
WIPO (PCT)
Prior art keywords
security information
information parameter
network node
signature
entity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2012/077602
Other languages
English (en)
Chinese (zh)
Inventor
李阳
冯成燕
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Publication of WO2013117070A1 publication Critical patent/WO2013117070A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information

Definitions

  • the present invention relates to the field of communications, and in particular to a public alarm system security information transmitting method, apparatus, and system.
  • BACKGROUND OF THE INVENTION In order to enable users to receive timely, accurate and accurate alerts, warnings and critical information about disasters and other emergencies, the 3rd Generation Partnership Project (3GPP) defines a public alert system (Public Warning System). , referred to as PWS) business.
  • PWS Public Warning System
  • the business allows the public to take appropriate action to protect themselves and their families from serious injury or death, or to suffer significant property damage.
  • CBS Cell Broadcast Service
  • the architecture is as shown in Figure 1.
  • the functions of each network element are as follows: Cell Broadcast Entity (CBE), which is not a communication network defined by 3GPP.
  • the CBE is responsible for formatting the CBS, including dividing the CBS messages into different pages.
  • the Cell Broadcast Center (CBC) which is part of the core network, can be connected to multiple CBEs.
  • the CBC is responsible for managing the CBS message, including: determining the time when the CBS message starts broadcasting; determining the time when the CBS message stops broadcasting, and indicating each base station controller (Base Station Controller, BSC for short) / radio network controller (Radio Network Controller) , RNC) stops broadcasting the CBS message; determines a time interval at which the CBS message is repeatedly broadcasted; determines a cell broadcast channel or the like for broadcasting the CBS message.
  • BSC Base Station Controller
  • RNC Radio Network Controller
  • the CBC is connected to the BSC located in the radio access network; for the UMTS system, the CBC is connected to the RNC located in the radio access network through the Iu interface; for the LTE system, the mobility of the CBC and the core network
  • the management entity Mobility Management Entity, MME for short
  • the CBC configures and encapsulates it, and sends it to the BSC (GSM system), RNC (UMTS system), MME (LTE system), BSC/RNC/MME of the affected area, and then forwards it to the base station.
  • the GSM system is BTS, the UMTS system is B, and the LTE system is e B ) Broadcast to the user.
  • the currently defined CBS services are all sent on the broadcast channel.
  • the broadcast channel does not have any security protection.
  • An attacker can tamper with an alert message, or after receiving an alert message, replay in the same region or at another location at other times, causing unnecessary panic and confusion in the public.
  • 3GPP decided to secure the PWS by introducing a signature algorithm and a key management scheme by using a digital signature field and a timestamp.
  • the terminal When the terminal receives the broadcasted alert message, it will first authenticate the message, and only if the authentication succeeds, it is considered to be a valid alert message.
  • the verifier needs to obtain the signer's key and its signature algorithm, which is usually a public key and needs to ensure that the key is valid. That is, for a user equipment (User Equipment, UE for short), it is necessary to obtain a signed key.
  • the security information related to the PWS includes, in addition to the key and its identifier, a signature algorithm identifier, a signature entity identifier, and the like.
  • the delivery of the information such as the signature algorithm identifier and the signature entity identifier is not defined, especially between the signature entity and the core network element.
  • the present invention provides a method, an apparatus, and a system for transmitting a security information of a public alarm system, so as to solve at least the problem of a signature algorithm identifier and a signature entity identifier in the security information of the PWS service.
  • a public alarm system security information sending method including: a network node receives a message carrying a security information parameter from a signature entity; and the network node sends a security information parameter to the terminal.
  • the security information parameter includes a signature algorithm identifier and a signature entity identifier.
  • the method before the sending, by the network node, the security information parameter to the terminal, the method further includes: the network node storing the security information parameter and the correspondence between the signature entity identifier and the key; and the network node sending the response message to the signature entity.
  • the security information parameter includes a signature algorithm identifier.
  • the method before the network node sends the security information parameter to the terminal, the method further includes: the network node storing the security information parameter; and the network node sending the response message to the signature entity.
  • the receiving, by the network node, the message carrying the security information parameter from the signature entity comprises: if the signature entity is a CBC, the network node receives the message carrying the security information parameter from the CBC; if the signature entity is a CBE, the network node receives the CBE A message sent by the CBC carrying a security information parameter.
  • the network node includes one of the following: a Serving General Packet Radio Service Support Node (SGSN), an MME, an RNC, and a BSC.
  • SGSN Serving General Packet Radio Service Support Node
  • MME Mobility Management Entity
  • RNC Radio Network Controller
  • the sending, by the network node, the security information parameter to the terminal includes: when the network node is the MME or the SGSN, the network node sends the security information parameter to the terminal by using the layer 3 message and/or the alarm message; where the network node is the BSC or the RNC In case, the network node sends an address to the terminal by writing an alternate message and/or adding a message.
  • the layer three message includes one of the following: an attach accept response message, a tracking area update response message, and a routing area update response message.
  • the method further includes: the terminal updating the locally saved signature algorithm identifier according to the received signature algorithm identifier; the terminal verifies the signature according to the updated signature algorithm identifier, and/or according to the algorithm The signature entity identifies the corresponding key verification signature information.
  • a public alarm system security information sending method including: a signature entity generates a message carrying a security information parameter in an initial process and/or an update process; and the signature entity sends the carried message to the network node The message of the security information parameter.
  • the sending, by the signature entity, the message carrying the security information parameter to the network node includes: in an initial process, the signature entity sends a message carrying the security information parameter to the network node, where the security information parameter includes a signature algorithm identifier and a signature entity identifier.
  • the sending, by the signature entity, the message carrying the security information parameter to the network node includes: in the updating process, the signature entity sends a message carrying the security information parameter to the network node, where the security information parameter includes a signature algorithm identifier.
  • the sending, by the signature entity, the message carrying the security information parameter to the network node includes: if the signature entity is a CBC, the CBC sends a message carrying the security information parameter to the network node; if the signature entity is a CBE, the CBE sends the message to the network node through the CBC.
  • a message carrying a security information parameter is provided, which is applied to a network node, and includes: a receiving module, configured to receive a message carrying a security information parameter from a signature entity; a first sending module, setting To send security information parameters to the terminal.
  • the security information parameter includes a signature algorithm identifier and a signature entity identifier.
  • the foregoing apparatus further includes: a first storage module, configured to store a security information parameter and a correspondence relationship between the signature entity identifier and the key; and a second sending module, configured to send a response message to the signature entity.
  • the security information parameter includes a signature algorithm identifier.
  • the foregoing apparatus further includes: a second storage module configured to store security information parameters; and a third sending module configured to send a response message to the signature entity.
  • the receiving module comprises: a first receiving submodule, configured to receive a message carrying a security information parameter from the CBC if the signature entity is a CBC; and a second receiving submodule, configured to be a CBE in the signature entity In the case, the receiving CBE sends a message carrying the security information parameter through the CBC.
  • the network node comprises one of the following: SGSN, MME, RNC, BSC.
  • the first sending module includes: a first sending submodule, configured to send a security information parameter to the terminal by using a layer three message and/or an alert message; where the network node is a BSC or In the case of the RNC, the first sending module includes: a second sending submodule, configured to send the security information parameter to the terminal by writing a substitute message and/or adding a message.
  • the layer 3 message includes one of the following: an attach accept response message, a tracking area update response message, and a routing area update response message.
  • a public alarm system security information transmitting apparatus which is applied to a signature entity, and includes: a generating module, configured to generate a message carrying a security information parameter in an initial process and/or an update process;
  • the sending module is configured to send a message carrying the security information parameter to the network node.
  • the sending module includes: a first sending submodule, configured to: in the initial process, the signing entity sends a message carrying the security information parameter to the network node, where the security information parameter includes a signature algorithm identifier and a signature entity identifier.
  • the sending module includes: a second sending submodule, configured to: in the updating process, the signing entity sends a message carrying the security information parameter to the network node, where the security information parameter includes a signature algorithm identifier.
  • the sending module includes: a third sending submodule, configured to send a message carrying the security information parameter to the network node if the signature entity is a CBC; and the fourth sending submodule is set to be the CBE in the signature entity In the case, the message carrying the security information parameter is sent to the network node through the CBC.
  • a public alarm system security information transmitting system including a signature entity and a network node, wherein the signature entity includes: a generating module configured to generate and carry in the initial process and/or the update process a message of the security information parameter; the first sending module is configured to send a message carrying the security information parameter to the network node; the network node comprises: a receiving module, configured to receive the message carrying the security information parameter from the signature entity; The module is set to send security information parameters to the terminal.
  • the network node receives the message from the signature entity, where the message carries the security information parameter (signature algorithm identifier, signature entity identifier), and the network node sends the security information parameter to the terminal, so that the terminal verifies the signature according to the verification, thereby ensuring The alert message is safe and accurate.
  • the security information parameter signature algorithm identifier, signature entity identifier
  • FIG. 1 is a schematic diagram of a network architecture of a PWS in a 3GPP network according to the related art
  • FIG. 2 is a flowchart 1 of a public alarm system security information transmission method according to an embodiment of the present invention
  • FIG. 3 is implemented according to the present invention.
  • FIG. 4 is a flow chart of a signature entity transmitting a signature algorithm identifier to a network node according to a preferred embodiment of the present invention
  • FIG. 5 is a network according to a preferred embodiment 2 of the present invention
  • FIG. 6 is a flowchart of a signature entity transmitting a signature entity identifier to a network node according to a preferred embodiment 3 of the present invention
  • FIG. 7 is an LTE network to a terminal according to a preferred embodiment 4 of the present invention
  • FIG. 8 is a flowchart of a UMTS network transmitting security information to a terminal according to a preferred embodiment 5 of the present invention
  • FIG. 9 is a structural block diagram 1 of a public alarm system security information transmitting apparatus according to an embodiment of the present invention
  • FIG. 10 is a block diagram showing a specific structure of a public alarm system security information transmitting apparatus according to a preferred embodiment of the present invention.
  • 11 is a block diagram 2 of a specific structure of a public alarm system security information transmitting apparatus according to a preferred embodiment of the present invention
  • FIG. 12 is a block diagram 3 of a specific structure of a public alarm system security information transmitting apparatus according to a preferred embodiment of the present invention
  • FIG. FIG. 14 is a block diagram showing a specific structure of a public alarm system security information transmitting apparatus shown in FIG. 13 according to a preferred embodiment of the present invention
  • FIG. 15 is a block diagram of a specific structure of the public alarm system security information transmitting apparatus shown in FIG. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
  • a detailed structural block diagram of a public alarm system security information transmitting apparatus shown in FIG. 13 is a block diagram of a public alarm system security information transmitting system according to an embodiment of the present invention.
  • FIG. 2 is a flowchart 1 of a method for transmitting security information of a public alarm system according to an embodiment of the present invention. As shown in FIG. 2, the method includes the following steps S202 to S204. Step S202: The network node receives the message carrying the security information parameter from the signature entity. Step S204: The network node sends the security information parameter to the terminal.
  • the signature algorithm identifier and the signature entity identifier in the security information of the PWS service are not defined.
  • the network node receives the message from the signature entity, where the message carries the security information parameter, and the network node sends the security information parameter to the terminal, so that the terminal verifies the signature according to the verification, thereby ensuring the security and accuracy of the alarm message.
  • the signature algorithm identifier may be sent in the initial process or may be sent at any time in the subsequent update process; the signature entity identifier is generally sent only in the initial process.
  • the security information parameter includes a signature algorithm identifier and a signature entity identifier
  • the security information parameter includes a signature algorithm identifier during the update process.
  • the signature entity may be CBC or CBE.
  • the process of sending messages is different. The details are as follows: The network node receives the message carrying the security information parameter from the signature entity, including: If the signature entity is CBC, the network node receives the CBC. The message carrying the security information parameter; if the signature entity is a CBE, the network node receives the message that the CBE sends through the CBC and carries the security information parameter.
  • the above network node includes one of the following: SGSN, MME, RNC, BSC.
  • the network nodes are different, and the manner of sending the security information parameters to the terminal is different.
  • the foregoing step S204 includes: when the network node is the MME or the SGSN, the network node passes the layer 3 message and/or alarm.
  • the message sends the security information parameter to the terminal; in the case that the network node is a BSC or an RNC, the network node sends the security information parameter to the terminal by writing a substitute message and/or a new message.
  • the layer 3 message includes one of the following: an attach accept response message, a tracking area update response message, and a routing area update response message. Between the network node and the terminal, the Layer 3 message is sent in a point-to-point manner.
  • the Layer 3 message can be attached, Tracking Area Update (TAU), or Routing Area Update (Routing Area Update). RAU) /LAU, SMC, etc.
  • the invention also provides a preferred manner for the network node to store security information parameters, which can be updated and saved in time to ensure the accuracy of the information.
  • the method further includes: the network node storing the security information parameter and the correspondence between the signature entity identifier and the key; and the network node sending the response message to the signature entity.
  • the update process before the network node sends the security information parameter to the terminal, the method further includes: the network node storing the security information parameter; and the network node sending the response message to the signature entity.
  • the terminal After receiving the security information parameter sent by the network node, the terminal operates as follows: The terminal updates the locally saved signature algorithm identifier according to the received signature algorithm identifier; the terminal verifies the signature according to the updated signature algorithm identifier and/or according to the signature entity. Identifies the corresponding key verification signature information.
  • the preferred embodiment describes a process in which a terminal verifies a signature by using an algorithm carried in the security information to verify the signature and/or the signature entity identifier.
  • the embodiment of the present invention further provides a public alarm system security information sending method.
  • FIG. 3 is a second flowchart of a public alarm system security information sending method according to an embodiment of the present invention. As shown in FIG. 3, the following steps S302 are included. Step S304.
  • Step S302 The signature entity generates a message carrying the security information parameter in the initial process and/or the update process.
  • Step S304 the signature entity sends a message carrying the security information parameter to the network node.
  • the signature algorithm identifier may be sent in the initial process, or may be sent at any time in the subsequent update process; the signature entity identifier is generally sent only in the initial process. Therefore, the step S304 includes: in the initial process, the signature entity sends a message carrying the security information parameter to the network node, where the security information parameter includes a signature algorithm identifier and a signature entity identifier; in the update process, the signature entity The network node sends a message carrying a security information parameter, where the security information parameter includes a signature algorithm identifier.
  • the signature entity may be a CBC or a CBE.
  • the process of sending a message is different, as follows: The signature entity sends a message carrying the security information parameter to the network node, including: If the signature entity is a CBC, the CBC sends and carries the message to the network node. A message with a security information parameter; if the signature entity is a CBE, the CBE sends a message carrying the security information parameter to the network node through the CBC.
  • FIG. 4 is a flow chart of a signature entity transmitting a signature algorithm identifier to a network node according to a preferred embodiment of the present invention. As shown in FIG.
  • the preferred embodiment shows a signature entity (CBC and/or CBE) orientation.
  • the process includes the initial delivery process and the subsequent update process.
  • the delivery of the signature algorithm identifier can be combined with the key delivery process.
  • the following steps S402 to S406 are included.
  • Step S402 The CBC (or the CBE passes the CBC) sends a security information message to the MME or the SGSN, where the security information message carries a Sign Arithmetic Identity (SAI).
  • SAI Sign Arithmetic Identity
  • Step S404 After receiving the delivered security information message, the MME or the SGSN saves the corresponding security information, including the SAI.
  • Step S406 the MME or the SGSN sends a response message to the CBC.
  • Figure 2 is a flowchart of a network node sending a signature algorithm identifier to a terminal according to a preferred embodiment 2 of the present invention. As shown in Figure 5, the preferred embodiment shows that the network node MME/SGSN sends a PWS signature to the terminal.
  • the process of algorithm identification The process includes both the initial delivery process and the subsequent update process.
  • the signature algorithm identifier SAL can be combined with the key issuance in the message of normal attachment acceptance, routing area update response, and tracking area update response. Specifically, the following steps S502 to S506 are included.
  • Step S502 The UE sends a message such as a normal attach request, a TAU request, a RAU request, and the like to the MME.
  • Step S504 The MME sends a corresponding message such as an attach accepts TAU response and an RAU response to the UE, and delivers corresponding security information to the UE in the message.
  • the security information carries the signature algorithm identifier SAI when the initial delivery is performed. If the subsequent signature algorithm is updated, the subsequent process may carry the updated signature algorithm identifier SAI.
  • Step S506 the UE saves the received security information and updates the local signature algorithm identifier SAI.
  • Step S602 The CBC (or the CBE passes the CBC) sends a security information message to the MME or the SGSN, where the security information message carries a Sign Entity Identity (SEI).
  • SEI Sign Entity Identity
  • Step S604 After receiving the delivered security information message, the MME or the SGSN saves the corresponding security information, including the SEI, and saves the correspondence between the SEI and the key. Step S606, the MME or the SGSN sends a response message to the CBC.
  • FIG. 7 is a flowchart of transmitting security information to a terminal according to a preferred embodiment 4 of the present invention. As shown in FIG. 7, the preferred embodiment shows a process in which an LTE network sends a PWS alarm message to a terminal. The process includes not only carrying the signature algorithm identifier SAL when the network sends an alarm message to the UE but also carrying the signature entity identifier SEI in the message.
  • Step S702 The CBC (or the CBE passes the CBC) sends a write substitute alert request message to the MME, where the message carries the signature information signature (SID) and the signature entity identifier SEI.
  • SID signature information signature
  • SEI signature entity identifier
  • Step S704 after receiving the request information, the MME sends a write substitute alarm acknowledgement message to the CBC/CBE.
  • Step S706 the MME sends a write substitute alarm request message to the eNB, where the message carries a signature algorithm identifier SAI and a signature entity identifier SEI.
  • Step S708 the e B sends a broadcast information message to the UE, where the message carries the signature algorithm identifier SAI and the signature entity identifier SEI.
  • FIG. 8 is a flowchart of a UMTS network transmitting security information to a terminal according to a preferred embodiment 5 of the present invention. As shown in FIG. 8, the preferred embodiment shows a process in which a UMTS network sends a PWS alarm message to a terminal.
  • the process includes not only the signature algorithm identifier that the network can carry the alarm message sent to the UE, but also the process of the signature entity identifier.
  • the RNC is replaced by a base station controller (BSC), and the NodeB is replaced by a base station (Base Transceiver Station, BTS for short).
  • BSC base station controller
  • BTS Base Transceiver Station
  • steps S802 to S810 are included.
  • Step S804 the RNC sends a broadcast request message to the NodeB (ie, B shown in the figure), where the message carries a signature algorithm identifier SAI and a signature entity identifier SEI.
  • Step S806a the NodeB sends a broadcast information message to the UE.
  • Step S806b the NodeB sends a paging message to the UE.
  • Step S806c The NodeB carries a primary advertisement message of the security information to the UE, where the message carries the signature algorithm identifier SAI and the signature entity identifier SEI.
  • the UE After receiving the broadcast information message, if the message carries the signature algorithm identifier, the UE updates the local signature algorithm identifier and uses the signature algorithm to identify the corresponding algorithm to verify the signature. The UE identifies the corresponding key according to the signature entity identifier in the verification message. Verify signature information. Step S808, the UE sends an alarm indication. Step S810, the RNC sends a report success message to the CBC/CBE. It should be noted that the steps shown in the flowchart of the accompanying drawings may be performed in a computer system such as a set of computer executable instructions, and, although the logical order is shown in the flowchart, in some cases, The steps shown or described may be performed in an order different than that herein.
  • FIG. 9 is a block diagram showing the structure of a public alarm system security information transmitting apparatus according to an embodiment of the present invention. As shown in FIG. 9, the receiving module 91 and the first transmitting module 92 are included. The structure will be described in detail below.
  • the receiving module 91 is configured to receive a message carrying the security information parameter from the signature entity.
  • the first sending module 92 is connected to the receiving module 91, and is configured to send the security information parameter received by the receiving module 91 to the terminal.
  • the signature entity may be a CBC or a CBE.
  • the receiving module 91 includes: a first receiving submodule 912, which is set to be a case where the signature entity is a CBC. And receiving the message carrying the security information parameter from the CBC.
  • the second receiving sub-module 914 is configured to receive, by the CBC, the message carrying the security information parameter, sent by the CBE, if the signature entity is the CBE.
  • the first sending module includes: a first sending submodule, configured to send the security information parameter to the terminal by using a layer three message and/or an alarm message; where the network node is a BSC or an RNC
  • the first sending module includes: a second sending submodule, configured to send the security information parameter to the terminal by writing a substitute message and/or adding a message. As shown in FIG.
  • the foregoing apparatus further includes: a first storage module 93, connected to the receiving module 91, configured to store a security information parameter received by the receiving module 91 and a corresponding relationship between the signature entity identifier and the key;
  • the second sending module 94 is connected to the first storage module 93 and configured to send a response message to the signature entity.
  • the foregoing apparatus further includes: a second storage module 95, connected to the receiving module 91, configured to store the security information parameter received by the receiving module 91; and a third sending module 96 connected to the second The storage module 95 is configured to send a response message to the signature entity.
  • FIG. 13 is a structural block diagram 2 of a public alarm system security information transmitting apparatus according to an embodiment of the present invention. As shown in FIG. 13, a generating module 1302 and a transmitting module 1304 are included. The structure will be described in detail below.
  • the generating module 1302 is configured to generate a message carrying the security information parameter in the initial process and/or the update process.
  • the sending module 1304 is connected to the generating module 1302, and is configured to send, to the network node, the carrying security parameter generated by the generating module 1302. Message.
  • the sending module 1304 includes: a first sending submodule 13042, which is connected to the generating module 1302, and is configured to send, by the generating entity, a message generated by the generating module 1302 and carrying the security information parameter to the network node in an initial process.
  • the security information parameter includes a signature algorithm identifier and a signature entity identifier.
  • the second sending submodule 13044 is connected to the generating module 1302, and is configured to send, by the signature entity, the generated security module parameter generated by the generating module 1302 to the network node during the updating process.
  • the message, wherein the security information parameter includes a signature algorithm identifier.
  • the signature entity can be either CBC or CBE. The process of sending messages is different, so
  • the sending module 1304 includes: a third sending submodule 13046, connected to the generating module 1302, configured to send, to the network node, a message carrying the security information parameter generated by the generating module 1302, if the signature entity is a CBC.
  • the fourth sending sub-module 13048 is connected to the generating module 1302, and is configured to send, by the CBC, the message generated by the generating module 1302 and carrying the security information parameter to the network node when the signature entity is the CBE.
  • the embodiment of the present invention further provides a public alarm system security information transmission system.
  • FIG. 16 is a structural block diagram of a public alarm system security information transmission system according to an embodiment of the present invention. As shown in FIG. 16, the signature entity 1602 and the network node are included.
  • the signature entity 1602 includes: a generating module 16022, configured to generate a message carrying a security information parameter in an initial process and/or an update process; the first sending module 16024, connected to the generating module 16022, configured to send and generate to the network node The module 16022 generates a message carrying a security information parameter.
  • the network node 1604 includes: a receiving module 16042, connected to the first sending module 16024, configured to receive a message carrying the security information parameter sent by the first sending module 16024 from the signature entity; and a second sending module 16044 connected to the receiving module 16042 And configured to send the security information parameter received by the receiving module 16042 to the terminal.
  • the public alarm system security information sending apparatus described in the device embodiment corresponds to the above-mentioned method embodiment, and the specific implementation process has been described in detail in the method embodiment, and details are not described herein again.
  • the solution of the present invention is not limited to the PWS signature security information delivery and use method of the LTE system, the UMTS system, and the GSM/GERAN system, and its related mode can be applied to other wireless communication systems.
  • a public alarm system security information transmitting method, apparatus and system are provided.
  • the network node receives the message from the signature entity, where the message carries the security information parameter (signature algorithm identifier, signature entity identifier), and the network node sends the security information parameter to the terminal, so that the terminal verifies the signature according to the verification, thereby ensuring The alert message is safe and accurate.
  • the above modules or steps of the present invention can be implemented by a general-purpose computing device, which can be concentrated on a single computing device or distributed over a network composed of multiple computing devices.
  • the network node receives a message from a signature entity, where the message carries a security information parameter (signature algorithm identifier, signature entity identifier), and the network node sends the security information parameter to the terminal, so that The terminal verifies the signature according to it, thereby ensuring the security and accuracy of the alarm message.
  • a security information parameter signature algorithm identifier, signature entity identifier

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
PCT/CN2012/077602 2012-02-08 2012-06-27 Procédé, dispositif et système d'envoi d'informations de sécurité d'un système d'alarme public Ceased WO2013117070A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2012100271837A CN103249039A (zh) 2012-02-08 2012-02-08 公共警报系统安全信息发送方法、装置及系统
CN201210027183.7 2012-02-08

Publications (1)

Publication Number Publication Date
WO2013117070A1 true WO2013117070A1 (fr) 2013-08-15

Family

ID=48928205

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/077602 Ceased WO2013117070A1 (fr) 2012-02-08 2012-06-27 Procédé, dispositif et système d'envoi d'informations de sécurité d'un système d'alarme public

Country Status (2)

Country Link
CN (1) CN103249039A (fr)
WO (1) WO2013117070A1 (fr)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101557264A (zh) * 2008-06-23 2009-10-14 华为技术有限公司 Etws消息的广播传输系统、装置和方法
CN101938740A (zh) * 2009-07-02 2011-01-05 中兴通讯股份有限公司 一种地震海啸警报系统信息发布方法及系统
US7962089B1 (en) * 2007-07-02 2011-06-14 Rockwell Collins, Inc. Method and system of supporting policy based operations for narrowband tactical radios

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
ES2395459T3 (es) * 2008-03-18 2013-02-12 Telefonaktiebolaget L M Ericsson (Publ) Sistema de aviso celular de terremoto y tsunami

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7962089B1 (en) * 2007-07-02 2011-06-14 Rockwell Collins, Inc. Method and system of supporting policy based operations for narrowband tactical radios
CN101557264A (zh) * 2008-06-23 2009-10-14 华为技术有限公司 Etws消息的广播传输系统、装置和方法
CN101938740A (zh) * 2009-07-02 2011-01-05 中兴通讯股份有限公司 一种地震海啸警报系统信息发布方法及系统

Also Published As

Publication number Publication date
CN103249039A (zh) 2013-08-14

Similar Documents

Publication Publication Date Title
CN103155650B (zh) 在无线局域网(wlan)中通告和分发通知
CN102986277B (zh) 在无线局域网(wlan)中通告和分发通知
CN102986278B (zh) 在网络名中并入通知
CN103026746B (zh) 使用可扩展认证协议(eap)方法通告和分发通知
CN104041089B (zh) 用于验证公共预警消息的公钥的管理
EP2290875B1 (fr) Procédé et système de génération d'identifiant d'identité de clé lors du transfert du dispositif utilisateur
CN102611554B (zh) 实现数字签名的方法及设备
US20150236851A1 (en) Method and apparatus for updating ca public key, ue and ca
WO2014176946A1 (fr) Procédé et dispositif de signalement d'un état de diffusion d'un message d'avertissement
WO2013107152A1 (fr) Système, dispositif et procédé de vérification d'informations de signature pws
WO2012167637A1 (fr) Procédé et entité de réseau pour envoyer un message de clé secrète de système d'avertissement destiné au public à un terminal
WO2010028603A1 (fr) Procédé et système pour générer une clé pendant la mise à jour d'une zone de suivie
CN101953182B (zh) 寻呼信号发送方法及移动台
CN102833743B (zh) 公共警报系统密钥更新信息的发送、更新方法和相应设备
CN102843651B (zh) 公共警报系统及密钥发送、获取方法、安全连接建立方法
CN106576241B (zh) D2d通信中检验mic的方法和d2d通信系统
CN102869011B (zh) 无线通信系统中pws密钥更新方法、网络侧设备及终端
WO2013060154A1 (fr) Procédé et dispositif de mise à jour d'une clé de pws
WO2013117070A1 (fr) Procédé, dispositif et système d'envoi d'informations de sécurité d'un système d'alarme public
US20250150828A1 (en) Information transmission method and apparatus, and communication device and storage medium
EP2805534A1 (fr) Gestion d'état de sécurité d'équipement utilisateur pour système d'alerte publique
CN102857884B (zh) Pws主通告信息的发送、处理方法、网络侧设备和终端
US20150296375A1 (en) Methods, devices, and computer program products improving the public warning system for mobile communication
CN102833681B (zh) 无线通信系统中配置公共警报系统密钥信息的方法和系统
CN102843662B (zh) 公共警报系统密钥更新信息的发送、更新方法和相应设备

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12868278

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12868278

Country of ref document: EP

Kind code of ref document: A1