Network operation method, system control device, network and computer programme for said control

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to a network operation method. A network comprises a node and a system control device. A system control device comprises a root key material which is a set of functions, each having a degree of complexity α, and a node is provided with a portion of key material of a node having a degree of complexity α extracted from the root key material. The system control device generates a portion of key material for an external user with a degree of complexity α from the root key material and generates an access identifier. The system control device generates access key material with a degree of complexity less than α from the portion of key material for the external user and generates a node identifier. The system control device provides the external user with a portion of access key material and the node identifier. The external user extracts a key from the portion of access key material and sends to the node said key and access identifier. The node calculates a key from the access identifier and the portion of node key material and compares the key sent by the external user and the key calculated by the node in order to identify the external user.

EFFECT: improved security.

14 cl, 4 dwg

 

The technical FIELD TO WHICH the INVENTION RELATES.

The present invention relates to a method of operation of a network that contains communication devices representing network nodes.

An example application of the present invention can be found in your personal area networks (PAN) that contains a set of communication objects located, at least temporarily, within personal user area. PAN contains, for example, the set of nodes with wireless medical sensors located within or on the body of the user, and controls for monitoring the main indicators of the activity of the user or many electronic devices.

The prior art INVENTIONS

Security is a fundamental requirement for networks of this kind or any control of sensitive data, to ensure the security of information exchanged between different nodes in the network and to control access to network devices of other users, external to the network.

Accordingly, for these networks require a security system that takes into account several major problems:

- the problem of trust to provide various network nodes means of identification, authentication and trust to any other node as element of the same network,

- the problem of secure communication to provide the ing funds to ensure secure communication between different nodes in the network, and

- the problem of access control mechanisms, limited access to information or network nodes.

Traditional ways of working such networks typically include a master node, which is the personal device management or trust centre used for the prior distribution of cryptographic material on network nodes and then to authenticate each node as belonging to the network when the nodes must be installed communication. However, these methods have several drawbacks:

first of all, these methods do not allow two network nodes to authenticate each other without going to the main site, and

in addition, since the cryptographic material in advance is distributed over the network nodes, it is not possible to provide access to the external network user.

In addition to providing access to external network users confidential and secure manner have been proposed methods based on public-key cryptography. However, these methods are disadvantageous for resources from a computational point of view and require the transfer of long keys. Thus, these methods require communication, computing and storage, which is not always available in the devices used is in personal networks, usually with limited resources.

Document WO-A-2007/149850 discloses a security system containing L hierarchical levels, each of which corresponds to the level of security, and many hosts on the local network. Generator key material to generate a set of correlated key material for each network node. Each set of key material consists of L subsets of key material, one for each level of security. The setup server distributes the generated sets of key material to each network node, to enable the network nodes to communicate with each other in the field of security hierarchical level k, using the appropriate subset of key material security.

Additionally, the document EP-A-0 511 483 describes a method and apparatus for authenticating users (objects) of a computer network based on the identity of objects. The keys for each potential session are derived from forecasts that are stored at the location of each side. When two parties wish to communicate with each other, they appreciate its forecast, which is a polynomial in one variable, to identify the other hand in another variable. Both parties get the same numerical result, which establishes CL is h for both sides. The parties then validates the calculation key, comparing two keys, each of which has calculated the party concerned.

The INVENTION

The objective of the invention is to provide a method of operation of a network that overcomes the above disadvantages.

Another object of the invention is to provide a method of providing an external user access to the network, minimizing the communication requirements in the network.

Another object of the invention is to provide a method that minimizes the requirements for computing on the side of the external user.

Another object of the invention is a method of providing an external user access to the network without endangering or without consequences for the sustainability of cryptographic network elements.

This purpose is provided by way of the network containing the host and the device management system, device management system contains the root key material, which is a set of functions, each of which has a degree of complexity α, and the node is provided with shares of key material node with the degree of complexity of α, the share of key material node is extracted from the root of the key material.

This method contains the following steps, which after receiving the device management system request from asnago user to gain access to the site:

a) through the device management system generate share key material for the external user with the degree of complexity α from the root of the key material and generates the identifier of the access

b) through the device management system generate key material for the access to the degree of complexity less than α, the share of key material for the external user and generates a node identifier,

c) through the device management system provide external user share key material for the access ID and access

d) external user retrieves the key from the share key material for the access node transmits the key and the identifier of the access

e) using the compute node key of ID access and share key material node, and

f) using the node compares the key passed to an external user, and the key computed by the node to authenticate the external user.

This method allows the host to authenticate the external user as allowed by the device management system to gain access to the site. As you can see in the steps d) to f), this authentication is accomplished without recourse to the device management system and, thus, it can be done, even if the device is in avtonomna the m mode.

In addition, since the external user is granted only the share key material for access of reduced complexity, the method allows to maintain the stability of the basic cryptographic network elements. Indeed, low complexity key material for access prevents the attacker gains root key material, even if it captures the external user and threatens his share key material for access.

In a specific embodiment of the invention the identifier of the access is the result of a hash function performed on the certificate based on the request issued by the device management system, and a node supplied hash function. In this embodiment, the node can verify the authenticity of the certificate by calculating the hash of the certificate and comparing the result with the received identifier of the access.

In one version of this alternative implementation of step c) may further comprise providing the external user with the access certificate by the device management system, and step (d) further comprises transmitting node external user access certificate.

It appears from the above, in this embodiment, containing the validity of the certificate is and access this validity checking is performed only after completion of the authentication process. This means that the node checks the validity of the certificate, only when he is satisfied that the certificate has been provided by the device management network system.

In accordance with another aspect of the invention provides a device management system that contains the root key material, which is a set of functions, each of which has a degree of complexity α+1 in each variable, and the device management system contained in a network that also contains the node, and the device management system contains:

means that after receiving a request from an external user to grant access to the node generates the share key material for the external user with the degree of complexity α+1 from the root key material and generates the identifier of the access

- means for generating key material access to the degree of complexity less than α+1, share of key material for the external user and generating a node identifier, and

device management system that provides an external user share key material for access and access ID.

In the private embodiment of the invention, the device management system advanced with whom holds:

the means of delegation of access rights from the first node in the network external to the user so that the user can access the second node in the network, without requiring communication with the device management system, and

- decorrelation means not to correlate share key material distributed over the nodes in the network, so that the attacker could not get information from share key material distributed over the nodes in the network, but the nodes in the network can still verify the authenticity of certificates and delegation associated with shares of key material distributed from the device management system.

In accordance with another aspect of the invention provides a network containing the device management system corresponding to the invention, and the communication device representing a network node.

In accordance with another aspect of the invention provides a computer program for implementing the method corresponding to the invention.

These and other aspects of the invention will become apparent and will be explained in detail with reference to embodiments of described hereafter.

BRIEF DESCRIPTION of DRAWINGS

The present invention will now be described in more detail by means of example with reference to the accompanying drawings, in which:

Fig.1 - personal network who by the way, corresponding to the invention.

Fig.2 is a diagram representing the sequence of the method according to the invention, and

Fig.3 is a block diagram of the sequence of the operations of the device management system in accordance with the invention,

Fig.4 - the two-dimensional matrix of coefficients of the polynomial used in one embodiment of the invention.

DETAILED description of the INVENTION

The present invention relates to a method of network operation, such as a personal network that contains communication devices.

In Fig.1 presents an example of a network 1, which may be implemented in the first variant embodiment of the invention. This belongs to the network 1 user 2, provided with a communication device 3, and a few of the devices D1, D2, D3 represent the network nodes. This network is a personal network, which means that all devices in the network are owned by the user 2, and thus, the communication device 3 is used as a device management system.

Unit 3 control system is, for example, a mobile phone containing a SIM card, allows you to generate and store cryptographic material.

Devices D1, D2 and D3, for example, in the case of a medical network are the nodes of the sensor body mounted on or around the body of the user 2, or control devices, carrying out the communication with the sensor nodes to monitor basic vital signs of the user.

In another example, D1, D2 and D3 are electronic devices, such as mobile phone, music player, video device, electronic automotive system. In yet another example, the devices D1, D2 and D3 are appliances or lighting equipment.

In both examples, it is useful to get on the network 1 to communicate to the external user 4 access to one of the network devices. In the case of the medical network, the external user 4 may be a doctor who needs access to the control device to remotely check the status of the user 2. User 4 is provided a communication device to access the network device. In the rest of the description the user and the communication device will be marked as "user 4".

In another example, the external user 4 may be a friend of the user 2, who wants to have access to the device belonging to the user 2, for example, to exchange multimedia files.

Because application vulnerabilities of networks, which include the present invention, these networks need to provide security to control access to the external user, as stated above, and for the security of communications between nodes on a network.

In a way corresponding to the first var is the ant embodiment of the invention, use a security system based on the system of distribution of alpha-key security. In this system, the nodes do not share the finished keys. Instead, the nodes have some site-specific information, allowing them to calculate shared with any other node in the network key on the login ID of this node. This site-specific information derived from the root key material provided by the device management system (KMRoot). Site-specific information is defined as the proportion of key material node and node i is denoted as KM(i).

Preferably, the root key material is a multidimensional polynomial. Nodes take fractions of polynomials generated from a multivariate polynomial. For example, multivariate polynomial can be a polynomial with two variables(x, y)the degree of alpha and share key material node is monovariant a polynomial of degree alpha, the corresponding two-dimensional polynomial, evaluated at the point corresponding to the node ID.

For example, again we can assume that a symmetric bivariate polynomialf(x, y)used as a root key material and devices D1 and D2 in the network 1 shown in Fig.1, bear sharef(D1, y)andf(D2, y)key material node,the respectively. When two nodes want to communicate, they receive their corresponding identifiers, i.e. D2 receives the identifier D1IDD1=D1and D1 receives the identifier D2IDD2=D2.Then, each node can generate a shared key by estimating its share of the polynomial in the ID of the other device, i.e., the node D1 evaluates its share off(D1, y)polynomial iny=D2and the node D2 evaluatesf(D2, y)iny=D1. Thus, both nodes agree on a common keyK=f(D1,D2)=f(D2, D1).Finally, both sites can useKto authenticate each other, for example by handshake authentication type "request-response" or extract the session key to provide confidentiality.

This security system offers high resistance when attacking intruders, when you link two nodes belonging to the network. Presents the way the network is determined by this alpha security system to ensure control Protocol access, providing access to users who do not belong to the network, and which, therefore, the original is not available, the share of key material.

Because the user 4 does not belong to the network 1, it is necessary to identify and authenticate in order to guarantee security against attacks. Accordingly, when a user requests access to the a network node, requires that the device 3 system management the system in response to the request generated identifier of the access to allow the user 4 to deal directly with the network node, to which he wants to access.

This authentication Protocol, and access is described more precisely with reference to Fig.2, representing the sequence of operations at different stages performed by the device management system (SMD), an external user U and a node N in the process corresponding to the invention. In the following description name of the node and the node ID will be referred to equally as a "N".

The device management system is a device that contains a means of generating and storing key material to generate, calculate and store a cryptographic function such as a hash function, and for the processing and transfer of these elements to other devices.

The sequence shown in Fig.2, is divided into three stages. This sequence will be described with reference to Fig.3, which shows the operations that are specifically performed by the device management system.

During phase CONFIG device management system generates the key material KM(N)node from the root of the key material and the hash function h, which is passed to the node N.

Preferably, the root key material is generated by the device management system, for example, through the SIM card, in the form of a two-dimensional polynomialKM(x,y)=j=0i=0αai,jxiyj.Can be used and other forms of polynomial key material, such as a multivariate polynomial or a set of multivariate polynomials, for example, to enable work to systems with a higher number of users in accordance with the multi-dimensional nature of the polynomials. The key material of the polynomial can also be masked by other cryptographic functions to protect the root key material, such as polynomial perturbations, known in the existing art.

The key material KM(N)the node is then generated by evaluating KM(x, y) at x=N. Thus, the key material KM(N)the node N is:KM(N,y)=j=0αajyj =(((aαy+aα-1)y+aα 2)y+...)y+a0that is Monomeric polynomial of degree alpha.

Stage configuration can take place during phase prior to deployment of the network, so that when the only network is deployed, the site provides its share of key material.

During this phase, the configuration of the device management system also provides the node hash function, and may additionally provide other elements, such as:

- cryptoidentity,

the main secret for mutual authentication with the device management system

- some information concerning the rights of node managing access to other network nodes.

The second stage, shown in Fig.2, AUTH, corresponds to the external authentication of the user submitting the request for network access.

The user U sends a request Rqst device management system to request access to the node N. This request contains the ID of the node N, and in some embodiments, the implementation also contains other attributes of access, such as temporal information in respect of the requested validity period and a limited set of actions permitted to the external user. As an example, the user may submit a request for permission to read some information from brunnow node N in 15 minutes.

After receiving this request Rqst device management system first generates a certificate C access depending on part or all of the attributes of the request. The certificate can encode, for example, the access granted to a user for a limited period of time, C={user U is allowed access to the node N for 15 minutes}.

In addition, if the request Rqst not contain any other attribute, in addition to the node ID, the device management system corresponding to one of the embodiments, can be any way to restrict the access certificate specified period of time or a limited set of actions, based on, for example, on a predetermined policy access control.

Based on the certificate, the device management system generates the ID of the access, which is the hash of the certificate, like the following: ID=hash (C)=hash ({user U is allowed access to the node N for 15 minutes}).

The device management system then in step a) generates the key material KM(U)external user by evaluating the root key material KM(x, y) if x=ID, and thus, KM(ID, y), which is a one-dimensional polynomial of degree alpha.

For external user who should be allowed access to the node N, the device upravleniyami must pass all cryptographic elements, namely, the certificate C, ID and share key material for the external user.

However, since KM(ID, y) is a polynomial of degree alpha coefficients α+1 must be passed to the user U, showing, thus, large communication requirements. Accordingly, the present invention is such that before sending the user to share key material user device management system b) pre-computes its to lower the degree of the polynomial and, thus, the number of coefficients that must be transmitted.

This preliminary calculation is performed by evaluating KM(ID, y) when y=N several times. For example, the evaluation of α-1 times should result in the key material accessMILES'(ID, y)=(((aαy+aα-1)y+aα-2)y+...)y=Dy+a0=(((aαD+aα-1)mi> D+aα-2)D+...)aDy+a0

Thus, KM'(ID, y)=aDy+a0,that means that user U has to be submitted only two factor.

In a preferred embodiment, the pre-computation is α times, which means that the key material for the access given to the user U, is the key associated with the certificate.

When is a preliminary calculation of key material to access the device management system transmits to the user U, the following elements: C, ID, and MILES'(ID, y).

MILES'(ID, y) is the only formal record, to distinguish pre-computed polynomial from the key material KM(ID, y) of the user. Of course, a full calculation of KM'(ID, y) to obtain the key gives the same result as a full calculation of KM(ID, y).

This transmission may be performed using, for example, a short message service (SMS) provided in the data network. Here, assuming that must be passed two factor polynomial, the composition of the short message may be as follows:/p>

Size
(bytes)
Field nameTable of contents
2The headerThe Protocol identifier
32IDThe identifier of the access
64KM(ID, y)Polynomial coefficients
62CThe attributes encoded in the certificate

This message may thus have a length of 160 bytes, which allows to encode it within a single short message, because the short message service (SMS) can encode messages up to 160 characters. Thus, limiting the number of polynomial coefficients that must be passed, helps to reduce communication requirements.

Transfer certificate may be executed through any other wireless or wired environment for any type of access, such as access to a personal computer, electronic device, or providing access to the tool.

Then, when the user is running wants to access the node N, it generates the key by evaluating access identity KM(ID, y) if y=n Then he transmits to node N key KM(ID, N) and ID. Node N has already received his share of key material KM(N, y) of the node, evaluates it when y=ID, to get the key KM(N, ID).

The polynomials forming the share key material generated by the device management system, the present invention is symmetrical, which means that they are such that KM(x, y)=KM(y, x).

Accordingly, the node N compares key KM(ID, N) sent by the user U, with calculated key KM(N, ID) and, if the keys are equal, it authenticates the user U, because this confirms that the cryptographic elements of KM(ID, N) and ID really were provided to the user U by the device management system SMD. In another embodiment of the invention the key KM(ID, N) can be used to run the authentication Protocol, which allows both parties to prove possession of the shared secret KM(ID, N).

When authentication is performed, the user U can then during the authentication phase, a VALID transfer certificate C to node N. the Node then checks the authenticity of this certificate, by computing a hash of the certificate, h(C) and comparing the result with the received ID access. In some embodiments, the implementation of the certificate C can be transferred to odnovremenno as the key material KM(ID, D) access and ID.

In the description of the authentication process, it seems that another advantage of pre-calculating the share key material user is that it reduces the requirements for the calculation of user U to generate a key. In fact, the user only has to evaluate the key material to access a limited number of times. Namely, if the device management system during the preliminary calculation evaluates the key material α-x times to generate key material for access, the user U to get the key, should assess the key material for access only x times. If x=α, the user U does not need to evaluate the key material for access.

In addition, this preliminary calculation allows to increase the security of the system because the user U is less information about the original root key material and the amount of information disclosed in the capture of user U, decreases with increasing x.

Assume that the device management system has a root key material containing a single symmetric bivariate polynomial f(x, y). Thus, only the share key material length α+1, f(ID, y) is required to re-calculate the original root key material, the use of the UYa following system of linear equations:

f(x,y)=i,j=0λaijxiyjwhere[a00a01...a0j...a0λa10a11...a1j...a1λ... ...............ai0ai1...aij...aiλ..................aλ0aλ1/mtext> ...aλj...aλλ]

The matrix shown in Fig.4 represents a two-dimensional polynomial coefficients of the polynomial. The attacker is trying to hack the system, collecting the share key material access, should consider the following issues:

• Hacking coefficients matrix of lower order[a00a01a0j,..., a]requires a combination of the coefficients of the lower order α+1 pre-computed polynomialsf'(ID, y).This allows to solve the system of linear equations. These factors are covered in the matrix of both ellipses.

• Hacking the rest of the coefficients matrix requires finding a total of (α2-α-2)/2 different factors, namely factors within the triangle. Due to the fact that the symmetric polynomial, the coefficients of the upper diagonal of the matrix are equal to the corresponding coefficients of the lower diagonal matrix, that is, aij=aji. The ratioaDhigher order in short the s polynomials f'(ID, y)depends on all these factors, therefore, to break into the system, you need a total of (α2-α-2)/2 short polynomials.

Therefore, alpha security system supports a secret agreement between (α2-α-2)/2 shares of key material access. This means a significant increase in the security level.

In addition, the use of the share key material with the smallest degree of complexity, as in the present invention, makes it easier network deployment, for example, a personal network. For example, we can imagine a user carrying the device management system SMD with the root key material parameter α=100. We believe that the personal network of the user contains 50 devices each of which receives from SMD common set of cryptographic information, that is, the certificate C, the ID and the corresponding key material user. The device management system can issue the key material for access to grant special privileges to external users. As 50 groups or user key material nodes have already been assigned, the system can still place (502-50-2)/2=1224 groups of key material access without compromising system security. Group key material is relevant to the duty to regulate, for example, the group of polynomial coefficients corresponding to the key material. Accordingly, the group key material users or nodes will be longer than the group key material for access.

The present invention therefore describes the approach, allowing access through distributed certificates access control based on polynomial key material that combines the functionality of a certificate of public-key cryptography with low resource requirements cryptography with symmetric ciphers.

As mentioned earlier, the method corresponding to the invention can find application in very different application areas, including:

- comprehensive health care for medical control, in which a patient establishes its own secure network for the body, for example, giving the group a safe key alpha material trusted clinicians/specialists on a healthy lifestyle/the home physician;

- personalization lighting, in which a user configures their lighting system through the configuration marked so that only authorized persons can change the light settings;

applications in communication, when the user uses his mobile phone as ustroystvo.ranee system, to configure a user's device using a secure key alpha material, so that mobile phone can authenticate and grant access to resources based on individual communication between the devices and the user can grant other people, such as a friend, a group of key material for access-related certificate access, via a secure communication line, for example, in the form of SMS.

Within these areas of application of the method corresponding to the present invention allows multiple usages, such as:

- secure entry of a personal computer system: user And configures your PC with a secure key altamore automatically log into the system by marking characteristic;

- securing the network configuration of the sensor body (BSN): the patient bears BSN, which is managed by the device management system SMD. SMD stores on the smart card some seed to generate a secure root key alpha material. The smart card also contains additional information about the patient, such as access control policy or ID. The patient can use your SMD to control devices or objects in the network, such as the crystals wireless sensors implants, or to allow the medical personnel to have access to the system. The user can enter the device or object in its network, providing him with a set of key material node and certificate C. After configuration of any pair of objects can authenticate each other as members of the patient. For example, the patient can add two different clinicians a and B in different places and at different times. Later, if necessary, both the Clinician can authenticate each other as members of the network user using a set of key material and certificates;

applications due: microplates: Each of the payment terminal is configured by the operator of the payment service by using the share key material node (for example, mobile network operator). The user who wants to produce microplates, using their mobile phone, receives the key material for access via a secure channel (e.g. SMS), partially pre-estimated for the POS terminal that the user is going to use.

The method corresponding to the invention can also be applied in the case when the polynomials corresponding to various key materials are asymmetric polynomials, for which f(x, y)≠f(y, x). The use of asymmetric polynomials has additional advantages which gives the identification and pre-authentication object as element of one of two groups: devices, receiving the key material, estimated for the variable x or y, respectively; and limiting the exchange of a security key pair objects, each of which is a member of different groups. This may be preferable in some scenarios, for example, the user (s) and payment terminal (s), user (s) and the infrastructure provider.

In a specific embodiment of the invention multivariate polynomials are used to allow the functionality of the delegation. In this case, the root key material contains multidimensional key material, such as a multivariate polynomial, and is processed by the device management system SMD. The first and second devices or nodes receive the respective shares of key material, extracted from the root of the multidimensional key material received from the SMD. Share key material allocated to the first device, may be used by the first device to gain access to the second device. The first device can optionally generate a share of the delegation of key material from its share of key material, coding actions that are delegated to a third device. The third device can use this part of the delegation of key material to prove their rights of access to the second device. Taco is the approach of delegation can be implemented by using a three-polynomial as the root key material. The first and second devices can receive the share of two-dimensional polynomials generated from three-dimensional polynomial, evaluating the first variable three-dimensional polynomial at a point that depends on the identity of the corresponding device. These credentials can be generated from the certificate using a hash function. The first and second devices can agree on a common key using its share of the two-dimensional polynomial. The first device may generate an additional share of delegation is the key material for the third device, estimating its share of the two-dimensional polynomial of the second variable y in the identifier depending on the rights delegated, assigned to the third device. The third device may without intervention SMD to use his key material delegation received from the first device to communicate with the second device.

One other variant of the method corresponding to the invention, refers to the use of polynomial key material correlationally ways that protect the root key material from breaking. Such decorrelation methods can be used to achieve full security in use is based on polynomials of certificates based on polynomials of security certificates and approaches deleger the cation. Decorrelation mechanism can be created, adding to share key material node, used for authentication, based on polynomials certificate, key correlational material, for example, correlational polynomial, so that the node was not aware of any key material node or correlational polynomial. In the case of decorrelation polynomials these polynomials are chosen in such a way that:

(i) they mask the share of polynomial provided to the nodes, so that the attacker could not get information from them; and

(ii) they do not interact in the process of generating keys required for authentication of the certificate. Consequently, the use decorrelating means you can deploy based on the polynomial certificates that are completely safe.

In the present description and claims only the number of elements does not exclude the presence of many such elements. Additionally, the word "comprising" does not exclude the presence of other elements or elements other than those listed. Bracketing reference characters in the claims is intended to assist the understanding and is not intended to serve as limitations.

After reading the present description skilled in this technical field will clear the other change is. These changes may include other features, already known in the art of radio communications and power control transmitters that can be used instead of or in addition to the characteristics described here.

1. Way of the network (1), containing the nodes (D1, N) and a device (3, SMD) system management, and device management system contains the root key material, which is a set of functions, each of which has a degree of complexity α, and the site provided a share key material node, having a degree of complexity α, extracted from the root of the key material, the method contains the following steps that are performed after receiving the device management system request (Rqst) from an external user (U) to the access node (D1, N), are:
a) through the device management system generate share key material for the external user with the degree of complexity α from the root of the key material and generate the identifier of the access
b) through the device management system generate key material for the access to the degree of complexity less than α, the share of key material for the external user and generate a node ID,
c) through the device management system provide external user share key material for access and Eden is idicator access
d) external user retrieves the key from the share key material for the access node transmits the key and the identifier of the access
e) using the compute node key of ID access and share key material node, and
f) using the node compares the key passed to an external user, and the key computed by the node to authenticate the external user.

2. The method according to p. 1, in which the identifier is the result of a hash function performed on the certificate based on the request issued by the device management system, and a node supplied hash function,
in this step (C) further comprises providing the external user with the access certificate by the device management system, and step (d) further comprises transmitting an external user certificate of the access node,
and the method further comprises the step:
g) where using the node verifies the authenticity of the certificate by calculating the hash of the certificate, and comparing the result with the received identifier of the access.

3. The method according to p. 2, in which the request is accepted by the device management system, contains at least one attribute of the access, and the access certificate depends on this attribute.

4. The method according to p. 3, in which the attribute access contains, at IU is e, one of the following: a node ID, a parameter that determines the expiration date, the option defines a limited set of actions allowed for the external user.

5. The method according to p. 1, in which the root key material is a two-dimensional polynomial with total degree alpha.

6. The method according to p. 5, in which
stage a) contains the estimation of the share of two-dimensional root key material in the first point corresponding to the identifier of the access, to obtain a one-dimensional polynomial of degree alpha, a corresponding key material user, and
step b) includes
b1) a preliminary calculation, at least partially, one-dimensional polynomial of the second point corresponding to the node identifier to obtain a one-dimensional polynomial of low degree.

7. The method according to p. 6, in which the step b1) contains the calculation of the one-dimensional polynomial of degree alpha for a set of coefficients of the highest degree in the second point.

8. The method according to p. 7, which calculates the coefficients with the highest degree α-1.

9. The method according to p. 1, in which the root key material and certificates to protect access through decorrelation methods.

10. The method according to p. 1, in which the system allows delegation of access rights from the first node that received a portion of the key material from the device management system, a third node, so that the third device can gain access to the second node, who got the key material from the device management system.

11. The device management system that contains the root key material, which is a set of functions having a degree of complexity α, and the device management system contained in a network that also contains the node, and the device management system contains:
means that after receiving a request from an external user to grant access to the node that generates the share key material for the external user with the degree of complexity α from the root of the key material and generates the identifier of the access
- means for generating key material access to the degree of complexity less than α, the share of key material for the external user and generating a node identifier, and
device management system that provides an external user share key material for access and access ID.

12. The device management system according to p. 11, further comprising:
the means of delegation of access rights from the first node in the network external to the user so that the user can access the second node in the network, without requiring communication with the device management system, and
- decorrelation means not to correlate share key material distributed over the nodes in the network, t is to prevent an intruder could not retrieve information from the share key material, distributed across nodes in the network, but the nodes in the network was still able to verify the authenticity of certificates and delegation associated with shares of key material distributed from the device management system.

13. The network containing the device management system according to p. 11, the node and operating according to the method corresponding to p. 1.

14. Machine-readable media containing commands that when executed by a computer, instruct him to carry out the method according to p. 1.



 

Same patents:

FIELD: physics, communication.

SUBSTANCE: invention relates to the field of communication. UE in accordance with this invention includes a module 12 of RACH operation, made as capable of making attempts to detect a PD response to a PD preamble only on a descending carrier entering multiple descending carriers, corresponding to the ascending carrier, when the mobile station uses combination of carriers and has sent the PD preamble on the ascending carrier.

EFFECT: technical result consists in limitation of quantity of descending carriers, on which the mobile station of UE detects a PDCCH channel.

8 cl, 11 dwg

FIELD: physics, communication.

SUBSTANCE: invention relates to the method of configuration of sounding reference signal alarm. The method includes: a base station, which communicates to a node of subscriber equipment to aperiodically send a sounding reference signal and sends information on the configuration of the aperiodically transmitted SRS downstream to the node of subscriber equipment. Also a base station is proposed for configuration of SRS alarm, as well as a unit of subscriber equipment for configuration of SRS alarm.

EFFECT: technical result is aimed at the fact that a node of subscriber equipment aperiodicaly sends a sounding reference signal (SRS), which increases coefficient of usage of SRS resources and flexibility of resource scheduling.

38 cl, 7 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to wireless communication. Various aspects described herein facilitate explicit creation and transmission of a bundled assignment of downlink communication resources and uplink resources for ACK transmission, thereby facilitating overhead-efficient ACK allocation for users that can communicate according to a persistent resource assignment without requiring scheduling information from an associated control channel. Additionally, indexing schemes for uplink ACK resources are provided herein to facilitate ACK allocation for systems in which both scheduled and persistent users can communicate at a common transmission time interval (TTI).

EFFECT: low-overhead techniques for acknowledgement (ACK) allocation that support UE that communicate based on persistent resource assignments.

28 cl, 16 dwg

FIELD: radio engineering, communication.

SUBSTANCE: provided are mechanisms to identify a request to establish a packet switched network connection as a request for a LIPA context. Once identified a local gateway associated with user equipment (UE) or with a subscriber-deployed base station is identified, and a packet context is established to support LIPA traffic for the UE. Additional mechanisms support UE mobility from one base station to anther, including identifying and terminating inactive LIPA contexts. Further, UE is described that can recognise and facilitate the establishment of a LIPA context for executing applications in the UE.

EFFECT: establishing network connection with subscriber-deployed base station based on an Internet protocol.

13 cl, 17 dwg

FIELD: transport.

SUBSTANCE: in compliance with one version, device with communication module is used. Communication module allows a contactless control for driver over user portable communication device and transmission of the first instruction to said user portable communication device to deactivate the contactless application mode and to activate confidential mode which allows the driver to control the user communication device by switches arranged at communication device of the users. Besides, communication device, optionally, allows reception of driving quality signal informing on quality of driving in the used of user communication device in confidential mode and to transmit the second signal to user portable communication device to deactivate confidential mode and to resume the contactless application mode in response to driving quality signal.

EFFECT: higher driver safety.

20 cl, 10 dwg

FIELD: radio engineering, communication.

SUBSTANCE: timing in a wireless communication system comprises transmitting a timing frame from a transmitter to a receiver in a wireless communication environment. The timing frame includes a timestamp indicating local time of the transmitter, when a symbol in a predetermined position of the timing frame is placed in the wireless communication environment for transmission. The timing frame is received at a receiver which determines the reception time, which comprises the local time of the receiver, when said symbol of the timing frame was received on the physical layer of the receiver. Timing is performed by determining the difference between said timestamp and said reception time and adjusting the local time of the receiver based on said difference in order to time the receiver with the transmitter.

EFFECT: reduced delay when processing packets.

54 cl, 8 dwg, 1 tbl

FIELD: radio engineering, communication.

SUBSTANCE: invention particularly discloses a method of allocating resources, which comprises steps of: calculating the average length of at least two compressed packets, wherein the compressed packets are obtained by performing header compression over source packets, and allocating resources according to the average length of said at least two compressed packets.

EFFECT: invention reduces wastage of radio interface resources during resource allocation and improves utilisation of radio interface resources.

16 cl, 7 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to communication systems. Present aspects provide discreet and reliable movement of services between a cellular domain and a WLAN domain in order to minimise service interruption for the end user and ensure the required quality of service (QoS) for various applications. Aspects presented herein describe various mechanisms for optimising points of making a decision on when and with what technology is association of each service expected, and provide improved methods of moving a wireless communication device between a cellular domain and a WLAN domain when transmitting traffic and in passive mode.

EFFECT: improved movement of wireless communication devices between one network domain and another network domain, particularly between a wireless local area network (WLAN) domain and a cellular network, etc, and not limited to said networks.

24 cl, 20 dwg

FIELD: radio engineering, communication.

SUBSTANCE: present aspects provide discreet and reliable movement of services between a cellular domain and a WLAN domain in order to minimise service interruption for the end user and ensure the required quality of service (QoS) for various applications. Aspects presented herein describe various mechanisms for optimising points of making a decision on when and with what technology is association of each service expected, and provide improved methods of moving a wireless communication device between a cellular domain and a WLAN domain when transmitting traffic and in passive mode.

EFFECT: improving movement of wireless communication devices between one network domain and another network domain, particularly between a wireless local area network and a cellular network, but not limited to said networks.

15 cl, 20 dwg

FIELD: physics, communications.

SUBSTANCE: invention relates to the field of radio communication. The communication device comprises the device for operation as a representing device for representing the communication parameter on another communication device, device for operation as the receiving device for receiving of the communication parameter represented from another communication device, determination device for determination of executable role on the basis of the pre-configured processing for determination, whether the communication device operates as the representing device or receiving device, by means of communication with another communication device, and the device for reexecution of pre-configured processing in case the communication for shared use of the communication parameter with another communication device does not start after the determination unit determines, that the communication device operates as either representing device, or receiving device.

EFFECT: provision of starting the processing, at least, by two devices, if the communication partner can function both as registrator and subscriber.

14 cl, 10 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to methods of providing secure communication in a network. The method comprises: an administration device provided with root keying materials, and steps of: generating, by the administration device based on the root keying materials, parts of keying material of a first node containing a certain number of sub-elements, and parts of keying material of the first node, assembled for generating a first terminated key, the administration device selects a subset of sub-elements of the first parts of the keying material, wherein the number of selected sub-elements is less than or equal to the total number of sub-elements of the first parts of the keying material, and the selected sub-elements form partial parts of the keying material of the first node or a symmetrical key generation mechanism, the first node generates, based on the symmetrical key generation mechanism of the first node and on a second node identifier, a first key used to provide secure communication with a second node.

EFFECT: more secure data transmission in a network.

6 cl, 7 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering and specifically to means of secure communication in a network. The method relates to secure transmission of information from a first node (N1) to a second node (N2) in a network, the first node comprising a first node keying material (KM(ID1)), the second node comprising a second node keying material (KM(ID2)), wherein the keying materials of the first node and of the second node comprise each a plurality of shared keying root parts formed by segments of the shared keying root parts. A communication network, having at least two communication devices, carries out said method.

EFFECT: safer communication by dividing keys into segments for predistributed keying material according to a variable distribution.

13 cl, 5 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering. A method of controlling access to a set of channels using a receiver/decoder comprising a security module (SC), each channel being encrypted by a specific channel control word (CW1, CW2), each channel having a channel identifier and transmitting access control messages ECM containing at least the current channel control word and the channel access conditions. The method comprises the following steps: tuning to a first channel having a first channel identifier (ID1); transmitting the ID1 to the SC; receiving first access control messages ECM1 containing a first control word (CW1); transmitting the first access control messages ECM1 to the SC; decrypting the first access control messages ECM1 and verifying the channel access conditions; if the access conditions are met; transmitting the CW1 to the receiver/decoder; storing of the CW1 and the ID1 in the SC; tuning to a second channel having a second channel identifier ID2; transmitting the ID2 to the SC; calculating, by the SC, the second control word (CW2) by performing the following steps: calculating a root control word (RK) with an inverse cryptographic function F-1 using the CW1 and the ID1; calculating the CW2 with the cryptographic function F using the RK and the ID2; transmitting the CW2 to the receiver/decoder.

EFFECT: reducing channel switching time when a user selects another channel.

9 cl, 3 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to distribution of a cryptographic secret key between a transmitting side and a receiving side. An apparatus for secure reception and transmission of data comprises a key generation controller and a unit for providing the number of iterations.

EFFECT: facilitating automatic control of security and latency for generating a cryptographic secret key by setting a number of iterations, based on which the number of messages to be exchanged while generating the cryptographic secret key is controlled.

11 cl, 17 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to a wireless communication device. The device includes: a plurality of communication modules for transmission, which are adapted to modulate and transmit a transmission object signal; the communication modules for transmission include at least one communication module for transmission in which a modulation method is employed, which is different from the modulation method employed in another communication module(s) for transmission.

EFFECT: transmitting a signal appropriately even with low carrier frequency stability.

20 cl, 78 dwg

FIELD: radio engineering, communication.

SUBSTANCE: network component having a processor connected to memory and configured to exchange security information using a plurality of attributes in a management entity (ME) in an optical network unit (ONU) via an ONU management control interface (OMCI) channel, wherein the ME supports a plurality of security functions that protect upstream transmissions between the ONU and an optical line terminal (OLT). Also included is an apparatus having an ONU configured to connect to an OLT and having an OMCI ME, wherein the OMCI ME has a plurality of attributes that support a plurality of security features for upstream transmissions between the ONU and the OLT, and wherein the attributes are transmitted via an OMCI channel between the ONU and the OLT and provide the security features for the ONU and the OLT.

EFFECT: high security of data transmission in PON systems.

20 cl, 5 dwg, 6 tbl

FIELD: radio engineering, communication.

SUBSTANCE: quantum cryptographic system not only enables to detect any attempts at intruding into a communication channel, but also guarantees unconditional secrecy of transmitted cryptographic keys under the condition that an error at a receiving station in primary keys does not exceed a certain critical value. The method involves generating polarisation states at a receiving/transmitting station for a series of classic synchronising laser pulses using a polarisation controller in one arm of an interferometer and a polarisation controller at the output of the interferometer, which facilitate interference balancing of the interferometer; after reflection from a mirror in a transformation station, a series of single-photon states is detected at the transmitting/receiving station and the obtained photocount statistics are used to calculate the permissible error, which is then compared with a certain error threshold to obtain a cryptographic key known only at the transmitting/receiving and transformation stations.

EFFECT: wider range of possible distortions of polarisation of laser and single-photon pulses when transmitting keys between transmitting/receiving and transformation stations, in which is guaranteed the secrecy of cryptographic keys and the lifting of the condition of using a special Faraday mirror.

2 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to authentication methods and specifically to methods and an apparatus for authentication of subscribers in IP telephony networks. The technical result is achieved due to that the disclosed method for authentication through a user device when attempting to access an IP telephony network comprises steps of: obtaining one or more private keys of said user from secure memory associated with said user device; generating an integrity key and a ciphering key; encrypting said integrity key and said ciphering key using a session key; encrypting said session key with a public key of said IP telephony network; and providing said encrypted session key, encrypted integrity key and encrypted ciphering key to said IP telephony network for authentication using a public key infrastructure (PKI) coupled with an authentication and key agreement (AKA) mechanism.

EFFECT: more secure communication.

7 cl, 4 dwg

FIELD: information technology.

SUBSTANCE: entity having namespace ownership rights may create a document in an authorised namespace and sign the document with a private key. Other entities may validate that the document was created by an authorised namespace owner by using a public key available in security data associated with a parent document of the document. For a root document, the public key may be available from a directory service. A namespace owner may change the namespace owner(s) that are allowed to create children of a document.

EFFECT: protecting documents from unauthorised access.

20 cl, 9 dwg

FIELD: radio engineering, communication.

SUBSTANCE: there are two peers with knowledge of a common Diffie-Hellman permanent key, Kperm, and the identity and public key of the other peer. A first peer chooses a first ephemeral private key x and calculates the first corresponding ephemeral public key gx, which is sent to the second peer. The second peer calculates a second ephemeral public key gy in the same manner, and an ephemeral shared key Keph, hashes gy, Keph, Kperm, and its identity, and sends gy and the hash to the first peer. The first peer calculates Keph, verifies the hash, and hashes gx, Keph, Kperm, and its identity, and sends it to the second peer that verifies this hash. Thereafter, both peers obtain a session key by hashing Keph. The apparatus may then use the session key to establish a secure authenticated channel (SAC).

EFFECT: high cryptographic robustness of a secure authenticated channel.

5 cl, 1 dwg

FIELD: communication systems.

SUBSTANCE: system has receiver, transmitter, processing element, connected to receiver and transmitter and controlling receiver and transmitter, digital rights module, connected to processing elements and controlling operation of communication device in digital rights environment on domain basis, while digital rights module of communication device together with dispenser of domains of digital rights environment on domain basis is made with possible selective addition of communication device to domain, owning one or several communication devices, which together use a cryptographic key.

EFFECT: possible selective retrieval and decoding of digital content on basis of membership in a domain.

10 cl, 11 dwg

Up!