Processing

Please wait...

Settings

Settings

Goto Application

1. WO2020229057 - METHOD FOR MANAGING A PIECE OF SECURITY INFORMATION IN A COMMUNICATION NETWORK, CORRESPONDING DEVICE, EQUIPMENT FOR ACCESSING THE NETWORK AND COMPUTER PROGRAMS

Publication Number WO/2020/229057
Publication Date 19.11.2020
International Application No. PCT/EP2020/059715
International Filing Date 06.04.2020
IPC
H04L 29/06 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02Communication control; Communication processing
06characterised by a protocol
H04W 12/04 2009.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
WWIRELESS COMMUNICATION NETWORKS
12Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity
04Key management
CPC
H04L 63/068
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
06for supporting key management in a packet data network
068using time-dependent keys, e.g. periodically changing keys
H04W 12/04
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
WWIRELESS COMMUNICATION NETWORKS
12Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity ; ; Protecting confidentiality; Key management; Integrity; Mobile application security; Using identity modules; Secure pairing of devices; Context aware security; Lawful interception
04Key management ; , e.g. by generic bootstrapping architecture [GBA]
Applicants
  • ORANGE [FR]/[FR]
Inventors
  • LE GUILLOU, Xavier
  • BRICHETEAU, Dimitri
Priority Data
FR190504615.05.2019FR
Publication Language French (FR)
Filing Language French (FR)
Designated States
Title
(EN) METHOD FOR MANAGING A PIECE OF SECURITY INFORMATION IN A COMMUNICATION NETWORK, CORRESPONDING DEVICE, EQUIPMENT FOR ACCESSING THE NETWORK AND COMPUTER PROGRAMS
(FR) PROCEDE DE GESTION D'UNE INFORMATION DE SECURITE DANS UN RESEAU DE COMMUNICATION, DISPOSITIF, EQUIPEMENT D'ACCES AUDIT RESEAU ET PROGRAMMES D'ORDINATEUR CORRESPONDANTS
Abstract
(EN)
The invention concerns a method for managing a piece of security information, referred to as a first piece of security information, intended to be used in order to establish a secure connection between at least one terminal apparatus (STA) and a piece of access equipment (PA) for accessing a communication network (RC), the first piece of security information being associated with a validity period (DV1), comprising: - Upon expiry of the validity period (DV1), obtaining (P21) a second piece of security information (PSK2) and triggering (P22) a deactivation time delay (DD) of the first piece of security information; < - If one said terminal apparatus is connected to the access equipment, transmitting (P24), to the terminal apparatus, a re-authentication command message (CRA) comprising at least the second piece of security information and a re-authentication time delay, the time delay expiring at the latest at the end of the deactivation time delay of the first piece of security information; and - If a re-authentication request message (RRA) is received (P25) from the terminal apparatus before the expiry of the re-authentication time delay, re-authenticating (P27) the terminal apparatus by means of the second piece of security information without the connection being switched off.
(FR)
L'invention concerne un procédé de gestion d'une information de sécurité, dite première information de sécurité, destinée à être mise en oeuvre pour établir une connexion sécurisée entre au moins un équipement terminal (STA) et un équipement d'accès (PA) à un réseau de communication (RC), ladite première information de sécurité étant associée à une durée de validité (DV1), comprenant : - A l'expiration de la durée de validité (DV1), l'obtention (P21) d'une deuxième information de sécurité (PSK2) et le déclenchement (P22) d'un délai de désactivation (DD) de la première information de sécurité; < - Si undit équipement terminal est connecté à l'équipement d'accès, la transmission (P24) audit équipement terminal d'un message de commande de réauthentification (CRA) comprenant au moins la deuxième information de sécurité et un délai de réauthentification, ledit délai expirant au plus tard à la fin dudit délai de désactivation de la première information de sécurité; et - Si un message de requête de réauthentification (RRA) est reçu (P25) en provenance de l'équipement terminal avant l'expiration du délai de réauthentification, réauthentification (P27) de l'équipement terminal à l'aide de la deuxième information de sécurité sans extinction de la connexion.
Latest bibliographic data on file with the International Bureau