èŠ‚ç‚¹æ–‡çŒ®

åŸºäºŽUSIMå¡çš„B3Gå®‰å…¨æŽ¥å…¥æŠ€æœ¯çš„ç ”ç©¶ä¸Žå®žçŽ°

Research and Implementation of Secure Access Based on USIM in B3G

åˆ†é¡µä¸‹è½½
åˆ†ç« ä¸‹è½½
æ•´æœ¬ä¸‹è½½
åœ¨çº¿é˜…è¯»
ä¸æ”¯æŒè¿…é›·ç‰ä¸‹è½½å·¥å…·ï¼Œè¯·å–æ¶ˆåŠ é€Ÿå·¥å…·åŽä¸‹è½½ã€‚

ã€ä½œè€…ã€‘ é»„çŒ®æ ¼ï¼›

ã€ä½œè€…åŸºæœ¬ä¿¡æ¯ã€‘ å±±ä¸œå¤§å¦ ï¼Œ è®¡ç®—æœºåº”ç”¨æŠ€æœ¯ï¼Œ 2008ï¼Œ ç¡•å£«

ã€æ‘˜è¦ã€‘ å¯¹ç§»åŠ¨é€šä¿¡ç³»ç»Ÿè€Œè¨€,æ— çº¿æŽ¥å…¥åŸŸæ˜¯å…¶åŒºåˆ«äºŽå›ºå®šé€šä¿¡ç½‘ç»œçš„æ ‡å¿—,ç§»åŠ¨ä¿¡é“çš„å¼€æ”¾ç‰¹æ€§å’Œè¡°è½ç‰¹æ€§,å¯¹ç§»åŠ¨æŽ¥å…¥çš„å®‰å…¨æœºåˆ¶æå‡ºäº†æ›´é«˜çš„è¦æ±‚ã€‚ç¬¬äºŒä»£ç§»åŠ¨é€šä¿¡çš„GSMç³»ç»Ÿå¼•å…¥äº†æ™ºèƒ½å¡ä½œä¸ºç”¨æˆ·èº«ä»½è®¤è¯æ¨¡å—,æŠŠSIMå¡åº”ç”¨äºŽç§»åŠ¨é€šä¿¡ç½‘ç»œå®žçŽ°ç½‘ç»œå¯¹ç”¨æˆ·è¿›è¡Œè®¤è¯å¹¶äº§ç”Ÿä¼šè¯å¯†é’¥ã€‚ç¬¬ä¸‰ä»£ç§»åŠ¨é€šä¿¡ç³»ç»Ÿçš„ç”¨æˆ·å®‰å…¨æŽ¥å…¥,ä½¿ç”¨USIMå¡è¿›è¡Œè®¤è¯,è™½ç„¶å®žçŽ°äº†ç”¨æˆ·å’Œç½‘ç»œä¹‹é—´çš„åŒå‘è®¤è¯,å¼¥è¡¥äº†GSMçš„ç”¨æˆ·è®¤è¯ç¼ºé™·,ä½†æ˜¯æ— çº¿ç½‘ç»œå®‰å…¨ä½“ç³»ç¼ºä¹å¯æ‰©å±•æ€§ã€ä¸å¯å¦è®¤æ€§,å¯¹ç§»åŠ¨ç»ˆç«¯çš„å®‰å…¨è€ƒè™‘ä¸å¤Ÿå……åˆ†å’ŒåŸºäºŽå¯¹ç§°ç®—æ³•å®žçŽ°çš„èº«ä»½è®¤è¯æŠ€æœ¯,ä¸èƒ½æ»¡è¶³ä¸‹ä¸€ä»£é€šä¿¡ç³»ç»Ÿâ€”â€”B3G(Beyond 3G)é€šä¿¡ç³»ç»Ÿçš„å®‰å…¨éœ€æ±‚ã€‚ä»¥ç”µåå•†åŠ¡ä¸ºä¸»çš„æ— çº¿åº”ç”¨å’Œå¢žå€¼ä¸šåŠ¡ä¸æ–å‘å±•ã€‚ä»¥ç§»åŠ¨å•†åŠ¡ä¸ºä¾‹,å¯ä»¥å¼€å±•ç§»åŠ¨è‚¡ç¥¨ã€ç§»åŠ¨è¯åˆ¸,ç§»åŠ¨é‡‡è´,ç§»åŠ¨æ”¯ä»˜ç‰å¤šç§ç±»åž‹çš„ç§»åŠ¨äº¤æ˜“,åœ¨é‡‡ç”¨ç»ˆç«¯è¿™ç§â€œéžé¢å¯¹é¢â€ã€â€œéžé¢å‘è¿žæŽ¥â€çš„äº¤æ˜“æ–¹å¼æ—¶,é™¤äº†äº¤æ˜“æœ¬èº«çš„å®‰å…¨ä¹‹å¤–,äº¤æ˜“è€…çš„èº«ä»½çœŸå®žæ€§ä¸Žäº¤æ˜“çš„ä¸å¯æŠµèµ–æ€§æ˜¾å¾—å°¤å…¶é‡è¦ã€‚é«˜çº§çš„ç§»åŠ¨ä¸šåŠ¡éœ€è¦èº«ä»½å®‰å…¨,èº«ä»½å®‰å…¨è¦æ±‚ç§»åŠ¨ç»ˆç«¯å…·å¤‡å¯é çš„èº«ä»½è®¤è¯èƒ½åŠ›ã€‚ç”µä¿¡æ™ºèƒ½å¡çš„å®‰å…¨ä½“ç³»ç»“æž„å’Œè®¤è¯åŠŸèƒ½å¤„äºŽä¸æ–å®Œå–„çš„è¿‡ç¨‹ä¸,æ›´æ–°ä¸€ä»£çš„èº«ä»½è®¤è¯æŠ€æœ¯â€”â€”æŒ‡çº¹è¯†åˆ«æŠ€æœ¯å·²ç»å‘å±•æˆç†Ÿ,å¹¶å¼€å§‹è¢«å¹¿æ³›åº”ç”¨ã€‚æœ¬è®ºæ–‡åœ¨è¿™æ ·çš„èƒŒæ™¯ä¸‹,åˆ†æžäº†ç¬¬ä¸‰ä»£é€šä¿¡ç³»ç»Ÿçš„å®‰å…¨æœºåˆ¶å’ŒUMTSé‰´æƒä¸çš„èº«ä»½è®¤è¯,é’ˆå¯¹è®¤è¯å˜åœ¨çš„é—®é¢˜ã€ç®—æ³•çš„æ¼æ´žã€é‰´æƒæ¨¡å¼çš„è„†å¼±æ€§,ç»“åˆB3Gé€šä¿¡ç³»ç»Ÿçš„å®‰å…¨éœ€æ±‚å’Œå‘å±•è¶‹åŠ¿,æž„å»ºB3Gçš„ç”¨æˆ·è®¤è¯æ¨¡å—â€”â€”USIMå¡,å¹¶åŸºäºŽè¿™ä¸ªå¹³å°ç»“åˆPINç ã€ç”¨æˆ·æŒ‡çº¹ç‰¹å¾å®žçŽ°ç”¨æˆ·å®‰å…¨èº«ä»½è®¤è¯,ä»¥æ»¡è¶³ä¸‹ä¸€ä»£é€šä¿¡ç³»ç»Ÿçš„æŽ¥å…¥å®‰å…¨å’Œè®¤è¯ä½“ç³»ç»“æž„ã€‚USIMå¡çš„æ•°æ®å®‰å…¨å†™æœºåˆ¶,ä¿è¯äº†å¡ç‰‡åœ¨å†™æ•°æ®æ“ä½œä¸æ•°æ®çš„å®Œæ•´æ€§å’Œåˆæ³•æ€§,é¿å…ç”±äºŽæ•°æ®æ›´æ–°æ“ä½œä¸æ–è€Œé€ æˆå¡å†…æ•°æ®ç´Šä¹±ã€‚æœ¬æ–‡èº«ä»½è®¤è¯æ–¹æ¡ˆåŸºäºŽUSIMå¡çš„å®‰å…¨ç‰¹æ€§,åˆ©ç”¨RSAæœºåˆ¶å’ŒSHA-1ç®—æ³•å°†PINç å’ŒæŒ‡çº¹ç´§å¯†èžåˆ,é€‰æ‹©éšæœºæ•°ä»£æ›¿æ—¶é—´æˆ³æŠ€æœ¯æŠµæŠ—é‡æ”¾æ”»å‡»,å¹¶ç”±ç¤ºè¯å’Œè®¤è¯åŒæ–¹å…±åŒç”Ÿæˆéšæœºå› å;ç”¨æˆ·è¯·æ±‚é‡‡ç”¨é¢„è®¡ç®—çš„æ–¹å¼,æœ‰æ•ˆå‡å°‘äº†å®žæ—¶è®¡ç®—é‡ã€‚æ›´ä¸»è¦çš„æ˜¯è¿™ç§èº«ä»½è®¤è¯çš„æœºåˆ¶ä¾èµ–è®¤è¯æµç¨‹ä¸çš„é‡‡ç”¨éžå¯¹ç§°ç®—æ³•çš„å…³é”®çŽ¯èŠ‚,å®žçŽ°äº†å¯¹èº«ä»½è®¤è¯ä¿¡æ¯åœ¨ä¸€å®šç¨‹åº¦ä¸Šçš„ä¸å¯å¦è®¤æ€§ä¿æŠ¤,å¼ºåŒ–äº†B3Gç”¨æˆ·åŸŸå®‰å…¨ã€‚æ›´å¤š è¿˜åŽŸ

ã€Abstractã€‘ For mobile radio communications, the wireless access is the most important icon compared with fixed networks. The openness and fading features appeal for higher security. The second Generation (2G) Mobile system GSM uses smart card as subscriber identity module, which assures that the network authenticates the users and generates session keys. Secure access based on USIM in the third Generation (3G) Mobile radio network completes duplex authentication and covers the authentication weaknesses in GSM system. But their secure architecture is short of extensible, non-repudiation, identity authentication technology based on symmetrical algorithm, which is canâ€™t satisfy the new requirements of next communications. With the development of multi-application, multi-system, wireless network e-commerce and value-added services, the existing security mechanisms canâ€™t meet a high level of security demand in the Beyond 3G (B3G) network.The e-commerce-based wireless application and value-added services develop fast. For example, various services such as mobile stock, mobile securities, mobile procurement, and mobile payments all can be offered by mobile business. During the process of the transactions which make use of a â€™non-face-to-faceâ€™, â€™non-connection-orientedâ€™ skills, the identity of the authenticity and non-repudiation of transactions are particularly important, in addition to the safety of the transaction itself. Advanced mobile business needs the security of identity which make a high requirement for the mobile terminalsâ€™ capability at the aspect of identity authenticity. The security architecture and authentication mechanism of telecommunication smart card developed continuously. A new set of identity authenticity technology, fingerprint recognition, has been developed, and began to be widely used.Therefore, this article analysis the security mechanism and identity authentication technology in 3G network and UMTS authentication model, discuss access security features and mechanism in B3G Network for the security weaknesses, the algorithm shortcomings, the authentication vulnerabilities in 3G. In order to meet the development trend and security needs in B3G communication systems, this article designs and construct a multi-application smart card platform for access security in B3G, puts forward an identity authentication scheme based on the PIN code, fingerprint characteristics, Universal Subscriber Identity Module (USIM) card. This solution will satisfy the access security and identity authentication architecture for the next generation communication systems.Writing data security mechanism of the USIM card ensures the card data integrity and legitimacy, and avoids data disorder caused by interruption of data updating operations. The identity authentication based on PIN code, fingerprint and USIM card makes use of RSA cryptosystem and SHA-1 hash algorithm, and realizes mutual identity authentication among user, USIM card and the network. The scheme avoids masquerade attack, replay attack and the harm caused by illegal theft. The random factor is generated by the mutual parties to guarantee the authentication fairness. Pre-calculation is used in user ends to reduce the real-time calculation and make the scheme satisfy real-time requirement of mobile communication system. What is more important is that the article presents a non-symmetrical algorithm to protect the authentication informationâ€™s non-repudiation and strengthen the userâ€™s domain security. It protects the information in authentication more safely. To a certain extent the expense of the single authentication time gains security enhancement.æ›´å¤š è¿˜åŽŸ

ã€å…³é”®è¯ã€‘ B3Gé€šä¿¡ç³»ç»Ÿï¼› æŽ¥å…¥å®‰å…¨ï¼› USIMå¡ï¼› èº«ä»½è®¤è¯ï¼›
ã€Key wordsã€‘ Beyond 3G Mobile Communication Systemï¼› Access Securityï¼› USIM cardï¼› Identity Authenticationï¼›

ã€ç½‘ç»œå‡ºç‰ˆæŠ•ç¨¿äººã€‘ å±±ä¸œå¤§å¦

ã€åˆ†ç±»å·ã€‘TP393.08
ã€è¢«å¼•é¢‘æ¬¡ã€‘1
ã€ä¸‹è½½é¢‘æ¬¡ã€‘143
æ”»è¯»æœŸæˆæžœ

çŸ¥ç½‘èŠ‚ä¸‹è½½

èŠ‚ç‚¹æ–‡çŒ®ä¸ï¼š

æœ¬æ–‡é“¾æŽ¥çš„æ–‡çŒ®ç½‘ç»œå›¾ç¤º:

æœ¬æ–‡çš„å¼•æ–‡ç½‘ç»œ

èŠ‚ç‚¹æ–‡çŒ®

èŠ‚ç‚¹æ–‡çŒ®

åŸºäºŽUSIMå¡çš„B3Gå®‰å…¨æŽ¥å…¥æŠ€æœ¯çš„ç ”ç©¶ä¸Žå®žçŽ°

Research and Implementation of Secure Access Based on USIM in B3G

æœ¬æ–‡é“¾æŽ¥çš„æ–‡çŒ®ç½‘ç»œå›¾ç¤º:

åŸºäºŽUSIMå¡çš„B3Gå®‰å…¨æŽ¥å…¥æŠ€æœ¯çš„ç ”ç©¶ä¸Žå®žçŽ°