个人通信系统中的用户登记认证

个人通信系统(PCS)的智能网络层上每个结点的数据库采用全分布式结构。根据PCS的智能层数据库结构特点以及X.509目录认证架构,提出了一种移动用户登记认证方案。此方案克服了X.509所具有的“静态”特性,使其能够满足PCS用户移动性及终端移动性的要求。在进行用户登记认证的同时,用户与本地的访问网络之间还建立起一个秘密数据。基于这一秘密数据,用户与网络之间可以在呼叫建立阶段进行相互认证。这就避免了现有的移动通信系统(如GSM,IS-41等)呼叫建立阶段的认证受归属网位置登记数据库(HLR)控制的缺陷。因此,用于位置修订和查询的信令负荷大大减小;同时,有关骨干网络(如PSPDN或共路信令网)安全的假定也可以被取消。

User Registration Authentication in Personal Communication System

The database structure at each node of the intelligent network layer of PCS, is distributed. In this paper, the authors propose a user registration authentication scheme based on the properties of the database structure and X. 509 authentication framework. This scheme changes the static characteristic of X. 509 in order to meet the requirements of personal mobility and terminal mobility of PCS. At end of the user registration authentication protocol, a secret data has been established. Based on this secret data, the mutual authentication of the user and the network can be performed in the call setup phase. It overcomes the disadvantage of some existed system (such as GSM and IS -41, etc, ) that the authentication process in call setup phase is controlled by the Home Location Register(HLR). Therefore, the signaling traffic load for lactation updating and interrogation is greatly reduced, and the security assumption about the backbone network for data transferring (such as PSPDN or common channel signaling network) can be canceled.