METHOD, SYSTEM AND APPARATUS FOR PROTECTING ABSF ENTITY FROM ATTACK

摘要

A method, system and apparatus for protecting a bootstrapping service function (BSF) entity from attack includes: a first temporary identity and a second temporary identity are generated after a BSF entity performs a mutual authentication with a user equipment (UE) by using an initial temporary identity sent from the UE; the BSF entity receives a re-authentication request carrying the first temporary identity from the UE; and the UE sends a service request carrying the second temporary identity to a network application function (NAF) entity. The present disclosure prevents attackers from intercepting the temporary identity at the Ua interface and using the temporary identity to originate a re-authentication request at the Ub interface, thus protecting the BSF entity from attack and avoiding unnecessary load on the BSF entity and saving resources.

主权项

1. A method for protecting a bootstrapping service function (BSF) entity from attack, comprising:
performing, by a BSF entity, a mutual authentication with a user equipment (UE) by using an initial temporary identity sent from the UE; generating, by the BSF entity, a first temporary identity and a second temporary identity after the BSF entity performs the mutual authentication with the UE, wherein the first temporary identity is different from the second temporary identity, and wherein the first and second temporary identities are different than the initial temporary identity; sending, by the BSF entity, the first temporary identity and the second temporary identity to the UE; and receiving, by the BSF entity, a re-authentication request carrying the first temporary identity from the UE, wherein the UE sends a service request carrying the second temporary identity to a network application function (NAF) entity.