Abstract: The present invention relates to a terminal, an information inter-cut system and method. In the method, after the terminal receives an information play request signaling sent by an information server, if the terminal itself is performing video share, the terminal will send a video share pause signaling to the other terminal of video share, and will send a request accept signaling to the information server after receiving the response signaling of the other terminal; the information server transmits to the terminal the information data to be played; the terminal plays the received information, and sends a video share restoration signaling to the other terminal to restore the paused video share after the information play is over. The present invention can receive any form of information issued by an operator, without influencing the user performing video share service.

Abstract: A method for accessing a 3G network includes: a terminal accessing a wireless local area network by adopting a WAPI protocol, and notifying an AAA server of a 3G network through an AP of the wireless local area network that the terminal intends to access the 3G network; the AAA server obtaining identity information of the terminal through the AP, and performing an EAP-TLS negotiation process with the terminal through the AP after determining that the terminal is a subscription terminal of the 3G network according to the identity information; and the terminal accessing the 3G network after finishing the EAP-TLS negotiation process. A system for accessing a 3G network includes an AP of a wireless local area network and an AAA server of a 3G network. The present invention reduces unnecessary processes the message interacting, the certificate verification, the signature verification, and so on and improves the system efficiency.

Abstract: A method and system for updating and using a digital certificate, and the method comprises: a first terminal establishing a secure link with an access point and using the secure link to send a certificate updating request to the access point, where the certificate updating request includes a digital certificate to be updated which is currently used by the first terminal; and the access point sending the digital certificate to be updated to a local Authentication Service Unit which issues the certificate to be updated; and the local Authentication Service Unit which issues the digital certificate to be updated verifying the digital certificate to be updated, and after the digital certificate is verified to be valid, a local Authentication Service Unit corresponding to the access point generating a new digital certificate of the first terminal and sending the new digital certificate to the first terminal through the access point.

Abstract: A security service control method and a WLAN terminal are provided, and the method includes: stopping a WPI service between a WLAN terminal and an AP when the WLAN terminal creates a security service of an IP layer and/or a layer above the IP layer, wherein the WPI service comprises: encrypting a data link layer message to be transmitted, and decrypting a received data link layer message. After the WPI service is stopped, when the WLAN terminal cancels the security service of the IP layer and/or the layer above the IP layer, the WLAN terminal completes processes of removing association, association, user authentication and key negotiation in turn with the WLAN AP, and uses a session key obtained through the key negotiation to recover the WPI service. The calculating resources can be saved by using the present invention.

Abstract: The present invention discloses a security management method and a security management system for a WAPI terminal accessing an IMS network. The method comprises: an authentication service unit (ASU) sending, under the circumstance that an access point and the WAPI terminal pass the verification of the ASU, a security information request message to a home subscriber server (HSS) (S302); the HSS setting security information corresponding to the IMS account information of the WAPI terminal as access layer security after receiving the security information request message from the ASU (S304); a proxy-call session control function (P-CSCF) receiving an IMS login request message from the WAPI terminal, inquiring about the security information of the WAPI terminal through the HSS, and allowing the WAPI terminal to execute an IMS service flow under the circumstance that the security information of the WAPI terminal is the access layer security (S306).

Abstract: An IMS multimedia communication method and system, terminal and IMS core network, wherein the IMS multimedia communication method includes signal negotiation performed between the terminal and the IMS core network, and during the process of signal negotiation, an IPSec-ESP security association for media transmission is established between the terminal and the IMS core network; the media content is transmitted between the terminal and the IMS core network via the IPSec-ESP security association for media transmission. The security of media content transmitted between the terminal and the IMS core network is maintained solving the safety problem of multimedia communication under IMS in related technology, and preventing the media content from being maliciously stolen and tampered by others when transmitted between the terminal and the IMS core network.

Abstract: A method for pre-authenticating a wireless local area network terminal and a wireless local area network system. The pre-authentication method includes after a current access point (AP) which has set up security association with a station (STA) receiving a pre-authentication start packet sent by the STA, the current AP interacting with a destination AP to verify certificates of the current AP and the destination AP for each other. If a certificate of the destination AP is verified to be valid, the current AP sending key information of the security association set up with the STA by the current AP to the destination AP, and the destination AP saving the key information, the key information including a basic key generated by negotiation between the STA and the current AP.

Abstract: The present invention relates to a method and terminal for access control of a network service. The method is implemented by a terminal with capabilities of accessing a wireless local area network and mobile network. The method includes: a route establishing step, in which the terminal obtains a local Internet Protocol (IP) address allocated by a wireless local area network and a remote IP address allocated by a core network packet domain device, establishes Internet service route options corresponding to the local IP address and packet domain service route options corresponding to the remote IP address; a route matching step, in which the terminal matches the service route options according to a destination address of an original service message; and a message encapsulating and transmitting step, in which the terminal encapsulates the original service message according to the matched service route options and transmits the encapsulated service data message.

Abstract: A for accessing a 3G network. includes: a terminal accessing a wireless local area network by adopting a WAPI protocol, and notifying an AAA server of a 3G network through an AP of the wireless local area network that the terminal intends to access the 3G network; the AAA server obtaining identity information of the terminal through the AP, and performing an EAP-TLS negotiation process with the terminal through the AP after determining that the terminal is a subscription terminal of the 3G network according to the identity information; and the terminal accessing the 3G network after finishing the EAP-TLS negotiation process. A system for accessing a 3G network includes an AP of a wireless local area network and an AAA server of a 3G network. The present invention reduces unnecessary processes (the message interacting, the certificate verification, the signature verification, and so on) and improves the system efficiency.

Abstract: A security service control method and a WLAN terminal are provided, and the method includes: stopping a WPI service between a WLAN terminal and an AP when the WLAN terminal creates a security service of an IP layer and/or a layer above the IP layer, wherein the WPI service comprises: encrypting a data link layer message to be transmitted, and decrypting a received data link layer message. After the WPI service is stopped, when the WLAN terminal cancels the security service of the IP layer and/or the layer above the IP layer, the WLAN terminal completes processes of removing association, association, user authentication and key negotiation in turn with the WLAN AP, and uses a session key obtained through the key negotiation to recover the WPI service. The calculating resources can be saved by using the present invention.

Abstract: The present invention discloses a method for establishing a security association among WAPI stations in an ad-hoc network, and the method comprises: when a security association between two stations in the ad-hoc network is to be established, one station STA2 serving as an authenticator entity, another station STA1 serving as an authentication supplicant entity, the station STA2 which serves as the authenticator entity initiating an authentication negotiation to the station STA1 which serves as the authentication supplicant entity, and after completing a unicast key negotiation, the station STA1 and the station STA2 carrying out a multicast key negotiation, and the establishment of the security association being finished after multicast session keys of the station STA1 and the station STA2 are notified successfully in said multicast key negotiation process.

Abstract: A method for pre-authenticating a wireless local area network terminal and a wireless local area network system. The pre-authentication method includes after a current access point (AP) which has set up security association with a station (STA) receiving a pre-authentication start packet sent by the STA, the current AP interacting with a destination AP to verify certificates of the current AP and the destination AP for each other. If a certificate of the destination AP is verified to be valid, the current AP sending key information of the security association set up with the STA by the current AP to the destination AP, and the destination AP saving the key information, the key information including a basic key generated by negotiation between the STA and the current AP.

Abstract: A method and system for updating and using a digital certificate, and the method comprises: a first terminal establishing a secure link with an access point and using the secure link to send a certificate updating request to the access point, where the certificate updating request includes a digital certificate to be updated which is currently used by the first terminal; and the access point sending the digital certificate to be updated to a local Authentication Service Unit which issues the certificate to be updated; and the local Authentication Service Unit which issues the digital certificate to be updated verifying the digital certificate to be updated, and after the digital certificate is verified to be valid, a local Authentication Service Unit corresponding to the access point generating a new digital certificate of the first terminal and sending the new digital certificate to the first terminal through the access point.

Abstract: The present invention discloses a security management method and a security management system for a WAPI terminal accessing an IMS network. The method comprises: an authentication service unit (ASU) sending, under the circumstance that an access point and the WAPI terminal pass the verification of the ASU, a security information request message to a home subscriber server (HSS) (S302); the HSS setting security information corresponding to the IMS account information of the WAPI terminal as access layer security after receiving the security information request message from the ASU (S304); a proxy-call session control function (P-CSCF) receiving an IMS login request message from the WAPI terminal, inquiring about the security information of the WAPI terminal through the HSS, and allowing the WAPI terminal to execute an IMS service flow under the circumstance that the security information of the WAPI terminal is the access layer security (S306).

Abstract: The present invention relates to a terminal, an information inter-cut system and method. In the method, after the terminal receives an information play request signaling sent by an information server, if the terminal itself is performing video share, the terminal will send a video share pause signaling to the other terminal of video share, and will send a request accept signaling to the information server after receiving the response signaling of the other terminal; the information server transmits to the terminal the information data to be played; the terminal plays the received information, and sends a video share restoration signaling to the other terminal to restore the paused video share after the information play is over. The present invention can receive any form of information issued by an operator, without influencing the user performing video share service.