US 12,348,610 B2
User security improvement in satellite-ground integrated network system
Nan Hao, Hangzhou (CN); Xingming Zhang, Hangzhou (CN); Xiangming Zhu, Hangzhou (CN); Zhenting Li, Hangzhou (CN); and Mengmeng Liu, Hangzhou (CN)
Assigned to ZHEJIANG LAB, Hangzhou (CN)
Appl. No. 18/556,168
Filed by ZHEJIANG LAB, Hangzhou (CN)
PCT Filed May 30, 2023, PCT No. PCT/CN2023/097072
§ 371(c)(1), (2) Date Oct. 19, 2023,
PCT Pub. No. WO2024/098730, PCT Pub. Date May 16, 2024.
Claims priority of application No. 202211402187.9 (CN), filed on Nov. 10, 2022.
Prior Publication US 2025/0080321 A1, Mar. 6, 2025
Int. Cl. H04L 9/06 (2006.01); H04L 9/32 (2006.01)
CPC H04L 9/0618 (2013.01) [H04L 9/3247 (2013.01); H04L 9/3263 (2013.01)] 12 Claims
OG exemplary drawing
 
1. A method of improving user security of a satellite-ground integrated network system, comprising:
bonding, by a user and a satellite-ground integrated core network, own characteristic information to a certificate authority (CA) respectively, to obtain digital certificates, wherein the characteristic information comprises one or more spatio-temporal characteristics and one or more service characteristics of the user;
initiating, by the user through a terminal of a satellite-ground integrated network system, a service request to the satellite-ground integrated core network;
determining, by the satellite-ground integrated core network, whether to trigger a legitimacy verification for the user after receiving the service request;
in a case of determining not to trigger the legitimacy verification for the user, directly releasing, by the satellite-ground integrated core network, a service flow of the user; and
in a case of determining to trigger the legitimacy verification for the user,
calculating, by the satellite-ground integrated core network, spatio-temporal information ciphertext in the received service request through a digest algorithm to obtain a first spatio-temporal information ciphertext digest;
decrypting, by the satellite-ground integrated core network, a digital signature in the received service request using a public key of the user to obtain a second spatio-temporal information ciphertext digest;
comparing, by the satellite-ground integrated core network, the first spatio-temporal information ciphertext digest with the second spatio-temporal information ciphertext digest;
in response to determining that the first spatio-temporal information ciphertext digest is consistent with the second spatio-temporal information ciphertext digest, determining, by the satellite-ground integrated core network, the user being legal, and
decrypting the spatio-temporal information ciphertext using a private key of the satellite-ground integrated core network to obtain spatio-temporal information characteristics;
verifying the obtained spatio-temporal information characteristics;
in response to determining that the verification is passed, opening a service pipeline for the user; and
in response to determining that the verification fails, closing the service pipeline for the user; and
in response to determining that the first spatio-temporal information ciphertext digest is not consistent with the second spatio-temporal information ciphertext digest, determining, by the satellite-ground integrated core network, the user being illegal, and intercepting the user and a service.