摘要 |
A method for providing security in a mobile data network including a serving node, serving mobile stations and undergoing data communications with a gateway node, the data communications transferring data contained in data packets encapsulated in a tunnel by the serving node and the gateway node, each data packet including a payload and a reference to a protocol context, the protocol context including identifiers for each of the mobile stations using the tunnel, the method includes a mobile network security system. The mobile network security system monitors the creation, updating and destruction of the tunnel and reads the reference to the protocol context of the data packets; and selects a policy based on a tunnel profile that performs an action to the data packets. The action is preferably based on the payload.
|