| 发明名称 |
Method and System for Facilitating Participation of an Intermediary Network Device in a Security Gateway Communication Between at least one Base Station and a Core Network Portion in a Cellular Communication Network |
| 摘要 |
A method for facilitating participation of an intermediary network device in a security gateway communication including:
establishing a secure channel between the intermediary network device and a security gateway;transmitting a virtual machine instantiation command generated by software running in the security gateway to the intermediary network device;instantiating a virtual machine on the intermediary network device;when establishing a secure communication session between the at least one base station and the core network portion via the security gateway for the first time, establishing an Internet Key Exchange communication between the virtual machine and the security gateway and transmitting session keys from the security gateway to the virtual machine during the Internet Key Exchange communication;establishing an IPsec tunnel between the virtual machine and the security gateway. |
| 申请公布号 |
US2016337847(A1) |
申请公布日期 |
2016.11.17 |
| 申请号 |
US201615152848 |
申请日期 |
2016.05.12 |
| 申请人 |
ADVA Optical Networking SE |
发明人 |
Sergeev Andrew;Zemlerub Evgeny;Ben-Sa'adon Eyal |
| 分类号 |
H04W12/04;H04W12/06;G06F9/455;H04W76/02;H04L29/06 |
主分类号 |
H04W12/04 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method for facilitating participation of an intermediary network device in a security gateway communication between at least one base station and a core network portion in a cellular communication network, the method comprising the steps of:
(a) establishing a secure channel between the intermediary network device and a security gateway connecting between the at least one base station and the core network portion; (b) transmitting a virtual machine instantiation command generated by software running in the security gateway to the intermediary network device over the secure channel; (c) instantiating a virtual machine on the intermediary network device responsive to the virtual machine instantiation command; (d) when establishing a secure communication session between the at least one base station and the core network portion via the security gateway for the first time, establishing an Internet Key Exchange communication between the virtual machine and the security gateway and transmitting session keys from the security gateway to the virtual machine during the Internet Key Exchange communication; (e) establishing an IPsec tunnel between the virtual machine and the security gateway using the transmitted session keys for facilitating participation of the network interface device in the secure communication session. |
| 地址 |
Meiningen DE |
