| 发明名称 | Managing user access in a communications network | ||
| 摘要 | A method of operating a node for performing handover between access networks wherein a user has authenticated for network access in a first access network. The method comprises receiving from a home network a first session key and a temporary identifier allocated to the user for the duration of a communication session. The identifier is mapped to the first session key, and the mapped identifier and key are stored at the node. A second session key is derived from the first session key and the second session key is sent to an access network, and the identifier sent to a user terminal. When the user subsequently moves to a second access network, the node receives the identifier from the user terminal. The node then retrieves the first session key mapped to the received identifier, derives a third session key and sends the third session key to the second access network. | ||
| 申请公布号 | US9553875(B2) | 申请公布日期 | 2017.01.24 |
| 申请号 | US201414508373 | 申请日期 | 2014.10.07 |
| 申请人 | TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) | 发明人 | Naslund Mats;Arkko Jari |
| 分类号 | H04L29/06;H04W12/04;H04W12/06;H04W80/04 | 主分类号 | H04L29/06 |
| 代理机构 | Rothwell, Figg, Ernst & Manbeck, P.C. | 代理人 | Rothwell, Figg, Ernst & Manbeck, P.C. |
| 主权项 | 1. A method performed by an authentication apparatus (AA), the method comprising: the AA receiving from a server in a user terminal's home network a first session key and a temporary identifier allocated to the user terminal for the duration of a communication session; the AA storing the temporary identifier received from the server in the user terminal's home network and the first session key received from the server in the user terminal's home network such that the temporary identifier received from the server in the user terminal's home network is mapped to the first session key received from the server in the user terminal's home network; the AA sending the temporary identifier to the user terminal; the AA sending to a first access network the first session key or a first derived key derived from the first session key; the AA receiving from a second access network a message including the temporary identifier; in response to receiving the message, the AA using the received temporary identifier to retrieve the first session key; and after retrieving the first session key in response to the message, the AA sending to the second access network the first session key or a second derived key derived from the first session key. | ||
| 地址 | Stockholm SE | ||