| 摘要 |
The present invention relates to an authentication system, a small base station, and an authentication method which allow a server side to authenticate whether an installation position of a small base station is valid or not. In a packet to be sent as an authentication request from the femto base station 1, in-IC card information of an IC card inserted into the femto base station 1 is contained. A network terminating device 2 converts a local IP address described in a header of the packet to a global IP address, and sends it to a femto concentrator 4. The femto concentrator 4 generates authentication information by associating the in-IC card information with the global IP address, and sends it to an authentication server 5. The authentication server 5 determines that the installation position of the femto base station 1 is valid if the in-IC card information and global IP address included in the authentication information have been associated with each other and registered in an authentication table. The present invention can be applied to a base station for a femtocell. |
| 主权项 |
1. An authentication system including a small base station which performs communication with a mobile device and whose coverage area is an area smaller than a coverage area of a macro base station that constitutes a public network, a network terminating device which is connected to the small base station through an in-house network and connected to a wide area network, and an authentication server,
wherein the small base station comprises: circuitry that sends a first authentication request to the network terminating device, the first authentication request including identification information of itself and a local IP address assigned within the in-house network, wherein the network terminating device comprises: circuitry that converts the local IP address included in the first authentication request to a fixed global IP address previously assigned to itself and sending a second authentication request to the authentication server through the wide area network, the second authentication request including the fixed global IP address and the identification information sent from the small base station, and wherein the authentication server comprises: storage means for storing identification information of each small base station and a fixed global IP address previously assigned to a network terminating device to which each respective small base station is connected, such that the identification information and the fixed global IP address are associated with each other; and authentication means for performing authentication of the small base station which has sent the first authentication request wherein the small base station is determined to be valid if the identification information and the fixed global IP address which are included in the second authentication request have been associated with each other and stored in the storage means, and determined to be not valid if the identification information and the fixed global IP address have not been associated with each other and stored, wherein the storage means pre-stores both the fixed global IP address of the network terminating device and the identification information of the small base station in association with each other when the small base station and the network terminating device are provided to a user, and wherein the authentication means looks up an authentication table in the storage means, compares the fixed global IP address of the network terminating device and the identification information of the small base station received in the second authentication request with a list of global IP addresses stored in the authentication table, and determines that the small base station is valid if the list of global IP addresses in the authentication table has an entry in which the fixed global IP address of the network terminating device received in the second authentication request is associated with the identification information of the small base station received in the second authentication request. |
