主权项 |
1. A method of providing access of a mobile terminal to an IP network via a plurality of routers having security gateways, the method including:
establishing a connection between said mobile terminal and an access point associated with a first access network, establishing a security association between said mobile terminal and a first security gateway of a first router in said plurality of routers, associating an IP address to said mobile terminal and providing said mobile terminal having associated said IP address access to said IP network via said first access network and said first router, wherein a first data exchanged between said mobile terminal having associated said IP address and said first router is encapsulated by using said security association, responsive to establishing a connection between said mobile terminal and an access point associated with a second access network, determining that said mobile terminal has attempted to access said IP network via said second access network and at least one second router in the plurality of routers instead of via said access point associated with said first access network and said at least one first router, said at least one second router having a second security gateway different from said first security gateway, making said security association available to said at least one second router in said plurality of routers, and providing said mobile terminal having associated said IP address access to said IP network via said at least one access points associated with said second access network and said at least one second router, wherein a second data exchanged between said mobile terminal having associated said IP address and said at least one second router is encapsulated by using said security association made available to said at least one second router, and wherein: establishing said security association between said mobile terminal and said first security gateway includes assigning a Security Parameter Index to said security association, said Security Parameter Index identifying univocally said first security gateway and said security association; making said security association available to said at least one second router includes making said Security Parameter Index available to said at least one second router to enable said at least one second router to have access to said security association; and encapsulating said second data using said security association includes encrypting said second data using said security association and creating a data packet comprising said Security Parameter Index and said encrypted second data. |