APPARATUS AND METHOD FOR TRANSITIONING FROM A SERVING NETWORK NODE THAT SUPPORTS AN ENHANCED SECURITY CONTEXT TO A LEGACY SERVING NETWORK NODE

摘要

Disclosed is a method for transitioning a remote station from a current serving network node having an enhanced security context to a new serving network node. In the method, the remote station provides at least one legacy key, and generates at least one session key based on a calculation using a root key and using an information element associated with the enhanced security context. The remote station forwards a first message having the information element to the new serving network node. The remote station receives a second message, from the new serving network node, having a response based on either the legacy key or the session key. The remote station determines that the new serving network node does not support the enhanced security context if the response of the second message is based on the legacy key. Accordingly, the remote station protects communications based on the legacy key upon determining that the enhanced security context is not supported.

主权项

1. A method for transitioning a remote station from a current serving network node having a first security context to a new serving network node, comprising:
providing, by the remote station, at least one legacy key associated with a second security context, wherein the first security context includes a security property that is not supported by the second security context; generating, by the remote station, at least one session key, in accordance with the first security context, based on a calculation using a root key and using an information element associated with the first security context; forwarding, by the remote station, a first message to the new serving network node, wherein the first message includes the information element associated with the first security context; receiving, by the remote station in response to the first message, a second message from the new serving network node, wherein the second message has a response based on either the at least one legacy key or the at least one session key; determining, by the remote station, that the new serving network node does not support the first security context if the response of the second message is based on the at least one legacy key; and protecting, by the remote station, communications based on the at least one legacy key upon determining that the new serving network node does not support the first security context.