Apparatuses and a method for protecting a bootstrap message in a network

摘要

The embodiments of the present invention relate to apparatuses in the form of a first network unit and a device, and also relates to a method for enabling protection of a bootstrap message in a device management network system. The method comprises: receiving at the first network unit, a request to bootstrap the device; transmit a request for a bootstrap key, to a second network unit; receiving a message comprising the bootstrap key and further comprises trigger information and transmitting the trigger information to the device to trigger generation of the bootstrap key internally in the device. Thereafter a protected bootstrap message can be transmitted to the device from the first network unit, and when the device verifies and/or decrypts the bootstrap message, device management (DM) sessions can start between the device and the first network unit.

主权项

1. A first network unit of a device management (DM) network system for enabling protection of a bootstrap message, the first network unit comprising:
a receiver configured to receive a first message comprising a request to bootstrap a device, said first message comprising information identifying said device and information identifying a subscriber; and a transmitter configured to send to a second network unit a second message comprising the information identifying said subscriber, said second message requesting the second network unit to provide the first network unit with a bootstrap key that is to be used for protecting the bootstrap message and that is based on the information identifying the subscriber, wherein the bootstrap message includes credentials for authentication with the DM network system as well as parameters that provision the device with the ability to initiate Internet Protocol (IP) connections and thereby the ability to initiate a management session with the DM network system over an IP connection, wherein said management session configures the device with settings that the device requires in order for the device to support one or more services; wherein said receiver is further configured to receive from the second network unit a third message comprising the requested bootstrap key and trigger information; and wherein said transmitter is further configured to transmit the trigger information to the device to trigger generation of the bootstrap key in the device.