APPARATUS AND METHOD FOR A SINGLE SIGN-ON AUTHENTICATION THROUGH A NON-TRUSTED ACCESS NETWORK

摘要

The present invention provides a telecommunication apparatus, user equipment and method for Single Sign-On authentication purposes when the access network does not provide data origin authentication. The invention proposes the re-utilisation of the original access authentication carried out with the core network, namely with the home network holding the user's subscription or with the visited network where the user is roaming. Therefore, access credentials obtained during a successful authentication of the user with the core network are linked at the user equipment side with a secure tunnel established towards a service network through the access network. Said access credentials received at an entity of the service network are also linked therein with the secure tunnel, and both linked with an internal IP address to securely identify the user in the service network.