摘要 |
The present invention relates to a method and an arrangement for authentication and authorization in an access network. In an initial phase of the method according to the invention the user equipment and the security gateway exchange information on available certificate(s). If the user equipment and the security gateway lack matching certificates, the attempted authentication of the security gateway can not take place according to existing protocols and arrangements. According to the invention, if a certificate mismatch is identified, a certificate server is engaged. The certificate server, which is a separate entity from the security gateway, assists in at least part of the authentication procedure. Once the authentication is confirmed a secure tunnel can be established between the user equipment and the security gateway and payload traffic can be transferred.
|