A METHOD FOR NETWORK ACCESS, RELATED NETWORK AND COMPUTER PROGRAM PRODUCT THEREFOR

摘要

A method of providing access of a mobile terminal (MS) to an IP network includes establishing a security association (SA) between the mobile terminal (MS) and a first security gateway (SGWHOME) of a first router (IARHOME) in said plurality of routers. The mobile terminal (MS) is provided access to the IP network via the first router (IARHOME). and the data exchanged between the mobile terminal (MS) and the first router (IARHOME) is encapsulated by using the security association (SA). The security association (SA) is made available to at least one second router (IARVISITED) having a second security gateway (SGWVISITED)- The mobile terminal (MS) is provided access to the IP network via said the second router (IARVISITED). and data exchanged between the mobile terminal (MS) and the second router (IARVISITED) are encapsulated by using the same security association (SA). Establishing the security association (SA) includes assigning a Security Parameter Index (SPI) that identifies univocally the first security gateway (SGWHOME) and the security association (SA). Making the security association (SA) available to the second router (IARVISITED) includes making available to the second router (IARVISITED) the Security Parameter Index (SPI). The second router (IARVISITED) may thus have access to the security association (SA) either by requesting it from the first router (IARHOME) or by identifying it in a set of security associations (SA) sent from the first router (IARHOME) to a set of routers candidate to become the second router (IARVISITED) as result of the mobility of the mobile terminal (MS).