摘要 |
An identifier (e.g., IMSI, IMSI mod 128, C-RNTI, or a nonce) is established between a serving access node s-BS and a user equipment UE. The UE generates and encrypts a transparent container with its security context, which is known to the s-BS. The UE sends the encrypted transparent container, appended with the unencrypted identifier, to a target access node t-BS. For a forward handover FHO, these are sent in a random access procedure along with an identifier for the s-BS. The t-BS reads the s-BS identifier, and forwards to the s-BS the encrypted container with the appended UE identifier. The s-BS matches the received UE identifier with the established one, decrypts the transparent container received from the t-BS with the UE's security context, and based on the matching sends to the t-BS a context for the UE. The UE's security context is kept secure and FHO proceeds only to the UE-selected t- BS. |
申请人 |
NOKIA CORPORATION;NOKIA, INC.;SEBIRE, BENOIST;HUANG, LEPING;RANTA, JUKKA |
发明人 |
SEBIRE, BENOIST;HUANG, LEPING;RANTA, JUKKA |