摘要 |
A method for establishing a security association between a client (UE) and a service node (NAF) for the purpose of pushing information from the service node to the client, where the client and a key server (BSF) share a base secret. The method comprises sending a request for generation and provision of a service key from the service node to a key server, the request identifying the client and the service node, generating a service key at the key server using the identities of the client and the service node, the base secret, and additional information, and sending the service key to the service node together with said additional information, forwarding said additional information from the service node to the client, and at the client, generating said service key using the received additional information and the base key. A similar approach may be used to provide p2p key management. |