| 发明名称 |
SYSTEM AND METHOD FOR SECURE NETWORK ROAMING |
| 摘要 |
A wireless data network process and system are provided based on a network with prior network-based authentication of a connected mobile node (MN) and with a network connection to a packet gateway node (PGN). The method and system establish and use an authentication mechanism between the MN and the PGN using the network connection. An encrypted channel is then set up between the MN and the PGN based on authentication established with the authentication mechanism. Configuration data is sent from the PGN to the MN using the encrypted channel. The configuration data may then be used by the MN for communication to and from the MN via the PGN. Any network connected to the PGN may then be used. The authentication mechanism advantageously includes exchanging public keys and then using the public keys to mutually authenticate the MN and PGN. The configuration data sent from the PGN to the MN using the encrypted channel advantageously includes providing Mobile Internet Protocol (MIP) configuration data and the IP Security protocol (IPsec) configuration data. The MN may then connect to a non-GPRS wireless local network and establish a MIP session across the non-GPRS network as a tunneled session using a IPsec encapsulating security payload (ESP). |
| 申请公布号 |
WO03015360(A3) |
申请公布日期 |
2003.09.25 |
| 申请号 |
WO2002US25832 |
申请日期 |
2002.08.12 |
| 申请人 |
MEGISTO SYSTEMS |
发明人 |
SHARMA, MUKESH;SKISCIM, CHRISTOPHER;ROBERTS, PHILIP;SANCHEZ, LUIS |
| 分类号 |
H04L12/28;H04L12/56;H04L29/06;H04W12/00;H04W12/04;H04W12/06;H04W60/00;H04W76/04;H04W80/04;H04W84/12;H04W88/16;H04W92/02 |
主分类号 |
H04L12/28 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
