IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0677274
(2000-10-02)
|
발명자
/ 주소 |
- Tummala, Rambabu
- Mitton, David J.
- Akhtar, Haseeb
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 |
피인용 횟수 :
96 인용 특허 :
9 |
초록
▼
In an IP-based mobile communications system, the Mobile Node changes its point of attachment to the network while maintaining network connectivity. The present invention improves the attachment of the Mobile Node to the IP mobile communications system by allowing a AAA Broker Server to maintain clie
In an IP-based mobile communications system, the Mobile Node changes its point of attachment to the network while maintaining network connectivity. The present invention improves the attachment of the Mobile Node to the IP mobile communications system by allowing a AAA Broker Server to maintain client information necessary to establish the a secure Mobile Node connection to the home network.
대표청구항
▼
1. The method of establishing a connection for a mobile node on a communication system having a home network for the mobile node and at least one foreign network comprising the steps of:receiving a registration request message at a foreign network Authentication, Authorization, Accounting server; tr
1. The method of establishing a connection for a mobile node on a communication system having a home network for the mobile node and at least one foreign network comprising the steps of:receiving a registration request message at a foreign network Authentication, Authorization, Accounting server; transmitting a request to an Authentication, Authorization, Accounting broker server to obtain service level agreement information to establish a secure connection between the foreign and home networks; receiving at the foreign network Authentication, Authorization, Accounting server a response transmitted from the Authentication, Authorization, Accounting broker server containing service level agreement information stored on the Authentication, Authorization, Accounting broker server, wherein the response transmitted from the Authentication, Authorization, Accounting broker server contains the Internet Protocol address of the home network to which the request should be directly forwarded and one or more instances of a first value to indicate that one or more different host networks can be contacted. 2. The method of establishing a home network connection in claim 1 further comprising the step of:establishing a connection with an Authentication, Authorization, Accounting server on the home network based upon the information received from the Authentication, Authorization, Accounting broker server. 3. The method of establishing a home network connection in claim 1 further comprising the step of:receiving a response from the Authentication, Authorization, Accounting broker server with a rejection response after the Authentication, Authorization, Accounting broker server determines that the home network is not found by the Authentication, Authorization, Accounting broker server. 4. The method of establishing a home network connection in claim 1 further comprising the step of:transmitting the request to the Authentication, Authorization, Accounting broker server for all messages to be addressed to unknown networks in order to identify the home network. 5. The method of establishing a home network connection in claim 1 further comprising the step of:receiving the response from the Authentication, Authorization, Accounting broker server with a tag value that indicates the timeout value for a particular host. 6. The method of establishing a home network connection in claim 1 further comprising the step of:receiving the response from the Authentication, Authorization, Accounting broker server with a session time-out value as a discretionary indication to the home network server on how long the home network entry should be maintained as valid on the foreign network. 7. The method of establishing a home network connection in claim 1 further comprising the step of:receiving the response from the Authentication, Authorization, Accounting broker server with a tag value that indicates a host sever selection value. 8. The method of establishing a home network connection in claim 1 further comprising the step of:receiving the response from the Authentication, Authorization, Accounting broker server with a certificate of the foreign network server and the host network server. 9. The method of establishing a home network connection in claim 8 further comprising the step of:receiving the response from the Authentication, Authorization, Accounting broker server with a certificate encapsulated in an Attribute Value Pair of the foreign network server and the host network server. 10. The method of establishing a home network connection in claim 8 further comprising the step of:receiving the response from the Authentication, Authorization, Accounting broker server with a certificate of the foreign network server and the host network server where the foreign network server forwards the certificate in a communication to the home AAA Authentication, Authorization, Accounting server. 11. The method of establishing a home network connection in claim 1 further comprising the step of:receiving the response from the Authentication, Authorization, Accounting broker server with a certificate encapsulated in an Attribute Value Pair of the foreign network server and the host network server. 12. The method of establishing a home network connection in claim 1 further comprising the step of:transmitting a request to a second Authentication, Authorization, Accounting broker server in response to the response received by the foreign network server. 13. The method of establishing a home network connection in claim 1 further comprising the step of:receiving the response from the Authentication, Authorization, Accounting broker server after the Authentication, Authorization, Accounting broker server validates the request from the foreign network against information retained in the Authentication, Authorization, Accounting broker server on allowed request clients. 14. The method of establishing a home network connection in claim 1 further comprising the step of:receiving the response from the Authentication, Authorization, Accounting broker server after the Authentication, Authorization, Accounting broker server validates the request from the foreign network by processing a destination attribute in an attempt to find a match on the home network. 15. The method of establishing a home network connection in claim 1 further comprising the step of:receiving the response from the Authentication, Authorization, Accounting broker server after the Authentication, Authorization, Accounting broker server validates the request from the foreign network by processing a user name attribute in an attempt to find a match on the home network. 16. The method of establishing a home network connection in claim 15 further comprising the step of:receiving the response from the Authentication, Authorization, Accounting broker server after the Authentication, Authorization, Accounting broker server validates the request from the foreign network by processing a destination attribute in an attempt to find a match on the home network. 17. The method of establishing a connection for a mobile node on a communication system having a home network for the mobile node and at least one foreign network comprising the steps of:receiving a registration request message at a foreign network Authentication, Authorization, Accounting server; transmitting a request to an Authentication, Authorization, Accounting broker server to obtain service level agreement information to establish a secure connection between the foreign and home networks; receiving at the foreign network Authentication, Authorization, Accounting server a response transmitted from the Authentication, Authorization, Accounting broker server containing service level agreement information stored on the Authentication, Authorization, Accounting broker server, wherein the response transmitted from the Authentication, Authorization, Accounting broker server contains the Internet Protocol address of the home network to which the request should be directly forwarded, and one or more instances of a first value to indicate that one or more different host networks can be contacted; and contacting a second Authentication, Authorization, Accounting broker server after a rejection response is received from the Authentication, Authorization, Accounting broker server. 18. The method of establishing a home network connection in claim 1 further comprising the step of:after receiving the response from Authentication, Authorization, Accounting broker server that services the home network, the foreign network initiates a security association pursuant to the returned service level agreement information in the response message by transmitting a message to the home network from the foreign network. 19. The method of establishing a home network connection in claim 1 further comprising the step of:receiving message from the home network server at the foreign network Authentication, Authorization, Accounting server after the home network that services the home network Authentication, Authorization, Accounting server processes a request from the foreign network server for a secure connection. 20. A system for establishing a home network connection of a mobile node on a foreign network in a wireless communications network comprising:a home network having a home agent coupled to a home Authentication, Authorization, Accounting server; a foreign network having a foreign agent coupled to a foreign Authentication, Authorization, Accounting server; a mobile node transmitting a request to the foreign Authentication, Authorization, Accounting server in a request to establish a secure connection between the mobile node and the home network; an Authentication, Authorization, Accounting broker server coupled to the foreign Authentication, Authorization, Accounting server transmitting a request to the Authentication, Authorization, Accounting broker server to determine the location of the home network and security association information for establishing the secure connection between the mobile node and the home network according to a security protocol specified in the Authentication, Authorization, Accounting broker server; and the foreign Authentication, Authorization, Accounting server receives a response from the Authentication, Authorization, Accounting broker server with the Internet Protocol address of the home network to which the request should be directly forwarded and one or more instances of a first value to indicate that one or more different host networks can be contacted. 21. The system set forth in claim 20 wherein:the foreign Authentication, Authorization, Accounting server receives a response from the Authentication, Authorization, Accounting server broker server that contain the Internet Protocol address of the home network to which the request should be directly forwarded. 22. The system set forth in claim 20 wherein:the foreign Authentication, Authorization, Accounting server transmits the request to the Authentication, Authorization, Accounting broker server for all messages to be addressed to unknown networks in order to identify the home network. 23. The system set forth in claim 20 wherein:the foreign Authentication, Authorization, Accounting server receives a response from the Authentication, Authorization, Accounting broker server with a tag value that indicates a host server selection value. 24. The system set forth in claim 20 wherein:the foreign Authentication, Authorization, Accounting server receives a response from the Authentication, Authorization, Accounting broker server that includes a session time-out value as a discretionary indication to the foreign network server on how long the home network entry should be maintained as valid on the foreign network. 25. The system set forth in claim 24 wherein:the foreign Authentication, Authorization, Accounting server receives the response from the Authentication, Authorization, Accounting broker server with a tag value that indicates a host server selection value. 26. The system set forth in claim 20 wherein:the foreign Authentication, Authorization, Accounting server receives the response from the Authentication, Authorization, Accounting broker server with a certificate of the foreign network server and the host network server. 27. The system set forth in claim 20 wherein:the foreign Authentication, Authorization, Accounting server receives the response from the Authentication, Authorization, Accounting broker server with a certificate encapsulated in an Attribute Value Pair of the foreign network server and the host network server. 28. The system set forth in claim 20 wherein:the foreign Authentication, Authorization, Accounting server receives the response from the Authentication, Authorization, Accounting broker server with a certificate that is forwarded to the home Authentication, Authorization, Accounting server. 29. The system set forth in claim 28 wherein:the foreign Authentication, Authorization, Accounting server receives the response from the Authentication, Authorization, Accounting broker server with a certificate encapsulated in an Attribute Value Pair of the foreign network server and the host network server. 30. The system set forth in claim 20 wherein:the foreign Authentication, Authorization, Accounting server transmits a second request to a second Authentication, Authorization, Accounting broker server in response to a rejection response received from the Authentication, Authorization, Accounting broker by the foreign network server. 31. The system set forth in claim 20 wherein:the foreign Authentication, Authorization, Accounting server receives a response from the Authentication, Authorization, Accounting broker server after the Authentication, Authorization, Accounting broker validates the request from the foreign network against the information retained in the Authentication, Authorization, Accounting broker server on the allowed request clients. 32. The system set forth in claim 20 wherein:the foreign Authentication, Authorization, Accounting server receives a response from the Authentication, Authorization, Accounting broker server after the Authentication, Authorization, Accounting broker validates the request from the foreign network by processing a destination attribute in an attempt to find a match on the home network. 33. The system set forth in claim 20 wherein:the foreign Authentication, Authorization, Accounting server receives a response from the Authentication, Authorization, Accounting broker server after the Authentication, Authorization, Accounting broker validates the request from the foreign network by processing a user name attribute in an attempt to find a match on the home network. 34. The system set forth in claim 33 wherein:the foreign Authentication, Authorization, Accounting server receives a response from the Authentication, Authorization, Accounting broker server after the Authentication, Authorization, Accounting broker validates the request from the foreign network by processing a destination attribute in an attempt to find a match on the home network. 35. The system set forth in claim 20 wherein:the foreign Authentication, Authorization, Accounting server receives a rejection response from the Authentication, Authorization, Accounting broker server after the Authentication, Authorization, Accounting broker server determines that the home network is not found serviced by the Authentication, Authorization, Accounting broker server. 36. The system set forth in claim 20 wherein:the foreign Authentication, Authorization, Accounting server contacts a second Authentication, Authorization, Accounting broker server after a rejection response is received from the Authentication, Authorization, Accounting broker server. 37. The system set forth in claim 20 wherein:the foreign Authentication, Authorization, Accounting server initiates a security association pursuant to the returned information in the response message by transmitting a message to the home network from the foreign network. 38. The system set forth in claim 20 wherein:the foreign Authentication, Authorization, Accounting server receives a message from the home network server to the foreign network server after home network server processes the request from the foreign network server for a secure connection. 39. A method for establishing a connection for a mobile node on a communication system having a home network for the mobile node and at least one foreign network comparing the steps of:receiving a registration request message at a foreign Authentication, Authorization, Accounting server; transmitting a request to an Authentication, Authorization, Accounting broker server to obtain service level agreement information to establish a secure connection between the foreign and home network; receiving at the foreign network Authentication, Authorization, Accounting server a response from the Authentication, Authorization, Accounting broker server containing service level agreement information wherein the response transmitted from Authentication, Authorization, Accounting broker server contains the Internet Protocol address of the home network to which the request should be directly forwarded and one or more instances of a first value to indicate that one or more different host networks can be contacted; and establishing a secure connection with an Authentication, Authorization, Accounting server on the home network based upon the service level agreement information received from the Authentication, Authorization, Accounting broker server to encrypt information packets transmitted between the home network and the mobile node.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.