摘要:
A mutual authentication method is provided for securely agreeing application-security keys with mobile terminals supporting legacy Subscriber Identity Modules (e.g., GSM SIM and CDMA2000 R-UIM, which do not support 3G AKA mechanisms). A challenge-response key exchange is implemented between a bootstrapping server function (BSF) and mobile terminal (MT). The BSF generates an authentication challenge and sends it to the MT under a server-authenticated public key mechanism. The MT receives the challenge and determines whether it originates from the BSF based on a bootstrapping server certificate. The MT formulates a response to the authentication challenge based on keys derived from the authentication challenge and a pre-shared secret key. The BSF receives the authentication response and verifies whether it originates from the MT. Once verified, the BSF and MT independently calculate an application security key that the BSF sends to a requesting network application function to establish secure communications with the MT.
摘要:
A mutual authentication method is provided for securely agreeing application-security keys with mobile terminals supporting legacy Subscriber Identity Modules (e.g., GSM SIM and CDMA2000 R-UIM, which do not support 3G AKA mechanisms). A challenge-response key exchange is implemented between a bootstrapping server function (BSF) and mobile terminal (MT). The BSF generates an authentication challenge and sends it to the MT under a server-authenticated public key mechanism. The MT receives the challenge and determines whether it originates from the BSF based on a bootstrapping server certificate. The MT formulates a response to the authentication challenge based on keys derived from the authentication challenge and a pre-shared secret key. The BSF receives the authentication response and verifies whether it originates from the MT. Once verified, the BSF and MT independently calculate an application security key that the BSF sends to a requesting network application function to establish secure communications with the MT.
摘要:
Devices and methods are provided for handing off an access terminal from a macro base station to a femto access point (AP). In one embodiment, the method involves receiving a facilities directive or the like from a communication network entity, such as, for example, a serving mobile switching center (MSC). The method may involve selecting the femto AP based at least in part on femto configuration information, which may include at least one global identifier of the femto AP. The method may involve determining a uniform resource identifier of the femto AP based at least in part on at least one global identifier (e.g., MSC identifier and/or cell identifier).
摘要:
Local IP access is provided in a wireless network to facilitate access to one or more local services. In some implementations, different IP interfaces are used for accessing different services (e.g., local services and operator network services). A list that maps packet destinations to IP interfaces may be employed to determine which IP interface is to be used for sending a given packet. In some implementations an access point provides a proxy function (e.g., a proxy ARP function) for an access terminal. In some implementations an access point provides an agent function (e.g., a DHCP function) for an access terminal. NAT operations may be performed at an access point to enable the access terminal to access local services. In some aspects, an access point may determine whether to send a packet from an access terminal via a protocol tunnel based on the destination of the packet.
摘要:
A method and apparatus facilitating priority indication and queuing for an access terminal is provided. The method may comprise receiving an access request from an access terminal (AT), determining that the AT is a priority AT and that no resources are available in response to the access request, transmitting an access deny message to the priority AT, queuing the access request until a resource becomes available, and transmitting a resource available message to the priority AT upon a determination that a resource has become available.
摘要:
IIF architectures and corresponding call flows are provided for CDMA2000/GPRS roaming scenarios such as GPRS foreign mode with Mobile IPv4, GPRS foreign mode with Simple IPv4 or IPv6, CDMA2000 packet data foreign mode with Mobile IPv4, and CDMA2000 packet data foreign mode with Simple IPv4 or IPv6.
摘要:
IIF architectures and corresponding call flows are provided for CDMA2000/GPRS roaming scenarios such as GPRS foreign mode with Mobile IPv4, GPRS foreign mode with Simple IPv4 or IPv6, CDMA2000 packet data foreign mode with Mobile IPv4, and CDMA2000 packet data foreign mode with Simple IPv4 or IPv6.
摘要:
A mutual authentication method is provided for securely agreeing application-security keys with mobile terminals supporting legacy Subscriber Identity Modules (e.g., GSM SIM and CDMA2000 R-UIM, which do not support 3G AKA mechanisms). A challenge-response key exchange is implemented between a bootstrapping server function (BSF) and mobile terminal (MT). The BSF generates an authentication challenge and sends it to the MT under a server-authenticated public key mechanism. The MT receives the challenge and determines whether it originates from the BSF based on a bootstrapping server certificate. The MT formulates a response to the authentication challenge based on keys derived from the authentication challenge and a pre-shared secret key. The BSF receives the authentication response and verifies whether it originates from the MT. Once verified, the BSF and MT independently calculate an application security key that the BSF sends to a requesting network application function to establish secure communications with the MT.
摘要:
A method and apparatus for session release in a communication system supporting Internet Protocol (IP) communications. In one embodiment, when the MS has lost a bearer connection (i.e., PPP session), the notification is provided by a Packet Data Service Node (PDSN) to the serving Session control Manager (SCM) via IP multicast. If two PPP sessions are active for a given IP communication, and one PPP session is not lost, the PDSN associated with the active PPP session sends a correction message to ignore any notification message sent by the other PDSN. In an alternate embodiment, the Authentication Authorization Accounting (AAA) server uses start and stop accounting requests, received from PDSNs, to determine when to notify the serving SCM to terminate an IP communication.
摘要:
Devices and methods are provided for handing off an access terminal from a macro base station to a femto access point (AP). In one embodiment, the method involves receiving a facilities directive or the like from a communication network entity, such as, for example, a serving mobile switching center (MSC). The method may involve selecting the femto AP based at least in part on femto configuration information, which may include at least one global identifier of the femto AP. The method may involve determining a uniform resource identifier of the femto AP based at least in part on at least one global identifier (e.g., MSC identifier and/or cell identifier).