公开(公告)号：US09817720B2

公开(公告)日：2017-11-14

申请号：US14438956

申请日：2012-10-29

Applicant: NOKIA SOLUTIONS AND NETWORKS OY

Inventor： Guenther Horn ,  Hinrich Eilts

IPC: H04L29/06 ,  G06F11/14 ,  H04W12/04 ,  H04W36/00 ,  H04W36/08

CPC classification number: G06F11/1402 ,  G06F2201/875 ,  H04W12/04 ,  H04W36/0038 ,  H04W36/08

Abstract: An apparatus comprises a memory unit, and a control unit connected to the memory unit. The apparatus can be configured to interface at least one access node; the control unit is configured to derive at least one local level security key within an established security context for a terminal, forward the derived local security key to at least one access node, and detect failures in a handover for a terminal being served by a first access node towards a second access node. The failures concern the interface between the apparatus and the second access node. In response to a verified trigger condition, the control unit can re-adjust local level security keys with keys maintained at the terminal within the established security context.

公开(公告)号：US20150269028A1

公开(公告)日：2015-09-24

申请号：US14438956

申请日：2012-10-29

Applicant: NOKIA SOLUTIONS AND NETWORKS OY

Inventor： Guenther Horn ,  Hinrich Eilts

IPC: G06F11/14 ,  H04W12/04 ,  H04W36/08

CPC classification number: G06F11/1402 ,  G06F2201/875 ,  H04W12/04 ,  H04W36/0038 ,  H04W36/08

Abstract: An apparatus comprises a memory unit, and a control unit connected to the memory unit. The apparatus can be configured to interface at least one access node; the control unit is configured to derive at least one local level security key within an established security context for a terminal, forward the derived local security key to at least one access node, and detect failures in a handover for a terminal being served by a first access node towards a second access node. The failures concern the interface between the apparatus and the second access node. In response to a verified trigger condition, the control unit can re-adjust local level security keys with keys maintained at the terminal within the established security context.

Abstract translation: 一种装置包括存储器单元和连接到存储器单元的控制单元。 该设备可以被配置为接口至少一个接入节点; 控制单元被配置为在终端的已建立的安全上下文中导出至少一个本地级安全密钥，将导出的本地安全密钥转发到至少一个接入节点，并且检测由第一 访问节点朝向第二接入节点。 这些故障涉及设备和第二接入节点之间的接口。 响应于验证的触发条件，控制单元可以利用在已建立的安全上下文内的终端处保持的密钥来重新调整本地级安全密钥。