公开(公告)号：US20170149751A1

公开(公告)日：2017-05-25

申请号：US15427819

申请日：2017-02-08

Applicant: NOKIA SOLUTIONS AND NETWORKS OY

Inventor： Anders Jan Olof KALL ,  Gyorgy Tamas WOLFNER ,  Jouni KORHONEN

IPC: H04L29/06

Abstract: There are provided measures for supporting an authentication to an external packet data network over an untrusted access network, said measures exemplarily comprising authenticating a user equipment to a communication network providing connectivity for the user equipment across an unsecured access network in response to a first authentication request, wherein the authentication request is an authentication request of a key information exchange mechanism and includes authentication data, receiving a second authentication request for authenticating the user equipment towards a packet data network external to the communications network. The measures may further comprise creating a binding update message including the authentication data and identity information of the user received from the user equipment.

公开(公告)号：US20170367131A1

公开(公告)日：2017-12-21

申请号：US15678849

申请日：2017-08-16

Applicant: NOKIA SOLUTIONS AND NETWORKS OY

Inventor： Seppo Ilmari VESTERINEN ,  Jouni KORHONEN ,  Matti Einari LAITILA

IPC: H04W76/02 ,  H04W48/08 ,  H04L29/12 ,  H04W92/02

CPC classification number: H04W76/12 ,  H04L61/2007 ,  H04L61/2092 ,  H04L61/6068 ,  H04L61/6077 ,  H04W48/08 ,  H04W76/15 ,  H04W92/02

Abstract: A second internet protocol network is logically connected to a packet data network connection provided between a user equipment and a first internet protocol network over a radio access network, the second internet protocol network located on a data path from the first internet protocol network to the user equipment. The first internet protocol network represents the highest level internet protocol point of attachment to the packet data network connection. Router advertisements are sent from the second internet protocol network to the user equipment over the radio access network via the packet data network connection.

公开(公告)号：US20140298080A1

公开(公告)日：2014-10-02

申请号：US14227546

申请日：2014-03-27

Applicant: NOKIA SOLUTIONS AND NETWORKS OY

Inventor： Jouni KORHONEN ,  Hannes TSCHOFENIG

IPC: G06F11/20

CPC classification number: G06F11/2007 ,  G06F11/2023 ,  G06F11/2038 ,  H04L41/06 ,  H04L41/28 ,  H04L63/0892 ,  H04L63/10 ,  H04L67/327 ,  H04L69/40

Abstract: There is provided an intra-realm AAA (authentication, authorization and accounting) fallback mechanism, wherein the single global realm may be divided in one or more sub-realms. The thus presented mechanism exemplarily comprises detecting a failure of an authentication server serving at least one authentication client within a first sub-realm of a single-realm authentication system, and routing authentication messages of the at least one authentication client to a fallback authentication server within a second sub-realm of the single-realm authentication system, wherein routing may exemplarily comprise sub-realm based source routing.

Abstract translation: 提供了内部AAA（认证，授权和计费）回退机制，其中单个全球领域可以被划分成一个或多个子领域。 所呈现的机制示例性地包括检测服务于单域认证系统的第一子域内的至少一个认证客户端的认证服务器的故障，以及将至少一个认证客户端的认证消息路由到后端认证服务器内的后退认证服务器 单域认证系统的第二子域，其中路由可以示例性地包括基于子域的源路由。