Call handover between cellular communication system nodes that support different security contexts
First Claim
1. A method of operating a first node to generate a security context for a client in a cellular communication system, wherein the first node comprises processing circuitry, the method comprising:
- the first node performing, as part of a handover in the cellular communication system;
receiving at least one cryptographic key from a second node;
receiving identities of security algorithms supported by the client from a third node;
using the at least one cryptographic key and the identities to generate the security context for the client; and
using the generated security context to, at least in part, control security-related signaling between the client and the cellular communication system,wherein the first node is a target packet switched node, the third node is a source packet switched node, and the second node is a source circuit switched node.
1 Assignment
0 Petitions
Accused Products
Abstract
In the context of facilitating a circuit switched to packet switched handover of a call in a cellular communication system, a first node (e.g., packet switched target node) generates a security context for a client whose call is being handed over. This involves the first node receiving at least one cryptographic key from a second node (e.g., a circuit switched node supporting the existing connection) and receiving identities of security algorithms supported by the client from a third node (e.g., a packet switched node supporting the existing connection); The first node uses the at least one cryptographic key and the identities to generate the security context for the client.
62 Citations
20 Claims
-
1. A method of operating a first node to generate a security context for a client in a cellular communication system, wherein the first node comprises processing circuitry, the method comprising:
-
the first node performing, as part of a handover in the cellular communication system; receiving at least one cryptographic key from a second node; receiving identities of security algorithms supported by the client from a third node; using the at least one cryptographic key and the identities to generate the security context for the client; and using the generated security context to, at least in part, control security-related signaling between the client and the cellular communication system, wherein the first node is a target packet switched node, the third node is a source packet switched node, and the second node is a source circuit switched node. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of operating first and second, nodes in a cellular communication system, the method operating to generate a security context as part of a process of handing over support of a client from the second node to the first node, wherein the first and second nodes each comprise processing circuitry, the method comprising:
-
the second node generating at least one new cryptographic key from at least one existing key associated with the client and a nonce generated by the second node; the second node communicating the at least one new cryptographic key to the first node; the first node receiving identities of security algorithms supported by the client from a third node; the first node using the at least one new cryptographic key and the identities to generate the security context for the client; and using the generated security context to, at least in part, control security-related signaling between the client and the cellular communication system, wherein the first node is a target packet switched node, the third node is a source packet switched node, and the second node is a source circuit switched node.
-
-
11. An apparatus for operating a first node to generate a security context for a client in a cellular communication system, the apparatus comprising:
-
circuitry configured to receive at least one cryptographic key from a second node; circuitry configured to receive identities of security algorithms supported by the client from a third node; circuitry configured to use, as part of a handover in the cellular communication system, the at least one cryptographic key and the identities to generate the security context for the client; and circuitry configured to use the generated security context to, at least in part, control security-related signaling between the client and cellular communication system, wherein the first node is a target packet switched node, the third node is a source packet switched node, and the second node is a source circuity switched node. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. An apparatus for operating first and second nodes in a cellular communication system, the apparatus operating to generate a security context as part of a process of handing over support of a client from the second node to the first node, the apparatus comprising:
-
second node circuitry configured to generate at least one new cryptographic key from at least one existing key associated with the client and a nonce generated by the second node; second node circuitry configured to communicate the at least one new cryptographic key to the first node; first node circuitry configured to receive identities of security algorithms supported by the client from a third node; first node circuitry configured to use the at least one new cryptographic key and the identities to generate the security context for the client; and circuitry configured to use the generated security context to, at least in part, control security-related signaling between the client and the cellular communication system, wherein the first node is a target packet switched node, the third node is a source packet switched node, and the second node is a source circuity switched node.
-
Specification