Method and system for delegation of security procedures to a visited domain
First Claim
1. A method for delegation of security procedures to a second domain comprising:
- generating a first key for a mobile node;
storing the first key at the mobile node and at a home domain of the mobile node;
moving the mobile node to the second domain;
sending a request from the second domain to the home domain to authenticate the mobile node;
generating a second key at the home domain using the first key and a random number and sending the random number and the second key to the second domain;
sending the random number to the mobile node by the second domain;
generating the second key by the mobile node using the random number and the first key; and
using the second key for at least one authentication procedure between the mobile node and the second domain.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and system for delegation of security procedures to a second domain. A first key is generated for a mobile node. The first key is stored at the mobile node and at a home domain of the mobile node. The mobile node is moved to the second domain. A request is sent from the second domain to the home domain to authenticate the mobile node. A second key is generated at the home domain using the first key and a random number. The random number and the second key are sent to the second domain. The random number is sent to the mobile node by the second domain. The mobile node generates the second key using the random number and the first key. The second key is used for authentication procedures and/or key derivation procedures between the mobile node and the second domain.
114 Citations
44 Claims
-
1. A method for delegation of security procedures to a second domain comprising:
-
generating a first key for a mobile node;
storing the first key at the mobile node and at a home domain of the mobile node;
moving the mobile node to the second domain;
sending a request from the second domain to the home domain to authenticate the mobile node;
generating a second key at the home domain using the first key and a random number and sending the random number and the second key to the second domain;
sending the random number to the mobile node by the second domain;
generating the second key by the mobile node using the random number and the first key; and
using the second key for at least one authentication procedure between the mobile node and the second domain. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 28, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
-
27. A method for delegation of security procedures to a second domain comprising:
-
sharing a first key with a mobile node and at least one server in the home domain of the mobile node;
moving the mobile node into the second domain;
requesting authentication of the mobile node by the home domain;
generating a second key using the first key in the home domain;
sending the second key to the second domain; and
using the second key for at least one authentication procedure between the mobile node and the second domain.
-
-
29. A system for delegation of security procedures to a visited domain comprising:
-
a home domain, the home domain containing at least one server;
a mobile device, the mobile device sharing a first key with one at least one server in the home domain; and
a second domain, the second domain containing at least one second server, a security association existing between the one at least one server in the home domain and one at least one second server in the second domain, wherein when the mobile device roams into the second domain, the second domain requests authentication of the mobile device by the home domain, the one at least one server generating a second key using the first key and sending the second key to the second domain, the second key being used for at least one authentication procedure between the mobile device and the second domain.
-
-
40. A method for delegation of security procedures to a second domain comprising:
-
moving a mobile device to the second domain, the mobile node having a home domain;
sending a second key from the home domain to the second domain for authentication of the mobile device, the second key being based on a first key shared between the home domain and the mobile device; and
authenticating the mobile device by the second domain using the second key, wherein the second key is used for at least one of authentication procedures and key derivation procedures between the mobile device and the second domain. - View Dependent Claims (41, 42, 43, 44)
-
Specification