Automatic setting of security in communication network system
First Claim
1. A method of automatically setting security in a communication network system having a plurality of sub-networks interconnected to one another for handling a mobile node having a care-of address dependent on a sub-network to which said mobile node is currently connected and a home address independent of said connected sub-network, said method comprising the steps of:
- providing a security application management table to hold therein correspondences between sub-networks and security methods; and
automatically setting a method for ensuring the security for user data communicated between said mobile node and a home agent associated therewith based on said security application management table when said mobile node is connected to a different sub-network.
1 Assignment
0 Petitions
Accused Products
Abstract
A communication network system has a plurality of interconnected sub-networks, at least one mobile node having a care-of address dependent on a sub-network currently connected thereto and a home address independent of the connected sub-network, and a home agent. Upon detection of a sub-network connected to the mobile node, the latter determines a security method corresponding to the sub-network held in a node-side security application management table as a security method for ensuring the security for user data communicated between the mobile node and a home agent associated therewith. Then, the sub-network is notified to the home agent through a mobile node network signal. The home agent determines a security method corresponding to the sub-network from among security methods held in an agent-side security application management table as a security method used for ensuring the security for user data communicated between the home agent and the mobile node managed thereby.
27 Citations
7 Claims
-
1. A method of automatically setting security in a communication network system having a plurality of sub-networks interconnected to one another for handling a mobile node having a care-of address dependent on a sub-network to which said mobile node is currently connected and a home address independent of said connected sub-network, said method comprising the steps of:
-
providing a security application management table to hold therein correspondences between sub-networks and security methods; and
automatically setting a method for ensuring the security for user data communicated between said mobile node and a home agent associated therewith based on said security application management table when said mobile node is connected to a different sub-network.
-
-
2. A method of automatically setting security in a communication network system having a plurality of sub-networks interconnected to one another for handling a mobile node having a care-of address dependent on a sub-network to which said mobile node is currently connected and a home address independent of said connected sub-network, said method comprising the steps of:
-
at said mobile node;
detecting a sub-network to which said mobile node itself is connected;
determining a security method corresponding to the detected sub-network from among security methods held in a node-side security application management table to hold therein correspondences between the sub-networks and security methods, as a security method used for ensuring the security for user data communicated between said mobile node and a home agent associated therewith; and
notifying said home agent of said sub-network to which said mobile node is connected through a mobile node network signal, and at said home agent;
receiving the mobile node network signal from said mobile node; and
determining a security method corresponding to said sub-network notified from said mobile node through the mobile node network signal from among security methods held in an agent-side security application management table to hold therein correspondences between sub-networks connected to aid mobile node managed by said home agent and security methods, as a security method used for ensuring the security for user data communicated between said home agent and said mobile node managed thereby.
-
-
3. A method of automatically setting security in a communication network system having a plurality of sub-networks interconnected to one another for handling a mobile node having a care-of address dependent on a sub-network to which said mobile node is currently connected and a home address independent of said connected sub-network, said method comprising the steps of:
-
at said mobile node;
detecting a sub-network to which said mobile node itself is connected;
determining a security method corresponding to the detected sub-network from among security methods held in a node-side security application management table to hold therein correspondences between sub-networks and security methods, as a security method used for ensuring the security for user data communicated between said mobile node and a home agent associated therewith; and
notifying said home agent of said determined security method through a mobile node network signal, and at said home agent;
receiving the mobile node network signal from said mobile node; and
determining said security method notified from said mobile node through the mobile node network signal as a security method for user data communicated between said home agent and said mobile node managed thereby.
-
-
4. A mobile node which forms part of a communication network system together with a plurality of sub-networks interconnected to one another, and a home agent, said mobile node having a care-of address dependent on a sub-network currently connected thereto and a home address independent of said connected sub-network, said mobile node comprising:
-
a node-side security application management table for hold therein correspondences between sub-networks and security methods;
means for detecting a sub-network to which said mobile node itself is connected;
node-side security control means for determining a security method corresponding to said detected sub-network from among the security methods held in said node-side security application management table as a security method used for ensuring the security for user data communicated between said mobile node and a home agent associated therewith; and
notifying means for notifying said home agent of said detected sub-network through a mobile node network signal.
-
-
5. A home agent which forms part of a communication network system together with a plurality of sub-networks interconnected to one another, and at least one mobile node having a care-of address dependent on a sub-network currently connected thereto and a home address independent of said connected sub-network, said home agent comprising:
-
an agent-side security application management table to hold therein correspondences between sub-networks connected to said mobile node managed by said home agent and security methods;
receiving means for receiving from said mobile node a mobile node network signal which notifies a sub-network to which said mobile node is currently connected; and
agent-side security control means for determining a security method corresponding to said sub-network notified thereto through the mobile node network signal from among the security methods held in said agent-side security application management table as a security method used for ensuring the security for user data communicated between said home agent and said mobile node managed thereby.
-
-
6. A mobile node which forms part of a communication network system together with a plurality of sub-networks interconnected to one another, and a home agent, said mobile node having a care-of address dependent on a sub-network currently connected thereto and a home address independent of said connected sub-network, said mobile node comprising:
-
a node-side security application management table to hold therein correspondences between sub-networks and security methods;
network detecting means for detecting a sub-network to which said mobile node is connected;
node-side security control means for determining a security method corresponding to said detected sub-network from among the security methods held in said node-side security application management table, as a security method used for ensuring the security for user data communicated between said mobile node and a home agent associated therewith; and
notifying means for notifying said home agent of said determined security method through a mobile node network signal.
-
-
7. A home agent which forms part of a communication network system together with a plurality of sub-networks interconnected to one another, and at least one mobile node having a care-of address dependent on a sub-network currently connected thereto and a home address independent of said connected sub-network, said home agent comprising:
-
mobile node network signal receiving means for receiving a mobile node network signal from said mobile node for notifying a security method; and
agent-side security control means for determining said security method notified from said mobile node through the mobile node network signal as a security method for user data communicated between said home agent and said mobile node managed thereby.
-
Specification