Method for authenticated connection setup
First Claim
1. A method for authenticated connection setup between a mobile subscriber and a WLAN radio communication system, comprising:
- signing-on as a guest to an access point of the WLAN network via connection that is authenticated on the network side and assigning an individual IP address to the mobile subscriber;
using the individual IP address to access a portal page and authenticating himself/herself to the portal page in a person-related manner;
using a Security Assertion Markup Language to assign person-related authentication data to the mobile subscriber; and
transmitting, in a new connection setup as part of a secure Link Layer connection, the person-related authentication data to an AAA server for final authentication of the mobile subscriber.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention relates to a method for the authenticated establishment of a connection between a mobile subscriber and a WLAN radio communication system. The mobile subscriber signs on as a guest to an access point of the WLAN network via an insecure connection or via a secure connection that is only authenticated on the network side and an individual IP address is assigned to the mobile subscriber. Using the individual IP address, the mobile subscriber accesses a portal page and authenticates himself/herself in a person-related manner to the portal page. Person-related authentication data is assigned to the mobile subscriber using a Security Assertion Markup Language. In a new connection setup as part of a secure Link Layer connection, the person-related authentication data is transmitted to an AAA server for final authentication of the mobile subscriber.
21 Citations
11 Claims
-
1. A method for authenticated connection setup between a mobile subscriber and a WLAN radio communication system, comprising:
-
signing-on as a guest to an access point of the WLAN network via connection that is authenticated on the network side and assigning an individual IP address to the mobile subscriber;
using the individual IP address to access a portal page and authenticating himself/herself to the portal page in a person-related manner;
using a Security Assertion Markup Language to assign person-related authentication data to the mobile subscriber; and
transmitting, in a new connection setup as part of a secure Link Layer connection, the person-related authentication data to an AAA server for final authentication of the mobile subscriber. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
Specification