Re-authentication system and method in communication system
First Claim
1. A method for performing re-authentication in a communication system, the method comprising the steps of:
- transmitting, from a user Authorization, Authentication and Accounting (AAA-U) server to a device Authorization, Authentication and Accounting (AAA-D) server, a user Master Session Key (MSK_U) which is generated by performing user re-authentication for a mobile station (MS) according to a twice Extensible Authentication Protocol (EAP-in-EAP) scheme;
generating a new MSK_U (MSK_U1), in the AAA-D server by using the MSK_U and a device Master Session Key (MSK_D) having been generated at initial device authentication for the MS, and then transmitting the MSK_U1 from the AAA-D server to a BS;
generating a Pairwise Master Key (PMK) in the base station (BS) by using the MSK_U1; and
generating an Authorization Key (AK) in the MS and the BS by using the PMK.
2 Assignments
0 Petitions
Accused Products
Abstract
Disclosed are a system and a method for performing re-authentication in a communication system. A user Authorization, Authentication and Accounting server transmits a user Master Session Key (MSK_U), which is generated by performing user re-authentication for a mobile station (MS) according to a twice Extensible Authentication Protocol scheme, to a device Authorization, Authentication and Accounting server that generates a new user Master Session Key (MSK_U1) by using the MSK_U and a device Master Session Key generated at initial device authentication for the MS. A base station (BS) generates a Pairwise Master Key (PMK) by using the MSK_U1, and the MS and BS generate an authorization key by using the PMK.
35 Citations
20 Claims
-
1. A method for performing re-authentication in a communication system, the method comprising the steps of:
-
transmitting, from a user Authorization, Authentication and Accounting (AAA-U) server to a device Authorization, Authentication and Accounting (AAA-D) server, a user Master Session Key (MSK_U) which is generated by performing user re-authentication for a mobile station (MS) according to a twice Extensible Authentication Protocol (EAP-in-EAP) scheme;
generating a new MSK_U (MSK_U1), in the AAA-D server by using the MSK_U and a device Master Session Key (MSK_D) having been generated at initial device authentication for the MS, and then transmitting the MSK_U1 from the AAA-D server to a BS;
generating a Pairwise Master Key (PMK) in the base station (BS) by using the MSK_U1; and
generating an Authorization Key (AK) in the MS and the BS by using the PMK. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system for performing re-authentication in a communication system, the system for performing re-authentication comprising:
-
a user Authorization, Authentication and Accounting (AAA-U) server for transmitting a user Master Session Key (MSK_U), which is generated by performing user re-authentication for a mobile station (MS) according to a twice Extensible Authentication Protocol (EAP-in-EAP) scheme, to a device Authorization, Authentication and Accounting (AAA-D) server;
the AAA-D server for generating a new MSK_U (MSK_U1) by using the MSK_U and a device Master Session Key (MSK_D) having been generated at initial device authentication for the MS, and then transmitting the MSK_U1 to a base station (BS);
the BS for generating a Pairwise Master Key (PMK) by using the MSK_U1, and generating an Authorization Key (AK) by using the PMK; and
the MS for generating the AK by using the PMK. - View Dependent Claims (7, 8, 9, 10, 11, 12)
-
-
13. A method for performing re-authentication in a communication system, the method comprising the steps of:
-
receiving a user Master Session Key (MSK_U), which is generated by performing user re-authentication for a mobile station (MS) according to a twice Extensible Authentication Protocol (EAP-in-EAP) scheme, from a user Authorization, Authentication and Accounting (AAA-U) server; and
generating a new MSK_U (MSK_U1) by using the MSK_U and a device Master Session Key (MSK_D) having been generated at initial device authentication for the MS, transmitting the MSK_U1 to a base station (BS), and controlling the BS to generate a Pairwise Master Key (PMK) by using the MSK_U1. - View Dependent Claims (14, 15)
-
-
16. A method for performing re-authentication in a -communication system, the method comprising the steps of:
-
receiving a user Master Session Key (MSK_U) and a new MSK_U (MSK_U1), which is generated by using a device Master Session Key (MSK_D) having been generated at initial device authentication for a mobile station (MS), from a device Authorization, Authentication and Accounting (AAA-D) server;
generating a Pairwise Master Key (PMK) by using the MSK_U1; and
generating an Authorization Key (AK) by using the PMK, wherein a user Authorization, Authentication and Accounting (AAA-U) server generates the MSK_U by performing user re-authentication for the MS according to a twice Extensible Authentication Protocol (EAP-in-EAP) scheme. - View Dependent Claims (17, 18, 19, 20)
-
Specification