×

Transfer of security association during a mobile terminal handover

  • US 6,587,680 B1
  • Filed: 11/23/1999
  • Issued: 07/01/2003
  • Est. Priority Date: 11/23/1999
  • Status: Expired due to Term
First Claim
Patent Images

1. In a communication system having a plurality of access-points, each access point serving a different geographic area within an overall geographic area that is served by said communication system, said communication system further having a plurality of mobile-terminals that are each physically moveable within said overall geographic area and between said different geographic areas, a method of providing information security when communication with a given mobile-terminal is handed-over from a first access-point to a second access-point, said method comprising the steps of:

  • sensing when said given mobile-terminal moves from a communication-influence with said first access-point into a communication-influence with said second access-point;

    responding to said sensing step by retrieving security-association-parameters from said first access-point, by creating a security association at said second access-point in accordance with said retrieved security-association-parameters, and by creating a security association at said given mobile-terminal in accordance with said retrieved security-association-parameters;

    responding to said sensing step by sending an authenticate-access-point-challenge from said given mobile-terminal to said second access-point, and by sending an authenticate-mobile-terminal-challenge from said second access-point to said given mobile-terminal;

    generating an authenticate-access-point-response at said second access-point in response to said authenticate-access-point-challenge received from said given mobile-terminal;

    sending said authenticate-access-point-response to said given mobile-terminal;

    generating an authenticate-mobile-terminal-response at said given mobile-terminal in response to said authenticate-mobile-terminal-challenge received from said second access-point;

    sending said authenticate-mobile-terminal-response to said second access-point;

    first-comparing said authenticate-access-point-response to a correct response at said given mobile-terminal; and

    second-comparing said authenticate-mobile-terminal-response to a correct response at said second access-point.

View all claims
  • 3 Assignments
Timeline View
Assignment View
    ×
    ×