Addressing mechanisms in mobile IP
First Claim
1. A method of delegating responsibility for an IP address owned by a first IP network node to a second IP network node, at least a part of the IP address being derivable from a public key of a public/private key pair belonging to the first node, the method comprising:
- notifying the first node of a public key of a public/private key pair belonging to the second node;
at the first node, signing the public key of the second node with the private key of the first node to provide an authorisation certificate; and
sending the authorisation certificate from the first node to the second node;
wherein the authorisation certificate is subsequently included with messages relating to said IP address and signed with the private key of the second node, sent from the second node to receiving nodes, and is used by the receiving nodes to verify that the first node has delegated responsibility for its IP address to the second node.
1 Assignment
0 Petitions
Accused Products
Abstract
A method of delegating responsibility for an IP address owned by a first IP network node to a second IP network node, at least a part of the IP address being derivable from a public key of a public/private key pair belonging to the first node. The method comprises notifying the first node of a public key of a public/private key pair belonging to the second node, at the first node, signing the public key of the second node with the private key of the first node to provide an authorisation certificate, and sending the authorisation certificate from the first node to the second node, wherein the authorisation certificate is subsequently included with messages relating to said IP address and signed with the private key of the second node, sent from the second node to receiving nodes, and is used by the receiving nodes to verify the second node'"'"'s claim on the IP address.
-
Citations
12 Claims
-
1. A method of delegating responsibility for an IP address owned by a first IP network node to a second IP network node, at least a part of the IP address being derivable from a public key of a public/private key pair belonging to the first node, the method comprising:
-
notifying the first node of a public key of a public/private key pair belonging to the second node; at the first node, signing the public key of the second node with the private key of the first node to provide an authorisation certificate; and sending the authorisation certificate from the first node to the second node; wherein the authorisation certificate is subsequently included with messages relating to said IP address and signed with the private key of the second node, sent from the second node to receiving nodes, and is used by the receiving nodes to verify that the first node has delegated responsibility for its IP address to the second node. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method of authenticating a message received at a receiving node of an IP network from an originating node,
the message relating to an IP address and comprising said IP address, a public key of a public/private key pair belonging to the node owning the IP address, and a certificate issued to the originating node by the owning node and derived by signing the public key of a public/private key pair belonging to the originating node with the private key of the owning node, the message being signed with the private key of the originating node, the method comprising: -
confirming that at least a part of said IP address is derivable from the public key of the owning node; confirming that said certificate is signed with the private key of the owning node; and confirming that the message is signed with the private key of the originating node and thereby authenticating the message. - View Dependent Claims (8)
-
-
9. An IP client terminal arranged in use to lease an IP address from another IP network node, at least a part of the IP address being derivable from a public key of a public/private key pair belonging to the owning node, the client terminal comprising:
-
means for notifying the owning node of a public key of a public/private key pair belonging to the client terminal; means for receiving from the owning node, an authorisation certificate including the public key of the client terminal signed with the private key of the owning node; wherein the authorisation certificate is subsequently included with messages relating to said IP address and signed with the private key of the client terminal, sent from the client terminal to receiving nodes, and is used by the receiving nodes to verify that the owning node has leased at least a part of the IP address to the client terminal.
-
-
10. An IP client terminal arranged in use to authorise a delegated IP network node to use an IP address owned by the client terminal, at least a part of the IP address being derivable from a public key of a public/private key pair belonging to the client terminal, the client terminal comprising:
-
means for receiving from said delegated node a public key of a public/private key pair belonging to the delegated node; means for generating an authorisation certificate including the public key of the delegated node signed with the private key of the client terminal, and for sending the certificate to the delegated node; wherein the authorisation certificate is subsequently included with messages relating to said IP address and signed with the private key of the delegated node, sent from the delegated node to receiving nodes, and is used by the receiving nodes to verify that the client terminal has authorized the delegated node to use the IP address owned by the client terminal.
-
-
11. An IP server arranged in use to authorise a client IP node to use an IP address owned by the server, at least a part of the P address being derivable from a public key of a public/private key pair belonging to the server, the server comprising:
-
means for receiving from said client terminal a public key of a public/private key pair belonging to the client terminal; means for generating an authorisation certificate including the public key of the client terminal signed with the private key of the server, and for sending the certificate to the client terminal; wherein the authorisation certificate is subsequently included with messages relating to said IP address and signed with the private key of the client terminal, sent from the client terminal to receiving nodes, and is used by the receiving nodes to authenticate the messages.
-
-
12. An IP server arranged in use to assume responsibility for an IP address owned by a client terminal, at least a part of the IP address being derivable from a public key of a public/private key pair belonging to the client terminal, the server comprising:
-
means for sending to said client terminal a public key of a public/private key pair belonging to the server; means for receiving from the client terminal, an authorisation certificate including the public key of the server signed with the private key of the client terminal; wherein the authorisation certificate is subsequently included with messages relating to said IP address and signed with the private key of the server, sent from the server to receiving nodes, and is used by the receiving nodes to verify that the server has assumed responsibility for the IP address owned by the client terminal.
-
Specification