Automatic setting of security in communication network system
First Claim
1. A method of automatically setting one of a plurality of security methods in a communication network system having a plurality of sub-networks interconnected to one another, said method comprising:
- handling a mobile node having a care-of address dependent on a sub-network to which said mobile node is currently connected and a home address independent of said sub-network to which said mobile node is currently connected, at said mobile node;
detecting the sub-network to which said mobile node is currently connected;
determining the security method of said plurality of security methods corresponding to the detected sub-network from among said plurality of security methods held in a node-side security application management table to hold therein correspondences between said plurality of sub-networks and said plurality of security methods, as the security method of said plurality of security methods used for ensuring the security for user data communicated between said mobile node and a home agent associated therewith; and
notifying said home agent of said sub-network to which said mobile node is connected through a mobile node network signal, andat said home agent;
receiving the mobile node network signal from said mobile node; and
determining the security method of said plurality of security methods corresponding to said sub-network notified from said mobile node through the mobile node network signal from among said plurality of security methods held in an agent-side security application management table to hold therein correspondences between sub-networks connected to said mobile node managed by said home agent and said plurality of security methods, as the security method of said plurality of security methods used for ensuring the security for user data communicated between said home agent and said mobile node managed thereby.
1 Assignment
0 Petitions
Accused Products
Abstract
A communication network system has a plurality of interconnected sub-networks, at least one mobile node having a care-of address dependent on a sub-network currently connected thereto and a home address independent of the connected sub-network, and a home agent. Upon detection of a sub-network connected to the mobile node, the latter determines a security method corresponding to the sub-network held in a node-side security application management table as a security method for ensuring the security for user data communicated between the mobile node and a home agent associated therewith. Then, the sub-network is notified to the home agent through a mobile node network signal. The home agent determines a security method corresponding to the sub-network from among security methods held in an agent-side security application management table as a security method used for ensuring the security for user data communicated between the home agent and the mobile node managed thereby.
19 Citations
3 Claims
-
1. A method of automatically setting one of a plurality of security methods in a communication network system having a plurality of sub-networks interconnected to one another, said method comprising:
-
handling a mobile node having a care-of address dependent on a sub-network to which said mobile node is currently connected and a home address independent of said sub-network to which said mobile node is currently connected, at said mobile node; detecting the sub-network to which said mobile node is currently connected; determining the security method of said plurality of security methods corresponding to the detected sub-network from among said plurality of security methods held in a node-side security application management table to hold therein correspondences between said plurality of sub-networks and said plurality of security methods, as the security method of said plurality of security methods used for ensuring the security for user data communicated between said mobile node and a home agent associated therewith; and notifying said home agent of said sub-network to which said mobile node is connected through a mobile node network signal, and at said home agent; receiving the mobile node network signal from said mobile node; and determining the security method of said plurality of security methods corresponding to said sub-network notified from said mobile node through the mobile node network signal from among said plurality of security methods held in an agent-side security application management table to hold therein correspondences between sub-networks connected to said mobile node managed by said home agent and said plurality of security methods, as the security method of said plurality of security methods used for ensuring the security for user data communicated between said home agent and said mobile node managed thereby. - View Dependent Claims (3)
-
-
2. A communication network system together with a plurality of sub-networks interconnected to one another, said system comprising:
-
a home agent which forms part of the communication network system; at least one mobile node having a care-of address dependent on a sub-network of said plurality of sub-networks currently connected thereto and a home address independent of said sub-network of said plurality of sub-networks currently connected thereto; an agent-side security application management table to hold therein correspondences between said sub-networks of said plurality of sub-networks currently connected to said mobile node managed by said home agent and a plurality of security methods; mobile node network signal receiver, receiving from said mobile node a mobile node network signal which notifies said sub-network of said plurality of sub-networks to which said mobile node is currently connected; and agent-side security controller, determining a security method corresponding to said sub-network of said plurality of sub-networks notified thereto through the mobile node network signal from among said plurality of security methods held in said agent-side security application management table as the security method used for ensuring security for user data communicated between said home agent and said mobile node managed thereby, wherein said security method corresponds to a mobile-node security method determined by said mobile node via a correspondence between said sub-network of said mobile node and said mobile node in a node-side security application management table.
-
Specification