IP mobility security control
First Claim
Patent Images
1. A method comprising:
- causing establishment of an internet protocol (IP) mobility binding with an indication of a security mode for a mobile node connected to an IP sub-network and identified in the IP sub-network by a care of address,detecting a trigger to adapt the security mode for the mobile node connected to the IP sub-network, wherein there is no update to the IP mobility binding and the care of address, and wherein the mobile node continues to be connected to the IP sub-network and continues to be identified in the IP sub-network by the same care of address,adapting, in response to the trigger, the security mode for the mobile node connected to the IP sub-network and identified by the care of address; and
causing a binding update message to be transmitted to indicate an applied security mode or a need to change the security mode, wherein the binding update message is associated with a flag that is indicative of whether user plane traffic will be encrypted or unencrypted.
2 Assignments
0 Petitions
Accused Products
Abstract
A method, apparatus, and computer program product are provided for adapting security level between a mobile node and a mobility anchor. In the context of a method, an IP mobility binding with an indication of a security mode is established for a mobile node connected to an IP sub-network and identified in the IP sub-network by a care of address. A trigger to adapt the security mode for the mobile node connected to the IP sub-network is detected. The security mode for the mobile mode connected to the IP sub-network and identified by the care of address is adapted in response to the trigger.
23 Citations
23 Claims
-
1. A method comprising:
-
causing establishment of an internet protocol (IP) mobility binding with an indication of a security mode for a mobile node connected to an IP sub-network and identified in the IP sub-network by a care of address, detecting a trigger to adapt the security mode for the mobile node connected to the IP sub-network, wherein there is no update to the IP mobility binding and the care of address, and wherein the mobile node continues to be connected to the IP sub-network and continues to be identified in the IP sub-network by the same care of address, adapting, in response to the trigger, the security mode for the mobile node connected to the IP sub-network and identified by the care of address; and causing a binding update message to be transmitted to indicate an applied security mode or a need to change the security mode, wherein the binding update message is associated with a flag that is indicative of whether user plane traffic will be encrypted or unencrypted. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An apparatus comprising:
- at least one processor, and at least one memory comprising computer program code, wherein the at least one memory and the computer program code are configured, with the at least one processor of the apparatus, to cause the apparatus at least to;
cause establishment of an internet protocol (IP) mobility binding with an indication of a security mode for a mobile node connected to an IP sub-network and identified in the IP sub-network by a care of address, detect a trigger to adapt the security mode for the mobile node connected to the IP sub-network, wherein there is no update to the IP mobility binding and the care of address, and wherein the mobile node continues to be connected to the IP sub-network and continues to be identified in the IP sub-network by the same care of address, adapt, in response to the trigger, the security mode for the mobile node connected to the IP sub-network and identified by the care of address; and cause a binding update message to be transmitted to indicate an applied security mode or a need to change the security mode, wherein the binding update message is associated with a flag that is indicative of whether user plane traffic will be encrypted or unencrypted. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- at least one processor, and at least one memory comprising computer program code, wherein the at least one memory and the computer program code are configured, with the at least one processor of the apparatus, to cause the apparatus at least to;
-
23. A non-transitory computer-readable storage medium storing a computer program comprising one or more sequences of one or more instructions which, when executed by one or more processors of the apparatus, cause the apparatus to at least:
-
cause establishment of an internet protocol (IP) mobility binding with an indication of a security mode for a mobile node connected to an IP sub-network and identified in the IP sub-network by a care of address, detect a trigger to adapt the security mode for the mobile node connected to the IP sub-network, wherein there is no update to the IP mobility binding and the care of address, and wherein the mobile node continues to be connected to the IP sub-network and continues to be identified in the IP sub-network by the same care of address, adapt, in response to the trigger, the security mode for the mobile node connected to the IP sub-network and identified by the care of address; and cause a binding update message to be transmitted to indicate an applied security mode or a need to change the security mode, wherein the binding update message is associated with a flag that is indicative of whether user plane traffic will be encrypted or unencrypted.
-
Specification