Method and network node for providing security in a radio access network
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention relates to a method, a system and a network node for providing security in a radio access network, wherein an information conveyed in a signalling message of an application protocol of said radio access network is used to derive or create a security association to be used between communicating network nodes of said radio access network. The conveyed information may be an IP address or a UDP datagram used for deriving the security association from a respective database. Alternatively, the conveyed information may be a security parameter index or a security association information conveyed in a new information element of the signalling message. This information is then used for creating a new Security Association between the communicating network nodes. Thereby, a separate connection or protocol is not required for the security procedures. Moreover, the whole network control system does not have to be involved in the transfer, because the endpoints of encryption are in corresponding network elements of the radio access network.
11 Citations
58 Claims
-
1-29. -29. (Cancelled)
-
30. A method for providing security in a radio access network between communicating network nodes, comprising the step of
using a signalling message of an application protocol, used for setting up a user stream in said radio access network, for conveying information for deriving or creating a security association between said communicating network nodes.
-
49. A method of conveying an information between network nodes, said method comprising the steps of:
-
a) providing a transparent container information element in an application protocol message; and
b) using said transparent container information element for conveying said information not targeted for said application protocol but for the transport network layer and its protocols.
-
- 50. A system for providing security in a radio access network comprising at least two network nodes, wherein said system is arranged to use an information conveyed in a signalling message of an application protocol, used for setting up a user stream in said radio access network, to derive or create a security association to be used in a communication between said at least two network nodes of said radio access network.
- 54. A network node arranged for providing security in a radio access network, wherein said network node is arranged to use an information conveyed in a signalling message of an application protocol, used for setting up a user stream in said radio access network, to derive or create a security association to be used in a communication between said network node and another network node of said radio access network.
Specification