EP1782575A1 - Verfahren und vorrichtung zur unterstützung einer sicheren weiterreichung - Google Patents

Verfahren und vorrichtung zur unterstützung einer sicheren weiterreichung

Info

Publication number
EP1782575A1
EP1782575A1 EP04786235A EP04786235A EP1782575A1 EP 1782575 A1 EP1782575 A1 EP 1782575A1 EP 04786235 A EP04786235 A EP 04786235A EP 04786235 A EP04786235 A EP 04786235A EP 1782575 A1 EP1782575 A1 EP 1782575A1
Authority
EP
European Patent Office
Prior art keywords
network element
candidate
elements
network
handover
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP04786235A
Other languages
English (en)
French (fr)
Inventor
Anand R. Prasad
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NTT Docomo Inc
Original Assignee
NTT Docomo Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by NTT Docomo Inc filed Critical NTT Docomo Inc
Publication of EP1782575A1 publication Critical patent/EP1782575A1/de
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/0005Control or signalling for completing the hand-off
    • H04W36/0011Control or signalling for completing the hand-off for data sessions of end-to-end connection
    • H04W36/0033Control or signalling for completing the hand-off for data sessions of end-to-end connection with transfer of context information
    • H04W36/0038Control or signalling for completing the hand-off for data sessions of end-to-end connection with transfer of context information of security context information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0433Key management protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/062Pre-authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos

Definitions

  • the present invention relates to a method and an apparatus for secure handover, and in particular it relates to the selection of handover candidates based on the network topology and the creation of trust with these candidates.
  • wireless networks may comprise mobile phone communications networks, typically also referred to as so-called cellular networks, wireless computer networks such as wireless LANs, or hybrid networks which include a variety of dif ⁇ ferent network technologies and corresponding terminals.
  • a typical property of wireless networks consists in the fact that usually they are or ⁇ ganised in cells which means that terminals can access to the network through so- called access points which serve a certain range or area surrounding them.
  • the communication between individual terminals which are not located in the same cell then is realised either through some backbone network which receives the informa- tion from the access point and delivers it to another access point close to the termi ⁇ nal device which is the intended recipient of the information, or the information may be transmitted from access point to access point until the access point is reached in the range of which the intended recipient terminal is located.
  • Fig. 1 shows a first access point AP1 having a certain range 100 within which it can communicate with mobile terminals, a mobile terminal MT1 located in this range, and moving to the coverage range 110 of another access point AP2.
  • some kind of authentication and authorisation as well as accounting must be performed.
  • this kind of task is performed by an authentication, authorisation and ac ⁇ counting (AAA) server as shown in Fig. 1.
  • AAA server is in charge of perform ⁇ ing authentication and authorisation checks when a terminal wishes to access a network, it typically is responsible for the general security environment like the gen ⁇ eration and distribution of keys for communication sessions, the accounting of services rendered, and the like.
  • AP1 When a mobile terminal MT1 accesses the network through for example access point AP1 , then AP1 contacts the AAA server in order to at first identify and authen ⁇ ticate the mobile terminal MT1 and then to negotiate some security environment such as encryption keys used during the communications session.
  • AP2 moves then to the range 110 of access point AP2, the same authenti ⁇ cation and authorisation procedure has to be performed with respect to the new access point AP2 by contacting the AAA server through access point AP2 to per ⁇ form the authentication and authorisation.
  • a method for supporting a secure handover which employs the creation of a trust relation be ⁇ tween neighbouring network elements to which the mobile device can handover. Once such a trust relationship has been created between neighbouring network elements such as access points, the handover can be performed in a faster and more efficient way by avoiding the need to re-authenticate the mobile device through contacting the AAA server.
  • the method includes the generation of a neighbour graph which is a data set which includes an identification of those neighbouring network elements (access points) to which a handover could be performed, as well as a se ⁇ curity context, security association or security information which enables the direct handover without re-contacting the AAA server between neighbouring network ele ⁇ ments.
  • the neighbouring graph contains a list or set of the IDs of the access points to which a handover is possible, and a set of keys for the communication between the neighbouring access points or base stations.
  • keys may for example be encryption keys, integrity check keys, it may also include an identification of the encryption algorithm or a packet of authentication algorithm identification.
  • the generation of the neighbouring graph includes the selection or identification of those neighbouring networking elements which are candidates for a handover.
  • an identification or selection ref ⁇ erence could be made to the network topology which may for example be stored in a management machine which maintains a description of the network topology.
  • the method for supporting a the secure handover includes the transmission of the security context which has been generated for the neighbouring elements included in the neighbour graph to the candidate elements from the originating network element from which the handover should originate.
  • the neighbour graph information including the candi ⁇ dates for handover and the corresponding security context can be transmitted to a network element as "piggyback" when it logs on to an AAA server. This means that no extra traffic in the network for distributing the neighbour graph will be needed. To implement this procedure, however, the network information and the relevant neighbour graph information must be available at the AAA server.
  • the method of the invention enables the transmission of context parameters from one access point through the neighbouring element to which the handover should be performed. This may improve the quality of service during the handover by making use of the shortened secure channel directly be ⁇ tween the relevant neighbouring access points without redirecting all the informa ⁇ tion through the mediation of the AAA server.
  • transmission of the context parameters may improve the handover quality by making sure that the handover of the service can be performed in a seamless manner by transferring all the relevant context information so that the communications session can be con ⁇ tinued at the new access point in the same manner as it was conducted at the pre ⁇ vious access point.
  • Fig. 1 schematically illustrates a network configuration according to the prior art.
  • Fig. 2 schematically illustrates a network configuration used in connection with an embodiment of the invention.
  • FIG. 3 schematically show a flowchart schematically illustrating an embodiment of the invention.
  • Fig. 4 schematically show a flowchart schematically illustrating a further embodi- ment of the invention.
  • Fig. 5 schematically illustrates a message sequence of an embodiment of the pres ⁇ ent invention compared to the prior art.
  • Fig. 6 schematically illustrates a message sequence of a further embodiment of the present invention.
  • Fig. 2 shows schematically a configuration of a network used in connection with an embodiment of the invention.
  • an AAA server responsi ⁇ ble for the security tasks.
  • Several access points AP1 to AP7 are shown with their respective coverage.
  • a management machine MM which has the task of generally managing the network, e.g. by maintaining a list of the network elements, managing the access and removal of network elements, and the like.
  • the management machine is aware of the network topology, i.e. knows which network elements are located at which location and which range is covered by which network element.
  • the management machine is a secure location protected by limiting access thereto by keys and/or other security measures be ⁇ cause the information about the network elements is security relevant.
  • the AAA server has (or generates on request) security related information for each network element such as keys, identities, etc..
  • security related information for each network element such as keys, identities, etc.
  • the AAA server keeps a list of network ele ⁇ ments, it keeps track which elements are trusted or not, logged-on or not, and fur ⁇ ther their shared keys and Security Association (SA).
  • SA Security Association
  • the security association here means any security relevant information necessary to establish a communications session with a network element, this may include encryption keys, integrity check keys, it may also include an identification of the encryption algorithm or a packet of authentication algorithm identification.
  • the AAA server and the man- agement machine have a or can built up a secure communication channel. This can be provided for during network deployment by suitable configuration of the AAA server and the management machine.
  • the management machine MM Since the management machine MM is aware of the topology of the network it knows for each network element which are its neighbours, or at least the manage- ment machine is capable to figure out the neighbouring elements of a certain net ⁇ work element. According to one embodiment as shown in Fig. 3 in step 300 the management machine for a certain network element determines which are the can- didates for a handover from this network element. Typically such candidates are the neighbouring elements, i.e. those network elements whose coverage lies adjacent to or overlaps with the certain network element. Then in step 310 there is created a security association between the certain network element from which the handover originates and the candidates.
  • the set of candidates for handover for a certain network element together with a corresponding security association between the certain network element and the candidates can be labelled as "neighbour graph".
  • Such a neighbour graph as de- scribed before with respect to AP3 may be performed for all network elements in a manner as described before, and then this enables a faster and more efficient han ⁇ dover from any of the network elements to another one.
  • a method for enabling a secure handover by creating a neighbour graph ac- cording to a further embodiment will be described by referring to Fig. 4.
  • the network element "wakes-up", e.g. by being switched on or by being newly added to the network, and then it logs on to the AAA server.
  • the network element Like shown in Fig. 2 also in this embodiment there is a secure channel and a "trust" between the AAA server and the management machine MM.
  • Based there- upon the network element receives a token from the AAA server to communicate with the management machine (operation 410).
  • the AAA server also sends the to ⁇ ken to the management machine (operation 420).
  • the management machine checks the location of the network element and deter ⁇ mines the candidates for a handover from the network element (operation 430). This could be only neighboring elements, like in the embodiment before. However, in a particular embodiment the candidates could also include network elements which are not direct neighbors but can only be reached through an "intermediate network element", this may be called a "multiple hop", and it may be included when determining the candidates for handover depending on the network policy and pos ⁇ sibly also on other parameters.
  • hop or “multihop” when used in the fol ⁇ lowing relates to a case where in addition to direct neighboring network elements further network elements are involved which are "neighbors of neighbors” such that a handover to such a network element would then be performed via an intermediate network element, and we in the following refer to this situation as a multiple hop. It should further be noted here that the generation of a neighbor graph may include network elements which are not direct neighbors of the originating network element.
  • the number of hops may be fixed. However, in a particular em ⁇ bodiment the number of hops could also be determined on certain parameters, e.g. the expected speed of the user and the location of the network. E.g. the network elements close to the rails of a train may often serve users moving at high speed, and then a multihop neighbor graph could be advantageous.
  • the number of hops may also depend on the coverage of the individual network element (the cell size), which itself may depend on the allowed data rates.
  • the candidate information is sent to the net ⁇ work element from which the handover should originate (operation 440).
  • the thus transmitted candidate information may comprise e.g. the ID of the candidate net- work elements, depending on availability of technology their location (which may e.g. be taken from a GPS system if the move and are not fixed), their capabilities (e.g. the available services, bandwidths, and other service related parameters) and also the number of hops from the originating network element. Most important among this information is the ID of the candidate elements.
  • the originating network element Based on the received information about the candidate network elements for a handover the originating network element send this candidate element information to the AAA server and requests a security association with them to be generated (operation 450).
  • a security association in this embodiment means e.g. encryption information such as keys related to the originating network element which then are encrypted respectively by keys belonging to respective candidate elements.
  • a secu ⁇ rity association for e.g. between AP3 and AP4 with AP3 as originating network ele- ment may therefore consist in security relevant information belonging to AP3 (keys, encryption algorithms, and possibly authentication algorithms like e.g. hashing algo ⁇ rithms) which has been encrypted by a key or keys belonging to AP4.
  • the thus en ⁇ crypted information then forms a "security association" between AP3 and AP4.
  • Such security associations are generated for all pairs between the originating net- work element and the candidate elements.
  • a security association may be regarded as the relationship between two or more entities (typically a computer, but it could also be a user or a software com ⁇ ponent) which describes how the entities will use security services such as encryp- tion to communicate.
  • the network element sends the SAs, encrypted by individual candidate net ⁇ work element keys (carried out by AAA server), to the candidate network elements (operation 470).
  • This can be a multicast or unicast (i. e. all security associations together are transmitted as a single large security association message, to each network element, however would be time consuming).
  • Each network element can decrypt its SA or its portion thereof.
  • each candidate element is now aware of the security relevant information(such as the keying materials, en ⁇ cryption algorithm, authentication algorithm like hash-algorithms, and the like) of the originating network element and vice versa, and this enables now the perform- ing of a secure (direct) handover from the originating network element to any of the candidate elements based on the thus created "neighbor graph" without having to re-authenticate the mobile terminal at the AAA server.
  • security relevant information such as the keying materials, en ⁇ cryption algorithm, authentication algorithm like hash-algorithms, and the like
  • the keying materials related to the originating network element are encrypted by the keying materials of a certain candidate network element and then forwarded to said candidate network element.
  • the candidate network element can decrypt them by using its own keying elements for decryption and thereby receives the keying elements or security information necessary to communicate with the originating network element.
  • the originating network element receives the keying materials of the candidate element. For security reasons these keying elements before being transmitted to the originating network element are encrypted using the keying materials belonging to said originating network element.
  • the origi ⁇ nating network element then can decrypt them using its own keying materials which it has been provided when logging on to the network.
  • the message sent to the originating network element may look like as follows:
  • Such message parts are generated and transmitted to the originating network element for each pair consisting between the originating network element and the respective n candidate elements, therefore the whole message contains n such message elements as shown above.
  • the keying materials typically are generated using a security server or any unit which is trusted and dedicated to the generation and maintenance of keying materi ⁇ als and possibly other security relevant information.
  • the security server may e.g. be an AAA server.
  • the originating network element may be allowed to perform the encryption of the above message by itself so that only the keying materials Key ca n d are delivered to the originating network element. It may then perform the encryption by itself to obtain ((C cand (Key or ig), however, according to another embodiment the encryption is performed in a separate unit such as in the AAA server.
  • the neighbor graph has been completed for the originating network element. It will be understood that preferably for all network elements a neighbor graph is generated in the manner described before.
  • the above procedure to create a secure neighbor graph may be repeated in prede ⁇ fined intervals. This may enable an update of the neighbor graph in case of new network elements have been added to the network.
  • the neighbor graph may be re-generated in case a new network element is added to the network. Such an addition will be noted by the management machine which may then be configured to trigger the re-generation of the neighbor graph in such a case.
  • the management machine which may then be configured to trigger the re-generation of the neighbor graph in such a case.
  • a network element remains idle for a certain predetermined time period which may be set as a net ⁇ work parameter it may be removed from the neighbor graph.
  • some embodiments are described which focus on variations how the neighbor graph, is transferred to its target, namely the originating network ele ⁇ ment for which the neighbor graph should enable communication with its corre ⁇ sponding candidate elements for handover.
  • AAA server has the network configuration informa ⁇ tion and sends a neighbor graph (or the list of candidate elements for a handover) to a new network element on log-on of the new network element. This avoids then the need for a management machine, however, it means that the AAA server must be configured to be aware of the network topology and it must further be configured to be.able to determine the candidate elements for handover which, correspond to a certain originating network element.
  • the AAA server communicates with the man- agement server on log-on of a network element and sends the candidate elements to the AAA server. This corresponds to the embodiment described in very detail already before.
  • the AAA server sends respective tokens with SA (security association) information to the originating network element and the management machine.
  • SA security association
  • the distribution of the tokens may consist in keying elements so that the management machine and the originating network can communicate directly in a secure manner, in other words trust has been established between them.
  • the originating network element can then communicate with the management machine and get the set of candidate elements for the handover.
  • the creation of the neighbor graph may then proceed as already described in detail before.
  • the generation of the neighbor graph may be per ⁇ formed as follows. On request by a network element (e.g. when logging on) the list of candidate elements is determined, either by the management machine of directly by the AAA server. The AAA server then based on the set of candidate elements creates security associations for each of the candidate elements comprising the keying materials of the originating network element and the respective candidate element. The respective security associations are then directly sent from the AAA server to the respective candidate elements to thereby enabling communication between the candidate elements and the originating network element, respectively.
  • the network element ID used as log-on This information is enough for fixed network, because in case of a fixed network (where no network element moves) this information is sufficiently to determine the neighboring network elements
  • the network element location is needed when the network element can be mo ⁇ bile and may move.
  • the man- agement machine determines the neighbor elements based on the network con ⁇ figuration. For that purpose there are different methods that can be used depending on the embodiment.
  • the management machine simply checks the ID of the network element and finds its location in the network configuration which it maintains. It then sends the ID of all the network elements in the neighborhood till the number of hops defined by the network policy.
  • the management machine checks the network elements available in the neighborhood as mentioned before. However, in this em ⁇ bodiment it also checks if there are walls or other materials that might distort the signal; thus the mobile device will not be able to handover to such network ele- ments. Based on such external influences it then determines the ID of network ele ⁇ ments that can be practically used for handover as neighbor graph. In this embodi ⁇ ment also the number of hops according to the network policy is checked and the candidate elements are determined accordingly.
  • the candidate elements are determined similar to any of the previous two methods, however in this embodiment the num ⁇ ber hops is dependent on the direction of the mobile terminal or the network ele ⁇ ment. If the direction is towards the inside of a building then it can be assumed that the user will walk and only one hop information is enough because the speed of the user doesn't make more than one hop necessary. However, if the direction of the mobile terminal or the network element is towards the street then it is possible that the user is driving and in this embodiment the candidate elements then are deter ⁇ mined such that multiple hops are included.
  • the number of hops may also be determined depending on the location of the user or the network element and possibly based on the environ ⁇ mental conditions at such a location. If e.g. the location is close to a train rail, then the user may have entered a train and possibly may move fast so that multihops could be preferable and should be included into the candidate elements. The details about how many hops should be selected depending on which environmental con ⁇ dition may be chosen appropriately when defining the network parameters.
  • the network element has the ability to find its location (e.g. GPS based), and then it sends its ID and coordinates e.g. to the man- agement machine. This is particularly useful for situations where the topology can change, i.e. if the network element itself (and not only the user with his mobile de ⁇ vice) can move.
  • the management machine determines the IDs and coordi ⁇ nates of neighboring network elements based on the location of the originating net ⁇ work element. This includes the determination of candidates up to the number of hops defined by the network policy and possibly also based on the direction of the movement.
  • an improved determination can be made if the management machine has site survey information. Site survey information may e.g.
  • Geographical information may e.g. in ⁇ clude information indicating which network elements will make no sense to use as handover candidate. This may take into account environmental influences which can be determined based on said geographical information and which may affect the possibility or the likelihood that a handover is performed to a certain candidate element.
  • the position information of a user indicates that he is located most likely in a train because his position coincides with the location of the rails of a train, then it makes no sense to include such candidate elements which are neighboring elements of the originating elements but which do not cover the geographical area in which the rails are located and hence the train and the user will move.
  • each network element on change of loca ⁇ tion sends its new coordinates to the management server.
  • a new neighbor graph is generated.
  • the management machine or the unit responsible for determin ⁇ ing the candidate elements will perform a significance check in order to check whether the movement is so significant that a new neighbor graph should be gen ⁇ erated. If e.g. the location change means that the set of neighboring network ele- ments has changed then in one embodiment this could be regarded as significant enough to create a new neighbor graph.
  • the move ⁇ ment does not lead to a change in the set of neighboring elements in one embodi ⁇ ment it may be determined that the movement is not so significant that a new neighbor graph need to be generated.
  • the invention can be applied to mesh networks, e.g. to fixed wireless mesh network.
  • a wireless mesh network with no change in topology.
  • the methods described before can be used for cheap de ⁇ ployment or extension of networks.
  • a new network element is to be added to a LAN, then it is added at first by the network administrator to the network. There- after when it logs on to the network it may trigger the (re-) creation of a neighbor graph in on of the manners as described before. Because the network topology will not change in time no adjustments of the neighbor graph due to network element location changes are necessary.
  • the network elements preferably inform the management machine or the unit responsible for the determination of the can ⁇ didate elements about their location every time they move. In one such embodiment each movement will mean a new neighbor graph. In this case the network element can send the location information together with a neighbor graph request.
  • the thus created secure communications channel may be used for the transmission of context pa ⁇ rameters from one access point through the neighbouring network element (access point) to which the handover should be performed. This may improve the quality of service during the handover by making use of the shortened secure channel directly between the relevant neighbouring access points without redirecting all the infor ⁇ mation through the mediation of the AAA server.
  • transmission of the context parameters may improve the handover quality by making sure that the handover of the service can be performed in a seamless manner by transferring all the relevant context information so that the communications session can be continued at the new access point in the same manner as it was conducted at the previous access point.
  • the context information being transferred may involve information about the quality of service or the available services such as the bandwidth or data rate, and then the communications session after handover may be continued in an appropriate manner based on these context parameters.
  • FIG. 5 on the left- hand side shows a message sequence for a handover procedure in a wireless LAN system according to the standard IEEE 802.11.
  • a station STA which has been connected to an old access point AP and which now is about to perform a handover to a new access point APnew.
  • probe requests and responses in three different channels by the station STA. While the standard itself does not require three channels it should be mentioned here that a good implementation will use three channels. This is for just looking around which new access point might be suitable or available for handover.
  • the station STA sends around these requests in three channels different from the channel of the ongoing present communication. Any access point ready for handover sends a corre ⁇ sponding response, as illustrated in the sequence diagram.
  • an open sys ⁇ tem authentication which is also a term according to the standard IEEE 802.11.
  • This open system authentication just means that the station exchanges a message with the new access point.
  • This open system of authentication does not yet involve any security parameters, it is not a "real authentication" in the sense that any se- cure transmission or security check is involved in this authentication, it is therefore labeled "open system authentication”.
  • the station STA associates itself with the new access point.
  • the new access point Apnew.
  • the old access point contacts the AAA server to perform an authentication procedure to create a trust relationship between the old and the new access point.
  • the old access point returns a message to the new access point to complete the establishment of a trust relationship between the two access points and to fi ⁇ nally agree that the new access point will take over thejnobile station.
  • This proce ⁇ dure including the then two following steps which will be explained later is a so- called IAPP move producer between the old access point and the new access point.
  • the exchange of these messages according to the inter-access point proto- col (IAPP) move procedure has the purpose of first of all informing the old access point AP that the new access point APnew will now take over the mobile station STA and to perform an authentication (the first to fourth messages in the IAPP move procedure).
  • the fifth and sixth messages may be used for the transfer of context information, for example context information related to the services and the features of the ongoing communications session.
  • EAP-TLS extensible authentication protocol
  • TLS transport layer security
  • the message sequences shown with respect to this authentication in the diagram follow the prescriptions of the standard IEEE 802.11 i. As can be seen from the diagram this involves the exchange of a large number of messages, moreover, it involves two stages of message exchanges, namely from the station STA to the new access point APnew, from there to the AAA server, and back via the new access point to the station STA. All the messages together form the handover delay as indicated in the message sequence diagram of the left-hand side of Fig. 5, and the messages from the open system authentication to the EAP-TLS authentication form the re- authentication delay involved with the re-authentication of the station at the new access point APnew.
  • the probe request and response there is the same as in the diagram on the left-hand side of Fig. 5.
  • the open system authentication after the probe request and response also is the same as in the left-hand side of Fig. 5.
  • sequences involved with the re-association are in principle the same as in the left-hand side message sequence diagram.
  • the transmis ⁇ sion of context parameters in this embodiment may involve the transmission of a security context, such as e.g. the key(s) and possibly other security related information such as an encryption algorithm, and/or an authentication algorithm like a hash-algorithm, necessary for the new access point to communicate with station STA.
  • the authentication server AAA is not involved in this authentication procedure because all relevant security information has already in advance been delivered to the communication partners.
  • the re-authentication delay and thereby the handover delay is sig- nificantly reduced in an embodiment according to the present invention when com ⁇ pared with the prior art as shown on the left-hand side of Fig. 5.
  • Fig. 6 on the left- hand side shows a message sequence diagram which is identical to the one on the right-hand side of Fig. 5.
  • the last two messages which are used for the transfer of context information may involve the transfer of the security context, i.e. the exchange of the relevant keys between the communications partners so that the station STA is en- abled to communicate with the new access point APnew.
  • the security context i.e. the exchange of the relevant keys between the communications partners so that the station STA is en- abled to communicate with the new access point APnew.
  • the IAPP move procedure involves only the exchange of two messages in order to inform the old access point AP that the new access point APnew is to take over the communications session with the station STA.
  • these two messages can be exchanged simultaneously (not in sequence) because a security association has been already generated be ⁇ tween the old access point AP and the new access point APnew.
  • the actual authentication of the station STA at the new access point APnew may be performed as already explained in connection with the diagram shown on the left-hand side of Fig. 6.
  • the total handover delay can be further decreased compared with the procedure of a handover according to the prior art.
  • this security association is for example trans ⁇ ferred by the fifth and sixth messages in the IAPP move procedure of the right hand side of Fig. 5 and the left hand side of Fig. 6.
  • a certain access point which acts as an originating access point and for which the neighbor graph is generated not only determines the candidate elements based on which then the security context transfer between the originating access point and the candidate elements is per- formed, but also determines which mobile stations are served by this originating access point. For the mobile stations located and being served through the cover ⁇ age area of this originating access point the security associations between these mobile stations and the originating access point are also transferred to the candi ⁇ date elements to enable the fast handover as described before.
  • the originating access point therefore transfers the security context or the security association to its neighboring candidate elements based on the individual mobile stations located in its coverage area.
  • this access point updates the neighbor graph by trans ⁇ ferring the security association established between this new mobile station and the originating access point also to the other candidate elements included in the neigh ⁇ bor graph to enable the fast handover for this mobile station from the originating access point to one of the candidate elements after the new mobile station has en- tered the area of the originating access point.
  • This may be regarded as an update of the neighbor graph.
  • the updating of the neighbor graph therefore involves the transfer of security asso ⁇ ciations between mobile stations and the originating access point. It may be trig ⁇ gered by the entering of a mobile station into the coverage area of a certain access point which then forms the originating access point for this newly entered mobile station and which therefore has to update its neighbor graph.
  • the updating of the neighbor graph may be de ⁇ pendent on the result of a status polling through which a certain access point checks by a polling which mobile stations are located in its coverage area.
  • a polling may be performed at predefined moments in time or at predefined intervals.
  • the updating of a neighbor graph may also be based on a mobile station leaving the coverage area of a certain originating access point. After the mobile station has left the coverage area of the originating access point this originating access point may inform the candidate elements included in its neighbor graph about the leaving of this mobile station and about the fact that these candidate elements may delete their security associations related to this mobile station which just has left. In this manner an overflow or an over-accumulation of security associations which actually are not in use anymore at the different access point can be avoided.
  • the neigh ⁇ bor graph is re-generated or updated at the access point into the coverage area of which the mobile station has moved. This avoids that the security association for this mobile station is deleted from such access points to which the mobile station actually could possibly hand over even after having moved into the new coverage area.
  • the neighbor graph created for the certain access point may depend also on the individual pa ⁇ rameters or character of the mobile stations located in the coverage area of this access point. If for example in the coverage area of this access point there is lo- cated one mobile station which may move relatively fast such that it requires a multi-hop neighbor graph, then due to this fact the neighbor graph for this originat ⁇ ing access point may involve multi-hop candidate elements. Once this mobile sta ⁇ tion leaves the coverage area of this originating access point, however, the candi- date elements which are included due to the multi-hop requirement may be can ⁇ celled from the neighbor graph of this originating access point.
  • the individual candidate elements included in the neighbor graph of a certain originating access point may have corresponding identifiers which identify based on which mobile station they are included in the neighbor graph.
  • a certain candidate element may be included into the neighbor graph due to a first slowly moving mobile station and also due to a fast moving mobile station, in this case it will have two corresponding identifiers identifying these two mobile stations. If the fast moving mobile station leaves the coverage area, this candidate element will still be included in the neighbor graph because it is also included due to another mobile station.
  • those candidate elements which are included into the neighbor graph only due to the fast moving mobile station may then by removed from the neighbor graph once this fast moving mobile station has left the coverage area of the originating access point.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Small-Scale Networks (AREA)
EP04786235A 2004-08-26 2004-08-26 Verfahren und vorrichtung zur unterstützung einer sicheren weiterreichung Withdrawn EP1782575A1 (de)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2004/051918 WO2006021236A1 (en) 2004-08-26 2004-08-26 Method and apparatus for supporting secure handover

Publications (1)

Publication Number Publication Date
EP1782575A1 true EP1782575A1 (de) 2007-05-09

Family

ID=34959094

Family Applications (1)

Application Number Title Priority Date Filing Date
EP04786235A Withdrawn EP1782575A1 (de) 2004-08-26 2004-08-26 Verfahren und vorrichtung zur unterstützung einer sicheren weiterreichung

Country Status (3)

Country Link
EP (1) EP1782575A1 (de)
JP (1) JP4468449B2 (de)
WO (1) WO2006021236A1 (de)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8130771B2 (en) * 2006-10-10 2012-03-06 Alcatel Lucent Packet-forwarding for proxy mobile IP
US20080095114A1 (en) * 2006-10-21 2008-04-24 Toshiba America Research, Inc. Key Caching, QoS and Multicast Extensions to Media-Independent Pre-Authentication
US20080207209A1 (en) * 2007-02-22 2008-08-28 Fujitsu Limited Cellular mobile radio communication system
JP5044690B2 (ja) * 2007-03-28 2012-10-10 ノーテル・ネットワークス・リミテッド Ipモビリティシステムのための動的な外部エージェント−ホーム・エージェント・セキュリティ・アソシエーション割当て
JP5210650B2 (ja) * 2008-02-05 2013-06-12 日本無線株式会社 WiMAXGW基地局制御システム
CN101286844B (zh) 2008-05-29 2010-05-12 西安西电捷通无线网络通信有限公司 一种支持快速切换的实体双向鉴别方法
KR101655264B1 (ko) 2009-03-10 2016-09-07 삼성전자주식회사 통신시스템에서 인증 방법 및 시스템
US9210622B2 (en) * 2009-08-12 2015-12-08 Qualcomm Incorporated Method and apparatus for relay backhaul design in a wireless communication system
US9125133B2 (en) 2009-08-12 2015-09-01 Qualcomm Incorporated Method and apparatus for relay backhaul design in a wireless communication system
US8429728B2 (en) * 2009-08-24 2013-04-23 Alcatel Lucent Pre-registration security support in multi-technology interworking
CN103312499B (zh) 2012-03-12 2018-07-03 西安西电捷通无线网络通信股份有限公司 一种身份认证方法及系统
CN103312670A (zh) 2012-03-12 2013-09-18 西安西电捷通无线网络通信股份有限公司 一种认证方法及系统
EP2645754B1 (de) * 2012-03-29 2015-02-25 Mitsubishi Electric R&D Centre Europe B.V. Vertrauenbasiertes System und Verfahren zur Durchführung einer Übergabe von einer Quellbasisstation an eine Zielbasisstation

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2290195B (en) * 1994-06-10 1998-08-05 Northern Telecom Ltd Automatic determination and tuning of pico-cell topology for low-power wireless systems
WO2002103988A1 (en) * 2001-05-02 2002-12-27 Strix Systems, Inc. Wireless base station neighbor discovery in a communication system employing a short-range frequency hopping scheme
KR100448318B1 (ko) * 2002-11-08 2004-09-16 삼성전자주식회사 무선망에서의 핸드오프방법
US7346772B2 (en) * 2002-11-15 2008-03-18 Cisco Technology, Inc. Method for fast, secure 802.11 re-association without additional authentication, accounting and authorization infrastructure

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2006021236A1 *

Also Published As

Publication number Publication date
WO2006021236A1 (en) 2006-03-02
JP2008511223A (ja) 2008-04-10
JP4468449B2 (ja) 2010-05-26

Similar Documents

Publication Publication Date Title
TWI393414B (zh) 安全交談金鑰上下文
KR100991522B1 (ko) 휴대인터넷 시스템의 핸드오버용 보안 콘텍스트 전달 방법
CN1652630B (zh) 生成接入点可访问的邻区图的方法、接入点及无线网络
CN104244367B (zh) 电信网络和装置
EP2309698B1 (de) Austausch von schlüsselmaterial
JP4764108B2 (ja) 無線端末、管理装置、無線lanの制御方法、無線lanシステム
US20070076671A1 (en) System and method for network infrastructure driven context setup to facilitate roaming
KR20080063324A (ko) 상태 이송을 위한 이동 노드의 이용을 위한 방법 및 장치
US20190166492A1 (en) System and Method for Wireless Network Access Protection and Security Architecture
CN102348206B (zh) 密钥隔离方法和装置
CN101310480A (zh) 利用移动节点进行状态传递的方法和装置
CN109413194B (zh) 用于移动通信系统的用户信息云端协同处理及转移方法
WO2005027559A1 (en) Fast authentication method and apparatus for inter-domain handover
CN101785343B (zh) 用于快速转换资源协商的方法、系统和装置
CN103460736A (zh) 在无线网络中管理数字证书的灵活系统和方法
CN101981892A (zh) 用于无线通信系统的群密钥分发和管理的系统和方法
US9270652B2 (en) Wireless communication authentication
WO2006021236A1 (en) Method and apparatus for supporting secure handover
CN101627644A (zh) 用于漫游环境的基于令牌的动态密钥分配方法
WO2024103855A1 (zh) 网元状态管理方法、装置、电子设备及存储介质
EP2378802B1 (de) Drahtloses Kommunikationsnetzwerk und Verfahren zur Authentifizierung einer Nachricht
JP2005176340A (ja) 隣接するモバイル・スイッチング・センタへのハンドオフのためのグローバル認証継続機能
CN102244857A (zh) 无线局域网漫游用户的控制方法及其装置和网络系统
Huang et al. SAP: seamless authentication protocol for vertical handoff in heterogeneous wireless networks
KR100729725B1 (ko) 무선 휴대 인터넷 시스템에서 인증 방법 및 그 인증 시스템

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20060818

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): DE GB

DAX Request for extension of the european patent (deleted)
RBV Designated contracting states (corrected)

Designated state(s): DE GB

17Q First examination report despatched

Effective date: 20100114

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20111209