JP2005236610A - Location registration method, communications system, and communication program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To shorten the period of time, starting after the movement of mobile equipment to enabling of data communication. <P>SOLUTION: The following procedures are executed a procedure that a mobile node MN sends a request message of temporary registration, including a location registration token based on an old care of address token and a home address token and a new care-of address to a companion node CN to be a communication partner; a procedure that the companion node CN makes temporary registration with valid conditions in a storage means, with respect to the new care of address, when the companion node CN examines the location registration token included in the request message of temporary registration; a procedure that the companion CN sends a reply message, including the new care of address token based on the new care of address to the mobile node MN; and a procedure that the mobile node MN and the companion node CN permit data communication within a period the valid conditions of the temporary registration are satisfied. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to a location registration method, a communication system, and a communication program.

  Portable mobile devices have become widespread due to the miniaturization of computers and power-saving technologies. By attaching a communication function to these mobile devices, for example, it is possible to send and receive mail at a business trip destination. A technique for connecting a mobile device to a wide area network such as the Internet has been proposed as MobileIP in the Internet Engineering Task Force (IETF), which is an Internet standardization organization (Non-Patent Document 1, etc.).

  MobileIP is a mechanism in which a router device called a home agent manages the correspondence between identification information (home address) of a mobile device and the latest location information (care-of address) of the mobile device. The communication partner of the mobile device communicates using the home address, and the home agent converts the home address and the care-of address to make the mobile device communication partner aware of the movement of the position of the mobile device. It is possible to perform communication without using it.

  However, in MobileIP, if the home agent converts (mediates) all communication between the mobile device and its communication partner, the communication between the mobile device and its communication partner is bypassed by the home agent. There is a problem that the route is not used for communication and an extra delay occurs.

Therefore, a mechanism for setting a route so that a mobile device and its communication partner communicate directly without using a home agent is defined in MobileIP as “Return Routability”. In this mechanism, the mobile device directly registers the latest location information with the communication partner, so that the communication partner designates the latest location information of the mobile device as a transmission destination address and transmits data. . As a result, the mobile device and the communication partner can directly communicate with each other without using the home agent, and the occurrence of the extra delay is suppressed.
The Internet Engineering Task Force (IETF), “Mobility Support in IPv6”, [online], [searched on February 13, 2004], Internet <URL: http://www.ietf.org/internet-drafts/draft -ietf-mobileip-ipv6-24.txt>

  However, the period during which communication is interrupted from the time when the mobile device moves due to the location information registration process using the “Return Routability” until the data is transmitted based on the care-of address after the move. Will occur. Communication is interrupted even though the mobile device does not exist in the old care-of address in the period from the movement of the mobile device to the completion of mobile device authentication (registration of location information). This is because data communication continues to the old care-of address.

  In other words, “Return Routability” performs a complicated authentication procedure to authenticate a mobile device using a care-of address after the mobile device has moved, and this authentication procedure is a period during which data communication is interrupted. It will be a cause to produce. Therefore, there is a need for an authentication procedure that enables data communication by authenticating the mobile device immediately after the mobile device moves.

  In view of the above, the main object of the present invention is to solve the above-described problems and to shorten the period from when the mobile device is moved to when data communication is possible.

In order to solve the above-described problem, the location registration method according to claim 1 provides information for issuing a mobile node that is a movable node and a care-of address for the mobile node to access a wide area network. A location registration method for data communication by a communication system including an opposite node that performs data communication with the mobile node via an access router,
The mobile node obtains from the partner node an old care-of address token based on the old care-of address before movement, and a home address token based on a home address that identifies the mobile node;
The mobile node transmits a location registration token based on the old care-of address token and the home address token, and a temporary registration request message including the new care-of address after movement to the counterpart node;
When the counterpart node verifies the location registration token included in the provisional registration request message and passes, a procedure for performing provisional registration with a valid condition for the new care-of address in a storage unit;
A procedure in which the counterpart node transmits a response message including a fresh care-of address token based on the fresh care-of address to the mobile node;
A procedure in which the mobile node and the counterpart node permit data communication in a period in which the validity condition of the provisional registration is satisfied;
It is characterized by performing.

  As a result, temporary registration is performed by one round-trip message exchange, and the location registration token for the temporary registration does not need to be newly calculated by using the recorded data. The waiting time that occurs can be shortened.

  The location registration method according to claim 2 is the location registration method according to claim 1, wherein the temporary registration valid condition is that data communication is valid only for a predetermined period from the time when the temporary registration is made. It is characterized by doing.

  Thereby, by providing effective conditions for provisional registration specifically, long-term use of provisional registration by a communication partner with poor reliability can be suppressed.

  The location registration method according to claim 3 is the location registration method according to claim 1, wherein the temporary registration validity condition is determined between the mobile node and the counterpart node from the time when the temporary registration is performed. The data communication is made effective only when the amount of data communication performed between them is less than a predetermined amount of data.

  Thereby, by providing effective conditions for provisional registration specifically, long-term use of provisional registration by a communication partner with poor reliability can be suppressed.

  The location registration method according to claim 4 is the location registration method according to claim 1, wherein the temporary registration valid condition is that the temporary registration transmitted from the mobile node from the time when the temporary registration is performed. Data communication is valid only when the number of registration request messages is less than a predetermined number.

  Thereby, by providing effective conditions for provisional registration specifically, long-term use of provisional registration by a communication partner with poor reliability can be suppressed.

The location registration method according to claim 5 is the location registration method according to any one of claims 1 to 4, wherein the location registration method is configured such that the mobile node has the new care-of address token and A procedure for attaching a location registration token based on the home address token to a location registration message including the new care-of address and the home address, and transmitting it to the counterpart node;
When the counterpart node verifies and passes the location registration token included in the location registration message, the procedure for performing location registration in the storage means for the new care-of address after the movement;
When the mobile node and the counterpart node succeed in the location registration, a procedure for permitting data communication;
Is further included and executed.

  Accordingly, by performing formal location registration after provisional registration, it is possible to provide the same level of security strength as conventional “Return Routability”.

  The location registration method according to claim 6 is the location registration method according to any one of claims 1 to 5, wherein the old care-of address token, the new care-of address token, the home address token, In addition, at least one of the location registration tokens is created using predetermined time information.

  As a result, the created token has a different value each time by the same mechanism as that of the one-time password, so that the security strength can be increased.

The communication system according to claim 7, wherein the mobile node is a mobile node, and the mobile node via an access router that provides information for issuing a care-of address for the mobile node to access a wide area network. A communication system configured to include a partner node that performs data communication with a node,
The counterpart node verifies the mobile node after movement based on information issued to the mobile node before movement, and communication with the mobile node that has passed the verification satisfies a valid condition. It is characterized by permission in the period

  As a result, temporary registration is performed by one round-trip message exchange, and the location registration token for the temporary registration does not need to be newly calculated by using the recorded data. The waiting time that occurs can be shortened.

The communication system according to claim 8 is the communication system according to claim 7, wherein the counterpart node includes a location correspondence management unit that records a correspondence between a home address and a care-of address of the mobile node; A location registration unit for registering a correspondence between a home address and a care-of address in the location correspondence management unit, and a provisional registration unit for provisionally registering in the location correspondence management unit with a valid condition for a correspondence between a home address and a care-of address of a mobile node And whether or not the effective condition is satisfied, temporary registration cancellation unit for canceling temporary registration that does not satisfy the effective condition, and information issued to the mobile node before moving from the mobile node And a location registration token verification unit for verifying a location registration token based on
The temporary registration unit temporarily registers the mobile node that passes the verification by the location registration token verification unit.

  As a result, temporary registration is performed by one round-trip message exchange, and the location registration token for the temporary registration does not need to be newly calculated by using the recorded data. The waiting time that occurs can be shortened.

The communication system according to claim 9 is the communication system according to claim 7, wherein the mobile node temporarily registers the care-of address after movement based on a correspondence between a home address and a care-of address before movement. It includes a provisional registration requesting unit to request and a location registration token creating unit that creates a token for location registration,
The temporary registration request unit includes a message for requesting temporary registration including information issued to the mobile node before movement, and transmits the message to the counterpart node.

  As a result, temporary registration is performed by one round-trip message exchange, and the location registration token for the temporary registration does not need to be newly calculated by using the recorded data. The waiting time that occurs can be shortened.

The communication program according to claim 10, wherein the mobile node is a mobile node and the mobile node via an access router that provides information for issuing a care-of address for the mobile node to access a wide area network. A communication program used in a communication system configured to include a partner node that performs data communication with a node,
Based on the information issued to the mobile node before the movement to the mobile node, the communication between the means for verifying the mobile node after the movement and the mobile node that has passed the verification is valid It is characterized by functioning as a means for permitting in a period to be satisfied.

  As a result, temporary registration is performed by one round-trip message exchange, and the location registration token for the temporary registration does not need to be newly calculated by using the recorded data. The waiting time that occurs can be shortened.

  The present invention is characterized by provisionally registering a location between mobile devices. As a result, it has become possible to shorten the period from when the mobile device is moved to when data communication is possible.

  Hereinafter, a first embodiment of a communication system to which the present invention is applied will be described in detail with reference to the drawings. First, the configuration of the communication system of the present embodiment will be described with reference to FIGS.

  FIG. 1 is a configuration diagram of a communication system. The communication system shown in FIG. 1 is a system that enables mobile devices to be realized in a wide area network 10 that is a network connecting a plurality of networks such as the Internet. Therefore, the communication system includes a mobile node MN that is a node in which physical movement has been performed, a counterpart node CN that is a communication partner of the mobile node MN, a home agent HA that manages the latest location information about the node, And an access router AR that provides information for issuing a care-of address for accessing the wide area network 10. Furthermore, each device of the communication system is connected by the wide area network 10 and can communicate with each other. The home agent HA also has a packet relay unit for relaying communication between the mobile node MN and the counterpart node CN.

  Next, two types of addresses used by the mobile node MN shown in FIG. 1 will be described. The first address is a care-of address. The care-of address is an address created by the mobile node MN based on the prefix issued from the access router and the identification information of the mobile node MN, and is used for the mobile node MN to access the wide area network 10. . The second address is a home address, which is an address that remains unchanged regardless of the physical movement of the mobile node MN.

  FIG. 2 is a configuration diagram of the counterpart node CN. The counterpart node CN includes a location correspondence management unit BC that records the correspondence between the home address and the care-of address of the mobile node MN, a location registration unit 22 that registers the correspondence between the home address and the care-of address of the mobile node MN, Manages the temporary registration unit 24 that temporarily registers the correspondence between the home address and the care-of address of the MN with a condition, the temporary registration cancellation unit 26 that cancels the temporary registration according to a predetermined condition, and a token for authenticating the mobile node MN. A token management unit 30, a home address token creation unit 32 that creates a token based on the home address of the mobile node MN, a care-of address token creation unit 34 that creates a token based on the care-of address of the mobile node MN, A location registration token verification unit 36 for verifying a token for location registration of the mobile node MN; Including configured.

  FIG. 3 is a configuration diagram of the mobile node MN. The mobile node MN includes a location correspondence status recording unit 60 that records the progress status of the location registration process, a location registration request unit 62 that requests registration of a home address and a care-of address, and a home address and a care-of address before the move. A temporary registration request unit 64 that requests temporary registration of the care-of address after movement based on the correspondence, a token management unit 70 that manages a token for location registration, and a location registration token creation unit that creates a token for location registration 72.

  Here, the token will be described. In this specification, data that is created based on predetermined data and used for authentication is defined by the term “token”. For example, the authentication data created based on the home address is a home address token. Similarly, a care-of address token is generated based on the care-of address. Further, the location registration token is authentication data used for location registration of the mobile node MN, and is created based on the home address token and the care-of address token.

  Next, an example of a method for generating each token will be described. First, the home address token created by the home address token creating unit 32 is a hash function calculation result with the home address as an input. Similarly, the care-of address token created by the care-of address token creation unit 34 is a calculation result of a hash function that receives a care-of address. For example, the HMAC_SHA1 function is used as the hash function. Further, the location registration token is a calculation result of a hash function having a home address token and a care-of address token as inputs. Further, instead of using the home address token or the care-of address token as it is as an input for creating the location registration token, a value obtained by multiplying each input data by a hash function such as the SHA1 function may be used as an input. .

  Then, for these tokens created by the hash function, the function used for the creation and the input data used for the creation are shared between the token creation side and the verification side. This makes it difficult for a malicious third party who does not know how to create the token to forge the token. Therefore, high-level authentication is possible between the token creation side and the verification side.

  Note that hardware resources for realizing each device will be described. First, each processing unit (location registration unit 22, temporary registration unit 24, temporary registration release unit 26, home address token creation unit 32, care-of address token creation unit 34, location registration token verification unit 36) of the counterpart node CN This is realized as a program that is read and executed by a CPU (Central Processing Unit) of the node CN. The components (location correspondence management unit BC and token management unit 30) that manage data of the counterpart node CN are realized as storage means such as a RAM (Random Access Memory) included in the counterpart node CN.

  Next, each processing unit (location registration request unit 62, temporary registration request unit 64, location registration token creation unit 72) of the mobile node MN is realized as a program that is read and executed by the CPU of the mobile node MN. . The components (location correspondence state recording unit 60 and token management unit 70) that manage the data of the mobile node MN are realized as storage means such as a RAM included in the mobile node MN.

  The configuration of the communication system has been described above. Next, the location registration operation of the communication system according to the present embodiment will be described with reference to FIGS. 4 to 6 with reference to FIGS.

  First, FIG. 4 is a diagram illustrating an operation in which the mobile node MN performs initial location registration with the counterpart node CN.

First, the mobile node MN requests a home address token from the counterpart node CN (S101).
The home address token request message is first given an inner header whose source is the mobile node MN's home address and whose destination is the address of the partner node CN. Next, the mobile node MN adds an outer header whose destination is the address of the home agent HA to the home address token request message. Therefore, the home address token request message is transmitted to the home agent HA by the outer header.
Here, the home agent HA relays the request for the home address token from the mobile node MN to the counterpart node CN. Here, the home agent HA removes the outer header from the request message for the home address token.

  Then, the counterpart node CN issues a home address token based on the source home address in the header in response to the received home address token request (S102). The issued home address token is returned from the counterpart node CN to the mobile node MN by a packet whose header destination is the home address. Here, when the home agent HA receives the packet including the home address token, the home agent HA adds a header whose destination is the care-of address of the mobile node MN to the outside. With this outer header, the home address token is transmitted to the mobile node MN.

  Then, the mobile node MN transmits a packet requesting the care-of address token to the counterpart node CN (S111). The transmission source of the header of this request packet is the latest care-of address (after movement, if moved) in the mobile node MN. Further, the counterpart node CN issues a care-of address token to the received request packet of the care-of address token based on the care-of address in the transmission destination of the header. Then, the issued care-of address token is returned from the counterpart node CN to the mobile node MN by a packet whose header destination is the care-of address (S112).

  Here, the mobile node MN creates a location registration token in order to register the latest care-of address with the counterpart node CN (S121). The location registration token is created based on the home address token received in S102 and the care-of address token received in S112. Then, the mobile node MN transmits a location registration request with the created location registration token to the counterpart node CN (S122).

  Further, in response to the received location registration request, the counterpart node CN performs a location registration token verification process attached to the request packet, and a location registration process when the verification process is passed (S123). The location registration token verification process is performed when the received location registration token matches the token created by the counterpart node CN based on the home address token and the care-of address token using the same calculation method as in S121. In addition, it is a process for passing the verification. Then, the counterpart node CN responds to the mobile node MN that the location registration process has been completed (S124).

  As a result, the mobile node MN becomes communicable with the counterpart node CN, so that mutual data communication is started (S131).

  Next, FIG. 5 is a diagram illustrating an operation in which the mobile node MN performs the second and subsequent location registrations with the counterpart node CN. That is, it is assumed that the initial location registration has already been performed according to FIG. 4 between the predetermined mobile node MN and the predetermined counterpart node CN. Then, when the mobile node MN moves after the initial location registration (that is, when the care-of address is changed), the process of FIG. 5 is started.

  First, the mobile node MN requests the counterpart node CN to temporarily register a new care-of address with a location registration token of the old care-of address (S211). The temporary registration request packet includes the home address of the mobile node MN and the new care-of address after the movement. Here, the old care-of address is assigned before the mobile node MN moves, and is already registered in the partner node CN (see S123). The location registration token of the old care-of address is a token previously generated by the mobile node MN based on the old care-of address and the home address of the mobile node MN (see S121). Since this location registration token is a location registration token previously created by the mobile node MN, it may be created again this time. The location registration token previously created is recorded in the storage means, and the recorded location The registration token may be read and acquired.

  Next, the counterpart node CN verifies the location registration token of the old care-of address, and if the verification passes, performs temporary registration of the new care-of address (S212). The verification of the location registration token is the same process as S123. Here, the location registration token used for verification is a token based on the old care-of address, but the care-of address that is provisionally registered is the new care-of address after movement.

  Then, the correspondent node CN issues a token of a new care-of address to the mobile node MN (S213). The method of creating the token of this new care-of address is the same as S112. Furthermore, the mobile node MN starts data communication with the counterpart node CN (S214). This is because the mobile node MN recognizes that the temporary registration is successful when the mobile node MN receives the token of the new care-of address as a response to the temporary registration.

  Here, the mobile node MN creates a location registration token based on the home address token and the new care-of address token (S221). Then, the mobile node MN adds a location registration token to the counterpart node CN to the location registration request message including the home address and the new care-of address, and transmits it to the counterpart node CN (S222). Further, the counterpart node CN verifies the location registration token for the received location registration request message in the same manner as in S123, and if it passes the verification, performs location registration of the new care-of address (S223).

  Here, the counterpart node CN may return a location registration response message for notifying that the location registration is successful to the mobile node MN. However, since the data communication has already started with the temporary registration of the new care-of address (see S214), this response message can be omitted.

  Further, FIG. 6 is a flowchart showing processing for a message received by the counterpart node CN from the mobile node MN in relation to FIG. 4 or FIG. The partner node CN receives the message from the mobile node MN (S301). Then, the counterpart node CN activates processing corresponding to the type in the message as shown below.

  First, the counterpart node CN determines whether or not a location registration token is included in the message (S302). If a location registration token is included (S302, Y), the type of the location registration token is determined. If there is a location registration token based on the new care-of address to be registered this time, the current message is a message for location registration, so the location registration verification (S223) and location registration processing (S223) are performed. Do. On the other hand, when there is a location registration token based on the previous care-of address that has already been registered, this message is a message for temporary registration, so location registration verification and temporary registration processing (S212). In addition, a care-of address token is issued (S213).

  Next, when the location registration token is not included (S302, N), the counterpart node CN issues a token based on the transmission source address of the request message. Therefore, the partner node CN issues a home address token when the source address is a home address (S304, home) (S102), and when the source address is a care-of address (S304, notice). Then, a care-of address token is issued (S112).

  An example of a method in which the counterpart node CN determines the type of the received message is a method of determining based on the identifier of the packet type included in the data portion of the packet. That is, the mobile node MN includes the packet type identifier in the request message, and then transmits the request message to the counterpart node CN.

  Here, since the data communication is possible by the temporary registration performed in S212, it is conceivable that the data communication is continued only by the temporary registration. Therefore, when performing temporary registration, the counterpart node CN also registers a condition for validating the temporary registration, and sequentially monitors whether or not the valid condition is satisfied. Then, the partner node CN invalidates the communication with the mobile node MN related to the temporary registration when the temporary registration validity condition is not satisfied.

  Various conditions can be used as valid conditions for temporary registration. For example, there is a process that is valid from the time of occurrence of temporary registration until a predetermined period. In this case, for example, the counterpart node CN sets a valid period of temporary registration for a timer interrupt caused by a system call, and when the interrupt occurs (that is, when the valid period of temporary registration has passed) Process to invalidate temporary registration.

  On the other hand, another provisional registration valid condition may be that the provisional registration is validated as long as the amount of data communication performed from the time of the provisional registration does not reach a predetermined data amount. In this case, the counterpart node CN measures the statistics of the data communication amount with the counterpart node CN, and determines whether the temporary registration is valid or invalid from the data amount.

  Further, another provisional registration valid condition is that the provisional registration is validated according to the number of provisional registration request processing or location registration request processing performed by the counterpart node CN from the time of provisional registration occurrence. Also good. That is, the counterpart node CN verifies the token after requesting location registration, but does not perform location registration if verification fails. Therefore, the partner node CN having a large number of failed verifications is a node lacking in reliability, and thus temporary registration with the node is invalidated.

  The operation of location registration for the second and subsequent times has been described above. Here, the distinctive effect of the present invention will be described by clarifying the difference between the conventional “Return Routability” and the processing of the present invention.

  First, the conventional “Return Routability” starts data communication through the registration processing of S111 to S124 of FIG. 4 in the second and subsequent location registration operations. On the other hand, the process of the present invention performs the process of FIG. 5 instead of FIG. 4 in the second and subsequent position registration operations.

  Therefore, in the conventional “Return Routability”, since it is necessary to exchange two round-trip messages in order to start data communication in the second and subsequent location registration operations, a packet loss occurs in a long waiting time between them. End up. On the other hand, in the processing of the present invention, temporary registration is performed by exchanging messages once and again in the second and subsequent location registration operations, and the location registration token for the temporary registration uses recorded data. By doing so, there is no need to newly calculate, so the waiting time at which packet loss occurs can be shortened. Furthermore, the process of the present invention can provide a security level equivalent to that of the conventional “Return Routability” by providing an effective condition for temporary registration and performing formal location registration after temporary registration.

  The present invention described above can be widely modified without departing from the spirit of the invention as follows.

  For example, for token creation and verification processing, instead of performing lossy conversion processing using a hash function, lossless compression processing such as encryption processing may be performed. In this case, token creation is performed as an encryption process, and token verification is performed as a decryption process corresponding to the encryption process. Thereby, forgery of a token can be prevented. For the encryption and decryption processing, for example, a secret key cryptosystem such as FEAL (Fast Data Encipherment ALgorithm) can be used.

  As for token creation, predetermined time information such as token creation time may be used for creation input. As a result, the created token has a different value each time by the same mechanism as that of the one-time password, so that the security strength can be increased.

It is a block diagram of the communication system regarding one Embodiment of this invention. It is a block diagram of the other party node regarding one Embodiment of this invention. It is a block diagram of the mobile node regarding one Embodiment of this invention. It is a flowchart which shows the operation | movement of the first location registration regarding one Embodiment of this invention. It is a flowchart which shows the operation | movement of the position registration after the 2nd regarding one Embodiment of this invention. It is a flowchart which shows the process with respect to the message received by the other party node regarding one Embodiment of this invention.

Explanation of symbols

10 wide area network MN mobile node CN partner node BC location correspondence management unit (storage means)
22 Location Registration Unit 24 Temporary Registration Unit 26 Temporary Registration Release Unit 36 Location Registration Token Verification Unit 60 Location Corresponding Status Recording Unit 64 Temporary Registration Request Unit 72 Location Registration Token Creation Unit

Claims (10)

A mobile node that is a movable node, and a partner node that performs data communication with the mobile node via an access router that provides information for issuing a care-of address for the mobile node to access a wide area network; A location registration method for the data communication by a communication system configured including:
The mobile node obtains from the partner node an old care-of address token based on the old care-of address before movement, and a home address token based on a home address that identifies the mobile node;
The mobile node transmits a temporary registration request message including a location registration token based on the old care-of address token and the home address token and a new care-of address after the movement to the counterpart node;
When the counterpart node verifies the location registration token included in the provisional registration request message and passes, a procedure for performing provisional registration with a valid condition for the new care-of address in a storage unit;
A procedure in which the counterpart node transmits a response message including a fresh care-of address token based on the fresh care-of address to the mobile node;
A procedure in which the mobile node and the counterpart node permit data communication in a period in which the validity condition of the provisional registration is satisfied;
The location registration method characterized by performing.   The location registration method according to claim 1, wherein the temporary registration validity condition is that data communication is valid for a predetermined period from the time when the temporary registration is performed.   The provisional registration validity condition is that data communication is valid when the amount of data communication performed between the mobile node and the counterpart node is less than a predetermined data amount from the time when the provisional registration is made. The location registration method according to claim 1.   The provisional registration valid condition is that data communication is validated when the number of provisional registration request messages transmitted from the mobile node is less than a predetermined number from the time when the provisional registration is performed. The location registration method according to claim 1. In the location registration method, the mobile node attaches a location registration token based on the new care-of address token and the home address token to a location registration message including the fresh care-of address and the home address. The procedure to send to the other node,
When the counterpart node verifies and passes the location registration token included in the location registration message, the procedure for performing location registration in the storage means for the new care-of address after the movement;
When the mobile node and the counterpart node succeed in the location registration, a procedure for permitting data communication;
5. The location registration method according to claim 1, wherein the location registration method is further executed.   The at least one token among the old care-of address token, the new care-of address token, the home address token, and the location registration token is created using predetermined time information. The location registration method according to claim 5. A mobile node that is a movable node, and a partner node that performs data communication with the mobile node via an access router that provides information for issuing a care-of address for the mobile node to access a wide area network; A communication system configured to include:
The counterpart node verifies the mobile node after movement based on information issued to the mobile node before movement, and communication with the mobile node that has passed the verification satisfies a valid condition. A communication system characterized by permitting in a period. The counterpart node includes a location correspondence management unit that records the correspondence between the home address and the care-of address of the mobile node, and a location registration unit that registers the correspondence between the home address and the care-of address of the mobile node in the location correspondence management unit; The provisional registration unit that temporarily registers the correspondence between the home address and the care-of address of the mobile node with the location condition management unit with an effective condition is monitored, whether the effective condition is satisfied, and the temporary condition that does not satisfy the effective condition A temporary registration cancellation unit that cancels registration, and a location registration token verification unit that verifies a location registration token based on information issued to the mobile node before moving from the mobile node,
The communication system according to claim 7, wherein the temporary registration unit temporarily registers the mobile node that passes the verification by the location registration token verification unit. The mobile node includes a temporary registration request unit that requests temporary registration of a care-of address after movement based on a correspondence between a home address and a care-of address before movement, and a location registration token creation unit that creates a token for location registration; , Including,
The temporary registration request unit includes the information issued to the mobile node before moving in a message for requesting temporary registration, and transmits the message to the counterpart node. The communication system described. A mobile node that is a movable node, and a partner node that performs data communication with the mobile node via an access router that provides information for issuing a care-of address for the mobile node to access a wide area network; A communication program used for a communication system configured including:
Based on the information issued to the mobile node before the movement to the mobile node, the communication between the means for verifying the mobile node after the movement and the mobile node that has passed the verification is valid A communication program which functions as a means for permitting in a period to be satisfied.

Images