WO2004049672A3 - Methods and apparatus for dynamic session key generation and rekeying in mobile ip - Google Patents

Methods and apparatus for dynamic session key generation and rekeying in mobile ip Download PDF

Info

Publication number
WO2004049672A3
WO2004049672A3 PCT/US2003/036850 US0336850W WO2004049672A3 WO 2004049672 A3 WO2004049672 A3 WO 2004049672A3 US 0336850 W US0336850 W US 0336850W WO 2004049672 A3 WO2004049672 A3 WO 2004049672A3
Authority
WO
WIPO (PCT)
Prior art keywords
mobile node
home agent
key
shared
mobile
Prior art date
Application number
PCT/US2003/036850
Other languages
French (fr)
Other versions
WO2004049672A2 (en
Inventor
Alphesh Patel
Kent K Leung
Stefan Raab
Gopal Dommety
Original Assignee
Cisco Tech Ind
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Cisco Tech Ind filed Critical Cisco Tech Ind
Priority to CN2003801039390A priority Critical patent/CN1714560B/en
Priority to AU2003294330A priority patent/AU2003294330B2/en
Priority to EP03789813A priority patent/EP1563668B1/en
Priority to DE60323534T priority patent/DE60323534D1/en
Priority to CA002506670A priority patent/CA2506670A1/en
Publication of WO2004049672A2 publication Critical patent/WO2004049672A2/en
Publication of WO2004049672A3 publication Critical patent/WO2004049672A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/068Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/061Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying further key derivation, e.g. deriving traffic keys from a pair-wise master key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/081Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying self-generating credentials, e.g. instead of receiving credentials from an authority or from another peer, the credentials are generated at the entity itself
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0892Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/61Time-dependent
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W80/00Wireless network protocols or protocol adaptations to wireless operation
    • H04W80/04Network layer protocols, e.g. mobile IP [Internet Protocol]

Abstract

Methods and apparatus for providing a centralized source of session keys to be shared by a Home Agent and a Mobile Node are disclosed. In accordance with one aspect of the invention, a Mobile Node registers with a Home Agent supporting Mobile IP by sending a registration request to the Home Agent. The Home Agent sends a request message (e.g., access-request message) to a AAA server, the request message identifying the Mobile Node. The AAA server then derives key information from a key or password associated with the Mobile Node. The AAA server then sends a reply message (e.g., access-reply message) to the Home Agent, the reply message including the key information associated with the Mobile Node, thereby enabling the Home Agent to derive a shared key to be shared between the Mobile Node and the Home Agent from the key information. The Home Agent derives a key from the key information, the key being a shared key between the Mobile Node and the Home Agent. A registration reply is then sent to the Mobile Node. When the Mobile Node receives a registration reply from the Home Agent, the registration reply indicates that the Mobile Node is to derive a key to be shared between the Mobile Node and the Home Agent. The Mobile Node then derives a key to be shared between the Mobile Node and the Home Agent from key information stored at the Mobile Node. The Mobile Node may initiate 're-keying' by sending a subsequent registration request to the Home Agent.
PCT/US2003/036850 2002-11-22 2003-11-17 Methods and apparatus for dynamic session key generation and rekeying in mobile ip WO2004049672A2 (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
CN2003801039390A CN1714560B (en) 2002-11-22 2003-11-17 Methods and apparatus for dynamic session key generation and rekeying in mobile IP
AU2003294330A AU2003294330B2 (en) 2002-11-22 2003-11-17 Methods and apparatus for dynamic session key generation and rekeying in mobile IP
EP03789813A EP1563668B1 (en) 2002-11-22 2003-11-17 Methods and apparatus for dynamic session key generation and rekeying in mobile ip
DE60323534T DE60323534D1 (en) 2002-11-22 2003-11-17 KEY GENERATION AND MOBILE IP KEY ALLOCATION
CA002506670A CA2506670A1 (en) 2002-11-22 2003-11-17 Methods and apparatus for dynamic session key generation and rekeying in mobile ip

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US42844002P 2002-11-22 2002-11-22
US60/428,440 2002-11-22
US10/635,882 US7475241B2 (en) 2002-11-22 2003-08-05 Methods and apparatus for dynamic session key generation and rekeying in mobile IP
US10/635,882 2003-08-05

Publications (2)

Publication Number Publication Date
WO2004049672A2 WO2004049672A2 (en) 2004-06-10
WO2004049672A3 true WO2004049672A3 (en) 2004-09-02

Family

ID=32397124

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2003/036850 WO2004049672A2 (en) 2002-11-22 2003-11-17 Methods and apparatus for dynamic session key generation and rekeying in mobile ip

Country Status (8)

Country Link
US (1) US7475241B2 (en)
EP (1) EP1563668B1 (en)
CN (1) CN1714560B (en)
AT (1) ATE408298T1 (en)
AU (1) AU2003294330B2 (en)
CA (1) CA2506670A1 (en)
DE (1) DE60323534D1 (en)
WO (1) WO2004049672A2 (en)

Families Citing this family (156)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8239354B2 (en) * 2005-03-03 2012-08-07 F5 Networks, Inc. System and method for managing small-size files in an aggregated file system
US20040133606A1 (en) * 2003-01-02 2004-07-08 Z-Force Communications, Inc. Directory aggregation for files distributed over a plurality of servers in a switched file system
US8195760B2 (en) * 2001-01-11 2012-06-05 F5 Networks, Inc. File aggregation in a switched file system
WO2002056181A2 (en) * 2001-01-11 2002-07-18 Force Communications Inc Z File switch and switched file system
US7512673B2 (en) * 2001-01-11 2009-03-31 Attune Systems, Inc. Rule based aggregation of files and transactions in a switched file system
US7509322B2 (en) 2001-01-11 2009-03-24 F5 Networks, Inc. Aggregated lock management for locking aggregated files in a switched file system
CA2358083A1 (en) * 2001-09-28 2003-03-28 Bridgewater Systems Corporation A method for session accounting in a wireless data networks using authentication, authorization and accounting (aaa) protocols (such as ietf radius or diameter) where there is no session handoff communication between the network elements
US7409549B1 (en) * 2001-12-11 2008-08-05 Cisco Technology, Inc. Methods and apparatus for dynamic home agent assignment in mobile IP
US7587498B2 (en) * 2002-05-06 2009-09-08 Cisco Technology, Inc. Methods and apparatus for mobile IP dynamic home agent allocation
AU2003292300A1 (en) * 2002-10-30 2004-06-07 Thomson Licensing S.A. Simplified method for renewing symmetrical keys in a digital network
US7870389B1 (en) * 2002-12-24 2011-01-11 Cisco Technology, Inc. Methods and apparatus for authenticating mobility entities using kerberos
JPWO2004059903A1 (en) * 2002-12-25 2006-05-11 株式会社日立製作所 Network device, network system, and group management method
US20040236939A1 (en) * 2003-02-20 2004-11-25 Docomo Communications Laboratories Usa, Inc. Wireless network handoff key
US20060179305A1 (en) * 2004-03-11 2006-08-10 Junbiao Zhang WLAN session management techniques with secure rekeying and logoff
US7506370B2 (en) * 2003-05-02 2009-03-17 Alcatel-Lucent Usa Inc. Mobile security architecture
US7681046B1 (en) 2003-09-26 2010-03-16 Andrew Morgan System with secure cryptographic capabilities using a hardware specific digital secret
US7701896B1 (en) * 2003-10-30 2010-04-20 Nortel Networks Limited Dynamic home agent method and apparatus for mobile internet protocol
WO2005046157A2 (en) * 2003-11-11 2005-05-19 Siemens Aktiengesellschaft Method for safeguarding data transmission between a first terminal and a first network and between a second terminal and a second network
US7636844B2 (en) * 2003-11-17 2009-12-22 Intel Corporation Method and system to provide a trusted channel within a computer system for a SIM device
US7694151B1 (en) 2003-11-20 2010-04-06 Johnson Richard C Architecture, system, and method for operating on encrypted and/or hidden information
US8296558B1 (en) 2003-11-26 2012-10-23 Apple Inc. Method and apparatus for securing communication between a mobile node and a network
US20050135622A1 (en) * 2003-12-18 2005-06-23 Fors Chad M. Upper layer security based on lower layer keying
US7461248B2 (en) * 2004-01-23 2008-12-02 Nokia Corporation Authentication and authorization in heterogeneous networks
DE102004005652A1 (en) 2004-02-04 2005-08-25 Basf Ag Flowable polyester molding compounds
DE102004005657A1 (en) * 2004-02-04 2005-08-25 Basf Ag Flowable polyester molding compounds
CN1969526B (en) 2004-04-14 2010-10-13 北方电讯网络有限公司 Securing home agent to mobile node communication with HA-MN key
EP1735990B1 (en) 2004-04-14 2018-05-30 Microsoft Technology Licensing, LLC Mobile ipv6 authentication and authorization
US20050238171A1 (en) * 2004-04-26 2005-10-27 Lidong Chen Application authentication in wireless communication networks
US7422152B2 (en) 2004-05-13 2008-09-09 Cisco Technology, Inc. Methods and devices for providing scalable RFID networks
MY139705A (en) * 2004-07-19 2009-10-30 Basf Ag Mixtures of hyperbranched polyesters with polycarbonates as additive for polyester molding compositions
DE102004035357A1 (en) * 2004-07-21 2006-03-16 Basf Ag Continuous process for the preparation of polyalkylene arylates with hyperbranched polyesters and / or polycarbonates
DE102004038979A1 (en) * 2004-08-10 2006-02-23 Basf Ag Impact-modified polyesters with hyperbranched polyesters
DE102004059243A1 (en) * 2004-08-10 2006-02-23 Basf Ag Thermoplastic molding compounds with improved flow and release properties
DE102004038976A1 (en) * 2004-08-10 2006-02-23 Basf Ag Flowable polyester molding compounds with ASA / ABS and SAN
US7639802B2 (en) * 2004-09-27 2009-12-29 Cisco Technology, Inc. Methods and apparatus for bootstrapping Mobile-Foreign and Foreign-Home authentication keys in Mobile IP
US7711835B2 (en) 2004-09-30 2010-05-04 Citrix Systems, Inc. Method and apparatus for reducing disclosure of proprietary data in a networked environment
US7748032B2 (en) 2004-09-30 2010-06-29 Citrix Systems, Inc. Method and apparatus for associating tickets in a ticket hierarchy
US7680758B2 (en) 2004-09-30 2010-03-16 Citrix Systems, Inc. Method and apparatus for isolating execution of software applications
US8171479B2 (en) 2004-09-30 2012-05-01 Citrix Systems, Inc. Method and apparatus for providing an aggregate view of enumerated system resources from various isolation layers
US8613048B2 (en) 2004-09-30 2013-12-17 Citrix Systems, Inc. Method and apparatus for providing authorized remote access to application sessions
US8095940B2 (en) 2005-09-19 2012-01-10 Citrix Systems, Inc. Method and system for locating and accessing resources
US20060075259A1 (en) * 2004-10-05 2006-04-06 Bajikar Sundeep M Method and system to generate a session key for a trusted channel within a computer system
US7292592B2 (en) * 2004-10-08 2007-11-06 Telefonaktiebolaget Lm Ericsson (Publ) Home network-assisted selection of intermediary network for a roaming mobile terminal
US7590732B2 (en) * 2004-10-08 2009-09-15 Telefonaktiebolaget Lm Ericsson (Publ) Enhancement of AAA routing originated from a local access network involving intermediary network preferences
US7298725B2 (en) * 2004-10-08 2007-11-20 Telefonaktiebolaget Lm Ericsson (Publ) Enhancement of AAA routing initiated from a home service network involving intermediary network preferences
DE102004049342A1 (en) 2004-10-08 2006-04-13 Basf Ag Flowable thermoplastics with halogen-free flame retardance
US7551926B2 (en) * 2004-10-08 2009-06-23 Telefonaktiebolaget Lm Ericsson (Publ) Terminal-assisted selection of intermediary network for a roaming mobile terminal
DE102004050025A1 (en) * 2004-10-13 2006-04-20 Basf Ag Flowable thermoplastics with halogen flame protection
US8458467B2 (en) 2005-06-21 2013-06-04 Cisco Technology, Inc. Method and apparatus for adaptive application message payload content transformation in a network infrastructure element
US7502331B2 (en) * 2004-11-17 2009-03-10 Cisco Technology, Inc. Infrastructure-less bootstrapping: trustless bootstrapping to enable mobility for mobile devices
US7664879B2 (en) * 2004-11-23 2010-02-16 Cisco Technology, Inc. Caching content and state data at a network element
US7987272B2 (en) 2004-12-06 2011-07-26 Cisco Technology, Inc. Performing message payload processing functions in a network element on behalf of an application
US7725934B2 (en) * 2004-12-07 2010-05-25 Cisco Technology, Inc. Network and application attack protection based on application layer message inspection
US7606267B2 (en) * 2004-12-10 2009-10-20 Cisco Technology, Inc. Reducing the sizes of application layer messages in a network element
US8082304B2 (en) * 2004-12-10 2011-12-20 Cisco Technology, Inc. Guaranteed delivery of application layer messages by a network element
US7551567B2 (en) * 2005-01-05 2009-06-23 Cisco Technology, Inc. Interpreting an application message at a network element using sampling and heuristics
US20060155862A1 (en) * 2005-01-06 2006-07-13 Hari Kathi Data traffic load balancing based on application layer messages
DE102005002044A1 (en) * 2005-01-14 2006-07-20 Basf Ag Flowable polyesters with hydrolysis protection
US7885970B2 (en) * 2005-01-20 2011-02-08 F5 Networks, Inc. Scalable system for partitioning and accessing metadata over multiple servers
US7698416B2 (en) * 2005-01-25 2010-04-13 Cisco Technology, Inc. Application layer message-based server failover management by a network element
DE102005004856A1 (en) * 2005-02-01 2006-08-03 Basf Ag Thermoplastic molded materials, useful for the manufacture of fibers, foils and molded articles, comprises thermoplastic polyester, highly-/hyper-branched polycarbonate and/or polyester, carbodiimide and additives
US7958347B1 (en) 2005-02-04 2011-06-07 F5 Networks, Inc. Methods and apparatus for implementing authentication
US8532304B2 (en) * 2005-04-04 2013-09-10 Nokia Corporation Administration of wireless local area networks
FI20050384A0 (en) * 2005-04-14 2005-04-14 Nokia Corp Use of generic authentication architecture for distribution of Internet protocol keys in mobile terminals
US20060291481A1 (en) * 2005-06-27 2006-12-28 Matsushita Electric Industrial Co., Ltd. Application session resumption in mobile environments
US7813511B2 (en) * 2005-07-01 2010-10-12 Cisco Technology, Inc. Facilitating mobility for a mobile station
US7881262B2 (en) * 2005-07-07 2011-02-01 Alvarion Ltd. Method and apparatus for enabling mobility in mobile IP based wireless communication systems
DE102005034980A1 (en) * 2005-07-22 2007-01-25 Basf Ag Fibers and liquid containers made of PET
DE102005034999A1 (en) * 2005-07-22 2007-01-25 Basf Ag Flowable polyesters with polyester elastomers
US7345585B2 (en) * 2005-08-01 2008-03-18 Cisco Technology, Inc. Network based device for providing RFID middleware functionality
US7626963B2 (en) * 2005-10-25 2009-12-01 Cisco Technology, Inc. EAP/SIM authentication for mobile IP to leverage GSM/SIM authentication infrastructure
DE102006008745A1 (en) * 2005-11-04 2007-05-10 Siemens Ag Method and server for providing a mobility key
DE102006009726A1 (en) 2005-11-04 2007-05-10 Siemens Ag Method and server for providing a mobility key
DE102006004868B4 (en) * 2005-11-04 2010-06-02 Siemens Ag Method and server for providing a mobility key
US8417746B1 (en) 2006-04-03 2013-04-09 F5 Networks, Inc. File system management with enhanced searchability
CN101075870B (en) * 2006-05-16 2010-08-25 华为技术有限公司 Method for generating and distributing movable IP Key
US8447981B2 (en) * 2006-05-24 2013-05-21 Huawei Technologies Co., Ltd. Method and system for generating and distributing mobile IP security key after re-authentication
CN101079705B (en) * 2006-05-24 2010-09-29 华为技术有限公司 Generation and distribution method and system of mobile IP secret key after second authentication
EP1868332A1 (en) * 2006-06-16 2007-12-19 Alcatel Lucent Management of the quality of service (QoS) in a wireless network
CN101102590B (en) * 2006-07-07 2010-08-11 华为技术有限公司 Method for allocating home proxy for mobile IPv6 client in mobile IPv6
CN101106806B (en) * 2006-07-11 2012-04-25 华为技术有限公司 Method, system and mobile terminal for wireless network to capture mobile IP style of mobile terminal
CN101106452B (en) * 2006-07-12 2010-12-08 华为技术有限公司 Generation and distribution method and system for mobile IP secret key
CN101917715B (en) * 2006-07-12 2012-11-21 华为技术有限公司 Method and system for producing and distributing mobile Internet protocol (IP) key
US7797406B2 (en) * 2006-07-27 2010-09-14 Cisco Technology, Inc. Applying quality of service to application messages in network elements based on roles and status
DE102006038037A1 (en) * 2006-08-14 2008-02-21 Siemens Ag Method and system for providing an access-specific key
US8127135B2 (en) * 2006-09-28 2012-02-28 Hewlett-Packard Development Company, L.P. Changing of shared encryption key
CN101170806B (en) * 2006-10-27 2012-05-23 华为技术有限公司 Establishment method, secure system and related device for secure mechanism in agent mobile IP
US8533846B2 (en) 2006-11-08 2013-09-10 Citrix Systems, Inc. Method and system for dynamically associating access rights with a resource
CN101227458B (en) * 2007-01-16 2011-11-23 华为技术有限公司 Mobile IP system and method for updating local agent root key
CN101291215B (en) * 2007-02-15 2011-11-16 华为技术有限公司 Method and device for generating and distributing mobile IP cipher key
FI20070157A0 (en) * 2007-02-23 2007-02-23 Nokia Corp Fast authentication of update messages with key differentiation on mobile IP systems
US9319220B2 (en) * 2007-03-30 2016-04-19 Intel Corporation Method and apparatus for secure network enclaves
US8467527B2 (en) 2008-12-03 2013-06-18 Intel Corporation Efficient key derivation for end-to-end network security with traffic visibility
US20080244268A1 (en) * 2007-03-30 2008-10-02 David Durham End-to-end network security with traffic visibility
US20090077097A1 (en) * 2007-04-16 2009-03-19 Attune Systems, Inc. File Aggregation in a Switched File System
WO2008147973A2 (en) * 2007-05-25 2008-12-04 Attune Systems, Inc. Remote file virtualization in a switched file system
CN101119594B (en) * 2007-08-23 2012-03-07 中兴通讯股份有限公司 Method of implementing home agent root key synchronization between home agent and foreign agent
KR101523090B1 (en) * 2007-08-24 2015-05-26 삼성전자주식회사 Method and apparatus for managing mobility of access terminal using mobile internet protocol in a mobile communication system
US8171483B2 (en) 2007-10-20 2012-05-01 Citrix Systems, Inc. Method and system for communicating between isolation environments
US8117244B2 (en) * 2007-11-12 2012-02-14 F5 Networks, Inc. Non-disruptive file migration
US8180747B2 (en) 2007-11-12 2012-05-15 F5 Networks, Inc. Load sharing cluster file systems
US8548953B2 (en) * 2007-11-12 2013-10-01 F5 Networks, Inc. File deduplication using storage tiers
US8166527B2 (en) * 2007-11-16 2012-04-24 Ericsson Ab Optimized security association database management on home/foreign agent
US7984486B2 (en) * 2007-11-28 2011-07-19 Nokia Corporation Using GAA to derive and distribute proxy mobile node home agent keys
US8352785B1 (en) 2007-12-13 2013-01-08 F5 Networks, Inc. Methods for generating a unified virtual snapshot and systems thereof
US7912969B2 (en) * 2008-01-09 2011-03-22 International Business Machines Corporation Methods and apparatus for randomization of periodic behavior in communication network
CN101499959B (en) * 2008-01-31 2012-08-08 华为技术有限公司 Method, apparatus and system for configuring cipher key
WO2009107351A1 (en) * 2008-02-25 2009-09-03 パナソニック株式会社 Information security device and information security system
US8923811B2 (en) * 2008-03-14 2014-12-30 Alcatel Lucent Methods and apparatuses for dynamic management of security associations in a wireless network
US8549582B1 (en) 2008-07-11 2013-10-01 F5 Networks, Inc. Methods for handling a multi-protocol content name and systems thereof
CN104936307B (en) * 2008-09-15 2019-01-18 三星电子株式会社 For connecting the method and device of packet data network
EP2648469B1 (en) * 2008-11-04 2015-03-11 Huawei Technologies Co., Ltd. Method and apparatus for determining resource indices
US8090797B2 (en) 2009-05-02 2012-01-03 Citrix Systems, Inc. Methods and systems for launching applications into existing isolation environments
DE102009061045B4 (en) * 2009-06-10 2012-05-03 Infineon Technologies Ag Generation of a session key for authentication and secure data transmission
DE102009029828B4 (en) * 2009-06-18 2011-09-01 Gigaset Communications Gmbh DEFAULT encryption
WO2011035337A2 (en) * 2009-09-21 2011-03-24 Jesse Caulfield Method, system, and computer-readable medium for the protection of ad-hoc wireless device operation
US10721269B1 (en) 2009-11-06 2020-07-21 F5 Networks, Inc. Methods and system for returning requests with javascript for clients before passing a request to a server
US9485246B2 (en) * 2009-12-29 2016-11-01 Nokia Technologies Oy Distributed authentication with data cloud
US9195500B1 (en) 2010-02-09 2015-11-24 F5 Networks, Inc. Methods for seamless storage importing and devices thereof
US8204860B1 (en) 2010-02-09 2012-06-19 F5 Networks, Inc. Methods and systems for snapshot reconstitution
US8347100B1 (en) 2010-07-14 2013-01-01 F5 Networks, Inc. Methods for DNSSEC proxying and deployment amelioration and systems thereof
CN101938353B (en) * 2010-08-03 2012-09-26 北京海泰方圆科技有限公司 Method for remotely resetting personal identification number (PIN) of key device
US9286298B1 (en) 2010-10-14 2016-03-15 F5 Networks, Inc. Methods for enhancing management of backup data sets and devices thereof
US8396836B1 (en) 2011-06-30 2013-03-12 F5 Networks, Inc. System for mitigating file virtualization storage import latency
US8463850B1 (en) 2011-10-26 2013-06-11 F5 Networks, Inc. System and method of algorithmically generating a server side transaction identifier
US9807072B2 (en) * 2012-02-06 2017-10-31 Nokia Technologies Oy Fast-accessing method and apparatus
US9020912B1 (en) 2012-02-20 2015-04-28 F5 Networks, Inc. Methods for accessing data in a compressed file system and devices thereof
JP5944184B2 (en) * 2012-02-29 2016-07-05 株式会社東芝 Information notification apparatus, method, program, and system
US9519501B1 (en) 2012-09-30 2016-12-13 F5 Networks, Inc. Hardware assisted flow acceleration and L2 SMAC management in a heterogeneous distributed multi-tenant virtualized clustered system
US9176838B2 (en) 2012-10-19 2015-11-03 Intel Corporation Encrypted data inspection in a network environment
US10375155B1 (en) 2013-02-19 2019-08-06 F5 Networks, Inc. System and method for achieving hardware acceleration for asymmetric flow connections
US9554418B1 (en) 2013-02-28 2017-01-24 F5 Networks, Inc. Device for topology hiding of a visited network
JP6419182B2 (en) * 2013-08-02 2018-11-07 ビーエーエスエフ ソシエタス・ヨーロピアBasf Se Multi-layer composition for packaging
EP3146740B1 (en) * 2014-05-20 2021-04-14 Nokia Technologies Oy Cellular network authentication
WO2015177396A1 (en) 2014-05-20 2015-11-26 Nokia Technologies Oy Exception handling in cellular authentication
US11838851B1 (en) 2014-07-15 2023-12-05 F5, Inc. Methods for managing L7 traffic classification and devices thereof
US10033540B2 (en) * 2014-07-24 2018-07-24 The Hong Kong University Of Science And Technology Handoff free wireless network architecture
KR101479290B1 (en) * 2014-08-19 2015-01-05 (주)세이퍼존 Agent for providing security cloud service, security token device for security cloud service
US10182013B1 (en) 2014-12-01 2019-01-15 F5 Networks, Inc. Methods for managing progressive image delivery and devices thereof
US11895138B1 (en) 2015-02-02 2024-02-06 F5, Inc. Methods for improving web scanner accuracy and devices thereof
US10834065B1 (en) 2015-03-31 2020-11-10 F5 Networks, Inc. Methods for SSL protected NTLM re-authentication and devices thereof
US10277569B1 (en) 2015-12-03 2019-04-30 Amazon Technologies, Inc. Cross-region cache of regional sessions
US9900160B1 (en) * 2015-12-03 2018-02-20 Amazon Technologies, Inc. Asymmetric session credentials
US9894067B1 (en) 2015-12-03 2018-02-13 Amazon Technologies, Inc. Cross-region roles
US10404698B1 (en) 2016-01-15 2019-09-03 F5 Networks, Inc. Methods for adaptive organization of web application access points in webtops and devices thereof
US10797888B1 (en) 2016-01-20 2020-10-06 F5 Networks, Inc. Methods for secured SCEP enrollment for client devices and devices thereof
GB201611948D0 (en) * 2016-07-08 2016-08-24 Kalypton Int Ltd Distributed transcation processing and authentication system
US10412198B1 (en) 2016-10-27 2019-09-10 F5 Networks, Inc. Methods for improved transmission control protocol (TCP) performance visibility and devices thereof
US10567492B1 (en) 2017-05-11 2020-02-18 F5 Networks, Inc. Methods for load balancing in a federated identity environment and devices thereof
US11223689B1 (en) 2018-01-05 2022-01-11 F5 Networks, Inc. Methods for multipath transmission control protocol (MPTCP) based session migration and devices thereof
SG10201801094VA (en) 2018-02-08 2019-09-27 Huawei Int Pte Ltd System and method for computing an escrow session key and a private session key for encoding digital communications between two devices
US10833943B1 (en) 2018-03-01 2020-11-10 F5 Networks, Inc. Methods for service chaining and devices thereof
US11019098B2 (en) * 2018-06-29 2021-05-25 Intel Corporation Replay protection for memory based on key refresh
US20220256349A1 (en) * 2019-06-12 2022-08-11 Telefonaktiebolaget Lm Ericsson (Publ) Provision of Application Level Identity
CN111865562A (en) * 2020-07-23 2020-10-30 积成电子股份有限公司 Encryption method and system based on AES and HMAC-SHA in DNP protocol of power distribution terminal
US11610004B2 (en) 2021-04-14 2023-03-21 Bank Of America Corporation System for implementing enhanced file encryption technique

Family Cites Families (58)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4692918A (en) 1984-12-17 1987-09-08 At&T Bell Laboratories Reliable local data network arrangement
DE3838945A1 (en) 1987-11-18 1989-06-08 Hitachi Ltd NETWORK SYSTEM WITH LOCAL NETWORKS AND WITH A HIERARCHICAL CHOICE OF PATH
DE3919962C3 (en) 1989-06-19 1994-07-14 Hirschmann Richard Gmbh Co Method and arrangement for securing data transmission in a linear computer network
US5016244A (en) 1989-09-08 1991-05-14 Honeywell Inc. Method for controlling failover between redundant network interface modules
US5371852A (en) 1992-10-14 1994-12-06 International Business Machines Corporation Method and apparatus for making a cluster of computers appear as a single host on a network
US5793762A (en) 1994-04-12 1998-08-11 U S West Technologies, Inc. System and method for providing packet data and voice services to mobile subscribers
US5473599A (en) 1994-04-22 1995-12-05 Cisco Systems, Incorporated Standby router protocol
US6148074A (en) 1997-02-10 2000-11-14 Genesys Telecommunications Laboratories, Inc. Personal desktop router
US6070243A (en) 1997-06-13 2000-05-30 Xylan Corporation Deterministic user authentication service for communication network
US6377982B1 (en) 1997-10-14 2002-04-23 Lucent Technologies Inc. Accounting system in a network
US6148405A (en) 1997-11-10 2000-11-14 Phone.Com, Inc. Method and system for secure lightweight transactions in wireless data networks
US6535493B1 (en) 1998-01-15 2003-03-18 Symbol Technologies, Inc. Mobile internet communication protocol
US6195705B1 (en) 1998-06-30 2001-02-27 Cisco Technology, Inc. Mobile IP mobility agent standby protocol
FI105966B (en) 1998-07-07 2000-10-31 Nokia Networks Oy Authentication in a telecommunications network
US6119160A (en) 1998-10-13 2000-09-12 Cisco Technology, Inc. Multiple-level internet protocol accounting
US6760444B1 (en) 1999-01-08 2004-07-06 Cisco Technology, Inc. Mobile IP authentication
US6560217B1 (en) 1999-02-25 2003-05-06 3Com Corporation Virtual home agent service using software-replicated home agents
US6466964B1 (en) 1999-06-15 2002-10-15 Cisco Technology, Inc. Methods and apparatus for providing mobility of a node that does not support mobility
US6785823B1 (en) * 1999-12-03 2004-08-31 Qualcomm Incorporated Method and apparatus for authentication in a wireless telecommunications system
CA2337704C (en) 2000-03-30 2005-05-10 Lucent Technologies Inc. Transient tunneling for dynamic home addressing on mobile hosts
FI20000760A0 (en) 2000-03-31 2000-03-31 Nokia Corp Authentication in a packet data network
US6728536B1 (en) 2000-05-02 2004-04-27 Telefonaktiebolaget Lm Ericsson Method and system for combined transmission of access specific access independent and application specific information over public IP networks between visiting and home networks
US7107051B1 (en) 2000-09-28 2006-09-12 Intel Corporation Technique to establish wireless session keys suitable for roaming
US20020120844A1 (en) 2001-02-23 2002-08-29 Stefano Faccin Authentication and distribution of keys in mobile IP network
US6907016B2 (en) 2001-04-03 2005-06-14 Telefonaktiebolaget L M Ericsson (Publ) Mobile IP registration in selected inter-PDSN dormant hand-off cases in a CDMA2000-based cellular telecommunications network
US20020147820A1 (en) * 2001-04-06 2002-10-10 Docomo Communications Laboratories Usa, Inc. Method for implementing IP security in mobile IP networks
US7243370B2 (en) 2001-06-14 2007-07-10 Microsoft Corporation Method and system for integrating security mechanisms into session initiation protocol request messages for client-proxy authentication
US7900242B2 (en) * 2001-07-12 2011-03-01 Nokia Corporation Modular authentication and authorization scheme for internet protocol
US7073066B1 (en) 2001-08-28 2006-07-04 3Com Corporation Offloading cryptographic processing from an access point to an access point server using Otway-Rees key distribution
US7042879B2 (en) 2001-11-02 2006-05-09 General Instrument Corporation Method and apparatus for transferring a communication session
KR100450973B1 (en) 2001-11-07 2004-10-02 삼성전자주식회사 Method for authentication between home agent and mobile node in a wireless telecommunications system
US7475250B2 (en) 2001-12-19 2009-01-06 Northrop Grumman Corporation Assignment of user certificates/private keys in token enabled public key infrastructure system
US7320070B2 (en) 2002-01-08 2008-01-15 Verizon Services Corp. Methods and apparatus for protecting against IP address assignments based on a false MAC address
US7298847B2 (en) 2002-02-07 2007-11-20 Nokia Inc. Secure key distribution protocol in AAA for mobile IP
US6947725B2 (en) 2002-03-04 2005-09-20 Microsoft Corporation Mobile authentication system with reduced authentication delay
US7224673B1 (en) 2002-05-24 2007-05-29 Cisco Technology, Inc. Mobile IP registration message compression
US6956846B2 (en) 2002-08-16 2005-10-18 Utstarcom Incorporated System and method for foreign agent control node redundancy in a mobile internet protocol network
KR100480258B1 (en) 2002-10-15 2005-04-07 삼성전자주식회사 Authentication method for fast hand over in wireless local area network
US7350077B2 (en) 2002-11-26 2008-03-25 Cisco Technology, Inc. 802.11 using a compressed reassociation exchange to facilitate fast handoff
JP4028793B2 (en) 2002-12-03 2007-12-26 株式会社日立製作所 Mobile terminal apparatus and inter-terminal packet communication method
US6999437B2 (en) 2002-12-17 2006-02-14 Nokia Corporation End-to-end location privacy in telecommunications networks
US20040162105A1 (en) 2003-02-14 2004-08-19 Reddy Ramgopal (Paul) K. Enhanced general packet radio service (GPRS) mobility management
US7181196B2 (en) 2003-05-15 2007-02-20 Lucent Technologies Inc. Performing authentication in a communications system
KR20060031813A (en) 2003-06-18 2006-04-13 텔레폰악티에볼라겟엘엠에릭슨(펍) Method, system and apparatus to support mobile ip version 6 services in cdma systems
CA2528787A1 (en) 2003-06-18 2004-12-23 Telefonaktiebolaget Lm Ericsson (Publ) Method, system and apparatus to support mobile ip version 6 services
US20050010780A1 (en) 2003-07-09 2005-01-13 Kane John Richard Method and apparatus for providing access to personal information
JP4057983B2 (en) 2003-09-04 2008-03-05 株式会社エヌ・ティ・ティ・ドコモ Communication system and communication control method
JP4397675B2 (en) 2003-11-12 2010-01-13 株式会社日立製作所 Computer system
US20050135622A1 (en) 2003-12-18 2005-06-23 Fors Chad M. Upper layer security based on lower layer keying
TWI234978B (en) 2003-12-19 2005-06-21 Inst Information Industry System, method and machine-readable storage medium for subscriber identity module (SIM) based pre-authentication across wireless LAN
US20050138355A1 (en) 2003-12-19 2005-06-23 Lidong Chen System, method and devices for authentication in a wireless local area network (WLAN)
US20050177515A1 (en) 2004-02-06 2005-08-11 Tatara Systems, Inc. Wi-Fi service delivery platform for retail service providers
US20070230453A1 (en) 2004-02-06 2007-10-04 Telecom Italia S.P.A. Method and System for the Secure and Transparent Provision of Mobile Ip Services in an Aaa Environment
TWI249316B (en) 2004-02-10 2006-02-11 Ind Tech Res Inst SIM-based authentication method for supporting inter-AP fast handover
US20060046693A1 (en) 2004-08-31 2006-03-02 Hung Tran Wireless local area network (WLAN) authentication method, WLAN client and WLAN service node (WSN)
US7639802B2 (en) 2004-09-27 2009-12-29 Cisco Technology, Inc. Methods and apparatus for bootstrapping Mobile-Foreign and Foreign-Home authentication keys in Mobile IP
US7502331B2 (en) 2004-11-17 2009-03-10 Cisco Technology, Inc. Infrastructure-less bootstrapping: trustless bootstrapping to enable mobility for mobile devices
US7626963B2 (en) 2005-10-25 2009-12-01 Cisco Technology, Inc. EAP/SIM authentication for mobile IP to leverage GSM/SIM authentication infrastructure

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
JACOB S ET AL: "Security of current mobile IP solutions", MILCOM 97 PROCEEDINGS MONTEREY, CA, USA 2-5 NOV. 1997, NEW YORK, NY, USA,IEEE, US, 2 November 1997 (1997-11-02), pages 1122 - 1128, XP010260752, ISBN: 0-7803-4249-6 *
PERKINS C: "Mobile IP and security issue: an overview", NOKIA, US, 25 October 1999 (1999-10-25), pages 131 - 148, XP010514313 *
S. JACOBS: "Mobile IP Public Key Based Authentication", INTERNET DRAFT, 1 August 1998 (1998-08-01) - 1 March 1999 (1999-03-01), pages 1 - 27, XP002285008, Retrieved from the Internet <URL:http://www.watersprings.org/pub/id/draft-jacobs-mobileip-pki-auth-00.txt> [retrieved on 20040617] *
SUFATRIO ET AL: "Mobile IP registration protocol: a security attack and new secure minimal public-key based authentication", PARALLEL ARCHITECTURES, ALGORITHMS, AND NETWORKS, 1999. (I-SPAN '99). PROCEEDINGS. FOURTH INTERNATIONALSYMPOSIUM ON PERTH/FREMANTLE, WA, AUSTRALIA 23-25 JUNE 1999, LOS ALAMITOS, CA, USA,IEEE COMPUT. SOC, US, 23 June 1999 (1999-06-23), pages 364 - 369, XP010341845, ISBN: 0-7695-0231-8 *

Also Published As

Publication number Publication date
CN1714560B (en) 2010-04-28
AU2003294330B2 (en) 2009-08-06
US20050025091A1 (en) 2005-02-03
DE60323534D1 (en) 2008-10-23
AU2003294330A1 (en) 2004-06-18
CN1714560A (en) 2005-12-28
EP1563668A2 (en) 2005-08-17
ATE408298T1 (en) 2008-09-15
CA2506670A1 (en) 2004-06-10
US7475241B2 (en) 2009-01-06
WO2004049672A2 (en) 2004-06-10
EP1563668B1 (en) 2008-09-10

Similar Documents

Publication Publication Date Title
WO2004049672A3 (en) Methods and apparatus for dynamic session key generation and rekeying in mobile ip
KR102068367B1 (en) A computer implemented system and method for lightweight authentication on datagram transport for internet of things
CN100592746C (en) Addressing mechanisms in mobile IP
Patel et al. Authentication protocol for mobile IPv6
US8584207B2 (en) Infrastructure-less bootstrapping: trustless bootstrapping to enable mobility for mobile devices
US20050198506A1 (en) Dynamic key generation and exchange for mobile devices
US8351928B2 (en) Synchronizing DHCP and mobile IP messaging
WO2007106620A3 (en) Method for authenticating a mobile node in a communication network
US20060078119A1 (en) Bootstrapping method and system in mobile network using diameter-based protocol
MX2009013439A (en) Method and apparatus for dns update triggered ipv6 neighbor advertisement.
WO2007042512A3 (en) Method and apparatus for establishing a security association
US20110010538A1 (en) Method and system for providing an access specific key
WO2007011995B1 (en) Secure proxy mobile ip apparatus, system, and method
MY142197A (en) Transitive authentication authorization accounting in the interworking between access networks
WO2009068945A3 (en) Using gaa to derive and distribute proxy mobile node home agent keys
JP2004297783A5 (en)
IL157048A (en) Method and apparatus for providing authentication in a communication system
CN1602611A (en) Lawful interception of end-to-end encrypted data traffic
JP2005524262A5 (en)
WO2007111710A3 (en) Method and apparatus for providing a key for secure communications
WO2006113206B1 (en) Providing fresh session keys
WO2001026322A3 (en) Key exchange for a network architecture
WO2004003679A3 (en) Method of registering home address of a mobile node with a home agent
US20100017601A1 (en) Method and Server for Providing a Mobility Key
CN101300543A (en) Method and apparatus for providing authorization material

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2506670

Country of ref document: CA

WWE Wipo information: entry into national phase

Ref document number: 2003789813

Country of ref document: EP

Ref document number: 20038A39390

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 2003294330

Country of ref document: AU

WWP Wipo information: published in national office

Ref document number: 2003789813

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Ref document number: JP