Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and system for accessing mobile IP service of CDMA2000 system

An access method and server technology, applied in the field of communications, can solve problems such as poor operability, poor scalability, and single security policy, and achieve the effects of avoiding connection difficulties, simplifying system configuration, and improving availability.

Active Publication Date: 2010-02-24
ZTE CORP
View PDF0 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0022] Question 1: In the IPSec security association at both ends of the IKE negotiation, in addition to the pre-shared key, several negotiation parameters need to be configured, such as the IPSec transmission mode between the FA and the HA, the addresses at both ends of the tunnel in tunnel mode, the security type, and the specific encryption and authentication algorithm etc. These parameters still need to be manually configured on FA and HA, and the operability is poor;
[0023] Question 2, the 3gpp2 protocol imposes certain constraints on IKE negotiation, such as the major version, minor version, and selector of ISAKMP (Internet Security Association and Key Management Protocol), which unifies the standard, but the extensibility not good
[0024] The third problem is that the security policy is single, which cannot meet the needs of operators to customize security policies. Operators may put forward some customization requirements when building mobile IP networks, such as implementing IPSec between FA and HA by distinguishing accounts, and distinguishing between operators The internal network and other operator networks implement different IPSec policies, etc. The current architecture cannot meet the needs of operators

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for accessing mobile IP service of CDMA2000 system
  • Method and system for accessing mobile IP service of CDMA2000 system
  • Method and system for accessing mobile IP service of CDMA2000 system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0070] Such as figure 2 As shown, the access system of the CDMA2000 system mobile IP of this example, its CDMA2000 system mobile IP access method includes the following processing steps:

[0071] Step 201, PCF (Packet Control Function, packet control function subsystem) establishes an air interface link with the FA;

[0072] Step 202, the access terminal negotiates PPP (Point to Point Protocol, Point-to-Point Protocol) with the FA, and the FA sends a proxy broadcast to the access terminal;

[0073] Step 203, the access terminal obtains mobile IP related information through proxy broadcast;

[0074] Step 204, the access terminal initiates mobile IP registration to the FA;

[0075] Step 205, the FA sends an authentication request to the FAAA and requests a pre-shared password at the same time;

[0076] AAA includes HAAA (Home Authentication Authorization Accounting server) and FAAA (Foreign Authentication Authorization Accounting server), where HAAA is used to select and iss...

Embodiment 2

[0096] Such as image 3 As shown, in the second embodiment of the CDMA2000 system mobile IP access method of the present invention, the diversified security strategy includes the following steps:

[0097] Step 301, the access terminal accesses the CDMA2000 system, and the PCF establishes an air interface link with the FA; the access terminal negotiates PPP with the FA, and the FA sends a proxy broadcast to the access terminal; the access terminal obtains mobile IP related information through the proxy broadcast; the access terminal Initiate mobile IP registration; FA sends an authentication request to AAA and requests a pre-shared password at the same time;

[0098] Step 302, AAA provides different negotiated IPSec parameters according to the security level of the access terminal, that is, provides different levels of security policies, and sends them to the FA;

[0099] Security policies are reflected in different negotiated IPSec parameters. For example, the negotiated IPSe...

Embodiment approach

[0105] Step 207a, HAAA selects and sends an authentication response to FAAA according to the security level of the access terminal, the authentication response includes the profileID, pre-shared key, identity information, etc. corresponding to the negotiated IPSec parameters;

[0106] Step 208a, FAAA forwards the authentication response to FA;

[0107] Step 209a, the FA obtains the negotiated IPSec parameters locally according to the profileID corresponding to the negotiated IPSec parameters, and the FA sends a negotiation request for establishing an ISAKMP SA to the HA according to the information about the negotiated IPSec parameters, and the negotiation request for establishing an ISAKMP SA carries the proposed ISAKMPSA information , key material, and identity information;

[0108] Step 110a, after receiving the negotiation request established by the ISAKMP SA, the HA restores the FA address according to the identity information therein, and sends the request to obtain the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and a system for accessing a mobile IP service of a CDMA2000 system. In the method, in the process that a foreign agent (FA) or a packet data service node (PDSN) negotiates with a home agent (HA) to establish an Internet protocol safety channel (IPSec channel), an authentication, authorization and accounting server AAA selects and transmits a negotiation IPSec parameter or a profile ID corresponding to the negotiation IPSec parameter to the FA and the HA, or a PDSN and the HA. The invention avoids manually configuring parameters on the FA or the PDSN, improvesthe availability of the system and avoids the accessing difficulty caused by different versions of the protocol.

Description

technical field [0001] The invention relates to the communication field, in particular to a security mechanism for mobile IP (Internet Protocol, network interconnection protocol) service access in a CDMA2000 system. Background technique [0002] Compared with simple IP services, mobile IP services provide users with a wider range of uninterrupted services, and are widely used in CDMA2000, Wimax (World Interoperability for Microwave Access, global microwave access interoperability technology) and next-generation evolution networks . [0003] The main network elements of the mobile IP service on the core network side include FA (Foreign Agent, foreign agent), HA (Home Agent, home agent) and AAA (Authentication Authorization Accounting server). Mobile IP accesses the network through FA and HA, and interacts with the network for signaling and data services through FA and HA, ensuring the security of mobile IP services is achieved by ensuring the security of signaling and data s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04W12/04H04W12/06H04W28/18H04W80/04H04W12/0431H04W12/08
CPCH04L69/16H04L63/0272H04L29/06095H04W80/04H04L29/06959H04L63/0892H04L63/061H04L63/164H04L63/205
Inventor 钮远金仁康井惟栋
Owner ZTE CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products