RANTALAINEN TIMO (FI)
GINZBOORG PHILIP (FI)
ASOKAN NADARAJAH (FI)
RANTALAINEN TIMO (FI)
GINZBOORG PHILIP (FI)
| WO2001030030A1 | 2001-04-26 | |||
| WO1999037103A1 | 1999-07-22 | |||
| WO2000054524A1 | 2000-09-14 | |||
| WO2003056781A1 | 2003-07-10 |
| US6104929A | 2000-08-15 | |||
| US20020159420A1 | 2002-10-31 | |||
| US6512756B1 | 2003-01-28 |
GLASS S. ET AL.: "RFC 2977: Mobile IP authentication, authorization, and accounting requirements", IETF REQUEST FOR COMMENTS, October 2000 (2000-10-01), pages 1 - 27, XP002213102, Retrieved from the Internet
| 1. | A method for determining a network node address in a mobile communication system, the network node being in the network where the sub scriber currently locates, characterized in that the method comprises: determining on the basis of the subscriber's location information the address of the network node. |
| 2. | The method of claim 1, characterized by further compris ing: maintaining in the mobile communication system the subscriber's location information; and using the maintained location information when determining the ad dress of the network node. |
| 3. | The method of claim 1 or 2, characterized by further comprising: receiving in the mobile communication system a message from the subscriber's user equipment, the message indicating the address of the net work node; checking whether or not the address which the message indicated corresponds to the address determined on the basis of the location informa tion; and if they do not correspond to each other, using the address deter mined on the basis of the location information. |
| 4. | The method of claim 2, characterized by further compris ing: receiving in the mobile communication system a message from the subscriber's user equipment, the message including the subscriber's location information; checking whether or not the location information in the message corresponds to the location information maintained in the system; and using the maintained location information if it does not correspond to the location information in the message. |
| 5. | The method of claim 2, characterized by further compris ing: receiving in the mobile communication system a message from the subscriber's user equipment, the message including the subscriber's location information; checking whether or not the location information in the message corresponds. to the location information maintained in the system; and if it does not correspond to the location information in the message, sending an error indication by using the maintained location information. |
| 6. | The method of claim 2, characterized by further compris ing: receiving in the mobile communication system a message from sub scriber's user equipment, the message including subscriber's location informa tion; checking whether or not the location information in the message corresponds to the location information maintained in the system; and using the location information in the message if it does not corre spond to the maintained location information. |
| 7. | The method of claim 2, characterized by further compris ing: receiving in the mobile communication system a message from the subscriber's user equipment, the message including the subscriber's location information; checking whether or not the location information in the message corresponds to the location information maintained in the system; and if it does not correspond to the maintained location information, sending an error indication using the location information in the message. |
| 8. | The method of claim 1, characterized by further compris ing: receiving in the mobile communication system a message from the subscriber's user equipment, the message indicating the subscriber's location information; and using the received location information when determining the ad dress of the network node. |
| 9. | The method of claim 4, 5,6, 7 or 8, c h a r a c t e r i z e d in that the message contains a global cell identifier which indicates the subscriber's location information. |
| 10. | A method for transmitting to the subscriber's user equipment, in formation required for a service in a mobile communication system, c h a r a c t e r i z e d in that the method comprises: authenticating the subscriber; and transmitting to the user equipment at least part of the information. |
| 11. | The method of claim 10, characterized in that said part of the information is transmitted during the subscriber authentication. |
| 12. | The method of claim 10, characterized in that said part of the information is transmitted using an authenticated channel. |
| 13. | The method of claim 10 or 12, c h a r a c t e r i z e d in that said part of the information is transmitted to the user equipment in a reply message in response to receiving a message relating to the service. |
| 14. | The method of claim 13, characterized in that the mes sage and the reply message are transmitted in an integrity protected channel. |
| 15. | The method of claim 13 or 14, characterized in that the message is transmitted from the user equipment, the message requests for the address of the network node via which the service is provided and said part of the information comprises at least the requested address. |
| 16. | The method of claim 15, characterized in that the ser vice is a certificate issuance service and that the method further comprises transmitting a certificate request from the user equipment to the network node. |
| 17. | The method of claim 10,11, 12, 13, 14 or 15c h a r a c t e r i z e d in that the service is a certificate issuance service. |
| 18. | The method of claim 10,11, 12,13, 14 or 15, character i z e d in that the service is a certificate issuance service and the user equip ment utilizes said part of the information during a certificate issuance proce dure in a visited network. |
| 19. | The method of claim 10,11, 12, 13 or 14, characterized in that said part of the information comprises at least the address of the net work node via which the service is provided. |
| 20. | The method of claim 10,11, 12,13, 14,15, 16,17, 18 or 19, characterized in that the authentication is an application level authen tication. |
| 21. | The method of claim 10,11, 12,13, 14,15, 16,17, 18,19 or 20, characterized in that said part of the information is location net work specific information. |
| 22. | The method of claim 10,11, 12,13, 14, 15, 16,17, 18,19, 20 or 21, characterized in that said part of the information comprises at least a public key required for the service. |
| 23. | The method of claim 10,11, 12,13, 14,15, 16,17, 18,19, 20, 21 or 22, characterized in that said part of the information comprises at least an indication of the protocol required for the service. |
| 24. | A mobile communication system (SA) comprising at least user equipment (UE) and a network (VN, HN) comprising at least a network node (AUH, AUV), characterized in that the system (SA) is configured to determine a network node address in the location network of the user equip ment (UE) on the basis of the location information of the user equipment. |
| 25. | The system of claim 24, c h a r a c t e r i z e d in that the loca tion network is a visited network (VN). |
| 26. | The system of claim 24 or 25, c h a r a c t e r i z e d in that the system comprises a gateway network node (AUH) for certificate requests in the home network (HN) of the user equipment, the gateway network node be ing configured to perform the network node address determination. |
| 27. | A network node in a mobile communication system, c h a r a c t e r i z e d in that the network node (AUH) is arranged to determine the ad dress of another network node required for providing a service for a subscriber on the basis of the subscriber's location information. |
| 28. | The network node of claim 27, characterized in that the network node (AUH) is in a home network and the other network node is in a visited network. |
| 29. | User equipment in a mobile communication system, c h a r a c t e r i z e d in that the user equipment (UE) is arranged to receive at least part of the information required for a service in a location network of the user equipment after the user equipment has been authenticated. |
| 30. | The user equipment of claim 29, characterized in that the user equipment (UE) is arranged to receive said part of the information from the network node with which the user equipment was authenticated, the network node being in a home network. |
BACKGROUND OF THE INVENTION [0002] Telecommunication systems, particularly mobile communica- tion systems, are developing at an increasing pace. While the telecommunica- tion systems have evolved, also services provided via the systems have been under development. Many services, for example services involving financial transactions, employ digital certificates, hereinafter called certificates, to dy- namically establish a level of trust between the parties, i. e. a trust relationship between a service provider and a subscriber using the service. By issuing cer- tificates to subscribers an operator can also offer authorization and accounting as a value-added service to other service providers. A certificate is a proof normally supplied by a third party, usually a certification authority (CA), to con- firm that a digital signature belongs to a certain person or organization and is valid.
[0003] One of the problems associated with certificates in a mobile communication system originates from the subscribers'ability to move within the service area of the system. Each subscriber of a mobile communication system is usually associated with one part of the system, which serves as the home network for that subscriber. The home network is a mobile network in whose home location register a mobile subscriber is permanently registered upon subscription, and the home network performs various subscription- related functions, such as storing subscription data and billing. A subscriber in a service area of a visited network, i. e. a network different from his home net- work, may need a certificate issued by the operator of the visited network, for example when he wishes to use services provided by a service provider who has a contractual relationship with the visited network operator but not with the home network operator. In order to obtain the certificate, some network-
specific information may be required, such as the address of the network node via which certificate requests are routed in the visited network or a public key used in certificate issuance. However, these are typically not known by the subscriber (or his user equipment), and thus the information needs to be found out somehow.
BRIEF DESCRIPTION OF THE INVENTION [0004] An object of the present invention is to provide a method and an apparatus for implementing the method which solves the problem of how the information is obtained. The object of the invention is achieved by methods and a system which are characterized by what is stated in the independent claims. The preferred embodiments of the invention are disclosed in the de- pendent claims.
BRIEF DESCRIPTION OF THE DRAWINGS [0005] In the following the invention will be described in greater de- tail by means of preferred embodiments with reference to the attached draw- ings, in which [0006] Figure 1 shows an exemplary system architecture; [0007] Figure 2 illustrates signaling according to embodiment one of the invention; and [0008] Figure 3 illustrates signaling according to embodiment two of the invention.
DETAILED DESCRIPTION OF THE INVENTION [0009] The present invention is applicable to any telecommunication system, and especially to systems providing services that require certificates or through which certificates may be delivered to the end user. Such systems in- clude for instance what are called third generation mobile systems, such as the UMTS (Universal Mobile Communication System), WLAN (wireless local area network) based systems and systems based on GSM (Global System for Mo- bile communication) or corresponding systems, such as GSM 2+ systems and the future 4th generation systems. In the following, the invention will be de- scribed by using an exemplary system disclosed in Figure 1 without restricting the invention thereto. The specifications of telecommunication systems and particularly wireless telecommunication systems develop rapidly. Such devel- opment may require extra changes to the invention. Therefore, all words and
expressions should be interpreted broadly and they are intended to illustrate, not restrict the invention.
[0010] Figure 1 shows a simplified network architecture and only shows some elements of the architecture of a system illustrated in Figure 1.
The network nodes shown in Figure 1 are logical units whose implementation may differ from what is shown. The logical units may be combined to each other, i. e. a functionality of one logical unit described below may be enhanced to comprise a functionality of another logical unit described below and/or a functionality of a prior art network node (logical unit). The connections shown in Figure 1 between network nodes are logical connections; the actual physical connections may be different than the logical connections. It is apparent to a person skilled in the art that the systems comprise also other functions and structures that need not be described in detail herein.
[0011] The system SA 1 comprises a visited network VN 2 and a home network HN 3 for a subscriber using user equipment UE 4. The visited network VN 2 comprises an AAA (Authorization, Authentication, Accounting) server AAA-V 21, a network node AU-V 22 for the certificate procedure and a certification authority CA-V 23. The home network HN 3 comprises an AAA server AAA-H 31 with which the UE has static (permanent) trust, a network node AU-H 32 for the certificate procedure, a certification authority CA-H 33 and an HSS 34. It bears no significance to the invention how the UE is con- nected to the system infrastructure, how the logical connection between the UE and the AU-H 32 is established and how different nodes, networks, authori- ties and servers are interconnected and therefore the connection alternatives are not discussed here. However, all network nodes and certification authori- ties are preferably part of network domain security (NDS) so that secure com- munication between the certification authority CA, the AU and the AAA server can be provided.
[0012] The user equipment UE 4, i. e. the terminal, may be any mo- bile node or a mobile host which can communicate over the mobile network. It can be, for example, a speech-only mobile station, a multi-service terminal that serves as a service platform and supports the loading and execution of differ- ent functions related to services, or a laptop PC connected to a cellular phone capable of packet radio operation. Other embodiments of the UE include vari- ous pagers, remote-controllers, monitoring and/or data acquisition devices, etc.
In this context, the user equipment UE generally refers to a combination of an
actual terminal and a user of the terminal, i. e. as regards mobile phones, to a combination of a mobile unit and a mobile subscriber, who is identified in the system by e. g. a SIM (Subscriber Identity Module) card detachably coupled to the mobile unit. The SIM card is a smart card that holds the subscriber identity, performs authentication algorithms, and stores authentication and encryption keys and some subscription information that is needed in the mobile station.
The address of the AU in the home network, i. e. AU-H 32 may be stored in the UE 4, preferably to the SIM. The features of the UE in different embodiments of the invention are disclosed below with Figures 2 and 3.
[0013] The certification authority CA provides the transaction parties with certificates, i. e. it is the trusted third party. Typically each network has its own CA. For example, the home network HN 3 in Figure 1 comprises CA-H 33 and the visited network comprises CA-V 23. The implementation of different certificate functions, including issuing, generating, signing and usage of certifi- cates and the manner how and the place from which the issued certificates are obtained are not significant to the invention. Other details relating to the certifi- cates, such as how they are used and what for or where they are stored, are of no importance to the invention either.
[0014] The new logical network node, authenticator AU, is a certifi- cate provisioning gateway for the UE 4. The AU is a network node for the cer- tificate issuing and delivery procedure. The AU may locate in a new physical node comprising only the AU or it may locate in a physical node comprising also another (other) logical network node (s). Typically each AU serves one CA.
However, it is also possible that two or more CAs share one AU. The features of the AU-H 32 and/or the AU-V 22 in different embodiments of the invention are disclosed below with Figures 2 and 3.
[0015] The AAA server in the home network, AAA-H 31, may com- prise subscription data that can be used during authentication of the user equipment, i. e. the subscriber. The AAA-H 31 may download this data from HSS 34. The AAA server in the visited network, AAA-V 21, may also comprise required subscription data of a roaming UE 4, the data being downloaded dur- ing registration of the UE 4, for example. In other words, the AAA-H 31 may transfer data to the AAA-V 21 or to the AU. The AAA server AAA-V 21 is also called an AAA proxy. When the UE is roaming, the AAA-V 21 may be utilized for obtaining authentication data via the AAA-H 31. The AAA server may cor- respond to a home location register or a visitor location register of the GSM
system, or it may be based on an LDAP (Lightweight Directory Access Proto- col) server or it can be an application specific server, a Diameter server or a Radius server, for example. The features of the AU-H 32 and/or the AU-V 22 in different embodiments of the invention are disclosed below with Figures 2 and 3.
[0016] The subscription data of a subscriber, also called subscriber information, is stored permanently or semi-permanently in a memory of a regis- ter called the HSS 34 in such a manner that the subscription data is connected to the subscriber's identifier IMSI or to another corresponding identifier identify- ing the subscriber. The subscription data includes routing information, i. e. the current location of the subscriber, and information on the services the sub- scriber can access. The features of the HSS 34 in different embodiments of the invention are disclosed below with Figures 2 and 3.
[0017] Since there are various ways to implement the AAA servers and the new elements AU-H 32 and AU-V 22, the following is only an example illustrating interfaces and protocols that can be used in the SA 1. It is obvious that the UE 4 and the nodes need to support their interfaces and protocols.
The security of the interface between the UE 4 and the AUs, i. e. the AU-H 32 and the AU-V 22, is based on the authentication method of the system SA 1 and therefore the interface may be EAP AKA (extensible authentication proto- col, authentication and key agreement) providing means to exchange mes- sages related to AKA authentication encapsulated within the extensible au- thentication protocol (EAP). Another possibility is HTTP Digest AKA when the underlying authentication protocol for user authentication for certificate re- quests is AKA. After a security association between UE 4 and the authenticator has been created, e. g. with EAP AKA, IPSec (Internet Protocol Security) or PIC (Pre-IKE (Internet key exchange) credential provisioning protocol) can be used between the UE 4 and the AUs, i. e. the AU-H 32 and the AU-V 22, for transferring requests and responses, such as certificate requests and certifi- cate responses, over an authenticated and integrity protected channel. The interfaces between the AAA-V 21 and the AAA-H 31, between the AAA-V 21 and the AU-V 22, between the AAA-H 31 and the AU-H 32 and between the AAA-H 31 and the HSS 34 are preferably Diameter interfaces. The interface between the AU and the corresponding CA, i. e. between the AU-H 32 and the CA-H 33 and between the AU-V 22 and the CA-V 23, may be a new interface or it may be based on existing interfaces, such as PKCS#10 disclosed in the
document having the following Internet address: <BR> <BR> http : //www. rsasecurity. com/rsalabs/Pkcs/pkcs-10/. The document is incorpo- rated herein as a reference.
[0018] The advantages of using the system SA 1 of Figure 1 to im- plement the present invention are that the system is access independent, it is technically feasible since the new node AU has no arbitrary constraints, and therefore anything can be specified and designed. Furthermore, the SA 1 en- ables synergies with WLAN (wireless local area network) security solutions, and changes to an application layer of the system are easier to build on top of existing terminals supporting e. g. WIM (Wireless Identity Module) and USIM (UMTS SIM). A further advantage is that when using the system SA 1 no changes are needed in the existing cellular protocols and network nodes.
However, the invention may be implemented in other access independent sys- tems or in access dependent systems by modifying network nodes and/or by adding functions of the invention to the networks nodes. Examples of other systems are a 3GPP All-IP system based on the IP (Internet Protocol) technol- ogy, specified in the third generation partnership project 3GPP and a system utilizing IMS (IP Multimedia Subsystem) providing multimedia services which are usually, although not necessarily, Internet-based services employing a packet protocol. If required, more detailed descriptions of some system archi- tecture examples can be found on the home page of the third generation part- nership project 3GPP and especially in the document the Internet address of which is http ://www. 3gpp. org/ftp/tsgsa/WG2Arch/TSGS227/tdocs/s2- 022854. zip. The document is incorporated herein as a reference.
[0019] Figures 2 and 3 illustrate signaling principles according to dif- ferent embodiments of the invention. The exemplary service used with Figures 2 and 3 is a service requiring certificates. Furthermore, in the examples illus- trated in Figures 2 and 3, it is assumed that in order to request a certificate, the address of the AU connected to the certification authority CA is the one used to route the certificate requests. The UE represents in Figures 2 and 3 a sub- scriber requesting a certificate. The signaling messages and points shown in Figures 2 and 3 are simplified and aim only at describing the idea of the inven- tion. Therefore nodes and signaling to which the inventive functionality is transparent are not necessarily shown in Figures. In other words, nodes via which signaling messages are transmitted and nodes which may map a signal- ing message of protocol one to a signaling message of protocol two, i. e. nodes
performing prior art functions, and corresponding signaling messages are not described in Figures 2 and 3. Other signaling messages may be sent and/or other functions carried out between the messages and/or the points. The order of the signaling messages and/or points may differ from what will be described below. The signaling messages serve only as examples and they may contain only some of the information mentioned below. The messages may also in- clude other information. Furthermore, the names of the signaling messages may be different and other protocols may be used.
Embodiment one [0020] Figure 2 illustrates signaling according to embodiment one of the invention. In embodiment one the AAA-H does not comprise subscription data or authentication information.
[0021] In Figure 2 an application level authentication has been trig- gered. The application level authentication may be triggered because the UE wants to use a service requiring a certificate from the visited network, for ex- ample. In other words Figure 2 illustrates a situation where the UE wants to use a service that requires that the UE be authenticated towards the network, and during (or in connection with) authentication the UE receives information which is needed for the service. In the example of Figure 2 it is assumed that authentication is always performed via the AU in the home network, i. e. via the AU-H. In Figure 2 it is assumed that the address of the AU-H is stored to the UE (preferably to the subscriber identity module).
[0022] The UE generates authentication message 2-1 comprising the subscriber's identity information and sends message 2-1 to the AU-H. The message 2-1 may be an EAP-Response/Identity message with the sub- scriber's NAI (Network Access Identifier), for example. The AU-H forwards message 2-1 to the AAA-H, i. e. to the AAA server in the home network. The forwarded message 2-1 may be a Diameter message, for example.
[0023] In response to receiving message 2-1, the AAA-H requests subscription data and authentication information from the HSS in message 2-2, which may be a Diameter message, for example. In the embodiment one of the invention, the HSS is arranged to add, at point 2-3, to the response message requested subscription data, authentication information and the location infor- mation of the UE. The location information may be a label for the network or a domain, or an address of a serving node, i. e. anything which defines the loca-
tion of the UE accurately enough. When the response message 2-4 is formed, the HSS sends message 2-4 to the AAA-H. Message 2-4 may be a Diameter message, for example. The requested subscription data means here the part of the subscription data needed, e. g. the whole subscription data or only the data indicating whether or not it is allowed to issue certificates for the sub- scriber.
[0024] Messages 2-5,2-6, 2-7 and 2-8 illustrate normal information exchange during authentication. A person skilled in the art is familiar with the authentication procedure and therefore authentication details are not dis- cussed in detail here. Furthermore, the details of the authentication procedure are irrelevant for the invention. Briefly, the AAA-H sends to the AU-H message 2-5 having attributes used in the authentication, such as random challenge RAND and authentication token AUTN. Message 2-5 may be a Diameter mes- sage, for example. The AU-H forwards message 2-5 to the UE. The forwarded message 2-5 may be an EAP-Request/AKA-challenge message, for example.
The UE computes, on the basis of the RAND and AUTN, a response RES and sends the RES in message 2-6 to the AU-H. Message 2-6 may be an EAP- Response/AKA-challenge message, for example. The AU-H forwards message 2-6 to the AAA-H. The forwarded message 2-6 may be a Diameter message, for example.
[0025] The AAA-H verifies the RES the AAA-H received in message 2-6. In this example it is assumed that the verification is successful, and there- fore the AAA-H forms, at point 2-7, message 2-8 indicating successful authen- tication and adds, at point 2-7, to message 2-8 the necessary subscription data, such as whether this subscriber is allowed to obtain a certificate through a mobile network, and the location information of the UE. After that the AAA-H sends message 2-8 to the AU-H. Message 2-8 may be a Diameter message, for example.
[0026] In embodiment one of the invention, the AU-H determines, at point 2-9, the address of the AU-V on the basis of the location information it received in message 2-8. The AU-H preferably comprises a mapping table for pairs formed by the location information and the AU-V address, the mapping table also comprising in embodiment one other relevant information, such as information on the protocol (s) to be used with the AU-V, the public key of the AU-V, a certificate of the AU-V, and/or other security related parameters, for each pair. Another possibility is that the AU-H inquires the address and other
relevant information from a network node having the mapping table or corre- sponding information, the network node being preferably in the home network.
The mapping table may comprise only location information with address infor- mation, only location information with with some relevant information or loca- tion information with address information and some relevant information. For example, for location information"operator 1"the mapping table may contain address information, such as certificate. authority@operator1. fi, or a public key, e. g. 123567E97, or both of them.
[0027] When the address is determined, the AU-H adds, at point 2- 9, the address of the AU-V and the other relevant information to the message indicating successful authentication, i. e message 2-10, and sends message 2- 10 to the UE. The UE receives in message 2-10 information which can be used, for example, when the UE requests for certificates in the visited network.
[0028] After that the UE and the AU-H can set up a security asso- ciation, such as an IPSec security association, and the UE may send a certifi- cate request either to the AU in the home network or to the AU in the visited network. How the security association is set up bears no significance to the invention.
[0029] In another embodiment of the invention, the AU-H may be configured to add, at point 2-9, only part of the relevant information, for exam- ple only the public key of the AU-V or the protocol (s) or both of them but not the address of the AU-V.
[0030] By sending the public key in message 2-10 a problem relat- ing to the use of the PIC protocol for obtaining a digital certificate is solved.
The usage of PIC between two elements only requires that the elements be IP- capable entities connected to interconnected networks. The PIC sets up an authenticated encrypted connection between the terminal and the server.
However, the PIC requires that the server, i. e. the AU, be authenticated on the basis of the digital signature of the server. In order to verify the server's signa- ture, the UE needs to know, or be able to validate, the server's public key. The public key in the home network may be stored in the UE, but embodiment one provides one solution how the UE can be informed about the server's public key in the visited network.
[0031] Another advantage of embodiment one is that UE can be sure that the information received in message 2-10 is valid, since the message exchange is authenticated and integrity protected based on e. g. AKA. If the
AAA-H comprises authentication information on the subscriber, authentication information is preferably not requested in message 2-2 and not returned in message 2-4. In other words, messages 2-2 and 2-4 may be used to transmit subscription data and location information.
[0032] If the UE knows the address of the AU-V, the UE may send message 2-1 to the AU-V, which acts similarly to the AU-H of Figure 2. In other words, the AU-V forwards message 2-1 and message 2-6 via the AAA-V to the AAA-H, receives message 2-5 and 2-8 from the AAA-H (via the AAA-V), and adds information at point 2-9 to message 2-10. However, the AU-V does not preferably add its own address to message 2-10 since there is no need for the address. Depending on the configuration, the location information is or is not added (points 2-3 and 2-9) in the HSS and/or in the AAA-H.
[0033] The UE may be informed of the address of the AU-V using DHCP and DNS in a similar way as in IMS the address of a proxy connection state control function in the visited network is determined. Another possibility is that the address is sent during a packet data protocol context establishment or update. If the network and the UE support SLP (Service Location Protocol) it can be used to determine the address of the AU-V. Yet another possibility is that the name of the AU-V (or the service using the AU-V) is advertised and the name may be saved to the UE to be used.
[0034] In some other embodiment of the invention either the UE or the access network is configured to add to message 2-1 information indicating the location of the UE, such as information indicating the visited network. For example, the information may be Cell Global Identification (CGI) including the mobile country code (MCC) and the mobile network code (MNC). The CGI is available for example in the"P-Access-Network-Info"information element. The information may also be a label for the network or a domain, or an address of a serving node, i. e. anything which defines the location of the UE accurately enough. If the AU-H receives the information indicating the location, the AU-H may also derive location information of the UE, i. e. the visited network e. g. on the basis of the received information. In that case there is no need to add loca- tion information at points 2-3 and 2-7 or to transmit the location information in messages 2-4 and 2-8.
[0035] If the underlying network architecture has as an access net- work a WLAN (Wireless Local Area Network), it is also possible that the AAA-V performs some of the functions of the AAA-H.
[0036] Although it is assumed above that the relevant information is sent during application level authentication, it is obvious to a person skilled in the art that the above-described information adding may be performed during the normal authentication procedure.
Embodiment two [0037] Figure 3 illustrates signaling according to embodiment two of the invention. Embodiment 2 may be used, for example, in three-phase certifi- cate delivery comprising an authentication phase, an address determination phase and a certificate issuing phase. Embodiment 2 may also be combined with embodiment one, for example if the system is configured not to transmit the address of the AU-V to the UE in message 2-10.
[0038] In Figure 3 it is assumed that the UE has performed a suc- cessful authentication and has a security association with the AU-H. Thus the information exchange illustrated in Figure 3 uses an integrity protected chan- nel. A subscriber, i. e. a user of the UE, wishes to use a service requiring a cer- tificate from the visited network. In embodiment two of the invention the UE is configured to send the AU-H message 3-1, which requests for the address of the AU-V. The UE is preferably configured to send message 3-1 only in re- sponse to a request relating to the visited network.
[0039] In response to receiving message 3-1, the AU-H requests in message 3-2 the location information of the UE from the HSS and receives the location information in message 3-3. Then the AU-H determines, at point 3-4, the address of the AU-V. The address may be determined as described above at point 2-9. When the address has been determined, the AU-H sends the ad- dress in message 3-5 to the UE. Message 3-5 may also comprise service re- lated information, i. e. message 3-5 may comprise, besides or instead of the address, it may comprise the public key of the AU-V, a certificate of the AU-V, information on the protocol (s) to be used with the AU-V, and/or other security related parameters. After receiving message 3-5 the UE may send a certificate request having the address received in said message.
[0040] The UE may be arranged to indicate in message 3-1 that the UE requires an address in the visited network, for example an authenticator address. After receiving message 3-1, the AU-H may be arranged to check whether or not the request relates to an address in the subscriber's home net- work, and in response to the request relating to a visited network to send mes- sage 3-2 and to find out the address of the AU-V (point 3-4). The indication
may be a parameter having two different values : home network and visited network. The indication may also be the address of the network node from which the service is requested, the address being given as a parameter in the request. It is also possible that a request without any address of the network node indicates that the service is to be provided (such as a certificate is to be issued) by the visited network. The indication may also be an indication indicat- ing the required service, which may also indicate which of the networks should issue the certificate, for example. Thus, the invention does not limit how the network (or the network node) is indicated.
[0041] In another embodiment of the invention message 3-1 may be a certificate request indicating that the certificate is requested from the visited network. In this embodiment, after the address has been determined, the cer- tificate request is either sent to the AU-V or back to the UE. In the latter case the UE is configured to send another certificate request to the AU-V, the ad- dress of which the UE received from the AU-H. If the certificate request is sent from the AU-H directly to the AU-V, message 3-5 will not be sent.
[0042] In another embodiment of the invention either the UE or the access network is configured to add to message 3-1 information indicating the location of the UE. Examples of such information are described above with embodiment one. If the AU-H receives the information indicating the location, the AU-H may also derive location information, i. e. the visited network e. g. on the basis of the received information. In that case there is no need to send messages 3-2 and 3-3. However, the AU-H may be configured to request the location information from the HSS and to check, whether or not the indicated location of the UE is the same as the one revealed by the location information in message 3-3. If not, the AU-H may be configured to use either the informa- tion received from the HSS, i. e. the information maintained in the system or the location information in message 3-3 to determine the proper address, or to send a failure indication, i. e. an error, instead of the requested information in message 3-5. The error may be sent using either the information maintained in the system or the location information in message 3-3.
[0043] The AU-H above illustrates an intermediate network node, and its features may be implemented in other intermediate network nodes, for example the AAA-H. If the intermediate network node is a node other than the AU-H, then the intermediate network node may determine the address of the
AU on the basis of the location information. In that case also the address of the AU-H could be obtained from the system and would not be stored in the UE.
[0044] Although in the above it is assumed that the address of the AU-V is needed, it is obvious to a person skilled in the art that some features of the invention may be implemented when the AU is neither in the home network nor in the visited network but in some other network or when it is a separate element not belonging to any particular network. In such a case the location information of the UE cannot be utilized but the UE indicates the network or the node either by adding its address or corresponding identification information to message 2-1 or message 3-1, or the requested service indicates this network and the mapping table is then used to determine the address on the basis of the indication.
[0045] Although in the above it is assumed that the address and/or other information may be used, the AU-H (or the AAA-H) may be configured to check at point 2-9 or at point 3-4 whether or not the service can be provided, i. e. whether the request relating to the service can be granted and, if the ser- vice cannot be granted, to send the UE a message indicating failure. For ex- ample, the AU-H may be arranged to check whether the UE has a right to make a certificate request in the visited network or whether the UE has a right to a certificate in the network for which it requests the certificate. The check may be performed on the basis of the subscription data received from the HSS. The subscription data in the HSS may comprise information on whether or not it is allowed to issue certificates to the subscriber. The information may be just one parameter indicating whether or not this is allowed. The information may also indicate if it is allowed to issue certificates from the home network and/or visited network. It is also possible to use a combination of different pa- rameters or to list those networks or network elements (CAs and AUs, for ex- ample) which are allowed to issue certificates. The information may also indi- cate whether or not it is allowed to issue authentication certificates, non- repudiation certificates, non-repudiation certificates for certain purpose, etc.
The information may be common to a subscription, i. e. subscriber-specific, or subscriber-profile-specific, or common to all subscribers, e. g. operator-specific, or common to many subscribers. If the subscriber belongs to a group of sub- scribers, the information may be group-specific. The information may also comprise the address of the CA and/or the AU in the home network, i. e. the address of the CA-H and/or the AU-H.
[0046] Although the invention is described above assuming that the address of the AU-V and/or additional information relating to the AU-V is de- termined and/or transmitted, it is obvious to a person skilled in the art that simi- lar functionality may be implemented with any other server or serving node, such as a node that stores network-specific information needed by the UE, and thus the AU-V is simply used as an example of a server/serving node.
[0047] Although the invention is described above assuming that the service is certificate issuing service, it is obvious to a person skilled in the art how to implement the invention in similar types of services where the address of the network node providing the service may depend on the location of the UE and/or where other additional information needed for the service may be transmitted from the network to the UE.
[0048] It is obvious to a person skilled in the art that different fea- tures and functions described above with specific embodiments and systems can be combined freely to create other embodiments of the invention or other systems implementing the inventive embodiments.
[0049] The telecommunication system and network nodes imple- menting the functionality of the present invention comprise not only state-of- the-art means but also means for providing one or more of the functionalities described above. Present network nodes and user equipment comprise proc- essors and memory that can be utilized in the functions according to the inven- tion. All modifications and configurations required for implementing the inven- tion may be performed as routines, which may be implemented as added or updated software routines, application circuits (ASIC) and/or programmable circuits, such as EPLD (Electrically Programmable Logic Device) and FPGA (Field Programmable Gate Array).
[0050] It will be obvious to a person skilled in the art that as tech- nology advances the inventive concept can be implemented in various ways.
The invention and its embodiments are not limited to the examples described above but may vary within the scope of the claims.