Abstract: A method allows a user to transmit emergency messages to a selected communication network, in particular a WiMax network, even without valid registration.

Abstract: A mobile station is designed, as a gateway for one or several mobile terminals, to establish a connection between the mobile terminal(s) and an access network. The mobile station supports a network-based mobility management such that the mobile station acts as a client instead of the mobile terminals during communication with a home agent of a home network or intermediate network connected to the access network in the framework of a mobile IP connection.

Abstract: A first computer sends a list of possible security associations to a second computer in a message according to a protocol of an application layer, a security parameter index being contained in the message for each security association. The second computer selects a security association and transmits it or an indication of the security association selected by it to the first computer.

Abstract: A method for transmitting data in a Wireless Local Area Network (WLAN) including transmitting a WLAN message between a terminal device and an access node of the WLAN network in the Layer 2 protocol laver. An Extensible Authentication Protocol (PAP) message is transmitted in the WLAN message. The EAP message includes a Session Initiation Protocol (SIP) message having SIP authentication data.

Abstract: The invention relates to a method for transmitting data in a WLAN network (Wireless Local Area Network), whereby WLAN messages are transmitted in the Layer 2 protocol layer between a terminal and an access node of the WLAN network. EAP messages (Extensible Authentication Protocol) are transmitted in the WLAN messages, said EAP messages containing SIP messages (Session Initiation Protocol) with SIP authentication data.

Abstract: An access specific key is provided for securing of a data transfer between a mobile terminal and a node of an access net. For authentication of the mobile terminal, a authentication server generates a session key, from which a basic key is derived and transferred to an interworking-proxy-server. The interworking-proxy-server derives the access specific key from the transferred basis key and provides the key to the node of the access net.

Abstract: A method provides service quality in a WiMAX communication network, and a method selects an access transport resource control function by a guideline decision-making function in a communication network. According to a method for providing service quality on an air interface of an access network in a WiMAX communication network by an application function, the application function aims to provide a user of the WiMAX communication network with a service quality-related application. The desired service quality is signaled by an authentication, authorization and accounting infrastructure of the WiMAX communication network.

Abstract: A method and a device for data interception in a network are provided. The network includes a mechanism and/or a functionality according to an Extensible Authentication Protocol (EAP). The method includes a first network element provides session information to a third network element; a second network element provides identity information to the third network element; and the third network element processes and/or forwards at least a portion of the session information and/or identity information provided.

Abstract: A method, apparatus, and computer program product, are provided to receive an authentication message initiated by a network access request to access a connectivity network. The authentication message may include a first communication protocol that is converted into at least one additional different protocol, and forwarded to an authentication function of a gateway of an access network prior to the authentication message being forwarded to the connectivity network.

Abstract: It is disclosed a method including providing a relation of network access technology-specific identification information (NATSII) of a user equipment or user and network identity-related information (NIRI) of the user equipment, receiving an inquiry comprising network identity-related inquiry information (NIRII), resolving the received NIRII based on the provided relation, and sending a response including the NATSII according to a result of the resolved NIRII; a method including receiving a registration request comprising NIRII from a user equipment or user, obtaining NATSII based on the received NIRII, appending the received NIRII with the obtained NATSII, and sending the appended NIRII; and a method receiving a registration request comprising first NATSII and NIRI, obtaining second NATSII based on the received NIRI, matching the received first NATSII against the obtained second NATSII, and authorizing access for a user equipment based on a result of matching.

Abstract: A first cryptographic key (318) and a second cryptographic key (322) are created by a mobile radio terminal (103) and by a computer of the home communications network (108, 109) by using authentication key materials (312). The first cryptographic key (318) is transmitted to the computer of the visited communications network (113), and the second cryptographic key (322) is transmitted to an application server computer (106, 107).

Abstract: A method and authentication server provide a mobile key. According to the method, upon receipt of an authentication message (access authentication) that is transmitted when a subscriber logs on to the network, the authentication server extracts a subscriber identification contained in said message and generates a corresponding mobile key, which is stored together with the respective extracted subscriber identification. Upon subsequent receipt of a key request message (key request) that is transmitted when a subscriber registers, the authentication server extracts a mobile identification of the subscriber contained in said message and searches for an identical mobile identification, which can be derived in accordance with a configurable derivation function from a subscriber identification that is stored in the authentication server.

Abstract: A method provides subscriber-specific activation of network-based mobility management using an authentication server. According to the method, network-based mobility management is enforced, even if the mobile terminal supports terminal-based mobility management. This gives a network provider complete control over mobility management in his network, preventing configuration problems during the configuration of mobile terminals. In the method, after the successful authentication of a subscriber, the authentication server transmits an authentication confirmation message to an authentication client in an access network. The received authentication confirmation message contains an activation attribute for activating network-based mobility management, if the authentication server does not provide a common mobile key for terminal-based mobility management.

Abstract: A counter status that is allocated to a communication terminal and a base station is usually deleted when the storage space in the respective base station is used up. To address this, the counter status is saved in an additional communication network element when a predefinable criterion is met, and can thus be retrieved.

Abstract: A method allows a user to transmit emergency messages to a selected communication network, in particular a WiMax network, even without valid registration.

Abstract: The invention relates to a method for transmitting data in a WLAN network (WLAN=Wireless Local Area Network) during which WLAN messages are transmitted in the L2 protocol layer between a terminal and an access node of the WLAN network, whereby the access node can be connected to one or more data networks. According to the invention, the WLAN messages contain SIP messages with SIP authentication data (SIP=Session Initiation Protocol). The SIP authentication data is extracted from WLAN messages arriving in the access node and are integrated in the form of authentication data in messages of the RADIUS protocol and/or of the diameter protocol (RADIUS=Remote Authentication Dial In User Service).

Abstract: A mobile station is designed, as a gateway for one or several mobile terminals, to establish a connection between the mobile terminal(s) and an access network. The mobile station supports a network-based mobility management such that the mobile station acts as a client instead of the mobile terminals during communication with a home agent of a home network or intermediate network connected to the access network in the framework of a mobile IP connection.

Abstract: After a radio link is established between a mobile subscriber terminal and an access network, the subscriber is authenticated by a proxy server of an intermediate network forwarding, from the access network to a home network of the subscriber, authentication message(s) containing a subscriber identification. If the subscriber is authenticated and the subscriber identification is already stored in the proxy server, the proxy server assigns a group-specific mobile key to the subscriber identification. When the home agent receives a registration request message originating from a subscriber terminal and containing a subscriber identification and transmits a key request message, containing the subscriber identification, for a mobile key to the proxy server, if the subscriber identification in the key request message matches a subscriber identification stored by the proxy server, a mobile key for cryptographic protection of mobile signalling messages is provided to the home agent by the proxy server.

Abstract: A method for providing an IP key, for encoding messages between a user terminal MS or a PMIP client and a home agent HA, wherein an authentication server only provides the mobile IP key when the authentication server recognizes, by a correspondingly encoded parameter, that the user terminal MS itself is not using mobile IP (PMIP).

Abstract: A method and a device divert messages of a terminal, in particular, a mobile terminal from a first network provider connected to an access network by a gateway node of a second network provider. Network access identifiers are provided in the exchanged messages, made up of a character string for identifying the terminal and a character string for addressing a server of the network provider. The network access identifier is reformatted in the method such that the messages are not firstly transmitted to the server of the first network provider but rather to the server of the second network provider. After analysis of the data contained in the messages, the messages are then forwarded to the server of the first network provider after reverse formatting of the network access identifier.