基本信息:
- 专利标题: IP MULTIMEDIA SECURITY
- 专利标题(中):IP多媒体安全
- 申请号:PCT/EP2009/052560 申请日:2009-03-04
- 公开(公告)号:WO2010099823A1 公开(公告)日:2010-09-10
- 发明人: NÄSLUND, Mats , BLOM, Rolf , CHENG, Yi , LINDHOLM, Fredrik , NORRMAN, Karl
- 申请人: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , NÄSLUND, Mats , BLOM, Rolf , CHENG, Yi , LINDHOLM, Fredrik , NORRMAN, Karl
- 申请人地址: S-164 83 Stockholm SE
- 专利权人: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL),NÄSLUND, Mats,BLOM, Rolf,CHENG, Yi,LINDHOLM, Fredrik,NORRMAN, Karl
- 当前专利权人: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL),NÄSLUND, Mats,BLOM, Rolf,CHENG, Yi,LINDHOLM, Fredrik,NORRMAN, Karl
- 当前专利权人地址: S-164 83 Stockholm SE
- 代理机构: LIND, Robert
- 主分类号: H04L29/06
- IPC分类号: H04L29/06 ; H04W12/04
摘要:
A method of establishing keys for at least partially securing media plane data exchanged between first and second end users via respective first and second media plane network nodes. The method comprises sending session set-up signalling from said first end point towards said second end point, said session set-up signalling including a session key generated by said first end point. The set-up signalling is intercepted at a first signalling plane network node and a determination made as to whether or not a signalling plane key has already been established for securing the signalling plane between said first end point and said first signalling plane network node. If a signalling plane key has already been established, then a media plane key is derived from that signalling plane key, and the media plane key sent to said first media plane network node for securing the media plane between said first end user and said first media plane network node. If a signalling plane key has not already been established, then an alternative media plane key is derived from said session key and sent to said first media plane network node for securing the media plane between said first end user and said first media plane network node.
摘要(中):
一种建立用于经由相应的第一和第二媒体平面网络节点至少部分地保护在第一和第二终端用户之间交换的媒体平面数据的密钥的方法。 该方法包括从所述第一端点向所述第二端点发送会话建立信令,所述会话建立信令包括由所述第一端点产生的会话密钥。 建立信令在第一信令平面网络节点被拦截,并且确定信令平面密钥是否已被建立用于在所述第一终端和所述第一信令平面网络节点之间保护信令平面。 如果已经建立了信令平面密钥,则从该信令平面密钥导出媒体平面密钥,并且将媒体平面密钥发送到所述第一媒体平面网络节点,以将介质平面固定在所述第一终端用户和所述第一媒体之间 平面网络节点。 如果还没有建立信令平面密钥,则从所述会话密钥导出替代媒体平面密钥,并将其发送到所述第一媒体平面网络节点,以便在所述第一终端用户和所述第一媒体平面网络节点之间保护媒体平面。