Various Third Generation Protocol Partnership (3GPP) sub-system architectures are based on roaming models, i.e. where a user is accessing services via a visited network rather than via his or her home network. The roaming model was first adopted at lower layer networks but was later deployed also to upper layers and used for applications such as the IP Multimedia Sub-system (IMS).
Roaming models can be difficult to implement, especially at the application layer. For example, if the access security solution is based on a model in which the entity (access node) in the visited network is authenticated to a mobile node by a Transport Layer Security (TLS) certificate (TLS is a standard produced by the European Telecommunications Standards Institute (ETSI)), but the mobile node is authenticated using credentials shared only with the home network (e.g. Hypertext Transport Protocol (HTTP) Digest AKA), the mobile node cannot easily determine whether or not the entity in the visited network should be trusted. Secure access will necessitate such a determination in order to prevent the threat of so-called “man-in-the-middle” attacks where an attacker seeks to place a fraudulent node between the mobile node and the visited network entity. Because the mobile node authentication is not tied to the underlying security, the attacker can tunnel HTTP Digest messages between different tunnels and even different protocols.
A means to address this problem is to apply global naming restrictions to all entities in the visited networks. In this way, the mobile node could verify that a given entity belongs to a common “trust domain”. However, this might cause configuration problems, and may not be acceptable from a business point of view. Furthermore, the solution is not very flexible, and cannot be changed once agreed.
It is an object of the present technology to allow the home network to explicitly verifying the used roaming model to a client in a secure way. This verification may be done according to the HTTP Digest authentication framework if the roaming model is reflected in some authenticated parameter or protected in some other way.
According to a first aspect of the present technology there is provided a method of authenticating a user access network to a mobile node, where the mobile node wishes to access a service via the access network, the method comprising:                establishing a secure transport channel between the mobile node and a service access node of the visited network, said channel being bound to an identity of the service access node;        sending an authorisation request from the mobile node to the service access node, incorporating an identity of the service access node into the request at the service access node, and forwarding the request to an authorisation node of the user's home network;        at said authorisation node of the home network, authorising the service access node, and sending to the service access node a user challenge including the identity of the service access node, said identity being included in such a way that a change to the identity can be detected by a recipient;        at the service access node, forwarding the received user challenge to the mobile node; and        at the mobile node verifying whether or not the identity bound to the secure transport channel matches the identity contained in the received challenge.        
Assuming that the mobile node verifies that the identity bound to the secure transport channel matches the identity contained in the received challenge, a subsequent step of sending a challenge response to the authorisation node via the service access node may be carried out. The authorisation node then verifies that the identity contained in the response has not been changed.
The mobile node may comprise a SIP UA, where said service access node is a SIP P-CSCF and said authorisation node is a S-CSCF. Said authorisation request is a SIP REGISTER message, and said challenge is a SIP 401 message.
The service access node comprises an HTTP proxy, and said authorisation node may comprise an HTTP server, and said authorisation request may be an HTTP request.
Said secure transport channel may be established according to TLS, said identity being included in a TLS certificate.
The authorisation node may generate a new roaming domain/realm name for the roaming agreement by combining a visited network domain name with a home network domain name, the new domain/realm name being included in said user challenge.
According to a second aspect of the present technology there is provided a user terminal for allowing a user to access a service via a visited communication network, the terminal comprising:                means for establishing a secure transport channel between the user terminal and a service access node of the visited network, said channel being bound to an identity of the service access node;        means for sending an authorisation request to the service access node, for forwarding by the service access node to an authorisation node of the user's home network;        means for receiving from said authorisation node via the service access node a user challenge including the identity of the service access node, said identity being included in such a way that a change to the identity can be detected by the user terminal; and        means for verifying whether or not the identity bound to the secure transport channel matches the identity contained in the received challenge.        
Said means for establishing a secure transport channel between the user terminal and a service access node may be means for establishing a channel according to TLS.
Said authorisation request may be a SIP REGISTER or an HTTP request.
According to a third aspect of the present technology there is provided an access node for providing a user terminal with access to a service while roaming outside of the user's home network, the access node comprising:                means for establishing a secure transport channel between the user terminal and the access node, said channel being bound to an identity of the service access node;        means for receiving an authorisation request from the user terminal and for incorporating an identity of the access node into the request;        means for forwarding the request to an authorisation node of the user's home network;        means for receiving from the authorisation node a user challenge including the identity of the service access node, said identity being included in such a way that a change to the identity can be detected by a recipient; and        means for forwarding the received user challenge to the user terminal.        
According to a fourth aspect of the present technology there is provided an authorisation node for use in a home network of a user of a user terminal, where the user terminal can establish a secure transport channel between itself and a service access node of the visited network, said channel being bound to an identity of the service access node, the authorisation node comprising:                means for receiving an authorisation request from the mobile node via the service access node, the service access node having incorporated into the request an identity of the service access node; and        means for authorising the service access node and for sending to the user terminal via the service access node a user challenge including the identity of the service access node, said identity being included in such a way that a change to the identity can be detected by a recipient.        