The current development towards truly mobile computing and networking has brought on the evolution of various access technologies, which also provide the users with access to the Internet when they are outside their own home network. The first public communication network that provides a truly ubiquitous World Wide Web (WWW) access is the GSM-based mobile telephone network.
So far, the use of the Internet has been dominated by person-to-machine communications, i.e. information services. The evolution towards the so-called third generation (3G) wireless networks brings along mobile multimedia communications, which will also change the way IP-based services are utilized in public mobile networks. The IP Multimedia Subsystem (IMS), as specified by the by the 3rd Generation Partnership Project (3GPP), integrates mobile voice communications with Internet technologies, allowing IP-based multimedia services to be utilized in mobile networks.
The inventors have identified an important problem with mobile multimedia communications in third generation wireless networks, namely that of identity coherence checking in the so-called third generation Generic Authentication Architecture GAA. This is for example described in the Technical specification TS 33.220v6.
The new multimedia capable mobile terminals (multimedia phones) provide an open development platform for application developers, allowing independent application developers to design new services and applications for the multimedia environment. The users may, in turn, download the new applications/services to their mobile terminals and use them therein.
GAA is to be used as a security procedure for a plurality of future applications and services. However, the inventors have identified a flaw in GAA.
In particular, in GAA there is a need for a bootstrapping server function (BSF) to be able to verify a binding between a public identifier of a network application function (NAF) and the GAA internal identifier of the NAF. The public identifier of the NAF is the public host name of the NAF that the user equipment (UE) uses in the Ua interface. The internal NAF identifier is the network address that is used in the corresponding DIAMETER messages in the Zn interface. The public NAF identifier is needed in the boot strapping function because the bootstrapping server function uses it during the derivation of the NAF specific key (Ks_NAF).
This problem is more pronounced if the NAF is doing virtual name based hosting, that is having multiple host names mapped on to a single IP (internet protocol) address. Thus, there may be one-to-many mapping between the internal NAF address and the public NAF addresses. The domain name server is not able to verify that a certain NAF address identified by a certain internal NAF address in the bootstrapping server function is authorised to use a certain public NAF address.
Embodiments of the present invention seek to address the above-described problems.