Mobile units, e.g. telephones, laptop computers, etc. are known to be able to roam in wireless networks between various locations. Still, while roaming through various networks and sub-networks they need to maintain their connectivity. Various aspects relating to this mode of operation were suggested by the IETF (“Internet Engineering Task Force”) and are described in a series of RFC (Request for Comment) documents that will be further discussed.
EAP framework is used as basic mechanism for user and device authentication/authorization in wireless network (e.g. mobile WiMAX). RFCs 2904, 2905 and 2906 present an AAA architectural framework. RFC 3748 defines EAP framework for usage on PPP, wired 802 networks and wireless LAN networks. The standardization body of mobile WiMAX has adopted EAP authentication framework as a suitable solution.
EAP framework relates to three entities which are associated with the authentication procedure:                Supplicant—an entity that resides in the user/device terminal        Authenticator—resides in ASN and relates to the NAS.        Authentication Server—AAA server        
As will be appreciated by those skilled in the art, one of the problems characterizing mobile networks is, that mobile nodes may replace rather frequently their respective traffic attachment points (as they are typically associated with the corresponding NAS) in the access network. This problem is more common for distributed networks, in which the network access server (NAS) may reside in any of the base stations associated with a specific network.
Our co-pending application U.S. Ser. No. 11/175,384 (published as U.S. Patent Application No. 2007/0008900) describes a method for use in a mobile wireless access network for providing secure mobile IP services to a mobile terminal, which is based on creating a virtual anchored node at an access network (ASN) associated with the mobile terminal and with a logical Access Network Server (“NAS”), where the anchored node communicates with the other elements associated with the access network (ASN) (e.g. BS and the NAS part which takes care after the conveyed traffic).
Some methods disclosed in the prior art, deal with the problem of authenticating a session being established with a mobile terminal that is moving around, but they do not provide an adequate solution to the problem of how to single out the appropriate NAS, through which it would be possible to communicate with that mobile terminal. This problem is experienced in numerous occasions such as when a mobile terminal has to communicate through using another Access Server Network Gateway (“ASN GW”) while moving within the same access network, etc.
In addition, the solutions known in the art for replacing the authenticating entity together with traffic attachment point are cumbersome and not efficient enough, as they require carrying out full authentication processes of the terminal.
The disclosure of the references mentioned throughout the present specification are hereby incorporated herein by reference in their entireties and for all purposes.