This invention relates to a method of generating an authentication for updating a mobile communications device's location.
Mobile networking along with the proliferation of wireless devices, such as notebook computers, personal digital assistants and cellular phones are gaining popularity. In mobile networking, a mobile communications device or a mobile device roams between an inter-connected network or inter-network to access or retrieve the desired information and it is imperative that the communication session is not disrupted during the roaming process. When the mobile device roams or switches between networks, its “point of attachment” to the inter-network changes which is invisible to the user since the hand-offs and reconnections occur automatically and seamlessly.
In a typical packet switched inter-network, such as the Internet, data packets are routed from a source inter-network address to a destination inter-network address according to a network number derived from the destination inter-network address by masking off some of the low-order bits. Thus, an inter-network address typically carries information that specifies a device's point of attachment according to the network number. To maintain existing higher-layer connections and to prevent communications breakdown as the mobile device moves from place to place, and thus between networks, the mobile device should keep its inter-network address the same. However, this is not possible since the correct delivery of packets to the mobile device's current point of attachment depends on the network number contained within the mobile device's inter-network address, which changes at new points of attachment i.e. when the mobile device moves between networks.
If a communications device wishes to send a data packet to the mobile device and is not updated of the new location or point of attachment of the mobile device, the data packet destined for the mobile device may be lost and thus communication would be disrupted. Therefore, to change the routing requires a new inter-network address associated with the new point of attachment.
To overcome the above problem, it has been proposed that the mobile device uses two Inter-network addresses: a home inter-network address (HIA) which is static and used to maintain reachability and connection even when the mobile device is away from the home inter-network, and a care-of inter-network address (CoA) which changes at each new point of attachment and can be regarded as the mobile device's topological significant address. The CoA indicates the new network number and thus identifies the mobile device's point of attachment with respect to the network topology. To maintain continuous network connection, the home network includes a proxy server which receives data messages on behalf of the mobile device and thereafter routes the data message to the mobile device based on the new CoA so that the communications session is not disrupted. The home network proxy server makes it appear that the mobile device is continually receiving data on its home network but in actual fact, the data is being routed to the new network specified by the CoA.
Alternatively, when the mobile device acquires a new CoA from the new network, the mobile device sends a location update message to its corresponding communications devices informing them of its new CoA. This will allow the corresponding communications devices to send messages using the new CoA to the mobile device. However, upon receiving the update message, a communications device, must verify the authenticity of the location update message before it starts sending messages to the mobile device at the new CoA. Authentication of the location update message is required since a hacker can impersonate the mobile device by sending a location update message with a CoA of his choice such that the corresponding device is bluffed into sending packets to the hacker instead of the mobile device.
Most of the authentication methods or protocols in the prior art proposed that the parties concerned pre-share a secret key or recognise each other's public key (see C. Kaufman, R. Perlman, and M. Speciner, Network Security—Private Communication in A Public World, PTR Prentice Hall, Englewoor Cliffs, N.J., 1995). Sharing a secret key between a mobile device and a random corresponding device in a large inter-connected network such as the Internet is unrealistic and complex. In addition, it is unlikely that a global public key infrastructure over the Internet will take place in the near future.
It is an object of the invention to provide a method of generating an authentication which alleviates at least one of the disadvantages of the prior art.