| CPC H04L 9/3263 (2013.01) [H04W 12/06 (2013.01)] | 19 Claims |
|
1. An apparatus comprising
at least one processor; and
at least one memory including computer program code, the at least one memory and computer program code configured to, with the at least one processor, cause the apparatus at least to:
check whether a terminal receives, using an established security association between the terminal and a first base station, from the first base station, a first local authentication certificate, wherein the first local authentication certificate comprises a public key of the terminal, a public key of the first base station, and a base station identifier of the first base station;
store the first local authentication certificate if the terminal receives the first local authentication certificate;
monitor whether the terminal is to be authenticated; and
if the terminal is to be authenticated:
retrieve the public key of the first base station and the base station identifier from the first local authentication certificate;
encrypt a certificate unit with the public key of the first base station to create an encrypted certificate unit, wherein the certificate unit comprises the first local authentication certificate; and
send, to a second base station, a request for local authentication of the terminal, wherein the request for local authentication comprises the encrypted certificate unit and the base station identifier, and the base station identifier is not encrypted in the request for local authentication.
|