The present invention supports a generalized link-layer address extension for an information packet transmission on an IP mobility system. In the invention, a link-layer address for a node can be communicated in any information packet rather than confined to a specialized message format. The link-layer address can be used in link-layer routing protocols to simplify mobile IP hand-offs and routing, reducing overhead data traffic and allowing more efficient use of network resources.

Disclosed is a buffer management method for a mobile node in a mobile IP telecommunication network. The buffer management method supports a handoff of the mobile node from a first agent of a first network to a second agent of a second network. The method begins upon initiation of the handoff. A first message is sent to the first agent requesting the first agent to buffer any packets being sent to the mobile node. While the buffering is being performed, the handoff may be completed to the second agent. Once the handoff is complete, a second message can be sent to the first agent requesting the first agent to forward the buffered packets to the second agent.

The invention provides for an improved method and system of registration and hand-off procedures for a mobile node in a packet-based communication network. The present invention obtains expanded addresses over past systems. The invention can also use serving mobility managers to obtain a care-of address to route data-packets while on the foreign sub-network. The invention improves efficiency and reduces message overhead during registration and hand-off.

A system and method is provided for seamlessly switching between different network access technologies without interrupting active network applications or sessions. A Network Access Arbitrator (NAA), which contains a virtual network adapter driver, resides between a Data Link Layer and a Network Layer of the standard OSI-7 Layer Protocol Stack for controlling necessary switching between different network access technologies. Since all network applications are controlled by layers residing on or above the Network Layer, all applications using network services provided by the Network Layer will continue their active network sessions or applications without disruption, as the NAA switches between different network access technologies.

In an IP-based mobile communications system, the Mobile Node changes its point of attachment to the network while maintaining network connectivity. Security concerns arise in the mobile system because authorized users are subject to the following forms of attack: (1) session stealing where a hostile node hijacks session from mobile node by redirecting packets, (2) spoofing where the identity of an authorized user is utilized in an unauthorized manner to obtain access to the network, and (3) eavesdropping and stealing of data during session with authorized user. No separate secure network exists in the IP-based mobility communications system, and therefore, it is necessary to protect information transmitted in the mobile system from the above-identified security attacks.The present invention improves the security of communications in a IP mobile communications system by creating variable-based Security Associations between various nodes on the system, a Virtual Private Network supported by an Service Level Agreement between various foreign networks and a home network, and an SLA Broker to promote large-scale roaming among different SLAs supported by the SLA Broker or agreements with other SLA Brokers.