A method and a system for allowing a user device that has already been
authenticated by a first communications network to gain access to a
second communications network without undergoing authentication by the
second communications network. The first communications network and the
second communications network have a pre-established trust relationship
there between. A packet is received from the user device that includes a
user device public key, by the second network via the first network. A
session key is sent from the second network to the user device, via the
first network, when a source Internet Protocol (IP) address associated
with the packet falls into a range allocated to the first network. The
session key is encrypted with the user device public key. The user device
decrypts the session key using a private key and uses the session key
thereafter to access the second network. Further a mapping is generated
to correlate the identity of the user device with the session key such
that usage data relate to user device is generated by the second
communications network and transmitted to the first communications
network, which generates accounting information indicative of user device
access of the second communications network.
