Abstract: A service provisioning mediator entity in a communications system is provided with information defining a set of service provisioning triggering messages. In response to receiving a service provisioning triggering message including an identifier associated with a user from a further network entity involved in providing the service to the user, the service provisioning mediator entity triggers service provisioning in the communications system for the user. The service provisioning triggering message may be sent by a controlling network entity upon receiving from an information store a message indicating that a user attempting to register is not recognized. If the user is recognized, trigger information in the information store may be used for directed a session to a network entity configured to handle service provisioning triggering messages. As a further alternative, a user may request service provisioning by sending a service provisioning triggering message from a communication device.

Abstract: The invention relates to a service provisioning method in a communication system. In the method information regarding a communication control entity capable of servicing a user of the communication system is received at a first entity associated with the communication system from a storage entity. Based on said information, an originating request is then signalled from the first entity to the communication control entity.

Abstract: There is disclosed a method for verifying a first identity and a second identity of an entity, said method comprising: receiving a first and second identity of said entity at a checking entity; sending information relating to at least one of the first and second identities to a home subscriber entity; and verifying that said first and second identities both belong to the entity from which said first and second identities have been received.

Abstract: The invention comprises a method for registering and deregistering user equipment from a communications system and comprises the steps of sending a request to a first node to register or deregister the user equipment from or to the communications system, determining at the first node to determine if the request is a request to register or a request to deregister, and carrying out at one least predetermined operation at a second node only if the request is a request to register.

Abstract: A method of reassigning user data in a communications system is disclosed, with a plurality of identities for each user. The method includes storing in a user information store the plurality of identities in association with a first serving controller, the plurality of identities being associated with respective registration statuses selected from a registered status and an unregistered status; detecting that the user has requested registration to a second serving controller using one of the identities; and issuing a registration termination request identifying each identity, which has been newly assigned to the second serving controller as a result of the requested registration. Responsive to the registration termination request, re-registration notification is issued to the user and all identities of the said user from the first serving controller are dissociated.

Abstract: A method of registering users in a mobile communications system, the method comprising the steps of: storing in a user information store primary and secondary identifiers identifying a first serving controller; receiving a request from a serving controller, said request identifying that serving controller using primary and secondary identifiers; comparing the primary identifier in the user information store with the primary identifier in said request and, if there is a mismatch, comparing the secondary identifier in the user information store with the secondary identifier in said request wherein, when there is a mismatch between the secondary identifiers it is determined that the serving controller identified in the request is not the first serving controller; and when there is a match between the secondary identifiers it is determined that the serving controller identified in the request is the first serving controller.

Abstract: A method assists the registration of subscription characteristics in a communications system, wherein a private user identity characteristic can be paired with a public user identity characteristic and more than one private user identity may be associated with a subscription. The method includes transmitting, from a subscription information store entity of the system to a service provision entity of the system, a first message containing data specifying characteristics of a pairing of a first private user identity and a public user identity. The message also includes an indication of any further private user identities other than the first private user identity that are associated with the same subscription as the first private user identity.

Abstract: The invention relates to a service provisioning method in a communication system. In the method information regarding a communication control entity capable of servicing a user of the communication system is received at a first entity associated with the communication system from a storage entity. Based on said information, an originating request is then signalled from the first entity to the communication control entity.

Abstract: The invention relates to a service provisioning method in a communication system. In the method information regarding a communication control entity capable of servicing a user of the communication system is received at a first entity associated with the communication system from a storage entity. Based on said information, an originating request is then signalled from the first entity to the communication control entity.

Abstract: A method for registering a session initiation protocol (SIP) client to an internet protocol multimedia subsystem (IMS), in which a SIP client having a given IP address, public identity and private identity sends a registration request to a session border controller (SBC) for registering the public identity to the IMS, the SBC responsively causes an authorization request to be sent to another network entity in the IMS, the authorization request indicating the IP address of the SIP client and a private identity, the another network entity obtaining from an LDAP/AAA server a reference address based on the private identity and deciding whether to allow the authorization of the public identity to the IMS based on the correspondence between the reference address and the IP address of the SIP client.

Abstract: There is presented an authentication type selection for user authentication in a communication system supporting multiple authentication mechanisms. The authentication type selection may comprise a determination of an authentication scheme to be used for authenticating a user equipment based on information in a request from said user equipment, an indication about the authentication scheme to be used, and a determination of a type of an authentication scheme to be used for authenticating said user equipment based on a mapping between private and public user identities and usable authentication types.

Abstract: Authentication of a user of a communication system comprising a session control server and an authentication server, wherein the communication system supports at least two separate authentication schemes, comprising the steps of determining, at the session control server, that a registration request from the user to be authenticated leaves undefined the authentication scheme to be used for authenticating the user; and inquiring, from the authentication server, which authentication scheme is to be used for authenticating the user, said inquiring being based on an identity of the user and pre-stored information at the authentication server on a mapping between user identities and usable authentication schemes.

Abstract: A service provisioning mediator entity in a communications system is provided with information defining a set of service provisioning triggering messages. In response to receiving a service provisioning triggering message including an identifier associated with a user from a further network entity involved in providing the service to the user, the service provisioning mediator entity triggers service provisioning in the communications system for the user. The service provisioning triggering message may be sent by a controlling network entity upon receiving from an information store a message indicating that a user attempting to register is not recognized. If the user is recognised, trigger information in the information store may be used for directed a session to a network entity configured to handle service provisioning triggering messages. As a further alternative, a user may request rervice provisioning by sending a service provisioning triggering message from a communication device.

Abstract: A method, communication device, intermediary device, system, and computer program product for providing security of operations on a connection between a first peer entity and a second peer entity in a communication system, the peer entities each having an identity and a transport address, wherein the first peer entity requests an operation from the second peer entity using an identity and the second peer entity checks the permission of the first peer entity to be granted the requested operation using said identity by means of a pre-configured permissions list, said method comprising a step of validating the identity used by the first peer entity at the second peer entity, wherein the step of validating is performed prior to checking of the permission.

Abstract: A method assists the registration of subscription characteristics in a communications system, wherein a private user identity characteristic can be paired with a public user identity characteristic and more than one private user identity may be associated with a subscription. The method includes transmitting, from a subscription information store entity of the system to a service provision entity of the system, a first message containing data specifying characteristics of a pairing of a first private user identity and a public user identity. The message also includes an indication of any further private user identities other than the first private user identity that are associated with the same subscription as the first private user identity.

Abstract: A method of arranging data protection in a telecommunication system including a first mobile communication network, a second mobile communication network, and a mobile station supporting both of the mobile communication networks is disclosed. The method includes ciphering traffic between the mobile station and the first mobile communication network using a first cipher key; calculating a second cipher key to be used for ciphering traffic between the mobile station and the second mobile communication network in the first mobile communication network when the mobile station operates in the first mobile communication network; transmitting information necessary for calculating the second cipher key from the first mobile communication network to the mobile station when the mobile station operates in the first mobile communication network; and calculating the second cipher key at the mobile station to be used for ciphering traffic between the mobile station and the second mobile communication network.

Abstract: A method of registering users in a mobile communications system, the method comprising the steps of: storing in a user information store primary and secondary identifiers identifying a first serving controller; receiving a request from a serving controller, said request identifying that serving controller using primary and secondary identifiers; comparing the primary identifier in the user information store with the primary identifier in said request and, if there is a mismatch, comparing the secondary identifier in the user information store with the secondary identifier in said request wherein, when there is a mismatch between the secondary identifiers it is determined that the serving controller identified in the request is not the first serving controller; and when there is a match between the secondary identifiers it is determined that the serving controller identified in the request is the first serving controller.

Abstract: There is disclosed a method for verifying a first identity and a second identity of an entity, said method comprising: receiving a first and second identity of said entity at a checking entity; sending information relating to at least one of the first and second identities to a home subscriber entity; and verifying that said first and second identities both belong to the entity from which said first and second identities have been received.

Abstract: A method of reassigning user data in a communications system is disclosed, with a plurality of identities for each user. The method includes storing in a user information store the plurality of identities in association with a first serving controller, the plurality of identities being associated with respective registration statuses selected from a registered status and an unregistered status; detecting that the user has requested registration to a second serving controller using one of the identities; and issuing a registration termination request identifying each identity, which has been newly assigned to the second serving controller as a result of the requested registration. Responsive to the registration termination request, re-registration notification is issued to the user and all identities of the said user from the first serving controller are dissociated.

Abstract: A method and system for deactivating a service account associated with an application server of a registered subscriber within a signaling network supporting IP based services is disclosed. A status of the service account is monitored, and a request for de-registration or barring is forwarded to a registration server, which maintains a registration status and barring indication of said subscriber, e.g. over an interface directly coupling the application server and the registration server upon determining that disruption or termination of service is required. The registration status of the subscriber is then changed so as to de-register the subscriber at the registration server in response to the de-registration request or, respectively, the barring indication of the subscriber is then changed so as to bar the subscriber at the registration server by changing the barring indication in response to the barring request.