Abstract: A method of authentication in a communications network, said communications network comprising a network authentication server, a local authentication entity and a user terminal, said local authentication entity comprising a subscriber application and an authentication application, said method comprising the steps of: sending a request from the local authentication entity to the network authentication server to authenticate the user terminal, said request comprising the identity of the user terminal; generating by the network authentication entity an authentication key in response to the request and generating by the subscriber application an identical authentication key; sending the authentication key generated by the network authentication server securely to the user terminal identified by said identity, then storing the authentication key at the user terminal; sending the authentication key generated by the subscriber application securely to the authentication application, then storing the authentication k

Abstract: A process is provided in which a first device, e.g., a hub device of a home network, is temporarily provided with a SIM to store a challenge-response, and thereafter the first device uses the stored challenge-response to interrogate a second device, e.g., a mobile telephone, to authenticate that the second device now has the SIM with which the first device was previously provided. A further process is provided in which the second device authenticates that the first device previously had access to the SIM by verifying that a response from one or more challenge-response pairs provided by the first device to the second device is the same as a response received by the second device from the SIM when the second device interrogates the SIM with the challenge of the challenge-response pair received earlier from the first device.

Abstract: Under a system referred to as GAA in the 3G protocol, authentication of devices in a network that is usually performed by a home subscriber server can be transferred to a third party element known as a bootstrapping server function. However, the use of a bootstrapping server function does not completely address the problem of reducing authentication traffic at the home subscriber server. Such a problem is alleviated by utilizing the original session key generated under GAA and using that key in a recursive process to authenticate and generate further session keys at other network elements. This generation of further keys can be performed independently of the home subscriber server, and thus reduces traffic at the home subscriber server.

Abstract: A method, and devices, for a first communications device (10) e.g. a Subscriber Identity Module (SIM) to monitor a second communications device, e.g. a mobile telephone (1). The method comprises: the SIM (10) sending a program (16) stored at the SIM (10) to the mobile telephone (1); the mobile telephone (1) running the program (16) to provide one or more outcomes; the mobile telephone (1) sending the one or more outcomes to the SIM (10); the SIM (10) comparing the one or more outcomes to one or more correct outcomes (18) stored at the SIM (10); and the SIM (10) evaluating the result of the comparison according to one or more policies (20) stored at the SIM (10).

Abstract: A method, and devices, for a first communications device (10) e.g. a Subscriber Identity Module (SIM) to monitor a second communications device, e.g. a mobile telephone (1). The method comprises: the SIM (10) sending a program (16) stored at the SIM (10) to the mobile telephone (1); the mobile telephone (1) running the program (16) to provide one or more outcomes; the mobile telephone (1) sending the one or more outcomes to the SIM (10); the SIM (10) comparing the one or more outcomes to one or more correct outcomes (18) stored at the SIM (10); and the SIM (10) evaluating the result of the comparison according to one or more policies (20) stored at the SIM (10).

Abstract: A method of authentication in a communications network, said communications network comprising a network authentication server, a local authentication entity and a user terminal, said local authentication entity comprising a subscriber application and an authentication application, said method comprising the steps of: sending a request from the local authentication entity to the network authentication server to authenticate the user terminal, said request comprising the identity of the user terminal; generating by the network authentication entity an authentication key in response to the request and generating by the subscriber application an identical authentication key; sending the authentication key generated by the network authentication server securely to the user terminal identified by said identity, then storing the authentication key at the user terminal; sending the authentication key generated by the subscriber application securely to the authentication application, then storing the authentication k

Abstract: A process is provided in which a first device, e.g. a hub device (2) of a home network (1), is temporarily provided with a SIM (20) to store a challenge-response, and thereafter the first device (2) uses the stored challenge-response to interrogate a second device e.g. a mobile telephone (2), to authenticate that the second device (12) now has the SIM (20) that the first device (2) was previously provided with. A further process is provided in which the second device (12) authenticates that the first device (2) previously had access to the SIM (20) by verifying that a response from one or more challenge-response pairs provided by the first device (2) to the second device (12) is the same as a response received by the second device (12) from the SIM (20) when the second device (12) interrogates the SIM (20) with the challenge of the challenge-response pair received earlier from the first device (2).

Abstract: A system for performing a transaction which comprises a communications device, a first party and a second party. The communications device is arranged to communicate with the first party and the second party, said second party storing information relating to a user of the communication device, said communication device being arranged to forward at least some of the information from the second party to the first party to permit a transaction to occur.