Visiting Center Patents (Class 380/248)
  • Patent number: 7512234
    Abstract: Location data about a mobile entity (20) is provided in encrypted form by a location server (79) to a recipient that is one of the mobile entity (20) or a service system (40) usable by the mobile entity. The location data (P) is encrypted such that it can only to be decrypted using a secret available to a decryption entity (80) that is not under the control of the recipient. This permits location data (P) to be provided in a confidential manner to service systems (40) and also protects billing relationships between participants. A mechanism is also described for limiting the accuracy of decrypted location data (L) made available to a service system (40).
    Type: Grant
    Filed: March 23, 2001
    Date of Patent: March 31, 2009
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: James Thomas Edward McDonnell, Andrew Thomas, Michael P. Spratt, John Deryk Waters, Simon E. Crouch
  • Patent number: 7509675
    Abstract: Systems for the non-invasive monitoring of the effectiveness of a customer's electronic security services include a test generation engine for generating and launching a denatured attack towards a customer's network. A monitoring and evaluation agent is operatively coupled to the test generation engine and is adapted to monitor and evaluate the denatured attack. A recording and analysis engine is adapted to record and analyze the results of the denatured attack. Other systems and methods are also provided.
    Type: Grant
    Filed: May 29, 2002
    Date of Patent: March 24, 2009
    Assignee: AT&T Intellectual Property I, L.P.
    Inventor: Jeffrey A. Aaron
  • Patent number: 7484240
    Abstract: The invention proposes a method of performing authentication of a subscriber during a subscriber equipment terminated call, comprising the steps of sending a session invitation message (S4, S5) to the subscriber equipment, the session invitation message including authentication information (AuthData1), and performing an authentication procedure in the subscriber equipment by using the authentication information. The invention also proposes a corresponding network system, network control element and subscriber entity.
    Type: Grant
    Filed: July 13, 2001
    Date of Patent: January 27, 2009
    Assignee: Nokia Corporation
    Inventors: Stefano Faccin, Franck Le
  • Patent number: 7448072
    Abstract: A technique for authenticating a user to a server using SIP messages includes forwarding an SIP request from the user agent to the server. The server then forwards a request for authentication to the user agent in response to the invite request, the request for authentication including information that the authentication will be performed using a UMTS AKA mechanism. The user agent then forwards and authentication response to the server in accordance with the UMTS AKA mechanism and the server then performs the appropriate actions to perform an invoked SIP procedure in response to the SIP request. The SIP request may include any standardized SIP request including an SIP INVITE request or an SIP REGISTER request.
    Type: Grant
    Filed: February 17, 2006
    Date of Patent: November 4, 2008
    Assignee: Nokia Corporation
    Inventors: Stefano Faccin, Franck Le, György Wolfner
  • Patent number: 7424284
    Abstract: A method of authenticating a user access network to a mobile node, where the mobile node wishes to access a service via the access network, the method comprising: establishing a secure transport channel between the mobile node and a service access node of the visited network, said channel being bound to an identity of the service access node; sending an authorization request from the mobile node to the service access node, incorporating an identity of the service access node into the request at the service access node, and forwarding the request to an authorization node of the user's home network; at said authorization node of the home network, authorizing the service access node, and sending to the service access node a user challenge including the identity of the service access node, said identity being included in such a way that a change to the identity can be detected by a recipient; at the serving access node, forwarding the received user challenge to the mobile node; and at the mobile node verifying
    Type: Grant
    Filed: November 2, 2005
    Date of Patent: September 9, 2008
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Vesa Torvinen, Bengt Sahlin, Jani Hautakorpi
  • Patent number: 7395050
    Abstract: The invention relates to a method and system for authenticating a user of a data transfer device (such as a terminal in a wireless local area network, i.e. WLAN). The method comprises: setting up a data transfer connection from the data transfer device to a service access point. Next, identification data of the mobile subscriber (for example an MSISDN) are inputted to the service access point. This is followed by checking from the mobile communications system whether the mobile subscriber identification data contains an access right to the service access point. If a valid access right exists, a password is generated, then transmitted to a subscriber terminal (for example a GSM mobile phone) corresponding to the mobile subscriber identification data, and login from the data transfer device to the service access point takes place with the password transmitted to the subscriber terminal.
    Type: Grant
    Filed: December 17, 2002
    Date of Patent: July 1, 2008
    Assignee: Nokia Corporation
    Inventors: Jukka Tuomi, Henry Haverinen, Niklas Lybäck, Sami Pienimäki
  • Patent number: 7308099
    Abstract: An apparatus for generating an encrypted data stream representing an audio and/or video signal comprises an encoder for encoding an input signal to generate a data stream with a predefined data stream syntax as output signal. The apparatus further comprises an encryption means coupled with the decoder in order to influence encoder internal data and/or the output signal of the encoder in a uniquely reversible manner based on a key such that the generated encrypted data stream comprises payload information differing from payload information of a data stream that would be generated by the apparatus without the presence of an encryption means and that the generated encrypted data stream comprises the predefined data stream syntax.
    Type: Grant
    Filed: December 15, 1999
    Date of Patent: December 11, 2007
    Assignee: Fraunhofer-Gesellschaft zur Foerderung der Angewandten Forschung E.V.
    Inventors: Eric Allamanche, Juergen Herre, Juergen Koller, Niels Rump
  • Patent number: 7298847
    Abstract: A security key distribution and authentication protocol in AAA for Mobile IP has been described. In order to guarantee the secure protocol, messages between the MN, FA, AAAF, AAAH, and HA are encrypted and signed using public/private keys. IPSEC or PKI infrastructure is not required to support the AAA secure key distribution. This protocol enhances the security, flexible, scalability of AAA, and aids in protecting the Diffie-Hellman algorithm from man-in-the-middle attacks. Through this protocol, it is easy to set up a secure registration path in AAA for Mobile IP. This secure registration path provides a secretive and secure key distribution function for AAA.
    Type: Grant
    Filed: February 7, 2002
    Date of Patent: November 20, 2007
    Assignee: Nokia Inc.
    Inventors: Dongfeng Jing, Charles E. Perkins
  • Patent number: 7272383
    Abstract: A mobile terminal control system using a digital signature. The system including a server for preparing a command message for a relevant mobile terminal according to mobile terminal status information set by a user, adding a digital signature to the prepared command message, and transmitting the resultant message. The system further includes a mobile terminal for authenticating the command message transmitted from the server and performing operations of power-off, log-on and log-off of the mobile terminal according to the authenticated command message. The server prepares a command message according to mobile terminal status information set by a user and transmits the prepared command message to a mobile terminal and the mobile terminal authenticates the transmitted command message. The mobile terminal can be controlled only through the authenticated message.
    Type: Grant
    Filed: July 14, 2004
    Date of Patent: September 18, 2007
    Assignee: Samsung Electronics Co., Ltd.
    Inventor: Kyung-im Jung
  • Patent number: 7239865
    Abstract: Methods and apparatus are presented herein for allowing a wireless communication device to perform a proxy authentication on behalf of a tethered device.
    Type: Grant
    Filed: July 25, 2003
    Date of Patent: July 3, 2007
    Assignee: Qualcomm Incorporated
    Inventors: Jeffrey Alan Dyck, Marcello Lioy
  • Patent number: 7187920
    Abstract: A network including a connection service providing system according to the present invention comprises mobile terminals 1 used by users, electronic devices 3, a wireless LAN base station 5, a connection-service-providing server 10, public network 2 for interconnecting a mobile terminal 1 and the connection-service-providing server 10, and a wide area network 4 for interconnecting a electronic device 3 and the connection-service-providing server 10. The connection-service-providing server 10 comprises a first identifier-acquisition unit 11, identifier-acquisition-time-instant measurement unit 12 (first time measurement unit), a second identifier-acquisition unit 13, a service-provision-start-time-instant measurement unit 14 (second time measurement unit), an authentication unit 15, and a connection control unit 16.
    Type: Grant
    Filed: May 14, 2003
    Date of Patent: March 6, 2007
    Assignee: Softbank Corporation
    Inventor: Takashi Tsutsui
  • Patent number: 7174456
    Abstract: A fast authentication and access control method of authenticating a network access device to a communications network having an access point communicating with a remote authentication (home AAA) server for the network access device. The method includes the step of receiving an access request having an authentication credential from the network access device at the access point. The authentication credential includes a security certificate having a public key for the network access device and an expiration time. The security certificate is signed with a private key for the remote authentication server. The access point locally validates the authentication credential by accessing the public key of the remote authentication server from a local database, and checking the signature and expiration time of the security certificate.
    Type: Grant
    Filed: May 14, 2002
    Date of Patent: February 6, 2007
    Assignee: AT&T Corp.
    Inventors: Paul Shala Henry, Zhimei Jiang, Hui Luo
  • Patent number: 7127234
    Abstract: A wireless LAN access authentication system capable of shortening the time required for an access authentication procedure of a radio terminal apparatus. In this wireless LAN access authentication system, when a radio terminal apparatus 116 of a user who has sent an access request is already registered through initial access, a gateway apparatus 111 searches for a WEP key assigned to the radio terminal apparatus 116 through a WEP key control section 306 and redistributes the WEP key registered beforehand to a new access point section 124 in the destination area and the radio terminal apparatus 116. The radio terminal apparatus 116 and access point section 124 to which the WEP key has been distributed encrypt transmission/reception data in a predetermined radio section using the redistributed WEP key and carry out a communication.
    Type: Grant
    Filed: September 24, 2003
    Date of Patent: October 24, 2006
    Assignee: Matsushita Electric Industrial Co., Ltd.
    Inventor: Yoshikazu Ishii
  • Patent number: 7107051
    Abstract: A method and an apparatus for establishing secured roaming among wireless devices are disclosed. In one embodiment, a first access point requests a first ticket from an authentication server and uses that first ticket to establish a first secured session with a wireless station. In response to a second ticket request from the wireless station through the first secured session, the first access point forwards the second ticket request to the authentication server and also relays a resulting second ticket from the authentication server back to the wireless station.
    Type: Grant
    Filed: September 28, 2000
    Date of Patent: September 12, 2006
    Assignee: Intel Corporation
    Inventor: Jesse R. Walker
  • Patent number: 7065356
    Abstract: Systems and methods for preventing unauthorized use of roaming numbers in a wireless telecommunications system. Upon receipt of a call request for a mobile terminal at a Gateway Mobile Switching Center (GMSC), the GMSC queries a Home Location Register (HLR). The HLR requests a roaming number for the mobile terminal from a Mobile Switching Center (MSC). The MSC allocates a roaming number for the mobile terminal, assigns an authentication code, and sends to the HLR. The HLR receives the roaming number and authentication code and relays to the GMSC. The GMSC sends a call setup request to the MSC; the call setup request includes the roaming number and the authentication code. The MSC confirms the authentication code and, if the authentication code for the roaming number is confirmed, completes the call request to the mobile terminal.
    Type: Grant
    Filed: December 14, 2001
    Date of Patent: June 20, 2006
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Janette Lin, Victor Corby
  • Patent number: 7024688
    Abstract: A technique for authenticating a user to a server using SIP messages includes forwarding an SIP request from the user agent to the server. The server then forwards a request for authentication to the user agent in response to the invite request, the request for authentication including information that the authentication will be performed using a UMTS AKA mechanism. The user agent then forwards and authentication response to the server in accordance with the UMTS AKA mechanism and the server then performs the appropriate actions to perform an invoked SIP procedure in response to the SIP request. The SIP request may include any standardized SIP request including an SIP INVITE request or an SIP REGISTER request.
    Type: Grant
    Filed: August 1, 2000
    Date of Patent: April 4, 2006
    Assignee: Nokia Corporation
    Inventors: Stefano Faccin, Franck Le, György Wolfner
  • Patent number: 7020456
    Abstract: A method of granting, to a user communications device, access to a service provided by a plurality of service communications devices where an access key code is generated during an initial communications session between the user communications device and one of the service communications devices. The established access key code is subsequently stored in the user communications device and made available to the service communications devices for use in subsequent communications sessions between the user communications device and any one of the service communications devices. The invention further relates to a communications system and a user communications device.
    Type: Grant
    Filed: December 7, 2001
    Date of Patent: March 28, 2006
    Assignee: Telefonaktiebolaget L M Ericsson (publ)
    Inventors: Ben Smeets, Christian Gehrmann, Allan Bøgeskov
  • Patent number: 7013128
    Abstract: A portable terminal includes a function to detect its own location. The owner of such terminal registers in advance an area in which he expects to be for a given time slot as conditions for operation. The portable terminal verifies its location with respect to the operation conditions set by the owner, and where it is determined that the operation conditions are not met, the portable terminal disables itself, prohibiting its use. Where a pre-registered password is subsequently input, the portable terminal cancels this prohibition. Consequently, if the owner loses the portable terminal while away from home or the office, for example, a third party cannot operate the portable terminal, and moreover, unless the owner-registered password is input, the prohibition is not cancelled, thereby preventing disclosure of the data and other information stored in the portable terminal.
    Type: Grant
    Filed: October 7, 2002
    Date of Patent: March 14, 2006
    Assignee: Minolta Co., Ltd.
    Inventors: Satoshi Ozeki, Kazumi Sawayanagi, Kana Yamauchi, Mie Nakamura, Masahito Takano, Yoshihiko Yoshizaki
  • Patent number: 6947725
    Abstract: Many examples exist of a mobile node moving between the operational zones of multiple network access points or base stations. To minimize delay in re-authenticating with the network through a new base station, an additional form authenticated access mode called “credential authenticated” access is provided. The mobile unit is fully authenticated in the first base station (e.g., the user has logged in and paid for service). Thereafter, the first base unit transmits a “credential” to the mobile node that may be used by other base stations to establish trust with the mobile node prior to full re-authentication. Upon entering the operational zone of the second base station, the mobile node can transmit the credential to the second base station, which may accept the credential and allow access by the mobile node to the network through the second base station before full authentication has completed.
    Type: Grant
    Filed: March 4, 2002
    Date of Patent: September 20, 2005
    Assignee: Microsoft Corporation
    Inventor: Anssi Tuomas Aura
  • Patent number: 6918035
    Abstract: According to the two party authentication method, a first party generates and transfers a random number to a second party as a first challenge. The second party increments a count value in response to the first challenge, generates a first challenge response by performing a keyed cryptographic function (KCF) on the first challenge and the count value using a first key, and transfers the count value, as a second challenge, and the first challenge response to the first party. The first party verifies the second party based on the first challenge, the second challenge and the first challenge response. The first party also generates a second challenge response by performing the KCF on the second challenge using the first key, and transfers the second challenge response to the second party. The second party verifies the first party based on the second challenge and the second challenge response. For instance, the first and second parties can be a network and mobile, respectively, in a wireless system.
    Type: Grant
    Filed: July 31, 1998
    Date of Patent: July 12, 2005
    Assignee: Lucent Technologies Inc.
    Inventor: Sarvar Patel
  • Patent number: 6915124
    Abstract: A method for executing secure data transfer between a communication device and an application server in a wireless network, in which a request requiring a secure transaction of data is sent from either the communication device or the server. An agreement proposal for the secure transaction is sent to the communication device, and if the agreement proposal is considered acceptable, the agreement proposal is sent to a security adapter. Details of the transaction are entered into a message and sent to a smart card in order to activate a signing application in the smart card. The details of the transaction are displayed on the communication device, and if the transaction is accepted, the signing application signs the data and sends it to the security adapter via messages, the signature is verified, and the data is sent to the server.
    Type: Grant
    Filed: September 29, 2000
    Date of Patent: July 5, 2005
    Assignee: Telefonaktiebolaget L M Ericsson (publ)
    Inventors: Johan Kiessling, Jan Arwald
  • Patent number: 6856800
    Abstract: A fast authentication and access control method of authenticating a network access device to a communications network having an access point communicating with a remote authentication (home AAA) server for the network access device. The method includes the step of receiving an access request having an authentication credential from the network access device at the access point. The authentication credential includes a security certificate having a public key for the network access device and an expiration time. The security certificate is signed with a private key for the remote authentication server. The access point locally validates the authentication credential by accessing the public key of the remote authentication server from a local database, and checking the signature and expiration time of the security certificate.
    Type: Grant
    Filed: May 14, 2002
    Date of Patent: February 15, 2005
    Assignee: AT&T Corp.
    Inventors: Paul Shala Henry, Zhimei Jiang, Hui Luo
  • Patent number: 6768903
    Abstract: Ciphered information is transmitted over a first communication path in circuit mode between a core network and a terminal, passing through a first master controller, then over a second path between the core network and the terminal, passing through a second master controller. The second path is established in a procedure comprising the transmission of data from the first to the second master controller, a phase of simultaneous transmission of radio signals by the infrastructure on the first and second paths, then the suppression of the first path. The radio signals transmitted on the two paths during the phase of simultaneous transmission transport the same information, ciphered with offset sequence numbers, and the radio terminal switches over from the first to the second path while advancing the ciphering sequence number in such a way as to align it with the offset number used by the second controller.
    Type: Grant
    Filed: May 21, 2001
    Date of Patent: July 27, 2004
    Assignee: Nortel Networks Limited
    Inventors: Denis Fauconnier, Claire Mousset
  • Patent number: 6745326
    Abstract: Security through data transfers through one or several telecommunications networks is accomplished by providing a data transfer process through a secure channel that enables a subscriber and a service provider to communicate in the secure manner without any action by, or even unknown to, the subscriber's attachment network operator. The process is characterized in that it comprises firstly a process for initial registration of the said subscriber with the service provider through the operator, and secondly a process in which each of the communication sessions between the subscriber and the service provider are executed, the initial registration process consisting of an exchange of authentication data (DeviceID, R1; Login, mdp) online or off line, and the encrypted channel may then be setup at the beginning of each session after mutual authentication involving cryptographic functions, and then calculation of an encryption key Kses without transmission of a secret element on the network(s).
    Type: Grant
    Filed: January 24, 2000
    Date of Patent: June 1, 2004
    Assignee: Societe Francaise du Radiotelephone
    Inventor: M. Jean-Philippe Wary
  • Patent number: 6690798
    Abstract: A method and apparatus is described for transforming a key variable used for scrambling mobile data traffic between a terminal and a network in alternate ways based on a value transmitted to the terminal from the network. Transformation is accomplished by passing portions of the key variable through a series of S-boxes, which provide a mapping between inputs and outputs. The method and apparatus is explained also in the context of a satellite communications system, in which a terminal can be located in a different continent/country from the terminal's home location. Enciphered communication is enabled between the foreign satellite gateway and the roaming terminal after the foreign gateway communicates with the terminal's native gateway. The native gateway transmits one or more cipher variables in the communication. Moreover, the value determining which way to cipher the data traffic can be based on numerous factors, including aspects of the satellite communication system.
    Type: Grant
    Filed: December 10, 1997
    Date of Patent: February 10, 2004
    Assignee: Ericsson Inc.
    Inventor: Paul W. Dent
  • Patent number: 6618584
    Abstract: A subscriber terminal initiates an authentication procedure with a supporting wireless communications system in response to either a timer expiration based trigger, a state change based trigger, or a combination timer/state based trigger. With respect to the timer expiration based trigger, a countdown timer is set by either the subscriber terminal or the supporting system and thereafter monitored for expiration to trigger authentication. For the state change based trigger, the subscriber terminal monitors for any transition from an operating state wherein use of an air interface connection with the supporting system has been suspended to trigger authentication. Furthermore, for the combination timer/state based trigger, the subscriber terminal sets a countdown timer and monitors for an operating state transition that occurs subsequent to timer expiration to trigger authentication.
    Type: Grant
    Filed: August 30, 2000
    Date of Patent: September 9, 2003
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Caisa Carneheim, Marie Moynihan
  • Patent number: 6587680
    Abstract: An existing security association is re-established when a communication handover event occurs in a radio communications system such as IEEE 082.11 or a HIPERLAN wherein the existing security association between a mobile terminal and a wireless communication network is maintained when the communication handover occurs within the network. Authentication during a handover event is achieved by a challenge/response procedure. In accordance with the challenge/response procedure each member of a communication pair that is made up of a new access point and the mobile terminal that is experiencing a handover to the new access point sends a challenge to the other member of the communication pair. Each member of the communication pair then calculates a response to its received challenge, and these responses are sent back to the other member of the communication pair. Each member of the communication pair then compares its received response to a correct response.
    Type: Grant
    Filed: November 23, 1999
    Date of Patent: July 1, 2003
    Assignee: Nokia Corporation
    Inventors: Juha Ala-Laurila, Harri Hansén, Juha Salvela
  • Patent number: 6507908
    Abstract: A method for secure data communication with a mobile machine in which a data packet is received from the mobile machine having a particular network address. A pool of secure addresses is established and a data structure is created to hold address translation associations. Each association is between a particular network address and a particular one of the secure addresses. If the received data packet is a secure data packet an association between the received data packet's network address and a secure address in the data structure is identified and the data packet's network address is translated to the associated secure address before forwarding the data packet on to higher network protocol layers. When the received data packet is not secure it is passed it on without address translation to the higher network protocol layers. For outgoing packets addressed to a secure address, the secure address is translated to a real network address (e.g.
    Type: Grant
    Filed: March 4, 1999
    Date of Patent: January 14, 2003
    Assignee: Sun Microsystems, Inc.
    Inventor: Germano Caronni
  • Publication number: 20020085719
    Abstract: A wireless local area network (WLAN) includes mobile devices that are allowed to transfer wireless connections between WLAN subnets or channels having different access points. The access points connect to a central controller or roaming server that supports seamless hand-offs of mobile devices from one access point to another access point. The roaming server supports the reassignment of session data parameters from one access point to another (e.g., access point address spoofing) so that the mobile device can use the same parameters for communicating to a new access point. The roaming server also supports the seamless handoff of a mobile device from one access point to another by using a master-slave switch technique across two piconets. The roaming server also facilitates the control of access points by establishing a host controller interface and wireless protocol stack in the roaming server and another, complementary wireless protocol stack in the access point.
    Type: Application
    Filed: October 22, 2001
    Publication date: July 4, 2002
    Applicant: Bluesocket, Inc.
    Inventor: David B. Crosbie
  • Patent number: 6373949
    Abstract: In the method in accordance with the present invention, the subscriber identifier to be sent to the transmission network is encrypted using a cipher key common to a specific group of subscribers, and a random number is attached to the identifier to be sent to the network. For example, a subscriber group may consist of the subscribers to a single given operator. The section of the identifier specifying the subscriber group is sent to the network in a non-encrypted format, in which case the network is able to direct the encrypted message to such a network element where it can be deciphered.
    Type: Grant
    Filed: October 14, 1999
    Date of Patent: April 16, 2002
    Assignee: Nokia Networks Oy
    Inventor: Tuomas Aura
  • Patent number: 6370380
    Abstract: In a mobile, wireless telecommunications network, communications relating to a mobile terminal can be protected during a handover of the mobile terminal from a first access point to a second access point. This may be accomplished by transmitting a security token from the first access point to the mobile terminal, and then from the mobile terminal to the second access point, over the radio interface. Thereafter, the security token is transmitted from the first access point to the second access point through the fixed network to which both the first and the second access points are connected. The communications link between the mobile terminal and the second access point needed to achieve secure handover is then established only if the second access point determines that the security token received from the mobile terminal matches the security token received from the first access point.
    Type: Grant
    Filed: February 17, 1999
    Date of Patent: April 9, 2002
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Arne Norefors, Yi Cheng, Lorens Almehag, Karl Dan Gustav Jerrestam
  • Patent number: 6240514
    Abstract: A packet processing and packet transfer scheme capable of reducing the packet processing overhead by eliminating a need to decrypt and re-encrypt the entire packet at a time of relaying encrypted packets. In a packet processing device for relaying encrypted packets, a packet transferred to the packet processing device is received, where the packet has a packet processing key to be used in a prescribed packet processing with respect to a data portion of the packet, and the packet processing key is encrypted by using a first master key shared between a last device that applied a cipher communication related processing to the packet and the packet processing device.
    Type: Grant
    Filed: October 20, 1997
    Date of Patent: May 29, 2001
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Atsushi Inoue, Masahiro Ishiyama, Atsushi Fukumoto, Yoshiyuki Tsuda, Atsushi Shimbo, Toshio Okamoto
  • Patent number: 6236852
    Abstract: A wireless communications network and method include a home system, a serving system, and authentication failure triggers. The home system includes an authentication center, a network information element, and a prescribed authentication capable mobile station. The authentication center performs an authentication of the prescribed mobile station upon a network access by the mobile station. Authentication includes use of shared secret data particular to the prescribed mobile station. The serving system includes a network access element and a network information element associated therewith. The serving system is capable of performing authentication upon authentication capable mobile stations. Lastly, the authentication failure triggers and shared secret data are shared with the serving system by the authentication center of the home system upon the mobile station's initial system access.
    Type: Grant
    Filed: December 11, 1998
    Date of Patent: May 22, 2001
    Assignee: Nortel Networks Limited
    Inventors: Jey Veerasamy, Verne Kirby
  • Patent number: 6157826
    Abstract: A method generates an authentication key to be used in an authentication algorithm at position at which a mobile station's subscriber is located. First, when there is a request to create the authentication key by a customer service center (CSC), at an authentication center module (ACM), a first type of parameters are issued and transmitted to a mobile station (MS). At the MS, a reference key to be used in creating the authentication key is then obtained on the basis of the first type of parameters to send the reference key to the ACM. A second type of parameter is derived by using the first type of parameters when the reference key is received from the MS and then transmitted to the MS at the ACM. At the MS, the authentication key is generated by using the first type of parameters, the second type of parameter and the reference key and a key generation complete message is transferred to the ACM.
    Type: Grant
    Filed: April 27, 1999
    Date of Patent: December 5, 2000
    Assignee: Daewoo Telecom Ltd.
    Inventor: Jae Wook Lee
  • Patent number: 6141544
    Abstract: There is disclosed a system and method for over the air (OTA) activation of a mobile station in a wireless telecommunications network. During activation, a network OTA processor requests the data configuration of the mobile station. The mobile station may issue a challenge the OTA processor and in so doing transmits a challenge message including certain mobile station parameters and a code lock indicator to the OTA processor. The OTA activation processor determines if a new or first code lock parameter has been forwarded to the OTA activation processor by the network for the code lock indicator. If so, the OTA activation processor includes the first code lock parameter in a challenge message forwarded to the authentication center for processing a response to be validated by the mobile station. If not, the OTA activator forwards the challenge message to the home location register that has previously stored the code lock parameter.
    Type: Grant
    Filed: November 30, 1998
    Date of Patent: October 31, 2000
    Assignee: Telefonaktiebolaget LM Ericsson
    Inventors: Michel Corriveau, Michel Houde
  • Patent number: 6137885
    Abstract: A method for enabling encrypted communication to be performed directly in a single hop or merely directly between two terminals of a mobile radio network by satellite and/or of the GSM/DCS type, after one of said terminals has called via a fixed radio station of the network. After a first encryption stage, performed in conventional manner, a cipher key is simultaneously generated by the identity card associated with the calling terminal and by the network control structure for encrypting/decrypting data transmitted over the radio link between said calling terminal and the station. This cipher key is then stored in a memory of the station so as to be transmitted to the called terminal when a radio link is set up between said station and said called terminal for the call requested by the calling terminal, and the key is used for the purpose of encrypting/decrypting the data interchanged between the calling and called terminals.
    Type: Grant
    Filed: May 20, 1998
    Date of Patent: October 24, 2000
    Assignee: Alcatel
    Inventors: Antoine Totaro, Erick Flores
  • Patent number: 6101380
    Abstract: A method of re-using authentication triplets on inter-VLR location updates in a wireless communication network. The method reduces the amount of work on the MSC and HLR, and thus significantly increases the capacity of a high mobility MSC and the HLR to increase the number of mobile subscribers each node in the wireless communication network can support. The number of times the MSC must request new authentication triplets from the HLR, and thus the number of authentication triplets the HLR must return, is reduced to increase the capacity on the MSC and HLR, particularly in a GSM network.
    Type: Grant
    Filed: November 14, 1997
    Date of Patent: August 8, 2000
    Assignee: Nortel Networks Limited
    Inventor: Patrick Sollee
  • Patent number: 6097817
    Abstract: A communication system having a wireless trunk for connecting multiple phone lines over wireless communication links to a cellular network comprises a central telephone switch, such as a private branch exchange or key system, connected through one or more trunk lines to a wireless access communication unit. The wireless access communication unit preferably comprises a separate subscriber interface for each trunk line from the central telephone switch. The wireless access communication unit collects data from each of the subscriber interfaces, formats the data into a format compatible with an over-the-air protocol, and transmits the information over one or more wireless channels to a cellular base station. The wireless access communication unit thereby connects calls received from the central telephone switch's trunk lines over a wireless trunk to a network.
    Type: Grant
    Filed: December 10, 1997
    Date of Patent: August 1, 2000
    Assignee: Omnipoint Corporation
    Inventors: Izzet M. Bilgic, Narayan P. Menon
  • Patent number: 6047071
    Abstract: The procedure for Over-The-Air Parameter Administration (OTAPA) utilizes the over-the-air programming protocol and procedures which support the Over-The-Air Service Provisioning (OTASP) feature in accordance with established industry standards (TIA/EIA/IS-683). The mobile phone is programmed with a service option for changing the NAM parameters including an identification number for this option. The network base station sends a message to the mobile phone using the identification number and, if the mobile phone has OTAPA capability, it responds indicating support. The base station then transmits message telling the mobile station to proceed to the Traffic Channel and inquires whether the encryption mode is enabled, proceeding with the OTAPA only if the encryption mode is enabled. Once on the Traffic Channel, a Parameter Change Code (PCC) is sent. If the PCC is verified by the mobile unit, the base station proceeds to update the parameters and store the updated parameters into the phone's memory.
    Type: Grant
    Filed: April 15, 1997
    Date of Patent: April 4, 2000
    Assignee: Nokia Mobile Phones
    Inventor: Bharat Shah