WO1999026443A1 - Method of controlling a stand-alone authentication center in a radio telecommunications network - Google Patents

Method of controlling a stand-alone authentication center in a radio telecommunications network Download PDF

Info

Publication number
WO1999026443A1
WO1999026443A1 PCT/SE1998/002022 SE9802022W WO9926443A1 WO 1999026443 A1 WO1999026443 A1 WO 1999026443A1 SE 9802022 W SE9802022 W SE 9802022W WO 9926443 A1 WO9926443 A1 WO 9926443A1
Authority
WO
WIPO (PCT)
Prior art keywords
hlr
subscriber
sending
message
stand
Prior art date
Application number
PCT/SE1998/002022
Other languages
French (fr)
Inventor
Roch Glitho
Michelle Victor-Byrne
Original Assignee
Telefonaktiebolaget Lm Ericsson (Publ)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget Lm Ericsson (Publ) filed Critical Telefonaktiebolaget Lm Ericsson (Publ)
Priority to AU12659/99A priority Critical patent/AU1265999A/en
Publication of WO1999026443A1 publication Critical patent/WO1999026443A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/26Network addressing or numbering for mobility support
    • H04W8/265Network addressing or numbering for mobility support for initial activation of new user
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Definitions

  • This invention relates to radio telecommunication systems and, more particularly, to a method of activating and deactivating authentication service and removing subscriber authentication data from a stand-alone authentication center (AC) in a radio telecommunications network.
  • AC stand-alone authentication center
  • ANSI-41 Project Number (PN)-3769 entitled, "Over the Air Service Provisioning” discloses various inter-system messages related to authentication services in radio telecommunications networks.
  • PN Project Number
  • Other types of radio telecommunications networks utilized in other parts of the world utilize other inter-system signaling standards.
  • GSM Global System for Mobile Communications
  • MAP Mobile Application Part
  • the present invention is described in terms of ANSI-41 signaling, it is not limited thereto, and is operable with all intersystem signaling protocols.
  • the AC is co-located with a home location register (HLR).
  • HLR home location register
  • a system operator sends a directive message to the co-located AC/HLR.
  • the AC/HLR first determines whether authentication service has been deactivated for that subscriber, and if so, erases the data. If the service has not been deactivated, an error message is returned to the operator. Under the current ANSI-41 standard, however, this process cannot be performed if the AC and the HLR are not co- located.
  • an ANSI-41 Authentication Capabilities (AUTHCAP) parameter is set in the HLR part.
  • the AUTHCAP parameter cannot be set unless the subscriber's authentication data has been initiated (loaded) in the AC part.
  • the subscriber's authentication data is accessible by the HLR since the data is in the same node.
  • the node checks whether the authentication data has been loaded. If so, the AUTHCAP parameter is set in the HLR part. If the data has not been loaded, an error message is returned to the operator. Under the current ANSI-41 standard, however, this process cannot be performed if the AC and the HLR are not co-located.
  • the present invention is a method of interfacing a stand-alone authentication center (AC) with a radio telecommunications network having a home location register (HLR) separate from the AC.
  • the method includes the steps of sending a first message from the HLR to the stand-alone AC requesting that the AC perform a function, performing the function in the AC, and sending a second message from the AC to the HLR indicating a result of performing the function.
  • the present invention is a method of activating a subscriber's authentication service in a home location register (HLR) in a radio telecommunications network having a stand-alone authentication center (AC) separate from the HLR.
  • the method begins by sending a directive message from a system operator to the HLR requesting the HLR to activate the subscriber's authentication service.
  • the HLR then sends a first inter-system signaling message to the stand-alone AC requesting that the AC determine whether the subscriber's authentication data has been loaded.
  • the AC determines whether the subscriber's authentication data has been loaded.
  • the present invention is a method of interfacing a stand-alone authentication center (AC) with a radio telecommunications network having a home location register (HLR) separate from the AC.
  • AC stand-alone authentication center
  • HLR home location register
  • the present invention is a method of removing a subscriber's authentication data from a stand-alone authentication center (AC) in a radio telecommunications network having a home location register (HLR) separate from the AC.
  • the method begins by sending a directive message from a system operator to the stand-alone AC requesting the AC to remove the subscriber's authentication data.
  • the AC then sends a first inter-system signaling message to the HLR requesting that the HLR determine whether the subscriber's authentication service is inactive in the HLR.
  • the HLR determines whether the subscriber's authentication service is inactive. This is followed by sending a second inter-system signaling message from the HLR to the AC indicating a first result if the subscriber's authentication service is inactive in the HLR, and indicating a second result if the subscriber's authentication service is active in the HLR.
  • the subscriber's authentication data is then erased in the AC upon receiving the first result indicating that the subscriber's authentication service is inactive in the HLR.
  • FIG. 1 is a message flow diagram illustrating the flow of messages when activating authentication service in an existing radio telecommunications network having a co-located authentication center and home location register (AC/HLR);
  • AC/HLR co-located authentication center and home location register
  • FIG. 2 is a message flow diagram illustrating the flow of messages when activating authentication service in a radio telecommunications network having a stand-alone authentication center (AC) in accordance with the teachings of the present invention
  • FIG. 3 A is a table of parameters included in the Authentication Data Status (AUTDATASTATUS) Invoke message of the present invention
  • FIG. 3B is a table of parameters included in the
  • FIG. 4 (Prior Art) is a message flow diagram illustrating the flow of messages when removing a subscriber's authentication data from a co- located AC/HLR in an existing radio telecommunications network
  • FIG. 5 is a message flow diagram illustrating the flow of messages when removing a subscriber's authentication data from a stand-alone AC in a radio telecommunications network in accordance with the teachings of the present invention
  • FIG. 6 A is a table of parameters included in the Authentication Service Status (AUTSERVICEST ATUS) Invoke message of the present invention.
  • FIG. 6B is a table of parameters included in the AUTSERVICEST ATUS Return Result message of the present invention.
  • FIG. 1 is a message flow diagram illustrating the flow of messages when activating authentication service in an existing radio telecommunications network 10 having a co-located authentication center and home location register (AC/HLR) 12.
  • An Operation Support System (OSS) 9 includes a customer administrative system (CAS) 11 through which a system operator may make requests in the network.
  • CAS customer administrative system
  • a directive message 13 is sent by the CAS 11 to the co-located AC/HLR 12.
  • the AC/HLR checks whether the authentication data has been initiated (loaded). If not, an error indication 14 is returned to the
  • the AC/HLR activates the authentication service and sets an AUTHCAP parameter at 15.
  • the AC/HLR then returns an indication 16 to the CAS that the service has been activated. Under the current ANSI-41 standard, however, this process cannot be performed if the AC and the HLR are not co-located.
  • FIG. 2 is a message flow diagram illustrating the flow of messages when activating authentication service in a radio telecommunications network 20 having a home location register (HLR) 22 and a stand-alone authentication center (AC) 23 in accordance with the teachings of the present invention.
  • An Operation Support System (OSS) 19 includes a customer administrative system (CAS) 21 through which a system operator may make requests in the network.
  • CAS customer administrative system
  • a directive message 24 is sent by the CAS 21 to the HLR 22.
  • the HLR then sends an Authentication Data Status (AUTDATASTATUS) Invoke message 25 to the AC 23.
  • AUTDATASTATUS Authentication Data Status
  • This is a new message in ANSI-41 which functions to request the stand-alone AC 23 to determine whether the subscriber's authentication data has been initiated. Therefore, at 26, the AC makes this determination.
  • the AC 23 sends an AUTDATASTATUS Return Result message 27 to the HLR 22.
  • This is a new message in ANSI-41 which functions to inform the HLR whether the subscriber's authentication data has been initiated. Therefore, if the subscriber's authentication data has not been initiated, the AUTDATASTATUS Return Result message 27 includes an indication that the data is not initiated.
  • the HLR returns an error indication 30 to the CAS 21. If, however, it is determined in the
  • the AC 23 sends an AUTDATASTATUS Return Result message 29 to the HLR 22 and includes an indication that the data is initiated.
  • the HLR then activates the subscriber's authentication service and sets the AUTHCAP parameter at 31.
  • the HLR then sends an indication of service activation
  • FIG. 3 A is a table of parameters included in the Authentication Data Status (AUTDATASTATUS) Invoke message 25 of the present invention.
  • the parameters include an AUTDATASTATUS parameter 33, the mobile identification number (MIN) 34, and the electronic serial number (ESN) 35 of the subscriber's mobile station.
  • the inclusion of the AUTDATASTATUS parameter 33 prompts the AC 23 to determine whether the identified subscriber's authentication data has been initiated.
  • FIG. 3B is a table of parameters included in the AUTDATASTATUS Return Result message 27 and 29 of the present invention.
  • the parameters include the AUTDATASTATUS parameter 33, the MIN 34, and the ESN 35 of the subscriber's mobile station.
  • a response bit in the AUTDATASTATUS parameter 33 is set to indicate whether or not the subscriber's authentication data is initiated. For example, if the data is not initiated, the response bit is set to zero (0), and if the data is initiated, the response bit is set to one (1).
  • the HLR 22 receives the AUTDATASTATUS Return Result message 27 with the response bit set to zero, the HLR sends an error indication to the CAS 21.
  • the HLR 22 receives the AUTDATASTATUS Return Result message 29 with the response bit set to one, the HLR sets the AUTHCAP parameter and sends an indication to the CAS 21 that the authentication service has been activated.
  • FIG. 4 is a message flow diagram illustrating the flow of messages when removing (erasing) a subscriber's authentication data from the co-located AC/HLR 12 in the existing radio telecommunications network 10 of FIG. 1.
  • a directive message 41 is sent by the CAS 11 to the co-located AC/HLR 12.
  • the AC/HLR checks whether the authentication service has been de-activated. If not, an error indication 42 is returned to the CAS 11. If the authentication service is inactive, the subscriber's authentication data is erased at 43. The AC/HLR then returns an indication to the CAS that the data has been erased in an acknowledgement 44.
  • FIG. 5 is a message flow diagram illustrating the flow of messages when removing a subscriber's authentication data from the stand-alone AC 23 in the radio telecommunications network 20 of FIG. 2.
  • a directive message 51 is sent by the CAS 21 to the
  • the AC then sends an Authentication Service Status (AUTSERVICESTATUS) Invoke message 52 to the HLR 22.
  • AUTSERVICESTATUS Authentication Service Status
  • This is a new message in ANSI-41 which functions to request the HLR to determine whether the authentication service has been de-activated for the identified subscriber.
  • the HLR makes this determination.
  • the HLR 22 sends an AUTSERVICESTATUS Return Result message 54 to the AC 23.
  • This is a new message in ANSI-41 which functions to inform the AC whether the authentication service has been deactivated for the identified subscriber. Therefore, if the authentication service has not been de-activated, the AUTSERVICESTATUS Return Result message 54 includes an indication that the service is still active. At 55, the AC then sends an error indication 56 to the CAS 21. If, however, it is determined in the HLR that the authentication service is inactive, the
  • FIG. 6A is a table of parameters included in the Authentication
  • the parameters include an AUTSERVICESTATUS parameter 36, the MIN 34, and the ESN 35 of the subscriber's mobile station.
  • the inclusion of the AUTSERVICESTATUS parameter 36 prompts the HLR 22 to determine whether the identified subscriber's authentication service is inactive.
  • FIG. 6B is a table of parameters included in the AUTSERVICESTATUS Return Result message 54 and 57 of the present invention.
  • the parameters include the AUTSERVICESTATUS parameter 36, the MIN 34, and the ESN 35 of the subscriber's mobile station.
  • a response bit in the AUTSERVICESTATUS parameter 36 is set to indicate whether or not the subscriber's authentication service is inactive. For example, if the service is still active, the response bit is set to zero (0), and if the service is inactive, the response bit is set to one (1).
  • the AC 23 receives the AUTSERVICESTATUS Return Result message 54 with the response bit set to zero, the AC sends an error indication to the CAS 21.
  • the AC 23 receives the AUTSERVICESTATUS Return Result message 57 with the response bit set to one the AC erases the subscriber's authentication data and sends an indication to the CAS 21 that the data has been removed.

Abstract

A method of interfacing a stand-alone authentication center (AC) (23) with a radio telecommunications network (20) having a home location register (HLR) (22) separate from the AC (23). When a request (24) to activate the subscriber's authentication service is received in the HLR (22), an Authentication Data Status Invoke message (25) is sent from the HLR (22) to the stand-alone AC (23) requesting that the AC (23) determine whether the subscriber's authentication data has been loaded (26). The AC (23) makes this determination (26) and sends an Authentication Data Status Return Result message (27, 29) to the HLR (22) indicating whether the data has been loaded. If the data has been loaded, the HLR (22) activates the subscriber's authentication service (31). When a request (51) to remove a subscriber's authentication data is received in the stand-alone AC (23), an Authentication Service Status Invoke message (52) is sent from the AC (23) to the HLR (22) requesting that the HLR (22) determine whether the subscriber's authentication service is inactive. The HLR (22) makes this determination (53) and sends an Authentication Service Status Return Result message (54, 57) to the AC (23) indicating whether the service is inactive. If the service is inactive, the AC (23) erases the subscriber's authentication data (58).

Description

METHOD OF CONTROLLING
A STAND-ALONE AUTHENTICATION CENTER
IN A RADIO TELECOMMUNICATIONS NETWORK
BACKGROUND OF THE INVENTION Technical Field of the Invention
This invention relates to radio telecommunication systems and, more particularly, to a method of activating and deactivating authentication service and removing subscriber authentication data from a stand-alone authentication center (AC) in a radio telecommunications network.
Description of Related Art
In North American radio telecommunications networks, inter- system signaling is performed in accordance with protocols and procedures described in ANSI-41 which is hereby incorporated by reference herein. ANSI-41 Project Number (PN)-3769 entitled, "Over the Air Service Provisioning" discloses various inter-system messages related to authentication services in radio telecommunications networks. Other types of radio telecommunications networks utilized in other parts of the world utilize other inter-system signaling standards. For example, the Global System for Mobile Communications (GSM) utilizes GSM 09.02 Mobile Application Part (MAP) which is hereby incorporated by reference herein. Although the present invention is described in terms of ANSI-41 signaling, it is not limited thereto, and is operable with all intersystem signaling protocols.
In existing radio telecommunications networks, the AC is co-located with a home location register (HLR). In order to remove (erase) a subscriber's authentication data, a system operator sends a directive message to the co-located AC/HLR. However, if the authentication service is still active, the AC/HLR should not erase the subscriber's authentication data. Therefore, the AC/HLR first determines whether authentication service has been deactivated for that subscriber, and if so, erases the data. If the service has not been deactivated, an error message is returned to the operator. Under the current ANSI-41 standard, however, this process cannot be performed if the AC and the HLR are not co- located.
A similar problem exists when a system operator sends a directive message to the co-located AC/HLR to activate the authentication service for a subscriber. When the authentication service is activated for a subscriber, an ANSI-41 Authentication Capabilities (AUTHCAP) parameter is set in the HLR part. However, the AUTHCAP parameter cannot be set unless the subscriber's authentication data has been initiated (loaded) in the AC part. In existing telecommunications networks in which the AC and HLR are co-located, the subscriber's authentication data is accessible by the HLR since the data is in the same node. Therefore, when the command to activate the authentication service for a subscriber is sent by the system operator to the co-located AC/HLR, the node checks whether the authentication data has been loaded. If so, the AUTHCAP parameter is set in the HLR part. If the data has not been loaded, an error message is returned to the operator. Under the current ANSI-41 standard, however, this process cannot be performed if the AC and the HLR are not co-located.
In order to provide increased flexibility and authentication capabilities in radio telecommunications networks, it would be advantageous, in certain circumstances, to locate ACs separately from HLRs that serve the same subscribers. For example, a single AC could then be associated with several HLRs. However, under the current ANSI- 41 standard, activation of authentication service and removal of a subscriber's authentication data cannot be performed if the AC and the HLR are not co-located. There are no known prior art teachings of a solution to the aforementioned deficiency and shortcoming such as that disclosed herein. In order to overcome the disadvantage of existing solutions, it would be advantageous to have a method of activating and deactivating authentication service and erasing subscriber authentication data from a stand-alone authentication center (AC) in a radio telecommunications network. The present invention provides such a method.
SUMMARY OF THE INVENTION
In one aspect, the present invention is a method of interfacing a stand-alone authentication center (AC) with a radio telecommunications network having a home location register (HLR) separate from the AC. The method includes the steps of sending a first message from the HLR to the stand-alone AC requesting that the AC perform a function, performing the function in the AC, and sending a second message from the AC to the HLR indicating a result of performing the function.
In another aspect, the present invention is a method of activating a subscriber's authentication service in a home location register (HLR) in a radio telecommunications network having a stand-alone authentication center (AC) separate from the HLR. The method begins by sending a directive message from a system operator to the HLR requesting the HLR to activate the subscriber's authentication service. The HLR then sends a first inter-system signaling message to the stand-alone AC requesting that the AC determine whether the subscriber's authentication data has been loaded. The AC then determines whether the subscriber's authentication data has been loaded. This is followed by sending a second inter-system signaling message from the AC to the HLR indicating a first result if the subscriber's authentication data has been loaded in the AC, and indicating a second result if the subscriber's authentication data has not been loaded in the AC. The HLR activates the subscriber's authentication service in the HLR upon receiving the first result indicating that the subscriber's authentication data has been loaded in the AC. In another aspect, the present invention is a method of interfacing a stand-alone authentication center (AC) with a radio telecommunications network having a home location register (HLR) separate from the AC. The method includes the steps of sending a first message from the standalone AC to the HLR requesting that the HLR perform a function, performing the function in the HLR, and sending a second message from the HLR to the AC indicating a result of performing the function. In yet another aspect, the present invention is a method of removing a subscriber's authentication data from a stand-alone authentication center (AC) in a radio telecommunications network having a home location register (HLR) separate from the AC. The method begins by sending a directive message from a system operator to the stand-alone AC requesting the AC to remove the subscriber's authentication data. The AC then sends a first inter-system signaling message to the HLR requesting that the HLR determine whether the subscriber's authentication service is inactive in the HLR. The HLR then determines whether the subscriber's authentication service is inactive. This is followed by sending a second inter-system signaling message from the HLR to the AC indicating a first result if the subscriber's authentication service is inactive in the HLR, and indicating a second result if the subscriber's authentication service is active in the HLR. The subscriber's authentication data is then erased in the AC upon receiving the first result indicating that the subscriber's authentication service is inactive in the HLR.
BRIEF DESCRIPTION OF THE DRAWINGS
The invention will be better understood and its numerous objects and advantages will become more apparent to those skilled in the art by reference to the following drawings, in conjunction with the accompanying specification, in which:
FIG. 1 (Prior Art) is a message flow diagram illustrating the flow of messages when activating authentication service in an existing radio telecommunications network having a co-located authentication center and home location register (AC/HLR);
FIG. 2 is a message flow diagram illustrating the flow of messages when activating authentication service in a radio telecommunications network having a stand-alone authentication center (AC) in accordance with the teachings of the present invention;
FIG. 3 A is a table of parameters included in the Authentication Data Status (AUTDATASTATUS) Invoke message of the present invention; FIG. 3B is a table of parameters included in the
AUTDATASTATUS Return Result message of the present invention;
FIG. 4 (Prior Art) is a message flow diagram illustrating the flow of messages when removing a subscriber's authentication data from a co- located AC/HLR in an existing radio telecommunications network; FIG. 5 is a message flow diagram illustrating the flow of messages when removing a subscriber's authentication data from a stand-alone AC in a radio telecommunications network in accordance with the teachings of the present invention;
FIG. 6 A is a table of parameters included in the Authentication Service Status (AUTSERVICEST ATUS) Invoke message of the present invention; and
FIG. 6B is a table of parameters included in the AUTSERVICEST ATUS Return Result message of the present invention.
DETAILED DESCRIPTION OF EMBODIMENTS
FIG. 1 is a message flow diagram illustrating the flow of messages when activating authentication service in an existing radio telecommunications network 10 having a co-located authentication center and home location register (AC/HLR) 12. An Operation Support System (OSS) 9 includes a customer administrative system (CAS) 11 through which a system operator may make requests in the network. When the system operator desires to activate the authentication service for a subscriber, a directive message 13 is sent by the CAS 11 to the co-located AC/HLR 12. The AC/HLR checks whether the authentication data has been initiated (loaded). If not, an error indication 14 is returned to the
CAS. If the authentication data has been initiated, the AC/HLR activates the authentication service and sets an AUTHCAP parameter at 15. The AC/HLR then returns an indication 16 to the CAS that the service has been activated. Under the current ANSI-41 standard, however, this process cannot be performed if the AC and the HLR are not co-located.
FIG. 2 is a message flow diagram illustrating the flow of messages when activating authentication service in a radio telecommunications network 20 having a home location register (HLR) 22 and a stand-alone authentication center (AC) 23 in accordance with the teachings of the present invention. An Operation Support System (OSS) 19 includes a customer administrative system (CAS) 21 through which a system operator may make requests in the network. When the system operator desires to activate the authentication service for a subscriber, a directive message 24 is sent by the CAS 21 to the HLR 22. The HLR then sends an Authentication Data Status (AUTDATASTATUS) Invoke message 25 to the AC 23. This is a new message in ANSI-41 which functions to request the stand-alone AC 23 to determine whether the subscriber's authentication data has been initiated. Therefore, at 26, the AC makes this determination.
If it is determined that the subscriber's authentication data has not been initiated, the AC 23 sends an AUTDATASTATUS Return Result message 27 to the HLR 22. This is a new message in ANSI-41 which functions to inform the HLR whether the subscriber's authentication data has been initiated. Therefore, if the subscriber's authentication data has not been initiated, the AUTDATASTATUS Return Result message 27 includes an indication that the data is not initiated. At 28, the HLR returns an error indication 30 to the CAS 21. If, however, it is determined in the
AC that the subscriber's authentication data has been initiated, the AC 23 sends an AUTDATASTATUS Return Result message 29 to the HLR 22 and includes an indication that the data is initiated. The HLR then activates the subscriber's authentication service and sets the AUTHCAP parameter at 31. The HLR then sends an indication of service activation
33 to the CAS 21.
FIG. 3 A is a table of parameters included in the Authentication Data Status (AUTDATASTATUS) Invoke message 25 of the present invention. The parameters include an AUTDATASTATUS parameter 33, the mobile identification number (MIN) 34, and the electronic serial number (ESN) 35 of the subscriber's mobile station. The inclusion of the AUTDATASTATUS parameter 33 prompts the AC 23 to determine whether the identified subscriber's authentication data has been initiated.
FIG. 3B is a table of parameters included in the AUTDATASTATUS Return Result message 27 and 29 of the present invention. The parameters include the AUTDATASTATUS parameter 33, the MIN 34, and the ESN 35 of the subscriber's mobile station. A response bit in the AUTDATASTATUS parameter 33 is set to indicate whether or not the subscriber's authentication data is initiated. For example, if the data is not initiated, the response bit is set to zero (0), and if the data is initiated, the response bit is set to one (1). When the HLR 22 receives the AUTDATASTATUS Return Result message 27 with the response bit set to zero, the HLR sends an error indication to the CAS 21. When the HLR 22 receives the AUTDATASTATUS Return Result message 29 with the response bit set to one, the HLR sets the AUTHCAP parameter and sends an indication to the CAS 21 that the authentication service has been activated.
FIG. 4 (Prior Art) is a message flow diagram illustrating the flow of messages when removing (erasing) a subscriber's authentication data from the co-located AC/HLR 12 in the existing radio telecommunications network 10 of FIG. 1. When the system operator desires to remove a subscriber's authentication data from the AC, a directive message 41 is sent by the CAS 11 to the co-located AC/HLR 12. The AC/HLR checks whether the authentication service has been de-activated. If not, an error indication 42 is returned to the CAS 11. If the authentication service is inactive, the subscriber's authentication data is erased at 43. The AC/HLR then returns an indication to the CAS that the data has been erased in an acknowledgement 44. Under the current ANSI-41 standard, however, this process cannot be performed if the AC and the HLR are not co-located. FIG. 5 is a message flow diagram illustrating the flow of messages when removing a subscriber's authentication data from the stand-alone AC 23 in the radio telecommunications network 20 of FIG. 2. When the system operator desires to remove (erase) from the AC, the authentication data for a subscriber, a directive message 51 is sent by the CAS 21 to the
AC 23. In accordance with the teachings of the present invention, the AC then sends an Authentication Service Status (AUTSERVICESTATUS) Invoke message 52 to the HLR 22. This is a new message in ANSI-41 which functions to request the HLR to determine whether the authentication service has been de-activated for the identified subscriber.
Therefore, at 53, the HLR makes this determination.
If it is determined that the authentication service has not been deactivated, the HLR 22 sends an AUTSERVICESTATUS Return Result message 54 to the AC 23. This is a new message in ANSI-41 which functions to inform the AC whether the authentication service has been deactivated for the identified subscriber. Therefore, if the authentication service has not been de-activated, the AUTSERVICESTATUS Return Result message 54 includes an indication that the service is still active. At 55, the AC then sends an error indication 56 to the CAS 21. If, however, it is determined in the HLR that the authentication service is inactive, the
HLR 22 sends an AUTSERVICESTATUS Return Result message 57 to the AC 23 and includes an indication that the service is inactive. The AC then erases the subscriber's authentication data at 58, and at 59 sends an indication 60 to the CAS 21 that the data has been removed. FIG. 6A is a table of parameters included in the Authentication
Service Status (AUTSERVICESTATUS) Invoke message 52 of the present invention. The parameters include an AUTSERVICESTATUS parameter 36, the MIN 34, and the ESN 35 of the subscriber's mobile station. The inclusion of the AUTSERVICESTATUS parameter 36 prompts the HLR 22 to determine whether the identified subscriber's authentication service is inactive.
FIG. 6B is a table of parameters included in the AUTSERVICESTATUS Return Result message 54 and 57 of the present invention. The parameters include the AUTSERVICESTATUS parameter 36, the MIN 34, and the ESN 35 of the subscriber's mobile station. A response bit in the AUTSERVICESTATUS parameter 36 is set to indicate whether or not the subscriber's authentication service is inactive. For example, if the service is still active, the response bit is set to zero (0), and if the service is inactive, the response bit is set to one (1). When the AC 23 receives the AUTSERVICESTATUS Return Result message 54 with the response bit set to zero, the AC sends an error indication to the CAS 21. When the AC 23 receives the AUTSERVICESTATUS Return Result message 57 with the response bit set to one, the AC erases the subscriber's authentication data and sends an indication to the CAS 21 that the data has been removed.
It is thus believed that the operation and construction of the present invention will be apparent from the foregoing description. While the method, apparatus and system shown and described has been characterized as being preferred, it will be readily apparent that various changes and modifications could be made therein without departing from the spirit and scope of the invention as defined in the following claims.

Claims

WHAT IS CLAIMED IS:
1. A method of interfacing a stand-alone authentication center (AC) with a radio telecommunications network having a home location register (HLR) separate from the AC, said method comprising the steps of: sending a first message from the HLR to the stand-alone AC requesting that the AC perform a function; performing the function in the AC; and sending a second message from the AC to the HLR indicating a result of performing the function.
2. The method of interfacing a stand-alone AC with a radio telecommunications network of claim 1 wherein said steps of sending a first message and sending a second message include sending the first and second messages in an inter-system messaging protocol.
3. The method of interfacing a stand-alone AC with a radio telecommunications network of claim 2 wherein said step of sending the first and second messages in an inter-system messaging protocol includes sending said messages in ANSI-41 format.
4. The method of interfacing a stand-alone AC with a radio telecommunications network of claim 1 wherein said step of sending a first message from the HLR to the stand-alone AC requesting that the AC perform a function includes requesting that the AC determine whether a subscriber's authentication data has been loaded in the AC.
5. The method of interfacing a stand-alone AC with a radio telecommunications network of claim 4 wherein said step of sending a second message from the AC to the HLR indicating a result of performing the function includes: indicating a first result if the subscriber's authentication data has been loaded in the AC; and indicating a second result if the subscriber's authentication data has not been loaded in the AC.
6. The method of interfacing a stand-alone AC with a radio telecommunications network of claim 5 further comprising, before the step of sending a first message from the HLR to the stand-alone AC, the step of sending a directive message from a system operator to the HLR requesting the HLR to activate the subscriber's authentication service.
7. The method of interfacing a stand-alone AC with a radio telecommunications network of claim 6 further comprising, after the step of sending a second message from the AC to the HLR indicating that the subscriber's authentication data has been loaded in the AC, the steps of: activating the subscriber's authentication service in the HLR; and sending a return message from the HLR to the system operator indicating that the subscriber's authentication service has been activated.
8. The method of interfacing a stand-alone AC with a radio telecommunications network of claim 6 further comprising, after the step of sending a second message from the AC to the HLR indicating that the subscriber's authentication data has not been loaded in the AC, the step of sending a return message from the HLR to the system operator indicating an error condition.
9. A method of activating a subscriber's authentication service in a home location register (HLR) in a radio telecommunications network having a stand-alone authentication center (AC) separate from the HLR, said method comprising the steps of: sending a directive message from a system operator to the HLR requesting the HLR to activate the subscriber's authentication service; sending a first inter-system signaling message from the HLR to the stand-alone AC requesting that the AC determine whether the subscriber's authentication data has been loaded; determining in the AC whether the subscriber's authentication data has been loaded; sending a second inter-system signaling message from the AC to the
HLR indicating a first result if the subscriber's authentication data has been loaded in the AC, and indicating a second result if the subscriber's authentication data has not been loaded in the AC; and activating the subscriber's authentication service in the HLR upon receiving the first result indicating that the subscriber's authentication data has been loaded in the AC.
10. The method of activating a subscriber's authentication service in a stand-alone authentication center (AC) in a radio telecommunications network of claim 9 further comprising sending a return message from the
HLR to the system operator indicating that the subscriber's authentication service has been activated.
11. A method of interfacing a stand-alone authentication center (AC) with a radio telecommunications network having a home location register (HLR) separate from said AC, said method comprising the steps of: sending a first message from the stand-alone AC to the HLR requesting that the HLR perform a function; performing the function in the HLR; and sending a second message from the HLR to the AC indicating a result of performing the function.
12. The method of interfacing a stand-alone AC with a radio telecommunications network of claim 11 wherein said steps of sending a first message and sending a second message include sending the first and second messages in an inter-system messaging protocol.
13. The method of interfacing a stand-alone AC with a radio telecommunications network of claim 12 wherein said step of sending the first and second messages in an inter-system messaging protocol includes sending said messages in ANSI-41 format.
14. The method of interfacing a stand-alone AC with a radio telecommunications network of claim 11 wherein said step of sending a first message from the stand-alone AC to the HLR requesting that the HLR perform a function includes requesting that the HLR determine whether a subscriber's authentication service is inactive in the HLR.
15. The method of interfacing a stand-alone AC with a radio telecommunications network of claim 14 wherein said step of sending a second message from the HLR to the AC indicating a result of performing the function includes: indicating a first result if the subscriber's authentication service is active in the HLR; and indicating a second result if the subscriber's authentication service is inactive in the HLR.
16. The method of interfacing a stand-alone AC with a radio telecommunications network of claim 15 further comprising, before the step of sending a first message from the stand-alone AC to the HLR, the step of sending a directive message from a system operator to the AC requesting the AC to remove the subscriber's authentication data.
17. The method of interfacing a stand-alone AC with a radio telecommunications network of claim 16 further comprising, after the step of sending a second message from the HLR to the AC indicating that the subscriber's authentication service is inactive in the HLR, the steps of: erasing the subscriber's authentication data in the AC; and sending a return message from the AC to the system operator indicating that the subscriber's authentication data has been removed.
18. The method of interfacing a stand-alone AC with a radio telecommunications network of claim 16 further comprising, after the step of sending a second message from the HLR to the AC indicating that the subscriber's authentication service is active in the HLR, the step of sending a return message from the AC to the system operator indicating an error condition.
19. A method of removing a subscriber's authentication data from a stand-alone authentication center (AC) in a radio telecommunications network having a home location register (HLR) separate from the AC, said method comprising the steps of: sending a directive message from a system operator to the standalone AC requesting the AC to remove the subscriber's authentication data; sending a first inter-system signaling message from the AC to the HLR requesting that the HLR determine whether the subscriber's authentication service is inactive in the HLR; determining in the HLR whether the subscriber's authentication service is inactive; sending a second inter-system signaling message from the HLR to the AC indicating a first result if the subscriber's authentication service is inactive in the HLR, and indicating a second result if the subscriber's authentication service is active in the HLR; and erasing the subscriber's authentication data in the AC upon receiving the first result indicating that the subscriber's authentication service is inactive in the HLR.
20. The method of removing a subscriber's authentication data from a stand-alone AC in a radio telecommunications network of claim 19 further comprising sending a return message from the AC to the system operator indicating that the subscriber's authentication data has been removed.
PCT/SE1998/002022 1997-11-14 1998-11-10 Method of controlling a stand-alone authentication center in a radio telecommunications network WO1999026443A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU12659/99A AU1265999A (en) 1997-11-14 1998-11-10 Method of controlling a stand-alone authentication center in a radio telecommunications network

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US97101397A 1997-11-14 1997-11-14
US08/971,013 1997-11-14

Publications (1)

Publication Number Publication Date
WO1999026443A1 true WO1999026443A1 (en) 1999-05-27

Family

ID=25517818

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SE1998/002022 WO1999026443A1 (en) 1997-11-14 1998-11-10 Method of controlling a stand-alone authentication center in a radio telecommunications network

Country Status (2)

Country Link
AU (1) AU1265999A (en)
WO (1) WO1999026443A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006065176A1 (en) * 2004-12-14 2006-06-22 Telefonaktiebolaget Lm Ericsson (Publ) Method and apparatus for controlling a provisioning process in a telecommunications system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5615267A (en) * 1995-07-17 1997-03-25 Bell Communications Research, Inc. Method for adaptively switching between PCS authentication schemes
WO1998031162A2 (en) * 1997-01-11 1998-07-16 Tandem Computers, Incorporated Method and apparatus for limiting authentication directive initiation in a mobile telephone system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5615267A (en) * 1995-07-17 1997-03-25 Bell Communications Research, Inc. Method for adaptively switching between PCS authentication schemes
WO1998031162A2 (en) * 1997-01-11 1998-07-16 Tandem Computers, Incorporated Method and apparatus for limiting authentication directive initiation in a mobile telephone system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
BROWN D: "TECHNIQUES FOR PRIVACY AND AUTHENTICATION IN PERSONAL COMMUNICATION SYSTEMS", IEEE PERSONAL COMMUNICATIONS, vol. 2, no. 4, 1 August 1995 (1995-08-01), pages 6 - 10, XP000517584 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006065176A1 (en) * 2004-12-14 2006-06-22 Telefonaktiebolaget Lm Ericsson (Publ) Method and apparatus for controlling a provisioning process in a telecommunications system

Also Published As

Publication number Publication date
AU1265999A (en) 1999-06-07

Similar Documents

Publication Publication Date Title
JP3394775B2 (en) Management method in GSM / VLR of supplementary service procedure sent to HLR
US8503412B2 (en) Process method about the service connection between the wireless local area network and user terminal
US6353621B1 (en) Method to allow seamless service to mobile subscribers across various mobile switching centers supporting multiple intersystem standards
CN1123247C (en) Retention of radio resource connection for short message service message delivery in a cellular telephone network
EP0976271B1 (en) Data packet radio service with enhanced mobility management
US20030050047A1 (en) Changing a first subscriber identifier to a second identifier
JP4153488B2 (en) Apparatus and method for storing subscriber data
US8170531B2 (en) Method for producing authentication information
JP2008109703A (en) Method of calling out privacy on telecommunications network
CA2353674A1 (en) System and method for over the air activation in a wireless telecommunications network related
RU95122705A (en) MOBILE RADIO NETWORK OPERATION METHOD
JP2005237008A (en) System and method for filtering sms message
AU6491299A (en) System and method for a previously activated mobile station to challenge networkmobile station knowledge during over the air activation
WO1999018742A1 (en) Method of handling short message service acknowledgement messages between cooperating mobile switching centers in a radio telecommunications network
US7142875B2 (en) Selecting domain for transmitting a location service request
JPH08505274A (en) How to verify the identity of a subscriber device
US7957754B2 (en) Method and system for authenticating short message calling party
US7215943B2 (en) Mobile terminal identity protection through home location register modification
US6091952A (en) Distributed subscriber data management in wireless networks from a central perspective
WO1999056479A1 (en) A communications network and method for screening incoming circuit switched calls
EP1118238B1 (en) Tracing of signalling messages
US6073017A (en) Distributed subscriber data management in wireless networks from a remote perspective
JP2003513572A (en) Method and apparatus for selecting identification confirmation information
WO1999026443A1 (en) Method of controlling a stand-alone authentication center in a radio telecommunications network
JP2001148878A (en) Paging system and paging method

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

NENP Non-entry into the national phase

Ref country code: KR

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: CA