WO2016015750A1 - Authentication in a communications network - Google Patents

Authentication in a communications network Download PDF

Info

Publication number
WO2016015750A1
WO2016015750A1 PCT/EP2014/066200 EP2014066200W WO2016015750A1 WO 2016015750 A1 WO2016015750 A1 WO 2016015750A1 EP 2014066200 W EP2014066200 W EP 2014066200W WO 2016015750 A1 WO2016015750 A1 WO 2016015750A1
Authority
WO
WIPO (PCT)
Prior art keywords
network
mobile device
request
tunnel
authentication
Prior art date
Application number
PCT/EP2014/066200
Other languages
French (fr)
Inventor
Filip MESTANOV
Tomas Hedberg
Karl Norrman
Oumer Teyeb
Jari Tapio Vikberg
Original Assignee
Telefonaktiebolaget L M Ericsson (Publ)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget L M Ericsson (Publ) filed Critical Telefonaktiebolaget L M Ericsson (Publ)
Priority to PCT/EP2014/066200 priority Critical patent/WO2016015750A1/en
Publication of WO2016015750A1 publication Critical patent/WO2016015750A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/062Pre-authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/0005Control or signalling for completing the hand-off
    • H04W36/0011Control or signalling for completing the hand-off for data sessions of end-to-end connection
    • H04W36/0033Control or signalling for completing the hand-off for data sessions of end-to-end connection with transfer of context information
    • H04W36/0038Control or signalling for completing the hand-off for data sessions of end-to-end connection with transfer of context information of security context information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices
    • H04W88/06Terminal devices adapted for operation in multiple networks or having at least two operational modes, e.g. multi-mode terminals

Definitions

  • a UE When a UE connects to a WLAN network, it authenticates using an Extensible Authentication Protocol, EAP-SIM/AKA/AKA'. If the UE subsequently connects to a 3GPP network, it must perform a 3GPP authentication procedure even though it is already authenticated in the WLAN. This will introduce delay in a WLAN to 3GPP handover, which might impact service quality. Furthermore, for each authentication (being a WLAN or 3GPP) one authentication vector is required from the HSS. This puts an increased load on this node, which is often seen as a bottleneck.
  • EAP-SIM/AKA/AKA' Extensible Authentication Protocol
  • a method of authenticating a mobile device in a first network using a first Radio Access Technology the mobile device being authenticated in a second network using a second Radio Access Technology.
  • a device in the first network receives from a device in the second network a request to authenticate the mobile device in the first network.
  • the device in the first network establishes a tunnel between the device in the first network and the mobile device, the tunnel traversing the device in the second network. Signalling is then exchanged between the mobile device and the device in the first network using the established tunnel to authenticate the mobile device in the first network.
  • Figure 3 is a signalling diagram showing exemplary signalling
  • Figure 4 is a flow diagram showing exemplary steps

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A method and apparatus for authenticating a mobile device in a first network using a first Radio Access Technology. The mobile device is authenticated in a second network using a second Radio Access Technology and sends to a device in the second network a request to authenticate the mobile device in the first network. The request is to be forwarded to a device in the first network. The mobile device then receives from the device in the first network via a tunnel a confirmation that the mobile device is authenticated in the first network.

Description

Authentication in a Communications Network
TECHNICAL FIELD The invention relates to the field of authentication in a communications network, and in particular to authentication of a mobile device that has already been authenticated in another network.
BACKGROUND
There is currently a drive to use Wi-Fi access networks to off-load signalling load from a 3GPP network. For example, a Radio Base Station (RBS) may provide 3GPP services within a certain area A. Within that area A, one of more Wi-Fi 'hotspots' may be provided by Wi-Fi Access Points (APs), each of which allows Wi-Fi access to a communications network for a mobile client device such as a User Equipment (UE). Note that the same device is termed a UE in the context of a 3GPP network, and a Station (STA) in the context of a Wireless Local Area Network (WLAN). The UE therefore can choose to access a communications network via 3GPP, Wi-Fi or both. In the following description, the term UE is used. It will be understood that a UE accessing a WLAN may be termed a Station.
UEs that are both 3GPP capable and Wi-Fi capable can use either type of access. If a UE is capable of accessing a Wi-Fi AP, and such accessing is enabled, the UE will typically automatically connect to a (known) Wi-Fi network as soon as the UE detects the Wi-Fi network. The UE may maintain its 3GPP registration for services such as voice and short message service (SMS), but may exclusively use the Wi-Fi access network for packet data.
When a UE attaches to a WLAN network, an authentication procedure is followed, as described for example in RFC 4186 for the EAP-SIM case. In brief, the UE communicates with an AP in order to be authenticated. The AP determines the UE identity (for example, a permanent UE identity such as an International Mobile Subscriber Identity, IMSI, or a temporary UE identity such as a pseudonym). The AP contacts an Authentication, Authorization and Accounting (AAA) server at least partly based on the UE identity, which initiates an EAP-SIM procedure. This involves sending an EAP-Request/SIM/Start to the UE via the AP indicating that EAP-SIM authentication is initiated. The UE responds, for example, with a random number (NONCE MT) to the AAA in EAP-Response/SIM/Start. The AAA obtains a GSM triplet (RAND, SRES, Kc) from a Home Location Register (HLR) or Authentication Centre (AuC) and derives keying material, as described in Chapter 7 of RFC 4186. The AAA generates an EAP- Request/SIM/Challenge message that includes a RAND value and a first message authentication code attribute AT MAC. The first AT MAC is derived from the RAND and Kc values. The EAP-Request/SIM/Challenge message is sent to the UE, which uses the received RAND value to determine a second AT MAC and a SRES value. If the second AT MAC value derived at the UE matches the first AT MAC value derived by the AAA server, then authentication can proceed. The UE generates a third AT MAC based on the SRES and this is sent to the AAA server in a EAP-Response/ SIM/Challenge message. Once the AAA server verifies the third AT MAC derived by the UE, it sends an EAP-Success message to the AP that also includes keying materials in the form of a Pairwise Master Key (PMK). The PMK is not sent to the UE, but stored at the AP. Note that PMK can also be derived by the UE as it is based on Kc.
The AP uses the PMK to generate an Authenticator nonce (ANonce), which is sent to the UE. The UE uses the ANonce along with a Supplicant nonce (SNonce) and the PMK to generate a Pairwise Temporal Key (PTK). The SNonce is sent to the AP which also constructs the PTK, and in addition generates a Group Temporal Key (GTK). The GTK is sent to the UE along with an instruction to install the PTK. The UE then installs the PTK and the GTK, and uses these two keys to encrypt and decrypt all communication sent via the AP.
IEEE 802.1 1 r introduces a fast transition management to support handovers between APs that are part of the same mobility domain. This means that a new authentication procedure need not be followed when the UE attaches to a new AP; instead, only a fresh PTK is derived.
Turning now to 3GPP access networks, a UE is authenticated using an Authentication and Key Agreement (AKA) protocol. The AKA protocol results in the UE and a Mobility Management Entity (MME) being mutually authenticated and sharing a session key termed KASME- The UE initiates the procedure by sending an attach request to the MME. The message contains the identity of the UE, the IMSI (or a temporary identity that the MME can map to the IMSI). The MME requests an authentication vector (AV) for the UE from a Home Subscriber Server (HSS). The HSS replies with an AV. The AV contains a random challenge RAND, the expected result to the challenge XRES, an authentication token AUTN, and a session key KASME- The MME sends the RAND and AUTN to the UE, which computes a response to the RAND using the USIM. The result is called RES. The UE also verifies the network authenticity and RAND freshness by verifying the AUTN, again using the USIM. If the verification passes, the UE sends the response RES back to the MME. The MME verifies that the RES matches the XRES. If they match, the UE is considered authenticated and the MME starts NAS security based on KASME by running the security mode procedure. The UE calculates KASME from the RAND using the USIM and starts NAS security based on that KASME- The MME sends an attach accept to the UE to complete the attach procedure.
When a UE establishes a connection to the EPS core network via a non-3GPP access, it performs an EAP-AKA or EAP-AKA' authentication similar to that described above (and with some similarities to the described EAP-SIM procedure). There is no concept of handover between the two types of access, but connections are established and torn down independently. Note that access to the EPS core network is only allowed if the UE is equipped with a USIM so that the UE can run EAP-AKA('). A session key is established as a result of the authentication. Two functions are provided for the maintenance of security between the UE and an eNB: ciphering of both control plane (RRC) data (i.e. SRBs 1 and 2) and user plane data (i.e. all DRBs), and integrity protection which is used for control plane (RRC) data only. Ciphering is used in order to protect data streams from being read and interpreted by a third party, while integrity protection allows the receiver to detect packet insertion or replacement/modification. RRC always activates both functions together, either following connection establishment or as part of the handover to LTE. The process is based on a common secret key KASME which is available only in the Authentication Centre in the HSS and in a secure part of the Universal Subscriber Identity Module (USIM) in the UE. A set of keys and checksums (the AV) are generated at the Authentication Centre using this secret key and a random number. The generated keys, checksums and random number are transferred to the MME, which passes one of the generated checksums and the random number to the UE. The USIM in the UE then computes the same set of keys using the random number and the secret key. Mutual authentication is performed by verifying the computed checksums in the UE and network using NAS protocols.
Upon connection establishment, the AS derives an AS base-key KeNB, which is eNodeB specific, from KASME- ΚΘΝΒ is used to generate three further security keys known as the AS derived-keys: one for integrity protection of the RRC signalling (SRBs), one for ciphering of the RRC signalling and one for ciphering of user data (DRBs).
Regarding security during handover in LTE, the concept of forward security was introduced to ensure adequate security and minimize the risk of unauthorized access. Forward security means that without the knowledge of KASME, even with the knowledge of ΚΘΝΒ (key shared between the UE and the current eNodeB, eNB), it will be computationally difficult to generate KENBS to be used between the UE and eNBs that the UE will connect to in the future.
Whenever an initial AS security context needs to be established between UE and eNB, the MME and the UE derive a KENB and a Next Hop parameter (NH). KENB and the NH are derived from KASME- A NH Chaining Counter (NCC) is associated with each KENB and NH parameter. Every KENB is associated with the NCC corresponding to the NH value from which it was derived. At initial setup, KENB is derived directly from KASME, and is then considered to be associated with a virtual NH parameter with NCC value equal to zero. At initial setup, the derived NH value is associated with the NCC value one. The MME does not send the NH value to eNB at the initial connection setup. The eNB initializes the NCC value to zero after receiving an S1 -AP Initial Context Setup Request message.
The UE and the eNB use KENB to secure the communication. On handover, the basis for the KENB that will be used between the UE and the target eNB, called KENB*, is derived from either the currently active KeNB or from the NH parameter. If KeNB* is derived from the currently active KeNB this is referred to as a horizontal key derivation and if KeNB* is derived from the NH parameter the derivation is referred to as a vertical key derivation. On handover with vertical key derivation, the NH is further bound to the target PCI and its frequency EARFCN-DL before it is taken into use as the KeNB in the target eNB. On handover with horizontal key derivation the currently active KeNB is further bound to the target PCI and its frequency EARFCN-DL before it is taken into use as the KeNB in the target eNB. As NH parameters are only computable by the UE and the MME, it is arranged so that NH parameters are provided to eNBs from the MME in such a way that forward security can be achieved.
When a UE connects to a WLAN network, it authenticates using an Extensible Authentication Protocol, EAP-SIM/AKA/AKA'. If the UE subsequently connects to a 3GPP network, it must perform a 3GPP authentication procedure even though it is already authenticated in the WLAN. This will introduce delay in a WLAN to 3GPP handover, which might impact service quality. Furthermore, for each authentication (being a WLAN or 3GPP) one authentication vector is required from the HSS. This puts an increased load on this node, which is often seen as a bottleneck.
SUMMARY
It is an object to improve authentication procedures when a mobile device that is authenticated in a second network using a second Radio Access Technology requires authentication in a first network using a first Radio Access Technology.
According to a first aspect, there is provided a method of authenticating a mobile device in a first network using a first Radio Access Technology. The mobile device is authenticated in a second network using a second Radio Access Technology and sends to a device in the second network a request to authenticate the mobile device in the first network. The request is to be forwarded to a device in the first network. The mobile device then receives from the device in the first network via a tunnel a confirmation that the mobile device is authenticated in the first network. An advantage of this is that when a mobile device is, for example, authenticated in a WLAN network, it can be authenticated in a 3GPP network and avoid some of the required 3GPP authentication procedures.
As an option, the first network is a 3GPP network and the second network is a WLAN network. As a further option, the device in the first network is a Mobility Management Entity and the device in the second network is an Access Controller.
The method optionally further comprises the mobile device receiving from the device in the second network a request to establish the tunnel with the device in the first network. The mobile device sends to the device in the second network a response establishing the tunnel and exchanges authentication signalling with the device in the first network via the tunnel.
As an option, prior to sending to the device in the second network the request to authenticate the mobile device in the first network, the mobile device receives from the device in the second network an indication that authentication with the first network is possible via the device in the second network.
The method optionally further comprises exchanging data via the first network.
According to a second aspect, there is provided a method of authenticating a mobile device in a first network using a first Radio Access Technology. A device in a second network using a second Radio Access Technology with which the mobile device (1 ) is authenticated receives from the mobile device a request to authenticate the mobile device in the first network and sends the request to a device in the first network. The device in the second network then receives from the device in the first network a tunnel establishment request relating to establishment of a tunnel between the mobile device and the device in the first network, and sends the tunnel establishment request to the mobile device. An advantage of this is that the mobile device can be pre-authenticated in the first network.
As an option, the device in the first network is a Mobility Management Entity and the device in the second network is an Access Controller. As a further option, prior to receiving from the mobile device the request to authenticate the mobile device in the first network, the device in the second network sends to the mobile device an indication that authentication with the first network is possible via the device in the second network.
According to a third aspect, there is provided a method of authenticating a mobile device in a first network using a first Radio Access Technology, the mobile device being authenticated in a second network using a second Radio Access Technology. A device in the first network receives from a device in the second network a request to authenticate the mobile device in the first network. The device in the first network establishes a tunnel between the device in the first network and the mobile device, the tunnel traversing the device in the second network. Signalling is then exchanged between the mobile device and the device in the first network using the established tunnel to authenticate the mobile device in the first network.
As an option, the device in the first network is a Mobility Management Entity and the device in the second network is an Access Controller.
As an option, a first tunnelling protocol is used between the device in the first network and the device in the second network, and a second tunnelling protocol is used between the device in the second network and the mobile device.
According to a fourth aspect, there is provided a mobile device for use in a communication network. The mobile device is provided with a processor arranged to control authentication of the mobile device with a second network using a second Radio Access Technology. A transmitter is provided for sending to a device in the second network a request to authenticate the mobile device in a first network, the first network using a first Radio Access Technology. A receiver is provided arranged to receive from a device in the first network via a tunnel a confirmation that the mobile device is authenticated in the first network.
The receiver is optionally further arranged to receive from the device in the second network a request to establish the tunnel with the device in the first network, and the transmitter is optionally further arranged to send to the device in the second network a response establishing the tunnel. As an option, the receiver is configured to, prior to the transmitter sending to the device in the second network the request to authenticate the mobile device in the first network, receive from the device in the second network an indication that authentication with the first network is possible via the device in the second network.
According to a fifth aspect, there is provided a device for facilitating the authentication of a mobile device in a first network using a first Radio Access Technology, the device being located in a second network using a second Radio Access Technology with which the mobile device is authenticated. The device is provided with a first receiver arranged to receive from the mobile device a request to authenticate the mobile device in the first network. A first transmitter is provided, which is arranged to send the request to a device in the first network. A second receiver is arranged to receive from the device in the first network a tunnel establishment request relating to establishment of a tunnel between the mobile device and the device in the first network. A second transmitter is arranged to send the tunnel establishment request to the mobile device.
As an option, the device is an Access Controller. As an option, the second transmitter is arranged to, prior to receiving from the mobile device the request to authenticate the mobile device in the first network, send to the mobile device an indication that authentication with the first network is possible via the device in the second network. According to a sixth aspect, there is provided a device configured to authenticate a mobile device in a first network using a first Radio Access Technology, the mobile device being authenticated in a second network using a second Radio Access Technology. The device is provided with a receiver arranged to receive from a device in the second network a request to authenticate the mobile device in the first network. A transmitter is arranged to establish a tunnel between the device and the mobile device, the tunnel traversing the device in the second network. A processor is arranged to control an exchange of signalling with the mobile device using the established tunnel to authenticate the mobile device in the first network. An optional example of such as device is a Mobility Management Entity. According to a seventh aspect, there is provided a computer program comprising computer readable code which, when run on a mobile device, causes the mobile device to perform the method as described above in the first aspect.
According to an eighth aspect, there is provided a computer program computer readable code which, when run on a device causes the device to perform the method as described above in either of the second or third aspects. According to a ninth aspect, there is provided a computer program product comprising a non-transitory computer readable medium and a computer program as described above in the seventh or eighth aspects, wherein the computer program is stored on the computer readable medium. BRIEF DESCRIPTION OF DRAWINGS
Figure 1 is a signalling diagram showing an exemplary situation in which a PMK is transferred between entities; Figure 2 illustrates schematically in a block diagram an exemplary network topology for a dual mode mobile device;
Figure 3 is a signalling diagram showing exemplary signalling; Figure 4 is a flow diagram showing exemplary steps;
Figure 5 illustrates schematically in a block diagram an exemplary mobile device;
Figure 6 illustrates schematically in a block diagram an exemplary device such as an Access Controller; and
Figure 7 illustrates schematically in a block diagram an exemplary device such as a Mobility Management Entity.
DETAILED DESCIPTION When a mobile device that is already attached to a second network (such as a 3GPP network) attaches to a first network (such as a WLAN network), either instead of or in addition to being attached to the 3GPP network, it must be authenticated in the WLAN network. However, this places a signalling and processing burden on backend servers such as the AAA server and the HSS and causes a delay before the mobile device can start to use the WLAN network. It is proposed to allow the WLAN AC to obtain authentication credentials that have been used in the 3GPP network, for example from an MME. The authentication credentials include the PMK used when authenticating the mobile device in the 3GPP network. The following description uses the example of a mobile device attached to a 3GPP network subsequently attaching to a WLAN network, but it will be appreciated that the same principles may be applied to other types of network. For the example in which the mobile device is attached to a 3GPP network and wishes to attach to a WLAN network, an interface is set up between the ROKH (in this example, the WLAN AC) and the MME. This interface is used to transfer the PMK from the MME to the ROKH when the mobile device attempts authentication in the WLAN network. Figure 1 is a signalling diagram showing a mobile device 1 , an AP 2, an AC 3 and an MME 4. The following numbering corresponds to that of Figure 1 .
S1 . The mobile device 1 is authenticated in 3GPP. When the mobile device 1 is attached in the 3GPP network, a Primary Authentication Information Reference (PAIR) is provided to the mobile device 1 . The PAIR consists of a MME identifier and a UE context identifier in the MME. One possible way to do that is making use of a Security Mode Command procedure, which can be executed at initial 3GPP Attach, but may also be invoked subsequently. Other options are including the PAIR in the Attach accept or authentication messages or in Tracking/Routing Area Accept messages. The last option has the advantage that in case the mobile device 1 moves into coverage of a new MME/SGSN, the new PAIR will be assigned when that event happens. Further options are to include the PAIR in RRC messages sent from an eNB to the mobile device 1 (e.g., RRC Connection Setup). The eNB may have learnt the PAIR for this STA from the MME/SGSN. 52. The mobile device 1 receives a Beacon frame revealing (among other parameters) the security features associated with the BSS/ESS the AP 2 belongs to.
53. If the mobile device 1 does not receive a Beacon frame, it generates a Probe Request and sends it to the AP 2. This procedure is called active scanning and by performing it, the mobile device 1 can receive from the AP 2 the same information as it would have from a Beacon message.
54. The AP 2 answers with a Probe Response.
55. The mobile device 1 sends an Authentication Request to the target AP 2, including the PAIR, i.e. the MME identifier and the UE context identifier in the MME.
56. The AP 2 requests the PMK-R1 from the default AC/ROKH 3, including the PAIR, i.e. the MME identifier and the UE context identifier in the MME (as informed by the mobile device 1 in S5).
57. The AC/ROKH 3 requests the PMK from the MME 4. The request includes the UE context identifier in the MME. The MME 4 may be selected by the ROKH based on the MME identifier(again as informed by the mobile device 1 in S5).
58. The MME 4 provides the PMK to the AC 3 based on the UE context identifier in the MME received from the AC/ROKH 3; S9. The ROKH computes the PMK-R1 to be used and provides it to the AP 2.
510. The AP 2 then responds to the mobile device 1 with an Authentication Response, indicating the FTAA, the RSNE, the MDE and the FTE (which in this case carries also the Authentication Nonce, ANonce, and the R0KH-ID).
511 . The mobile device 1 re-associates with the target AP 2 within the allowed Re- association Deadline Time, sending a Re-association Request.
512. The target AP 2 responds with a Re-association Response. S13. The 802.1 X controlled port is unblocked and the mobile device 1 can successfully transmit (encrypted) data with the target AP 2.
S14. The mobile device 1 is authenticated in the WLAN and can subsequently use the WLAN to transmit data.
The MME 4 generates the PMK from the KASME of the currently active EPS security context or from an inactive native EPS security context. The generation is done by applying a key derivation function to the KASME-
The signalling flow of Figure 1 is one example where a PMK may be transferred between entities (in this case from the MME 4 to the R0KH, in this example the AC 3). As mentioned above, this is a security risk as the authentication and communication privacy could be compromised by a malicious third party.
Consider now the situation where a mobile device is attached to a WLAN network and wishes to subsequently attach to a 3GPP network. In order to improve authentication when a mobile device 1 also authenticated in a WLAN network, it is proposed to provide an authentication procedure with the 3GPP network before the mobile device attempts to attach to the 3GPP network. Note that that while the following description refers to a mobile device authenticated in a WLAN subsequently authenticating in a 3GPP network, the basic concepts can also be applied to other networks using similar authentication mechanisms. For example, instead of a WLAN network, the source network may be an IEEE 802.15.4 network and an initial authentication for the mobile device may have been carried over that network. When the mobile device 1 subsequently connects to a 3GPP network, it can apply the same techniques described below.
Figure 2 shows an exemplary network topology in which the mobile device 1 can communicate with the AC 3 via any of AP^ 5 or AP2 6. It can also communicate with MME 4 via any of eNE^ 7 and eNB2 8. An AAA Server 9 can provide authentication information to the AC 3, and an HLR/HSS can provide information to the MME 4 and the AAA Server 9. In the example of Figure 2, at the start of the process the mobile device 1 is attached to AP2 6. Once the mobile device 1 is connected to the WLAN and has successfully completed WLAN authentication, it initiates a 3GPP authentication procedure over WLAN regardless of whether or not the mobile device 1 has detected the radio signal of a 3GPP network. A key feature here is that the 3GPP authentication is performed over the WLAN rather than over the 3GPP network, as the mobile device 1 may not have detected a 3GPP signal. If the mobile device subsequently detects a 3GPP signal and wishes to perform a handover from WLAN to 3GPP, it is already authenticated in the 3GPP network and can start sending and receiving data over the 3GPP network immediately without being delayed by having to perform a 3GPP authentication procedure.
Figure 3 shows an exemplary 3GPP authentication procedure for the mobile device 1 . The following numbering corresponds to that of Figure 3: S15. The mobile device 1 is authenticated in WLAN. During the authentication process, the AC 3 is made aware that this particular mobile device 1 is dual-mode (has both WLAN and 3GPP capabilities). The AC 3 is also made aware of the mobile device's identity, such as the I MSI or another temporary identity that can be mapped to the IMSI.
516. As an optional step, the AC 3 sends a message to the mobile device 1 indicating that it is possible to perform a 3GPP authentication over WLAN. This notification can be either via explicit OTA messaging or as part of the EAP-AKA procedure. The second option may be achieved using an EAP Attribute (e.g., "AT NOTIFICATION).
517. The mobile device 1 sends a "request for 3GPP Authentication" to the AC 3, indicating that it wishes to authenticate in 3GPP. Note that the mobile device 1 may send this request regardless of whether or not it has received the indication in step S16 from the AC 3 that this feature is supported. The "request for 3GPP Authentication" can be sent via dedicated OTA signalling or as part of the EAP-AKA procedure. One way of realizing the latter option is using an EAP Attribute (e.g. "AT NOTIFICATION"), that can be encapsulated in one of the EAP messages part of the EAP-AKA procedure. If the AC 3 does not support 3GPP authentication over WLAN then it could either ignore this request or send a response to the mobile device 1 that 3GPP authentication is not possible over this WLAN.
518. The AC 3 forwards the "request for 3GPP Authentication" to the MME 4, enclosing the mobile device's identity. The mobile device 1 identity can be used to select a specific MME.
519. The MME 4 triggers a tunnel establishment and sends a "Tunnel Establishment Request" to the AC 3.
520. The AC 3 forwards the "Tunnel Establishment Request" to the mobile device 1 .
521 . The mobile device 1 responds to the AC 3 with a "Tunnel Establishment Response";
522. The AC 3 forwards the "Tunnel Establishment response" to the MME 4. Note that, depending on the type of tunnelling, the AC might need to act as a mid-point between the mobile device 1 and the MME 4 and handle message exchange between both entities. In certain scenarios, however, the tunnel will be transparent to the AC 3 (and also other WLAN network entities on the communication path) and the traffic between the mobile device 1 and the MME 4 will not be revealed to the AC 3.
523. The mobile device 1 initiates the authentication procedure by sending an attach request to the MME 4. The attach request contains the identity of the mobile device 1 (either the IMSI or a temporary identity that the MME 4 can map to the IMSI). This step is optional. As an alternative, the mobile device 1 could have included all necessary information already in the "request for 3GPP Authentication" in step S17.
524. The MME 4 requests an authentication vector (AV) for the mobile device 1 from the HSS 10, and receives the AV. The AV contains a random challenge RAND, the expected result to the challenge called XRES, an authentication token AUTN, and a session key KASME-
525. The MME 4 sends an authentication request including RAND and AUTN to the mobile device 1 over the WLAN. 526. The mobile device 1 computes a response to the RAND using the USIM. The result is termed RES. The mobile device 1 also verifies the network authenticity and RAND freshness by verifying the AUTN, again using the USIM. If the verification passes, the mobile device 1 sends the response RES back to the MME 4 in an authentication response message.
527. The MME 4 verifies that the RES received in the authentication response message in S26 matches the XRES received in step S24. If RES and XRES match, the mobile device 1 is considered authenticated and the MME 4 starts NAS security procedures based on KASME by running the security mode procedure and sending a security mode command message to the mobile device 4;
528. The mobile device 1 calculates KASME from the RAND using the USIM and starts NAS security procedures based on the calculated KASME- The mobile device sends a security mode complete message to the MME 4;
529. The MME 4 sends an attach accept message to the mobile device 1 to complete the attach procedure.
530. The mobile device 1 is authenticated and registered in the 3GPP network. If the mobile device subsequently wishes to attach to the 3GPP network, it is already authenticated and so does not need to go through 3GPP authentication again; it can simply start sending and receiving data in the 3GPP network.
The authentication signalling between the mobile device 1 and the MME 4 does not require integrity protection or encryption because the authentication protocol provides its own security. The tunnelling may therefore be provided using a simpler mechanism than IPsec, although IPsec is an example of a tunnelling protocol that could be used.
Since the authentication protocol provides its own security end-to-end between the mobile device 1 and the MME 4, it is possible to use different tunnelling protocols for different segments of the path. For example, the 3GPP authentication protocol could be carried between the mobile device 1 and the AC 3 in UDP/IP packets destined for a particular port number of the AC 3, and then the 3GPP authentication protocol could be tunnelled over S1 AP/SCTP/IP/IPsec between the AC 3 and the MME 4 to re-use the protocols the MME 4 already implements for an S1 -MME interface.
Figure 4 is a flow diagram showing exemplary steps. The following numbering corresponds to that of Figure 4:
531 . The mobile device 1 is authenticated in a second network (e.g. the WLAN).
532. The mobile device 1 sends an authentication request to a device in the second network (e.g. the AC 3) informing the device in the second network that it wishes to authenticate in a first network (e.g. a 3GPP network).
533. The device in the second network forwards the authentication request to a device in the first network (e.g. the MME 4).
534. The device in the first network sends a tunnel establishment request via the device in the second network to the mobile device 1 , and a tunnel is established between the mobile device 1 and the device in the first network. S35. Authentication signalling is exchanged between the mobile device 1 and the device in the first network via the established tunnel in order to authenticate the mobile device 1 in the first network. Note that this authentication may occur before the mobile device 1 is even aware of the availability of the first network. S36. If the mobile device 1 becomes aware of the availability of the first network, and wishes to use it, it can begin exchanging data directly using the first network because it is already authenticated in the first network
Turning now to Figure 5, there is illustrated schematically in a block diagram a mobile device 1 . The mobile device is provided with a processor 1 1 arranged to control authentication of the mobile device 1 with a second network using a second RAT (e.g. WLAN). A transmitter 12 is provided, arranged to send to a device 3 (e.g. an AC) in the second network a request to authenticate the mobile device 1 in a first network (e.g. 3GPP). A receiver 13 is provided that is arranged to receive from a device 4 (e.g. an MME) in the first network via a tunnel a confirmation that the mobile device 1 is authenticated in the first network. The receiver 13 may be further arranged to receive from the device 3 in the second network a request to establish the tunnel with the device 4 in the first network, in which case the transmitter 12 is further arranged to send to the device 3 in the second network a response establishing the tunnel. The receiver 13 may also be configured to receive from the device 3 in the second network an indication that authentication with the first network is possible via the device 3 in the second network.
A non-transitory computer readable medium in the form of a memory 14 may also be provided. This may be used to store a computer program 15 which, when executed by the processor 1 1 , causes the processor 1 1 to perform the steps described above. Note that the program 15 may be provided on an external non-transitory computer readable medium 16 such as a flash drive or disk, for direct execution by the processor 1 1 or for transferring to the memory 14.
Figure 6 illustrates schematically in a block diagram a device 3 for facilitating the authentication of the mobile device 1 in the first network. An example of such a device is an AC 3 in a WLAN network. The device 3 is provided with a first receiver 17 arranged to receive from the mobile device 1 a request to authenticate the mobile device 1 in the first network (such as a 3GPP network). A first transmitter 18 is arranged to send the request to a device 4 (e.g. the MME) in the first network. A second receiver 19 is arranged to receive from the device 4 in the first network a tunnel establishment request relating to establishment of a tunnel between the mobile device 1 and the device 4 in the first network. A second transmitter 20 is arranged to send the tunnel establishment request to the mobile device 1 . Note that the second transmitter 20 may be arranged to send an indication that authentication with the first network is possible via the device 3 in the second network towards the mobile device 1 . A processor 21 is provided for controlling the signalling. A non-transitory computer readable medium in the form of a memory 22 may also be provided. This may be used to store a computer program 23 which, when executed by the processor 21 , causes the processor 21 to control the signalling as described above. Note that the program 23 may be provided on an external non-transitory computer readable medium 24 such as a flash drive or disk, for direct execution by the processor 21 or for transferring to the memory 22. Figure 7 illustrates schematically in a block diagram a device 4 (such as an MME) configured to authenticate a mobile device 1 in a first network (such as a 3GPP network) when mobile device is already authenticated in a second network (such as a WLAN network). The device 4 is provided with a receiver 25 arranged to receive from a device 3 (e.g. an AC) in the second network a request to authenticate the mobile device 1 in the first network. A transmitter 26 is provided that is arranged to establish a tunnel between the device 4 and the mobile device 1 . The tunnel traverses the device 3 in the second network. A processor 27 is arranged to control an exchange of signalling with the mobile device 1 using the established tunnel to authenticate the mobile device 1 in the first network.
A non-transitory computer readable medium in the form of a memory 28 is also provided. This may be used to store a computer program 29 which, when executed by the processor 27, causes the processor 27 to control the exchange of signalling as described above. Note that the program 29 may be provided on an external non- transitory computer readable medium 30 such as a flash drive or disk, for direct execution by the processor 27 or for transferring to the memory 28. It will be appreciated by the person of skill in the art that various modifications may be made to the above-described embodiments without departing from the scope of the present invention as defined in the claims. For example, while the concepts are described with respect to a WLAN and a 3GPP network, it will be appreciated that the same concepts may apply to other types of network using different RATs.
The following abbreviations have been used in the above description:
3GPP 3rd Generation Partnership Project
AAA Authentication, Authorization and Accounting
AC Access Controller
AP Access Point
AKA Authentication and Key Agreement
AuC Authentication Centre
AV Authentication Vector
EAP Extensible Authentication Protocol EAPOL EAP over LAN eNB eNodeB
GTK Group Temporal Key
HLR Home Location Register
HSS Home Subscriber Server
IMSI International Mobile Subscriber Identity
LAN Local Area Network
LTE Long Term Evolution
MME Mobility Management Entity
NAS Non-Access Stratum
NH Next Hop
NCC Next Hop Chaining Counter
PMK Pairwise Master Key
PTK Pairwise Temporal Key
RBS Radio Base Station
SMS Short Message Service
STA Station
UE User Equipment
USIM Universal Subscriber Identity Module
WLAN Wireless Local Area Network
WNM Wireless Network Management

Claims

CLAIMS:
1. A method of authenticating a mobile device in a first network using a first Radio Access Technology, the method comprising, at the mobile device (1 ):
authenticating (S31 ) the mobile device in a second network using a second
Radio Access Technology; and
sending (S32) to a device (3) in the second network a request to authenticate the mobile device (1 ) in the first network, the request to be forwarded to a device (4) in the first network; and
receiving (S29) from the device (4) in the first network via a tunnel a confirmation that the mobile device (1 ) is authenticated in the first network.
2. The method according to claim 1 , wherein the first network is a 3GPP network and the second network is a Wireless Local Area Network.
3. The method according to claim 2, wherein the device (4) in the first network is a Mobility Management Entity and the device (3) in the second network is an Access Controller.
4. The method according to any one of claims 1 to 3, further comprising, at the mobile device:
receiving (S20) from the device (3) in the second network a request to establish the tunnel with the device (4) in the first network;
sending (S21 ) to the device (3) in the second network a response establishing the tunnel; and
sending (S36) to the device (4) in the first network and receiving from the device (4) in the first network authentication signalling via the tunnel.
5. The method according to any one of claims 1 to 4, further comprising, prior to sending to the device (3) in the second network the request to authenticate the mobile device (1 ) in the first network:
receiving (S16) from the device (3) in the second network an indication that authentication with the first network is possible via the device (3) in the second network.
6. The method according to any one of claims 1 to 5, further comprising:
exchanging (S37) data via the first network.
7. A method of authenticating a mobile device (1 ) in a first network using a first Radio Access Technology, the method comprising, at a device in a second network using a second Radio Access Technology with which the mobile device (1 ) is authenticated:
receiving (S17) from the mobile device (1 ) a request to authenticate the mobile device (1 ) in the first network;
sending (S18) the request to a device (4) in the first network;
receiving (S19) from the device (4) in the first network a tunnel establishment request relating to establishment of a tunnel between the mobile device 1 and the device (4) in the first network; and
sending (S20) the tunnel establishment request to the mobile device (1 ).
8. The method according to claim 7, wherein the device (4) in the first network is a Mobility Management Entity and the device (3) in the second network is an Access Controller.
9. The method according to any one of claims 7 or 8, further comprising, prior to receiving from the mobile device (1 ) the request to authenticate the mobile device (1 ) in the first network:
sending (S16) to the mobile device an indication that authentication with the first network is possible via the device (3) in the second network.
10. A method of authenticating a mobile device (1 ) in a first network using a first Radio Access Technology, the mobile device being authenticated in a second network using a second Radio Access Technology, method comprising, at a device (4) in the first network:
receiving (S18) from a device (3) in the second network a request to authenticate the mobile device (1 ) in the first network;
establishing (S19) a tunnel between the device (4) in the first network and the mobile device (1 ), the tunnel traversing the device (3) in the second network; and
exchanging (S36) signalling with the mobile device (1 ) using the established tunnel to authenticate the mobile device (1 ) in the first network.
11 . The method according to claim 10, wherein the device (4) in the first network is a Mobility Management Entity and the device (3) in the second network is an Access Controller.
12. The method according to any one of claims 10 or 11 , further comprising using a first tunnelling protocol between the device (4) in the first network and device (3) in the second network, and a second tunnelling protocol between the device (3) in the second network and the mobile device (1 )
13. A mobile device (1 ) for use in a communication network, the mobile device comprising:
a processor (1 1 ) arranged to control authentication of the mobile device with a second network using a second Radio Access Technology;
a transmitter (12) arranged to send to a device (3) in the second network a request to authenticate the mobile device (1 ) in a first network, the first network using a first Radio Access Technology;
a receiver (13) arranged to receive from a device (4) in the first network via a tunnel a confirmation that the mobile device (1 ) is authenticated in the first network.
14. The mobile device (1 ) according to claim 13, wherein:
the receiver (13) is further arranged to receive from the device (3) in the second network a request to establish the tunnel with the device (4) in the first network;
the transmitter (12) is further arranged to send to the device (3) in the second network a response establishing the tunnel.
15. The mobile device (1 ) according to claim 13, wherein the receiver (12) is configured to, prior to the transmitter (12) sending to the device (3) in the second network the request to authenticate the mobile device (1 ) in the first network, receive from the device (3) in the second network an indication that authentication with the first network is possible via the device (3) in the second network.
16. A device (3) for facilitating the authentication of a mobile device (1 ) in a first network using a first Radio Access Technology, the device (3) being located in a second network using a second Radio Access Technology with which the mobile device (1 ) is authenticated, the device (3) comprising:
a first receiver (17) arranged to receive from the mobile device (1 ) a request to authenticate the mobile device (1 ) in the first network;
a first transmitter (18) arranged to send the request to a device (4) in the first network;
a second receiver (19) arranged to receive from the device (4) in the first network a tunnel establishment request relating to establishment of a tunnel between the mobile device (1 ) and the device (4) in the first network; and
a second transmitter (20) arranged to send (S20) the tunnel establishment request to the mobile device (1 ).
17. The device (3) according to claim 16, wherein the device (3) is an Access Controller.
18. The device (3) according to any one of claims 16 or 17, wherein the second transmitter (20) is arranged to, prior to receiving from the mobile device (1 ) the request to authenticate the mobile device (1 ) in the first network, send to the mobile device an indication that authentication with the first network is possible via the device (3) in the second network.
19. A device (4) configured to authenticate a mobile device (1 ) in a first network using a first Radio Access Technology, the mobile device being authenticated in a second network using a second Radio Access Technology, the device (4) comprising: a receiver (25) arranged to receive from a device (3) in the second network a request to authenticate the mobile device (1 ) in the first network;
a transmitter (26) arranged to establish a tunnel between the device (4) and the mobile device (1 ), the tunnel traversing the device (3) in the second network; and
a processor (27) arranged to control an exchange of signalling with the mobile device (1 ) using the established tunnel to authenticate the mobile device (1 ) in the first network.
20. The device according to claim 19, wherein the device (4) is a Mobility Management Entity.
21 . A computer program (9), comprising computer readable code which, when run on a mobile device (1 ), causes the mobile device to perform the method as claimed in any one of claims 1 to 6.
22. A computer program (15), comprising computer readable code which, when run on a device (3; 4), causes the device (3; 4) to perform the method as claimed in any one of claims 7 to 12.
23. A computer program product comprising a non-transitory computer readable medium (14; 16; 22; 24; 28; 30) and a computer program (15; 23; 29) according to any one of claims 21 or 22, wherein the computer program is stored on the computer readable medium.
PCT/EP2014/066200 2014-07-28 2014-07-28 Authentication in a communications network WO2016015750A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2014/066200 WO2016015750A1 (en) 2014-07-28 2014-07-28 Authentication in a communications network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2014/066200 WO2016015750A1 (en) 2014-07-28 2014-07-28 Authentication in a communications network

Publications (1)

Publication Number Publication Date
WO2016015750A1 true WO2016015750A1 (en) 2016-02-04

Family

ID=51265674

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2014/066200 WO2016015750A1 (en) 2014-07-28 2014-07-28 Authentication in a communications network

Country Status (1)

Country Link
WO (1) WO2016015750A1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2007161A1 (en) * 2007-06-18 2008-12-24 Motorola, Inc. Non-3GPP access to 3GPP access inter-rat handover with resource preparation
US20090016300A1 (en) * 2007-06-18 2009-01-15 Qualcomm Incorporated Method and apparatus for fast inter-system handover
US20120177003A1 (en) * 2011-01-11 2012-07-12 Futurewei Technologies, Inc. System and Method for Single Radio Handovers

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2007161A1 (en) * 2007-06-18 2008-12-24 Motorola, Inc. Non-3GPP access to 3GPP access inter-rat handover with resource preparation
US20090016300A1 (en) * 2007-06-18 2009-01-15 Qualcomm Incorporated Method and apparatus for fast inter-system handover
US20120177003A1 (en) * 2011-01-11 2012-07-12 Futurewei Technologies, Inc. System and Method for Single Radio Handovers

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Architecture enhancements for non-3GPP accesses (Release 11)", 3GPP STANDARD; 3GPP TS 23.402, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE ; 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS CEDEX ; FRANCE, vol. SA WG2, no. V11.9.0, 20 June 2014 (2014-06-20), pages 1 - 252, XP050774118 *

Similar Documents

Publication Publication Date Title
US11412376B2 (en) Interworking and integration of different radio access networks
US11212676B2 (en) User identity privacy protection in public wireless local access network, WLAN, access
EP3175639B1 (en) Authentication during handover between two different wireless communications networks
EP3335453B1 (en) Network access identifier including an identifier for a cellular access network node
KR101901448B1 (en) Method and apparatus for associating statinon (sta) with access point (ap)
US20170230826A1 (en) Authentication in a radio access network
US11490252B2 (en) Protecting WLCP message exchange between TWAG and UE
KR20090076755A (en) Pre-Authentication method for Inter-RAT Handover
CN107211488B (en) Method for applying security to service data, WLAN node and wireless device
Nakhjiri Use of EAP-AKA, IETF HOKEY and AAA mechanisms to provide access and handover security and 3G-802.16 m interworking
WO2016015750A1 (en) Authentication in a communications network
Targali et al. Seamless authentication across heterogeneous networks using Generic Bootstrapping systems

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14747343

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14747343

Country of ref document: EP

Kind code of ref document: A1