EP1411475A1 - System and method of communication including first and second access point - Google Patents
System and method of communication including first and second access point Download PDFInfo
- Publication number
- EP1411475A1 EP1411475A1 EP20020257257 EP02257257A EP1411475A1 EP 1411475 A1 EP1411475 A1 EP 1411475A1 EP 20020257257 EP20020257257 EP 20020257257 EP 02257257 A EP02257257 A EP 02257257A EP 1411475 A1 EP1411475 A1 EP 1411475A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- mobile device
- access point
- connection
- message
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00896—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys specially adapted for particular uses
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B15/00—Arrangements or apparatus for collecting fares, tolls or entrance fees at one or more control points
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00309—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/27—Individual registration on entry or exit involving the use of a pass with central registration
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C2009/00753—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys
- G07C2009/00769—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means
- G07C2009/00793—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means by Hertzian waves
Definitions
- This invention relates to a method of communicating, and to a system including first and second access points.
- a method of communicating comprising maintaining a connection between a mobile device and at least one network of one or more networks via a first access point, sending from the mobile device to a network server via the first access point a request for connection to another access point, at the network server, obtaining approval for connection request, and sending a connection grant signal to the mobile device via an access point forming part of the same network as the first access point, sending from the mobile device a message comprising the connection grant signal or a signal derived therefrom to a second access point of the one or more networks, and allowing communication between the mobile device and the second access point if the message sent therebetween is determined to be the same as an expected message.
- the second access point is associated with a ticket gate, in which case, the 'allowing communication' step involves granting access to the gate, using 'ticket grant' and 'gate open request' signals for example.
- the 'connection grant signal' would be sent to the mobile device via the first access point, but the sending of this signal via another access point forming part of the same network as the first access point is not precluded.
- One of the access points might include a smartcard reader, in which case a smartcard included with the mobile device could be authenticated using a challenge and response procedure.
- connection grant signal includes a cryptographic key.
- at least part of the message sent from the mobile device to the second access point could be encrypted using the cryptographic key.
- Such can provide an efficient and effective way of making communications between the mobile device and the access points secure, and provides a means by which the sender of a signal can be verified.
- Digitally signing the connection grant signal provides a means by which the sender can be authenticated and by which it can verified that the message has not been changed in any way since transmission by the sender. Corresponding advantages ensue if the message sent from the mobile device to the second access point is digitally signed.
- a system comprising a mobile device, first and second access points to one or more networks, and a network server connected to each of the one or more networks, the mobile device being arranged to maintain a connection with one of the networks via the first access point, to send via the first access point a request for connection to another access point, the network server being arranged, in response to the request for connection, to obtain approval for the connection request and to send a connection grant signal to the mobile device via an access point forming part of the network as the first access point, the mobile device being arranged to send a message comprising the connection grant signal or a signal derived therefrom to the second access point, and the system being arranged to allow the mobile device access to the second access point if the message is determined to be the same as an expected message.
- the network server is arranged for associating a timeout period with the connection request approval, and the system is arranged for disallowing the mobile device access to the second access point if access is not allowed prior to expiry of the timeout period. This can prevent the system being negatively affected by the support of requests which are not followed through.
- the second access point is associated with a ticket gate, which is controlled to be opened if the message is determined to be the same as the expected message.
- the system may comprise a ticketing server responsive to the request for connection to another access point for initiating a ticketing transaction, and for providing approval for the connection request, which in the embodiment is made as a gate open request.
- the ticketing server could be responsive to the mobile device being allowed access to the second access point, which in the embodiment is by way of causing a gate to be opened, for completing the ticketing transaction.
- This has the advantage that the ticketing transaction is only completed if the 'ticket' is actually used by the holder of the mobile device. Such could prevent ticket transactions being made by accident.
- this feature allows a system to ticket automatically - i.e. to commence a ticketing transaction when a holder of a mobile device is detected entering a railway station, for example, and to complete the transaction when the mobile device passes through the gates, either at the source or the destination station, potentially without any input from the holder of the mobile device via a user interface.
- the network server could be arranged to include a cryptographic key with the connection grant signal, in which case the mobile device preferably is arranged to encrypt the message sent to the second access point with the cryptographic key. This has security advantages.
- connection grant signal is digitally signed, and preferably the message sent from the mobile device to the second access point is digitally signed.
- Digital signing has advantages in that the sender can be authenticated and it can be verified that no change to the transmitted message has been made.
- a system 10 comprising generally a mobile device 11, which in this embodiment is a mobile telephone handset, a first access point 12 which is a wireless local area network (WLAN) to a first network and a contactless smartcard reader/writer 13, which is connected to a ticket gate 14.
- the first access point 12 and the smartcard reader 13 both are connected by respective wired and encrypted lines to a ticket server 15, which in turn is connected to an authentication server 16, which may be local or remote to the ticketing server 15.
- the mobile device 11 is shown in more detail in Figure 2.
- the mobile device includes a central processing unit (CPU) 20, which is connected via respective buses 21, 22 to each of a smartcard reader/writer interface 23 and a WLAN interface 24.
- the smartcard 25 is removable from the mobile device 11, and preferably exists in the form of a subscriber identity module (SIM) card.
- SIM subscriber identity module
- the smartcard 25 has stored thereon a unique ID and a unique secret key.
- the smartcard 25 is removably connected via a wired port thereof to the smartcard interface 23.
- the smartcard 25 also includes a wireless port, using which it can communicate with the smartcard reader/writer 13 of the ticket gate 14 and with other smartcard reader/writers.
- the WLAN interface 24 is connectable in a wireless fashion to the WLAN access point 12, and to other access points. Operation will now be described with reference to Figure 3, which shows signalling between the mobile device 11, the ticketing server 15 and the ticket gate 14.
- operation of the ticket gate 14 by the mobile device 11 starts at step 30 by authenticating the smartcard 25 of the mobile device 11.
- references to the mobile device 11 may be references to the smartcard 25.
- a communication path between the mobile device 11 and the ticketing server 102 is firstly set-up, unless one is already set-up, via the WLAN access point 12. If necessary, the mobile device 11 is authenticated as being genuine in any convenient manner, such as by using the authentication process of Figure 5 described below, with reference to the authentication server 16 and maybe also to a remote, backend server (not shown). Once the mobile device 11 is authenticated, it may remain connected to the WLAN via the access point 12.
- the mobile device 11 signals to the ticketing server 15 that access to the gate 14 is required.
- a ticketing transaction then occurs.
- the exact nature of the ticketing transaction step 32 is not important to this invention. It may be carried out in any suitable manner, such as in the manner described in European Patent Application No. 01305772.4.
- Each of the steps 30 to 32 involves communication between the mobile device 11 and the ticketing server, and any other servers, only via the WLAN access point 12.
- the transaction is made without commitment at this stage, for example by calculating the payment required but without making the payment. This makes rollback or payment refund unnecessary should the ticket not be used
- the ticketing transaction at step 32 produces a secret transaction ID signal, or 'ticket ID' signal which links the mobile device 11 to the ticket for which purchase was arranged.
- This secret transaction ID is sent from the ticketing server 15 to the mobile device 11 as part of a 'ticket grant' signal at step 33 via the WLAN access point 12.
- the same secret transaction ID is sent to the ticket gate 14 by the ticketing server 15 as part of a 'ticket notice' signal at step 34.
- the mobile device 11 may still be a significant distance from the ticket gate 14.
- the ticketing transaction is mostly complete.
- the mobile device 11 On arrival at the ticket gate 14, the mobile device 11 is placed within range of the smartcard reader/writer 13. Following detecting that communication between the mobile device 11 and the smartcard reader/writer is possible, the mobile device sends a 'gate open request' signal at step 35 to the smartcard reader/writer, which includes a request to open the gate and includes a copy of the secret transaction ID. This signal is received at the ticket gate 14, where it is compared with the secret transaction ID received at step 34. Once the secret transaction IDs are determined to be the same, the ticket gate 14 sends at step 36 a signal to the ticketing server 15 that the transaction is complete, in response to which the ticketing server completes the transaction. The ticket gate 14 also sends to the mobile device 11 a confirmation signal indicating that the transaction is complete, as well as opening the gate to allow the holder of the mobile device through.
- a timeout period is associated with the generation by the authentication server 16 of the secret transaction ID. If the timeout period is exceeded without the mobile device 11 reaching the ticket gate 14, the validity of the secret transaction ID expires and the transaction is not completed.
- FIG 4 shows the information included in the 'ticket gate', 'gate open request' and 'ticket notice' signals.
- the ticket grant signal is shown comprising message type, ticket ID (secret transaction ID), Ktg, Kt, lifetime and message authentication code fields.
- the message authentication code ensures the authenticity of the ticket grant signal and ensures the identity of the ticketing server.
- the lifetime field identifies the timeout period.
- Ktg is subsequently used for encryption.
- Kt is used to generate the message authentication code. Any convenient method, such as DES or AES, could be used for encryption.
- Any suitable method such as MD-5 or SHA-1, could be used.
- the gate open request signal includes message type , ticket ID and message authentication code fields, from which the ticket gate can ensure that the signal is from the correct mobile device.
- the message authentication code is generated using Kt, received as part of the ticket grant signal.
- the gate open request signal is encrypted using Ktg.
- the ticket notice signal includes the same fields as the ticket grant signal, although the message authentication code field can be omitted if the security of the communication path is guaranteed in another way.
- the signalling and encryption scheme used allows the mobile device 11 to ensure the identity of the ticketing server and to authenticate the message sent thereby. Furthermore, and maybe more importantly, the gate open request signal can be authenticated by the ticket gate as having originated from the mobile device and as uniquely identifying the ticket ID signal.
- FIG. 5 shows in detail the authentication step 30 of Figure 3.
- the operation 30 starts at step 301, then at step 302 the mobile device 11 establishes a link layer wireless connection with the access point 12 of the WLAN.
- the mobile device 11 requests authentication of its smartcard 25, so that it can make a ticketing transaction and subsequently gain access through the ticket gate 14. This involves the sending of a signal to the ticketing server 15, via the access point 12, and the forwarding of this to the authentication server 16.
- the mobile device 11 then, at step 34, waits to receive a 'challenge' signal, proceeding to step 305 only once a challenge signal has been received from the authentication server 16 via the ticketing server 15.
- the ticketing server 15 also at this time receives an expected response signal from the authentication server 16.
- the mobile device On receipt of the challenge signal, the mobile device sends at step 305 an encryption request to the smartcard 25, which then starts at step 306.
- the mobile device 11 sends the challenge signal to the smartcard 25 at step 307, where it is received at step 308.
- the challenge signal is encrypted at step 309 using a secret key unique to the smartcard 25, and the encrypted challenge signal is sent from the smartcard 25 to the mobile device 11 at step 310, when it is read into the mobile device at step 311.
- the encrypted challenge signal is then forwarded to the ticketing server 15 at step 312, where it is checked that it is the same as an expected response (encrypted challenge signal) before an acknowledgement is set to the mobile device 11.
- the ticketing server 12 by sending the acknowledgement signal, grants the mobile device 11 permission to start the ticketing transaction 32.
- the holder of the mobile device 11 is the holder of a season ticket, which enables him or her to travel at any time of day and any number of times on a predetermined route and between certain dates.
- the season ticket is stored as a unique identification number on the mobile device 11.
- the mobile device 11 moves within range of the WLAN access point 12, authentication occurs using the ticketing server 15 and the authentication server 16. Then, the mobile device 11 automatically (i.e. without any user input) sends a request to the ticketing server 15 for access, and includes with the request the unique identification number of the season ticket.
- the ticketing server 15 determines that the season ticket is within its valid date range and determines that geographical restrictions and any other restrictions are not exceeded, then grants authority by sending a secret transaction signal to the mobile device 11 and to the ticket gate 14.
- the ticketing transaction step 32 includes the running of a software program on the mobile device 11 which allows the user thereof to select a destination and a ticket type.
- the mobile device 11 then sends information about the required ticket to the ticketing server 15, which arranges for payment to be made, such as by deducting the credit card of the user, as appropriate.
- the mobile device 11 and the ticket gate 14 are sent the secret transaction ID signal.
- the ticketing transaction step 32 includes the mere clearance of the holder of the mobile device 11 to enter the ticket gate 14.
- the ticket transaction is completed only when it is detected that the user is leaving the railway network, when the start and end stations is known. Preferably, access to an exit gate of a destination station is dependent on an appropriate payment being made.
- FIG. 6 A second embodiment is shown in Figures 6 and 7.
- a system 10 comprising generally a mobile device 41, a WLAN access point 42 forming part of a WLAN network, a Bluetooth access point 43, a network access server (NAS) 44, and an authentication server 45.
- Each of the WLAN and Bluetooth access points 42, 43 are connected by respective wired connections 46, 47 to the NAS 44.
- the authentication server 45 is connected to the NAS 44 by a further wired connection 48 which is appropriate to the distance between the two servers (they may be local to each other or they may be remote).
- one or more other networks are connected to the wired connection 48.
- the NAS 44 manages data traffic between the mobile device 41 and any of the networks connected to the NAS.
- the mobile device 41 includes a CPU 49, which is connected to a Bluetooth interface via a first connector 51, and is connected to a WLAN interface 52 via a second connector 53.
- the mobile device is provided with a multimodal wireless network interface, which is controlled using a software radio system.
- Operation of the system 40 is as follows. When the mobile device 41 moves within range of the WLAN access point 42, communication with the WLAN can begin. Once communication does begin, authentication of the mobile device 41 on the WLAN takes place in any convenient manner, such as by using an operation similar to that described above with reference to Figure 5.
- the mobile device 41 uses its already established connection with the WLAN access point 42.
- the mobile device 41 sends a connection request via its WLAN interface 52 to the WLAN access point 42, which forwards the connection request to the NAS 44.
- the NAS 44 then makes a decision as to whether or not the mobile device 41 is to be granted access to the Bluetooth access point 43. This decision is made either on the basis of a policy set by the NAS 44 itself, or on the basis of a policy set by the authentication server 45 and communicated to the NAS at the time that the mobile device was authenticated onto the WLAN. If access is granted, the NAS 44 sends a grant message, preferably using a temporal session key, to the mobile device 41 via the WLAN access point 42.
- the mobile device 41 Once the mobile device 41 moves within range of the Bluetooth access point 43, communication with it can begin. To gain access, the mobile device 41 transmits the grant message that it received via the WLAN access point 42 to the Bluetooth access point 43, from where it is forwarded to the NAS 44. Then, the NAS 44 determines whether the device requesting access to the Bluetooth access point 43 is the mobile device 41 with which the NAS is in contact via the WLAN, and refuses or grants access as appropriate, without reference to the authentication server 45.
- FIG 8 shows in detail the signalling used to effect the operation described above.
- the mobile device 41 commences in communication with the WLAN access point 42.
- MAC (medium access control) layer connectivity with the bluetooth access point 43 is then detected at 60.
- the mobile device 41 determines whether initiation of handover to the bluetooth access point 43 is required. This decision may be made on the basis of a policy set within the mobile device 41, or according to a network administration policy set by the network.
- a handover request is sent at 61 to the WLAN access point 42 using the already established connection. This handover request is then forwarded at 62 to the NAS 44, which determines from network policy whether handover is to be allowed.
- the NAS sends a grant handover signal at 63a to the WLAN access point 42, which forwards it onto the mobile device 41 at 63b.
- the handover grant message is shown in Figure 9, including message ID, session ID, Ktg, Kt and message authentication code fields. These fields contain data which is used in a corresponding way to the data ticket grant signal of Figure 4.
- the NAS 44 also sends to the bluetooth access point 43 at 64a a notify handover message including the same message authentication code as that included in the handover grant message.
- the notify handover message (shown in Figure 9) instructs the bluetooth access point 43 to accept any connection request from the mobile device 41.
- the message authentication code in the notify handover message can be omitted if security is guaranteed by another method.
- the mobile device 41 sends at 65 a connection request message to the bluetooth access point 43.
- the connection request message includes message type, session ID, random number and message authentication fields.
- the connection request message is encrypted using Kt.
- the random number field is filled with a number generated at random within the mobile device 41.
- the message authentication code allows the bluetooth access point 43 to determine that the originator of the signal is indeed the mobile device 41.
- the random number is included so that the mobile device 41 can verify the bluetooth access point using a challenge and response operation.
- Mutual authentication of the mobile device 41 and the bluetooth access point 43 is carried out at 66.
- the bluetooth access point 43 forwards the connection request message received from the mobile device 41 to the NAS 44 at 67.
- the NAS sends a connection acknowledgement signal at 68 to the bluetooth access point 43, which sends at 69 a connection acknowledgement message to the mobile device 41.
- This procedure enables rapid mutual authentication of a mobile device and an access point. Authentication is seen to be critical for security when operating in wireless networks.
- the NAS 44 assigns to the bluetooth interface included in the mobile device 41 an IP address the same as the IP address used in the WLAN connection.
- This enables higher layer communication software such as TCP (transmission control protocol) to maintain its connection during handover, i.e. the same connection is used before and after handover, allowing seamless roaming over multiple networks.
- Handover from the bluetooth access point 43 to the WLAN access point may occur using the same procedure, although references to the access points are reversed.
- FIG. 6 and 7 may have application in an office building, where the mobile device 41 is held by an employee.
- a WLAN may allow the mobile device 41 access to a computer network, allowing the mobile device access to databases and/or programs associated therewith.
- Areas of the office building which are security sensitive may be equipped with Bluetooth access points 43, which are configured to allow access only to authorised persons.
- access to a holder of the mobile device 41 to the sensitive areas can be granted with authentication granted over the WLAN.
- access may be granted without the need for further recourse to the authentication server 45.
- a Bluetooth access point 43 may be provided at the building's entrance.
- Authentication of the mobile device 41 is performed by the NAS 44 and the authentication server 45 with communication occurring via the Bluetooth access point 43.
- a request to access the WLAN is then transmitted via the Bluetooth access point 43, and a grant message then sent via Bluetooth to the WLAN access point 42 for verification by the NAS 44 without recourse to the authentication server 45.
- the mobile device 41 is granted access to the WLAN with the authentication process achieved via the Bluetooth access point 43.
- a different access control policy may be applied by the NAS 44 depending on the access point 42, 43 via which the mobile device 41 first established communication with the NAS. Delegating access control to the NAS 44 can reduce network traffic, as well as the time taken to respond to access requests.
- Figures 6 and 7 may be used in a ticketing system, such as a railway station environment with ticket gates as described in relation to Figure 1 above.
- the ticket gates are each provided with a short-range Bluetooth access point, instead of a contactless smartcard reader.
- a mobile device for operation with such a system is shown in Figure 10.
- the mobile device 70 includes a CPU 71 connected to each of a smartcard 72, a bluetooth interface 73 and a WLAN interface 73. Briefly, operation begins with authentication of the smartcard 72, and thus the mobile device 70, on a WLAN using the WLAN interface 74. The procedure is similar to that shown in and described with reference to Figure 3. Communication of a gate open request signal involves passing the signal from the smartcard 72 via the CPU 71 and the bluetooth interface 73 to the bluetooth access point at the ticket gate.
- any connections or networks are useable with the invention, such as an infra-red connection or the fixed wireless networks of GSM or UTMS, for example.
- one of the connections could be a wired connection, for example to a LAN.
- the 'message authentication code' fields include a digital signature, preferably prepared using a private-public key algorithm.
Landscapes
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Business, Economics & Management (AREA)
- Finance (AREA)
- Mobile Radio Communication Systems (AREA)
- Small-Scale Networks (AREA)
Abstract
Description
- This invention relates to a method of communicating, and to a system including first and second access points.
- It is relatively new for smartcard systems to be used in railway ticketing systems and the like. In most smartcard retail systems, there is sufficient time to arrange for authentication of the smartcard before the transaction is complete, with the authentication process being carried out electronically in a similar manner to that used with credit cards having magnetic data carriers. In railway ticketing systems, however, it is usual for the smartcard reader to be included at a ticket gate or barrier, which makes it inconvenient to perform full authentication of a smartcard before allowing its holder through the gate or barrier. It is an aim of the invention to alleviate this problem.
- In accordance with a first aspect of the invention, there is provided a method of communicating, the method comprising maintaining a connection between a mobile device and at least one network of one or more networks via a first access point, sending from the mobile device to a network server via the first access point a request for connection to another access point, at the network server, obtaining approval for connection request, and sending a connection grant signal to the mobile device via an access point forming part of the same network as the first access point, sending from the mobile device a message comprising the connection grant signal or a signal derived therefrom to a second access point of the one or more networks, and allowing communication between the mobile device and the second access point if the message sent therebetween is determined to be the same as an expected message.
- Using this method, it becomes possible to authenticate the mobile device with the second access point with a minimum amount of communication between these devices, the communication required for authentication instead being made with the first access point. Numerous advantages may ensue. For example, given that the mobile device is already in communication with the first access point, access to the second access point can be made quickly and with a relatively small amount of signalling. Reducing the amount of signalling between the mobile device and the second access point can have advantages where bandwidth is limited and/or expensive, or where the range or reliability of service could be insufficient.
- In one embodiment, the second access point is associated with a ticket gate, in which case, the 'allowing communication' step involves granting access to the gate, using 'ticket grant' and 'gate open request' signals for example.
- Normally, the 'connection grant signal' would be sent to the mobile device via the first access point, but the sending of this signal via another access point forming part of the same network as the first access point is not precluded.
- One of the access points might include a smartcard reader, in which case a smartcard included with the mobile device could be authenticated using a challenge and response procedure.
- Providing the approval for the connection request with a timeout period, after expiry of which the sending of the message from the mobile device to the second access point would not result in the allowing step, has administrative advantages.
- Preferably the connection grant signal includes a cryptographic key. Here, at least part of the message sent from the mobile device to the second access point could be encrypted using the cryptographic key. Such can provide an efficient and effective way of making communications between the mobile device and the access points secure, and provides a means by which the sender of a signal can be verified. Digitally signing the connection grant signal provides a means by which the sender can be authenticated and by which it can verified that the message has not been changed in any way since transmission by the sender. Corresponding advantages ensue if the message sent from the mobile device to the second access point is digitally signed.
- In accordance with a second aspect of the invention, there is provided a system comprising a mobile device, first and second access points to one or more networks, and a network server connected to each of the one or more networks, the mobile device being arranged to maintain a connection with one of the networks via the first access point, to send via the first access point a request for connection to another access point, the network server being arranged, in response to the request for connection, to obtain approval for the connection request and to send a connection grant signal to the mobile device via an access point forming part of the network as the first access point, the mobile device being arranged to send a message comprising the connection grant signal or a signal derived therefrom to the second access point, and the system being arranged to allow the mobile device access to the second access point if the message is determined to be the same as an expected message.
- Preferably the network server is arranged for associating a timeout period with the connection request approval, and the system is arranged for disallowing the mobile device access to the second access point if access is not allowed prior to expiry of the timeout period. This can prevent the system being negatively affected by the support of requests which are not followed through.
- In a preferred embodiment, the second access point is associated with a ticket gate, which is controlled to be opened if the message is determined to be the same as the expected message. Here, the system may comprise a ticketing server responsive to the request for connection to another access point for initiating a ticketing transaction, and for providing approval for the connection request, which in the embodiment is made as a gate open request.
- The ticketing server could be responsive to the mobile device being allowed access to the second access point, which in the embodiment is by way of causing a gate to be opened, for completing the ticketing transaction. This has the advantage that the ticketing transaction is only completed if the 'ticket' is actually used by the holder of the mobile device. Such could prevent ticket transactions being made by accident. Also, this feature allows a system to ticket automatically - i.e. to commence a ticketing transaction when a holder of a mobile device is detected entering a railway station, for example, and to complete the transaction when the mobile device passes through the gates, either at the source or the destination station, potentially without any input from the holder of the mobile device via a user interface.
- The network server could be arranged to include a cryptographic key with the connection grant signal, in which case the mobile device preferably is arranged to encrypt the message sent to the second access point with the cryptographic key. This has security advantages.
- Preferably the connection grant signal is digitally signed, and preferably the message sent from the mobile device to the second access point is digitally signed. Digital signing has advantages in that the sender can be authenticated and it can be verified that no change to the transmitted message has been made.
- Embodiments of the invention will now be described, by way of example only, with reference to the accompanying drawings, of which:
- Figure 1 is a schematic diagram of a system according to one aspect of the invention;
- Figure 2 is a schematic diagram of a mobile device forming part of the Figure 1 system;
- Figures 3 and 4 are flow diagrams illustrating operation of the Figure 1 system;
- Figure 5 is a schematic diagram of an alternative system according to one aspect of the invention; and
- Figure 6 is a schematic diagram of a mobile device forming part of the Figure 5 system.
-
- Referring firstly to Figure 1, a
system 10 is shown comprising generally amobile device 11, which in this embodiment is a mobile telephone handset, afirst access point 12 which is a wireless local area network (WLAN) to a first network and a contactless smartcard reader/writer 13, which is connected to aticket gate 14. Thefirst access point 12 and thesmartcard reader 13 both are connected by respective wired and encrypted lines to aticket server 15, which in turn is connected to anauthentication server 16, which may be local or remote to theticketing server 15. Themobile device 11 is shown in more detail in Figure 2. - Referring to Figure 2, the mobile device includes a central processing unit (CPU) 20, which is connected via
respective buses writer interface 23 and aWLAN interface 24. Thesmartcard 25 is removable from themobile device 11, and preferably exists in the form of a subscriber identity module (SIM) card. Thesmartcard 25 has stored thereon a unique ID and a unique secret key. Thesmartcard 25 is removably connected via a wired port thereof to thesmartcard interface 23. Thesmartcard 25 also includes a wireless port, using which it can communicate with the smartcard reader/writer 13 of theticket gate 14 and with other smartcard reader/writers. TheWLAN interface 24 is connectable in a wireless fashion to theWLAN access point 12, and to other access points. Operation will now be described with reference to Figure 3, which shows signalling between themobile device 11, theticketing server 15 and theticket gate 14. - Referring to Figure 3, operation of the
ticket gate 14 by themobile device 11 starts atstep 30 by authenticating thesmartcard 25 of themobile device 11. In this section, references to themobile device 11 may be references to thesmartcard 25.
A communication path between themobile device 11 and the ticketing server 102 is firstly set-up, unless one is already set-up, via theWLAN access point 12. If necessary, themobile device 11 is authenticated as being genuine in any convenient manner, such as by using the authentication process of Figure 5 described below, with reference to theauthentication server 16 and maybe also to a remote, backend server (not shown). Once themobile device 11 is authenticated, it may remain connected to the WLAN via theaccess point 12. - Subsequently, the
mobile device 11 signals to theticketing server 15 that access to thegate 14 is required. This results in the setting up of a session key atstep 31 using the Diffie-Hellman key exchange algorithm, for example. Atstep 32, a ticketing transaction then occurs. The exact nature of theticketing transaction step 32 is not important to this invention. It may be carried out in any suitable manner, such as in the manner described in European Patent Application No. 01305772.4. Each of thesteps 30 to 32 involves communication between themobile device 11 and the ticketing server, and any other servers, only via theWLAN access point 12. Preferably, the transaction is made without commitment at this stage, for example by calculating the payment required but without making the payment. This makes rollback or payment refund unnecessary should the ticket not be used - The ticketing transaction at
step 32 produces a secret transaction ID signal, or 'ticket ID' signal which links themobile device 11 to the ticket for which purchase was arranged. This secret transaction ID is sent from theticketing server 15 to themobile device 11 as part of a 'ticket grant' signal atstep 33 via theWLAN access point 12. The same secret transaction ID is sent to theticket gate 14 by theticketing server 15 as part of a 'ticket notice' signal atstep 34. At this point, themobile device 11 may still be a significant distance from theticket gate 14. Already, though, the ticketing transaction is mostly complete. - On arrival at the
ticket gate 14, themobile device 11 is placed within range of the smartcard reader/writer 13. Following detecting that communication between themobile device 11 and the smartcard reader/writer is possible, the mobile device sends a 'gate open request' signal atstep 35 to the smartcard reader/writer, which includes a request to open the gate and includes a copy of the secret transaction ID. This signal is received at theticket gate 14, where it is compared with the secret transaction ID received atstep 34. Once the secret transaction IDs are determined to be the same, theticket gate 14 sends at step 36 a signal to theticketing server 15 that the transaction is complete, in response to which the ticketing server completes the transaction. Theticket gate 14 also sends to the mobile device 11 a confirmation signal indicating that the transaction is complete, as well as opening the gate to allow the holder of the mobile device through. - A timeout period is associated with the generation by the
authentication server 16 of the secret transaction ID. If the timeout period is exceeded without themobile device 11 reaching theticket gate 14, the validity of the secret transaction ID expires and the transaction is not completed. - Figure 4 shows the information included in the 'ticket gate', 'gate open request' and 'ticket notice' signals. Referring to Figure 4, the ticket grant signal is shown comprising message type, ticket ID (secret transaction ID), Ktg, Kt, lifetime and message authentication code fields. The message authentication code ensures the authenticity of the ticket grant signal and ensures the identity of the ticketing server. The lifetime field identifies the timeout period. Ktg is subsequently used for encryption. Kt is used to generate the message authentication code. Any convenient method, such as DES or AES, could be used for encryption. For generating the message authentication codes, any suitable method, such as MD-5 or SHA-1, could be used.
- The gate open request signal includes message type , ticket ID and message authentication code fields, from which the ticket gate can ensure that the signal is from the correct mobile device. The message authentication code is generated using Kt, received as part of the ticket grant signal. The gate open request signal is encrypted using Ktg.
- The ticket notice signal includes the same fields as the ticket grant signal, although the message authentication code field can be omitted if the security of the communication path is guaranteed in another way.
- It will be appreciated that authentication of the
mobile device 11 and that most of the ticketing transaction was completed before the mobile device became within range of the smartcard reader/writer 13 at theticket gate 14. This is advantageous since it allows a user through theticket gate 14 with only a relatively short time period spent obtaining authentication at the gate itself, in spite of complete authorisation of themobile device 11 being carried out. This might be considered to constitute an instantaneous or rapid transaction at the ticket gate. - Also, the signalling and encryption scheme used allows the
mobile device 11 to ensure the identity of the ticketing server and to authenticate the message sent thereby. Furthermore, and maybe more importantly, the gate open request signal can be authenticated by the ticket gate as having originated from the mobile device and as uniquely identifying the ticket ID signal. - Reference is now made to Figure 5, which shows in detail the
authentication step 30 of Figure 3. Theoperation 30 starts atstep 301, then atstep 302 themobile device 11 establishes a link layer wireless connection with theaccess point 12 of the WLAN. Atstep 303, themobile device 11 requests authentication of itssmartcard 25, so that it can make a ticketing transaction and subsequently gain access through theticket gate 14. This involves the sending of a signal to theticketing server 15, via theaccess point 12, and the forwarding of this to theauthentication server 16. Themobile device 11 then, atstep 34, waits to receive a 'challenge' signal, proceeding to step 305 only once a challenge signal has been received from theauthentication server 16 via theticketing server 15. Theticketing server 15 also at this time receives an expected response signal from theauthentication server 16.
On receipt of the challenge signal, the mobile device sends atstep 305 an encryption request to thesmartcard 25, which then starts atstep 306. Themobile device 11 sends the challenge signal to thesmartcard 25 atstep 307, where it is received atstep 308. Here, the challenge signal is encrypted atstep 309 using a secret key unique to thesmartcard 25, and the encrypted challenge signal is sent from thesmartcard 25 to themobile device 11 atstep 310, when it is read into the mobile device atstep 311. - The encrypted challenge signal is then forwarded to the
ticketing server 15 atstep 312, where it is checked that it is the same as an expected response (encrypted challenge signal) before an acknowledgement is set to themobile device 11. Theticketing server 12, by sending the acknowledgement signal, grants themobile device 11 permission to start theticketing transaction 32. - Some examples of the type of transactions which might occur follow.
- In one example, the holder of the
mobile device 11 is the holder of a season ticket, which enables him or her to travel at any time of day and any number of times on a predetermined route and between certain dates. Here, the season ticket is stored as a unique identification number on themobile device 11. When themobile device 11 moves within range of theWLAN access point 12, authentication occurs using theticketing server 15 and theauthentication server 16. Then, themobile device 11 automatically (i.e. without any user input) sends a request to theticketing server 15 for access, and includes with the request the unique identification number of the season ticket. Theticketing server 15 determines that the season ticket is within its valid date range and determines that geographical restrictions and any other restrictions are not exceeded, then grants authority by sending a secret transaction signal to themobile device 11 and to theticket gate 14. - In another example, the
ticketing transaction step 32 includes the running of a software program on themobile device 11 which allows the user thereof to select a destination and a ticket type. Themobile device 11 then sends information about the required ticket to theticketing server 15, which arranges for payment to be made, such as by deducting the credit card of the user, as appropriate. Once payment has been made, themobile device 11 and theticket gate 14 are sent the secret transaction ID signal. - In a further example, the
ticketing transaction step 32 includes the mere clearance of the holder of themobile device 11 to enter theticket gate 14. Here, the ticket transaction is completed only when it is detected that the user is leaving the railway network, when the start and end stations is known. Preferably, access to an exit gate of a destination station is dependent on an appropriate payment being made. - A second embodiment is shown in Figures 6 and 7. Referring firstly to Figure 6, a
system 10 is shown comprising generally amobile device 41, aWLAN access point 42 forming part of a WLAN network, aBluetooth access point 43, a network access server (NAS) 44, and anauthentication server 45. Each of the WLAN andBluetooth access points wired connections NAS 44. Theauthentication server 45 is connected to theNAS 44 by a further wiredconnection 48 which is appropriate to the distance between the two servers (they may be local to each other or they may be remote). Optionally, one or more other networks are connected to thewired connection 48. TheNAS 44 manages data traffic between themobile device 41 and any of the networks connected to the NAS. From Figure 6, it can be seen that themobile device 41 includes aCPU 49, which is connected to a Bluetooth interface via afirst connector 51, and is connected to aWLAN interface 52 via asecond connector 53. In an alternative embodiment (not shown), the mobile device is provided with a multimodal wireless network interface, which is controlled using a software radio system. - Operation of the
system 40 is as follows. When themobile device 41 moves within range of theWLAN access point 42, communication with the WLAN can begin. Once communication does begin, authentication of themobile device 41 on the WLAN takes place in any convenient manner, such as by using an operation similar to that described above with reference to Figure 5. - To commence communication via the
Bluetooth access point 43, themobile device 41 uses its already established connection with theWLAN access point 42. Here, themobile device 41 sends a connection request via itsWLAN interface 52 to theWLAN access point 42, which forwards the connection request to theNAS 44. TheNAS 44 then makes a decision as to whether or not themobile device 41 is to be granted access to theBluetooth access point 43. This decision is made either on the basis of a policy set by theNAS 44 itself, or on the basis of a policy set by theauthentication server 45 and communicated to the NAS at the time that the mobile device was authenticated onto the WLAN. If access is granted, theNAS 44 sends a grant message, preferably using a temporal session key, to themobile device 41 via theWLAN access point 42. - Once the
mobile device 41 moves within range of theBluetooth access point 43, communication with it can begin. To gain access, themobile device 41 transmits the grant message that it received via theWLAN access point 42 to theBluetooth access point 43, from where it is forwarded to theNAS 44. Then, theNAS 44 determines whether the device requesting access to theBluetooth access point 43 is themobile device 41 with which the NAS is in contact via the WLAN, and refuses or grants access as appropriate, without reference to theauthentication server 45. - Figure 8 shows in detail the signalling used to effect the operation described above. Referring to Figure 8, the
mobile device 41 commences in communication with theWLAN access point 42. MAC (medium access control) layer connectivity with thebluetooth access point 43 is then detected at 60. Themobile device 41 then determines whether initiation of handover to thebluetooth access point 43 is required. This decision may be made on the basis of a policy set within themobile device 41, or according to a network administration policy set by the network.
Once a decision to handover has been made, a handover request is sent at 61 to theWLAN access point 42 using the already established connection. This handover request is then forwarded at 62 to theNAS 44, which determines from network policy whether handover is to be allowed. If handover is permitted, the NAS sends a grant handover signal at 63a to theWLAN access point 42, which forwards it onto themobile device 41 at 63b. The handover grant message is shown in Figure 9, including message ID, session ID, Ktg, Kt and message authentication code fields. These fields contain data which is used in a corresponding way to the data ticket grant signal of Figure 4. TheNAS 44 also sends to thebluetooth access point 43 at 64a a notify handover message including the same message authentication code as that included in the handover grant message. The notify handover message (shown in Figure 9) instructs thebluetooth access point 43 to accept any connection request from themobile device 41. The message authentication code in the notify handover message can be omitted if security is guaranteed by another method. - Subsequent to receiving the grant handover signal, the
mobile device 41 sends at 65 a connection request message to thebluetooth access point 43. As shown in Figure 9, the connection request message includes message type, session ID, random number and message authentication fields. The connection request message is encrypted using Kt. The random number field is filled with a number generated at random within themobile device 41. The message authentication code allows thebluetooth access point 43 to determine that the originator of the signal is indeed themobile device 41. The random number is included so that themobile device 41 can verify the bluetooth access point using a challenge and response operation. Mutual authentication of themobile device 41 and thebluetooth access point 43 is carried out at 66. Following authentication, thebluetooth access point 43 forwards the connection request message received from themobile device 41 to theNAS 44 at 67. In response, the NAS sends a connection acknowledgement signal at 68 to thebluetooth access point 43, which sends at 69 a connection acknowledgement message to themobile device 41. - This procedure enables rapid mutual authentication of a mobile device and an access point. Authentication is seen to be critical for security when operating in wireless networks.
- After establishing a link layer connection in the described manner, the
NAS 44 assigns to the bluetooth interface included in themobile device 41 an IP address the same as the IP address used in the WLAN connection. This enables higher layer communication software such as TCP (transmission control protocol) to maintain its connection during handover, i.e. the same connection is used before and after handover, allowing seamless roaming over multiple networks. Handover from thebluetooth access point 43 to the WLAN access point may occur using the same procedure, although references to the access points are reversed. - The embodiment of Figures 6 and 7 may have application in an office building, where the
mobile device 41 is held by an employee. For example, a WLAN may allow themobile device 41 access to a computer network, allowing the mobile device access to databases and/or programs associated therewith. Areas of the office building which are security sensitive may be equipped withBluetooth access points 43, which are configured to allow access only to authorised persons. Using this invention, access to a holder of themobile device 41 to the sensitive areas can be granted with authentication granted over the WLAN. When themobile device 41 arrives at the relevantBluetooth access point 43, access may be granted without the need for further recourse to theauthentication server 45. - It may, in the same application, be desired to disallow access to the office building's WLAN until the holder of a
mobile device 41 is within the building. In this case, aBluetooth access point 43 may be provided at the building's entrance. - Authentication of the
mobile device 41 is performed by theNAS 44 and theauthentication server 45 with communication occurring via theBluetooth access point 43. A request to access the WLAN is then transmitted via theBluetooth access point 43, and a grant message then sent via Bluetooth to theWLAN access point 42 for verification by theNAS 44 without recourse to theauthentication server 45. Thus, themobile device 41 is granted access to the WLAN with the authentication process achieved via theBluetooth access point 43. Here, though, a different access control policy may be applied by theNAS 44 depending on theaccess point mobile device 41 first established communication with the NAS. Delegating access control to theNAS 44 can reduce network traffic, as well as the time taken to respond to access requests. - The embodiment of Figures 6 and 7 may be used in a ticketing system, such as a railway station environment with ticket gates as described in relation to Figure 1 above. Here, though, the ticket gates are each provided with a short-range Bluetooth access point, instead of a contactless smartcard reader. A mobile device for operation with such a system is shown in Figure 10.
- Referring to Figure 10, the
mobile device 70 includes aCPU 71 connected to each of asmartcard 72, abluetooth interface 73 and aWLAN interface 73. Briefly, operation begins with authentication of thesmartcard 72, and thus themobile device 70, on a WLAN using theWLAN interface 74. The procedure is similar to that shown in and described with reference to Figure 3. Communication of a gate open request signal involves passing the signal from thesmartcard 72 via theCPU 71 and thebluetooth interface 73 to the bluetooth access point at the ticket gate. Although the above embodiments utilise communication via Bluetooth, WLAN and smartcard connections or networks, it will be appreciated that any connections or networks are useable with the invention, such as an infra-red connection or the fixed wireless networks of GSM or UTMS, for example. Also, one of the connections could be a wired connection, for example to a LAN. - In all of the above embodiments, it will be appreciated that the 'message authentication code' fields include a digital signature, preferably prepared using a private-public key algorithm.
Claims (17)
- A method of communicating, the method comprising:maintaining a connection between a mobile device and at least one network of one or more networks via a first access point;sending from the mobile device to a network server via the first access point a request for connection to another access point;at the network server, obtaining approval for the connection request, andsending a connection grant signal to the mobile device via an access point forming part of the same network as the first access point;sending from the mobile device a message comprising the connection grant signal or a signal derived therefrom to a second access point of the one or more networks; andallowing communication between the mobile device and the second access point if the message sent therebetween is determined to be the same as an expected message.
- A method as claimed in claim 1, in which one of the access points includes a smartcard reader, and a smartcard included with the mobile device is authenticated using a challenge and response procedure.
- A method as claimed in either preceding claim, in which the approval for the connection request has associated therewith a timeout period, after expiry of which the sending of the message from the mobile device to the second access point will not result in the allowing step.
- A method as claimed in any preceding claim, in which the connection grant signal includes a cryptographic key.
- A method as claimed in claim 4, in which at least part of the message sent from the mobile device to the second access point is encrypted using the cryptographic key.
- A method as claimed in any preceding claim, in which the connection grant signal is digitally signed.
- A method as claimed in any preceding claim, in which the message sent from the mobile device to the second access point is digitally signed.
- A system comprising:a mobile device;first and second access points to one or more networks; anda network server connected to each of the one or more networks,
the network server being arranged, in response to the request for connection, for obtaining approval for the connection request and for sending a connection grant signal to the mobile device via an access point forming part of the same network as the first access point,
the mobile device being arranged for sending a message comprising the connection grant signal or a signal derived therefrom to the second access point, and the system being arranged for allowing the mobile device access to the second access point if the message is determined to be the same as an expected message. - A system as claimed in claim 8, in which one of the access points includes a smartcard reader, and the network server is arranged for authenticating a smartcard included with the mobile device using a challenge and response procedure.
- A system as claimed in claim 8 or claim 9, in which the network server is arranged for associating a timeout period with the connection request approval, and the system is arranged for disallowing the mobile device access to the second access point if access is not allowed prior to expiry of the timeout period.
- A system as claimed in any of claims 8 to 10, in which the second access point is associated with a ticket gate, which is controlled to be opened if the message is determined to be the same as the expected message.
- A system as claimed in claim 11, further comprising a ticketing server responsive to the request for connection to another access point for initiating a ticketing transaction, and for providing approval for the connection request.
- A system as claimed in claim 12, in which the ticketing server is responsive to the mobile device being allowed access to the second access point for completing the ticketing transaction.
- A system as claimed in any of claims 8 to 13, in which the network server is arranged to include a cryptographic key with the connection grant signal.
- A system as claimed in claim 14, in which the mobile device is arranged to encrypt the message sent to the second access point with the cryptographic key.
- A system as claimed in any of claims 8 to 15, in which the connection grant signal is digitally signed.
- A system as claimed in any of claims 8 to 16, in which the message sent from the mobile device to the second access point is digitally signed.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP20020257257 EP1411475A1 (en) | 2002-10-18 | 2002-10-18 | System and method of communication including first and second access point |
JP2003105027A JP2004140779A (en) | 2002-10-18 | 2003-04-09 | System and communication method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP20020257257 EP1411475A1 (en) | 2002-10-18 | 2002-10-18 | System and method of communication including first and second access point |
Publications (1)
Publication Number | Publication Date |
---|---|
EP1411475A1 true EP1411475A1 (en) | 2004-04-21 |
Family
ID=32039218
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP20020257257 Withdrawn EP1411475A1 (en) | 2002-10-18 | 2002-10-18 | System and method of communication including first and second access point |
Country Status (2)
Country | Link |
---|---|
EP (1) | EP1411475A1 (en) |
JP (1) | JP2004140779A (en) |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006082526A1 (en) * | 2005-02-03 | 2006-08-10 | France Telecom | Method and system for controlling networked wireless locks |
EP1703477A1 (en) * | 2005-03-14 | 2006-09-20 | NTT DoCoMo, Inc. | Mobile terminal and authentication method |
EP1752928A1 (en) * | 2005-07-28 | 2007-02-14 | Inventio Ag | Access control method for an area accessible to persons, in particular for a room closed off by means of a door |
EP1857953A1 (en) * | 2006-05-16 | 2007-11-21 | EM Microelectronic-Marin SA | Method and system for authentication and secure exchange of data between a personalised chip and a dedicated server |
EP1965354A1 (en) * | 2007-03-02 | 2008-09-03 | Gemmo S.p.A. | Service management system and method |
FR2914524A1 (en) * | 2007-03-29 | 2008-10-03 | France Telecom | Heterogeneous telecommunication system for transactional application, has server supporting application component suitable to interact with component installed in table, where component is installed with user entity through terminal |
DE102007038948A1 (en) * | 2007-08-17 | 2009-02-26 | Josef Koprek | Device for guarantee of access control, has near-field-communication reader having processor unit that is data linked with service provider, particularly wireless |
DE102009007611A1 (en) * | 2009-02-05 | 2010-08-19 | Vodafone Holding Gmbh | Method for wireless data communication between communication interface of mobile telephone and remote station, for execution of electronic ticket distribution, involves selecting application according to measure of input of mobile device |
US7796012B2 (en) | 2005-07-28 | 2010-09-14 | Inventio Ag | Method of controlling access to an area accessible by persons, particularly to a space closed by a door |
EP2428937A1 (en) * | 2009-05-04 | 2012-03-14 | ZTE Corporation | Gate control system and mathod of remote unlocking by validated users |
US8770476B2 (en) | 2005-09-28 | 2014-07-08 | Visa International Service Association | Device, system and method for reducing an interaction time for a contactless transaction |
DE102015216910A1 (en) * | 2015-09-03 | 2017-03-09 | Siemens Aktiengesellschaft | A method of operating an access unit by means of a mobile electronic terminal |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2419067A (en) * | 2004-10-06 | 2006-04-12 | Sharp Kk | Deciding whether to permit a transaction, based on the value of an identifier sent over a communications channel and returned over a secure connection |
CN101953210B (en) * | 2008-02-18 | 2012-11-07 | 株式会社Ntt都科摩 | Mobile communication system, position registration method, handover method, exchange station, mobile station, and radio control station |
EP3058792B1 (en) * | 2013-10-17 | 2022-08-10 | Nayax Ltd. | Wireless protocol message conversion method and corresponding device |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0870889A2 (en) * | 1997-04-07 | 1998-10-14 | Eaton Corporation | Keyless motor vehicle entry and ignition system |
US6175922B1 (en) * | 1996-12-04 | 2001-01-16 | Esign, Inc. | Electronic transaction systems and methods therefor |
WO2001040605A1 (en) * | 1999-11-30 | 2001-06-07 | Bording Data A/S | An electronic key device, a system and a method of managing electronic key information |
US6250557B1 (en) * | 1998-08-25 | 2001-06-26 | Telefonaktiebolaget Lm Ericsson (Publ) | Methods and arrangements for a smart card wallet and uses thereof |
WO2001063425A1 (en) * | 2000-02-25 | 2001-08-30 | Telefonaktiebolaget Lm Ericsson (Publ) | Wireless reservation, check-in, access control, check-out and payment |
WO2002049235A1 (en) * | 2000-12-12 | 2002-06-20 | Hello-Tech Technologies Ltd. | Method and apparatus for secure access to homes, offices, professional buildings and/or remote machinery and equipment |
-
2002
- 2002-10-18 EP EP20020257257 patent/EP1411475A1/en not_active Withdrawn
-
2003
- 2003-04-09 JP JP2003105027A patent/JP2004140779A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6175922B1 (en) * | 1996-12-04 | 2001-01-16 | Esign, Inc. | Electronic transaction systems and methods therefor |
EP0870889A2 (en) * | 1997-04-07 | 1998-10-14 | Eaton Corporation | Keyless motor vehicle entry and ignition system |
US6250557B1 (en) * | 1998-08-25 | 2001-06-26 | Telefonaktiebolaget Lm Ericsson (Publ) | Methods and arrangements for a smart card wallet and uses thereof |
WO2001040605A1 (en) * | 1999-11-30 | 2001-06-07 | Bording Data A/S | An electronic key device, a system and a method of managing electronic key information |
WO2001063425A1 (en) * | 2000-02-25 | 2001-08-30 | Telefonaktiebolaget Lm Ericsson (Publ) | Wireless reservation, check-in, access control, check-out and payment |
WO2002049235A1 (en) * | 2000-12-12 | 2002-06-20 | Hello-Tech Technologies Ltd. | Method and apparatus for secure access to homes, offices, professional buildings and/or remote machinery and equipment |
Cited By (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006082526A1 (en) * | 2005-02-03 | 2006-08-10 | France Telecom | Method and system for controlling networked wireless locks |
EP1703477A1 (en) * | 2005-03-14 | 2006-09-20 | NTT DoCoMo, Inc. | Mobile terminal and authentication method |
US7861293B2 (en) | 2005-03-14 | 2010-12-28 | Ntt Docomo, Inc. | Mobile terminal and authentication method |
EP1752928A1 (en) * | 2005-07-28 | 2007-02-14 | Inventio Ag | Access control method for an area accessible to persons, in particular for a room closed off by means of a door |
US7796012B2 (en) | 2005-07-28 | 2010-09-14 | Inventio Ag | Method of controlling access to an area accessible by persons, particularly to a space closed by a door |
US8770476B2 (en) | 2005-09-28 | 2014-07-08 | Visa International Service Association | Device, system and method for reducing an interaction time for a contactless transaction |
US10043177B2 (en) | 2005-09-28 | 2018-08-07 | Visa International Service Association | Device, system and method for reducing an interaction time for a contactless transaction |
US9613354B2 (en) | 2005-09-28 | 2017-04-04 | Visa International Service Association | Device, system and method for reducing an interaction time for a contactless transaction |
US9330386B2 (en) | 2005-09-28 | 2016-05-03 | Visa International Service Association | Device, system and method for reducing an interaction time for a contactless transaction |
EP1857953A1 (en) * | 2006-05-16 | 2007-11-21 | EM Microelectronic-Marin SA | Method and system for authentication and secure exchange of data between a personalised chip and a dedicated server |
US8566588B2 (en) | 2006-05-16 | 2013-10-22 | EM Microelectric-Mann S.A. | Method of authentication and secure exchange of data between a personalised chip and a dedicated server, and assembly for implementing the same |
EP1965354A1 (en) * | 2007-03-02 | 2008-09-03 | Gemmo S.p.A. | Service management system and method |
FR2914524A1 (en) * | 2007-03-29 | 2008-10-03 | France Telecom | Heterogeneous telecommunication system for transactional application, has server supporting application component suitable to interact with component installed in table, where component is installed with user entity through terminal |
DE102007038948A1 (en) * | 2007-08-17 | 2009-02-26 | Josef Koprek | Device for guarantee of access control, has near-field-communication reader having processor unit that is data linked with service provider, particularly wireless |
DE102009007611A1 (en) * | 2009-02-05 | 2010-08-19 | Vodafone Holding Gmbh | Method for wireless data communication between communication interface of mobile telephone and remote station, for execution of electronic ticket distribution, involves selecting application according to measure of input of mobile device |
DE102009007611B4 (en) | 2009-02-05 | 2019-07-04 | Vodafone Holding Gmbh | Method and device for contactless communication |
EP2428937A4 (en) * | 2009-05-04 | 2014-09-10 | Zte Corp | Gate control system and mathod of remote unlocking by validated users |
US8933777B2 (en) | 2009-05-04 | 2015-01-13 | Zte Corporation | Gate control system and method of remote unlocking by validated users |
EP2428937A1 (en) * | 2009-05-04 | 2012-03-14 | ZTE Corporation | Gate control system and mathod of remote unlocking by validated users |
DE102015216910A1 (en) * | 2015-09-03 | 2017-03-09 | Siemens Aktiengesellschaft | A method of operating an access unit by means of a mobile electronic terminal |
Also Published As
Publication number | Publication date |
---|---|
JP2004140779A (en) | 2004-05-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN100417274C (en) | Certificate based authentication authorization accounting scheme for loose coupling interworking | |
US7108177B2 (en) | Proximity validation system and method | |
EP1430640B1 (en) | A method for authenticating a user in a terminal, an authentication system, a terminal, and an authorization device | |
EP1476980B1 (en) | Requesting digital certificates | |
CN1701561B (en) | Authentication system based on address, device thereof, and program | |
JP4235102B2 (en) | Authentication method between portable article for telecommunication and public access terminal | |
US20170148018A1 (en) | Method and system for network communication | |
US20030084287A1 (en) | System and method for upper layer roaming authentication | |
US20110258443A1 (en) | User authentication in a tag-based service | |
EP1787486B1 (en) | Bootstrapping authentication using distinguished random challenges | |
EP1411475A1 (en) | System and method of communication including first and second access point | |
JP2002058066A (en) | Short-range radio access and method for performing short-range radio commercial transaction between hybrid radio terminal and service terminal through interface for corresponding service terminal | |
JP5206109B2 (en) | Entrance / exit management system and wireless communication terminal | |
JPH0669882A (en) | Certifying method for mobile communication system | |
WO1998037661A1 (en) | Apparatus and method for authentification and encryption of a remote terminal over a wireless link | |
JP2006318489A (en) | Method and device for confirming authentication of id of service user | |
KR20120037380A (en) | Method for registering a mobile radio in a mobile radio network | |
CN102111766A (en) | Network accessing method, device and system | |
US7251731B2 (en) | Call set-up from a mobile radio telephone terminal with biometric authentication | |
CN100407190C (en) | Service providing method, system and program | |
CN106465116A (en) | Access control for a wireless network | |
JP2011118789A (en) | Communication device and processing system | |
US20180322502A1 (en) | Data security system using interaction channel code | |
US11003744B2 (en) | Method and system for securing bank account access | |
CN107786978B (en) | NFC authentication system based on quantum encryption |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LI LU MC NL PT SE SK TR |
|
AX | Request for extension of the european patent |
Extension state: AL LT LV MK RO SI |
|
AKX | Designation fees paid | ||
17P | Request for examination filed |
Effective date: 20041013 |
|
RBV | Designated contracting states (corrected) |
Designated state(s): AT BE BG |
|
RBV | Designated contracting states (corrected) |
Designated state(s): DE FR GB |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: 8566 |
|
17Q | First examination report despatched |
Effective date: 20060904 |
|
17Q | First examination report despatched |
Effective date: 20060904 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20071127 |