KR100218673B1 - Authentification processing method in the personal communication system - Google Patents

Abstract

By providing a unique authentication processing method of a subscriber station in a personal communication system, a subscriber can always perform safe and convenient communication by minimizing the damage that a subscriber can suffer when a subscriber loses a private communication subscriber terminal, And more particularly, to a unique authentication processing method in a personal communication system for improving reliability.

Description

The only attempt in the personal communication system authentication processing method

FIG. 1 is a block diagram of a hardware to which the present invention is applied; FIG.

FIG. 2 is a detailed flowchart for explaining a unique authentication processing method in a personal communication system according to the present invention; FIG.

DESCRIPTION OF THE REFERENCE NUMERALS

1: Personal Communication Station (PS)

2: Base Transceiver Station (BTS)

3: Base Station Controller (BSC)

4: TDX-10 Personal Communication Exchange (TDX-10 PCX)

5: Home Location Register (HLR)

6: Authentication Center (AC)

[0001] The present invention relates to a unique authentication processing method in a personal communication system, and more particularly, to a unique authentication value of a subscriber station by a random value set by an authentication center of a personal communication system, To a unique authentication processing method of a subscriber terminal in a personal communication system capable of knowing that the terminal is a legitimate terminal.

Generally, a personal communication subscriber uses a lightweight mobility terminal that can communicate with anytime, anywhere, and with anyone. By using the wireless communication (radio wave), the terminal can be eavesdropped or steered. If a third party uses his or her own wireless call, the network will not be able to identify legitimate subscribers. Since only the authentication procedure is confirmed between the base station and the terminal, it can not be judged and there will be a lot of damages to the subscriber. Also, the network can not know whether or not the other terminal of the lost terminal is used.

Therefore, according to the present invention, a unique authentication value of a subscriber station is set to a random value set in a race center of a personal communication system, and a determination is made that the value of the terminal matches the value of the authentication center in the network, And to provide a unique authentication processing method in a personal communication system capable of solving the above-mentioned disadvantages.

In order to accomplish the above object, in a private communication system of a personal communication system according to the present invention, an authentication method for generating a unique authentication value using subscriber secret sharing data and randomly generated unique random values in an authentication center, And transmitting the authentication challenge response message to the authentication center in the personal communication subscriber mobility control block of the personal communication exchange, and transmitting the authentication challenge response message to the authentication center, Transmitting the authentication request message to the base station controller, calculating an authentication attempt value by performing an authentication algorithm using the unique random value received at the terminal and the secret shared data in the terminal, Message to a personal communication exchange; Comparing the unique authentication value in the authentication response message received in the personal communication subscriber mobility control block of the personal communication subscriber mobility control block with the value received from the authentication center and transmitting success or failure information to the authentication center in an authentication status notification message, Receiving an authentication status notification message from the authentication status notification message, confirming success or failure of the unauthenticated authentication process, and transmitting an authentication status notification response message to the network.

According to the present invention, the one-time authentication, which is one of the authentication procedures, is a procedure for authenticating a terminal using a random unique random value provided by the authentication center.

The authentication center can request a unique authentication request to the terminal when the subscriber's terminal is thought to be hijacked by another person during operation or the subscriber's validity period has expired.

The signaling system of the network and the base station control period uses a modified standard (IS-651) based on No. 7 (MTP; message transmission unit, SCCP) The signal processing between the register and the authentication center is based on the Mobile Application Part (MAP) standard (IS-41, version C). The visit registration processor is included in the private communication exchange.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.

1 is a block diagram of a hardware to which the present invention is applied and includes a personal communication terminal (hereinafter referred to as PS) 1, a base transceiver station (hereinafter referred to as BTS) 2, A base station controller (hereinafter referred to as BSC) 3, a TDX-10 Personal Communication Exchange (TDX-10 PCX) 4, a Home Location Register (Hereinafter, referred to as HLR) 5 and an authentication center (hereinafter referred to as AC) 6.

The TDX-10 PCX 4 includes an Access Switching Subsystem for Wireless (hereinafter referred to as ASS-W) 41 and a Location Register Subsystem Quot;) < / RTI >

The ASS-W 41 includes a Digital CEPT Interface (DCI) 411, a Time Switch (TSW) 412, A No. 7 Signaling Message Handling Processor (hereinafter, referred to as No 7) 413, and an Access Switching Processor for Wireless (hereinafter referred to as ASP-W) 414 And the LRS 42 includes a location registration processor (LRP) 421, a No. 7 Signaling Message Handling Processor (hereinafter referred to as NO7) 422 ).

The LRP 421 is provided with a Location Register Access Control (LRAC) block (not shown), a mobile application (Hereinafter referred to as PMC) block (not shown), a Personal Digital Subscriber Identity (SLPM) block (not shown), and an ASP- (Not shown), a No. 7 signaling control (hereinafter referred to as S7C) block (not shown) for NO7, )do.

FIG. 2 is a detailed flowchart for explaining a unique authentication processing method in the personal communication system according to the present invention. The AC and the terminal have the same authentication algorithm.

From the start signal, the AC generates an arbitrary unique random value when it tries to request a unique authentication to the terminal by operation or expiration of the subscriber authentication period, and transmits it to the authentication algorithm together with the secret shared data of the subscriber as input data The trial authentication value is calculated (201). The AC stores the unique challenge random number and the unique challenge value in the 'authentication command' message (202). The AC transmits the authentication command message to the HLR, and the HLR transmits it to the LRAC through the NO7 in the LRS and the MAPC of the LRP (203). LRAC sends this to the PMM of ASP-W.

The MPM of the ASP-W receives this (204), and sends an 'authentication command response' message (205) to receive and process the authentication command to the LRP of the LRP. The LRAC sends an authentication command response message to the HLR via MAPC and NO7, and sends the HLR to AC (206). Thereafter, the PMM sends an 'authentication request' message (207) containing a unique challenge random number to the base station controller via NO7, TSW, and DCI. The base station controller sends it to the base station and the base station transmits it to the terminal (208). The MS calculates the unique authentication value using the random challenge in the received 'authentication request' message and the secret shared data in the terminal as input data of the authentication algorithm (209). Thereafter, the message is transmitted to the base station in the 'authentication response' message. The base station sends the message to the base station controller, and the base station controller transmits the message to the personal communication exchange (210). The PMM of the ASP-W receives this through the DCI, TSW and NO7 (211), compares it with the unique authentication value received from the AC, determines the success or failure of the unique authentication (212) Authentication state notification 'message to the LRP of the LRP (213). The LRP of the LRP transmits it to the HLR via MAPC and NO7, and the HLR transmits to the AC (214). The AC may receive the 'authentication status notification' message and store the success or failure of the UE's unique challenge authentication. If successful, the AC may allow the UE to use the UE, . This is transmitted to the HLR in the 'authentication status notification response' message, and the HLR is transmitted to the LRAC through the MAPC of NO7 and LRP (216). The LRAC transmits an 'authentication status notification response' message to the PMM of the ASP-W, and the PMM of the personal communication exchange receives the message and completes the unique authentication procedure (217).

The present invention configured to operate as described above will prevent the personal communication subscriber terminal from being stolen from other persons as much as possible by the unique authentication processing procedure between the authentication center and the terminal and increase the efficiency and reliability of the personal communication call. That is, it is possible to prevent the third party from being hijacked by the personal communication terminal as much as possible, minimizing the loss of the subscriber due to loss of the terminal, and enhancing the efficiency and reliability of the personal communication call.

Claims (1)

Generating an unauthenticated authentication value using subscriber secret sharing data and a randomly generated unique random value in the authentication center, storing the unique random value and the unique authentication value in an authentication command message, and transmitting the authentication request message to the personal communication exchange; Transmitting an authentication command response message to an authentication center in a personal communication subscriber mobility control block of the personal communication exchange and transmitting an authentication request message including a unique random random value to a base station controller; A step of calculating a unique authentication value in the terminal by using an authentication algorithm using secret sharing data in the terminal and transmitting the obtained authentication information to the personal communication exchange through an authentication response message; And the unique authentication value in the authentication response message received from the control block Comparing success or failure information with a value received from an authentication center, and transmitting the success or failure information to an authentication center by sending an authentication status notification message to the authentication center; receiving authentication status notification messages from the authentication center to confirm success or failure of the one- And transmitting an authentication status notification response message to the network.