MXPA96000129A - A method to validate a communication link - Google Patents

A method to validate a communication link

Info

Publication number
MXPA96000129A
MXPA96000129A MXPA/A/1996/000129A MX9600129A MXPA96000129A MX PA96000129 A MXPA96000129 A MX PA96000129A MX 9600129 A MX9600129 A MX 9600129A MX PA96000129 A MXPA96000129 A MX PA96000129A
Authority
MX
Mexico
Prior art keywords
base station
wireless base
random number
authentication result
authorization equipment
Prior art date
Application number
MXPA/A/1996/000129A
Other languages
Spanish (es)
Other versions
MX9600129A (en
Inventor
J Schellinger Michael
Original Assignee
Motorola Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US08/239,012 external-priority patent/US5488649A/en
Application filed by Motorola Inc filed Critical Motorola Inc
Publication of MX9600129A publication Critical patent/MX9600129A/en
Publication of MXPA96000129A publication Critical patent/MXPA96000129A/en

Links

Abstract

The present invention relates to a method for validating a communication link between a wireless base station and an authorization device, said wireless base station is coupled to a telephone network and is adapted to communicate with a wireless communication device, the method comprises the steps of: authenticating said wireless base station to communicate with said authorization equipment, said step of authenticating said wireless base station is based on a first random number generated within said authorization equipment; authenticating said authorization equipment to communicate with said wireless station; wireless base, said step of authenticating the authorization equipment is based on a second random number generated within the wireless base station, and allowing a communication link between the wireless base station and the authorization equipment when the wireless base station has been authenticated and the au team torization

Description

A METHOD FOR VALIDATING A COMMUNICATION LINK Field of the Invention The present invention relates generally to portable telephones, and more particularly to a method for validating a communication link between a communication device and an authorization device. BACKGROUND OF THE INVENTION [0002] Typically, a wireless telephone system includes a portable wireless headset and a wireless base station connected to a phone company of a telephone system using wireline telephone lines. The wireless base station has a dedicated wireline telephone number that allows the user to place and receive calls using the wireless portable handset within a limited range of the wireless base station, such as at an address. However, due to its limited range, the portable wireless headset provides the user with relatively local radiotelephone communication. The radiotelephone communication outside the range of the wireless telephone system can also be provided to the user through a cellular telephone system. Typically, a cellular telephone system includes cellular subscriber units (mobile or portable) and cellular base stations connected to the wireline telephone system through one or more cellular switching networks. Each cellular subscriber unit has an assigned cellular telephone number that allows the user to place and receive calls within a wide range of cellular-based stations, such as throughout an entire metropolitan area. However, the cost of using the cell phone service is much greater than the wireless telephone service. A wireless communication system incorporating a portable cellular radiotelephone (PCC) is shown. The PCC has the ability to communicate with a conventional cellular radiotelephone system, which has a plurality of cellular base stations, a microcell base station, or a wireless base station, which provides a private telephone line interconnection to the telephone network for the user of the PCC. The wireless communication system uses a call routing and authorization equipment to provide call routing information to a telephone switching system. In this way, the switching system automatically directs telephone calls between cellular, microcellular and wireless systems. The call routing and authorization equipment also authorizes the wireless base station 115 to use the channels. However, there is a problem for both the telephone network operator and the PCC user. In particular, the operator of the telephone network must ensure that a user of the PCC does not fraudulently access the service in a system in which the user is not authorized to access. Similarly, the PCC user must ensure that the cellular system being accessed is not a fraudulent system (that is, a system established by a fraudulent operator that illegally uses the spectrum). Accordingly, there is a need for a method to validate a communication link between a wireless base station and a call routing and authorization equipment to ensure that the PCC is allowed to operate in the communication system and the communication equipment. Call routing is allowed to provide the spectrum of the communication system. BRIEF DESCRIPTION OF THE DRAWINGS Figure 1 is a block diagram of an aperture configuration for a portable radiotelephone in which various systems, including both a cellular system and a wireless system, can be accessed by the same portable radiotelephone. Figure 2 is a block diagram of an authorization and call routing equipment (ACRE).
Figure 3 is a schematic map showing a typical installation of coverage areas for wireless systems, microcellular and cellular. Figure 4 is a block diagram of a wireless base station that can employ the present invention. Figure 5 is a block diagram of a portable radiotelephone that can employ the present invention. Figure 6 is a chronogram of the system scanning process that can be employed in the portable radiotelephone of Figure 5. Figure 7 is a chronogram of the sequence of the registration message. Fig. 8 is a flow chart of the wireless base station of Fig. 4 that can be used to determine which channel to use in communication with the radiotelephone of Fig. 5. Fig. 9 is a flow diagram of the wireless base station of Figure 4 which can be used in combination with the flow diagram of Figure 10 to determine which channels meet a minimum channel criterion. Fig. 10 is a flow chart of the wireless base station of Fig. 4 which can be used in combination with the flow chart of Fig. 9 to determine which channels meet a minimum channel criterion. Figure 11 is a flow chart of the wireless base station of Figure 4 that can be used in determining which channel has the best channel quality. Figure 12 is a simplified graph of the cellular spectrum. Fig. 13 is a flow diagram of the wireless base station of Fig. 4 which can be used after an initialization case. Fig. 14 is a flow diagram of the wireless base station of Fig. 4 that can be used after an initialization case. Figure 15 is a general block diagram of a process for authentication of the wireless base station and the ACRE. Figure 16 is a block diagram of the process for authenticating the wireless base station. Fig. 17 is a block diagram of the process for generating an authentication result of the wireless base station shown in steps 626 and 631 of Fig. 16. Fig. 18 is a block diagram of the process for authenticating the ACRE. Fig. 19 is a block diagram of the process for generating an authentication result of the ACRE shown in steps 666 and 667 of Fig. 18. Fig. 20 is a block diagram of the process for updating the wireline interface key (WIKEY) Figure 21 shows the signal protocol for the signals transmitted between the wireless base station and the ACRE. Detailed Description of a Preferred Modality The method of the present invention generally validates a communication link in a communication system. In partir, the method validates a communication link between a wireless base station and a call routing and authorization equipment by authorizing the wireless base station to communicate with the authorization equipment and authorizing the authorization equipment to communicate with the wireless base station . Preferably, the step of authenticating the wireless base station is based on a first random number generated within the authorization equipment and the authentication stage of the authorization equipment is based on a second random number generated within the wireless base station. A communication link between the wireless base station and the authorization equipment is permitted when both the wireless base station and the authorization equipment have been authorized. In Figure 1 a generalized block diagram of an application of the present invention is shown. A portable wireless cellular radiotelephone (PCC) 101 is shown having the ability to communicate with a conventional cellular radiotelephone system 103, which has a plurality of cellular base stations 105, 107 located in geographically separate locations but installed to provide radiotelephone coverage over a wide geographical area. The cellular base stations are coupled to a control terminal 109 which provides coordination between the plurality of cellular base stations, including the loose controls of the user's cellular and mobile cellular equipment, and provides call switching and interconnects to the public switched telephone network (hereinafter referred to as "TELCO") 111. The PCC 101 also has the ability to communicate with a microcellular base station 113, which is a cellular attached cell that has lower power and limited capabilities but that provides public radiotelephone service to different areas such as shopping malls, airports, etc. The microcell base station 113 is coupled to the TELCO 111 wireline telephone system so that calls can be placed on the TELCO. The PCC 101 further has the ability to communicate with and output the radiotelephone calls via a wireless base station 115, which provides a private telephone line interconnection with the TELCO 111 for the PCC 101 user. The wireless communication system uses an authorization and call routing equipment (ACRE) 117 for providing call routing information to a telephone switching system. In this way, the switching system automatically directs telephone calls between the cellular, microcellular and wireless systems. The ACRE 117 also authorizes the wireless base station 115 to use the channels. The ACRE 117 can be part of the TELCO 111 or it can be an independent device. As noted previously, the wireless base station 115 and the PCC 101 collectively provide the limited range radio service conventionally known as wireless telephone service. Such a service has become saturated, conventionally using a few radio frequency channels in the radio bands of VHF (very high frequency) or UHF (ultra high frequency).
The user of a radiotelephone must expect the radiotelephone service to be available wherever he / she travels in the United States and that this service be provided at the lowest cost. It should also be expected that the radiotelephone service will be provided in a portable unit that is as compact and inexpensive as possible. The PCC 101 is uniquely configured to fulfill this purpose. further, the wireless base station 115 is uniquely designed to provide interconnection of the telephone with the telephone line of the user's home when the user has the PCC 101 within the radio range of the wireless base station 115. In figure 2 is shown a block diagram of the ACRE 117. The ACRE 117 is connected to a TELCO 111 via an interface 202. The interface 202 controls and formats the messages between the TELCO 111 and a processor 204. The processor 204 in combination with a software memory of control 206 is the intelligence of ACRE 117 and carries out the authorization and authentication tasks and provides the call routing information. A database of the subscriber 208 contains the data required by the processor 204 in order to carry out the tasks previously discussed. The ACRE 117 may be separate from the TELCO 111 as shown in Figure 2 or may be part of the TELCO 111, usually part of the switching equipment. When the ACRE 117 is part of the TELCO 111, the ACRE 117 may not need the interface 202. Additionally, the functions of the ACRE can be carried out by the existing equipment in the TELCO. Finally, according to some aspects of the present invention, the ACRE can provide only authentication functions and could be considered as authentication equipment. Although the following description generally refers to an ACRE, it will be understood that the term ACRE could also be considered to describe the authorization equipment depending on the implementation. Figure 3 shows a typical installation of coverage areas for wireless, microcellular and cellular systems. The coverage area of the wireless system is the smallest and resides within the microcellular system. The microcellular system has an intermediate coverage and resides within the cellular system. The coverage area of each system may depend on, but not limited to, the number of base stations in each system, the antenna height of each base station, and the energy level used by each system. The user of the portable radiotelephone can relocate between the various coverage areas. The portable radiotelephone can change between systems based on, but not limited to, the location of the portable radiotelephone, the availability of the system and the user's preference. The areas of coverage of the systems are not limited to the particular installation as shown in Figure 3. A coverage area may be independent of another coverage area or may partially overlap one or more different coverage areas. The wireless base station 115, conceptually, is a subminiature cellular system that provides a single signaling channel which transmits output data messages in a manner analogous to a conventional cellular output signaling channel and receives service demands from of a remote unit, such as a PCC 101. Appropriate service demands are granted with an allocation of a voice channel (done via the control channel) in the same or a second radio frequency in which the PCC 101 to tune in to your phone call. Figure 4 shows the basic implementation of a wireless base station. A conventional transmitter 301 and a conventional receiver 303 suitable for use in the frequency band 869 to 894 MHz and 824 to 849 MHz, respectively, which are used for conventional cellular services, are coupled to a common antenna 305 via a 307 duplexer The power output of the transmitter 301 is limited to approximately 6 milliwatts in order to minimize interference to other services and other wireless telephone stations. The selection of the channel frequency is implemented by means of a frequency synthesizer 309 controlled by a logic unit 311. Within the logic unit 311 is a microprocessor 313, such as a 68HC11 available from Motorola, Inc., or a similar microprocessor, which is coupled to conventional memory devices 315 that store the microprocessor operating program, base identification (BID) and customer personality, and other configurations. The transmitted and received data is encoded / decoded and coupled between the receiver 303, the transmitter 301, and the microprocessor 313 via the signaling interface hardware 317. The instructions of the microprocessor are communicated and implemented by the control hardware 319. The interface with the wireline telephone line of the user's home is conventionally carried out via an interface of the TELCO 321. The power is supplied from the main conventional AC lines and returned with a battery reserve (all represented as energy 323). The PCC 101 is a portable radiotelephone transceiver shown in block diagram form in Figure 5. A portable radio receiver 401, capable of receiving the frequency band between 869 and 894 MHz, and a portable transmitter 403, capable of transmitting with low energy (approximately 6 milliwatts in the preferred embodiment) over frequencies between 824 and 849 MHz, they are coupled to antenna 405 of PCC 101 by means of a duplexer 407. The particular channel of the radio frequency to be used by the transmitter 403 and the receiver 401 are determined by the microprocessor 409 and communicated to the frequency synthesizer 411 via the interface circuit 413. The data signals received by the receiver 401 are decoded and coupled to the microprocessor 409 by the circuit interface 413 and the data signals to be transmitted by transmitter 403 are generated by microprocessor 409 and are formatted via interface 413 before being transmitted by the transmitter 403. The operational status of the transmitter 403 and the receiver 401 is enabled or disabled by the interface 413. The interface also controls the light emitting diodes, 415 and 417, which are used to indicate to the user which system is currently receiving. PCC 101. Control of user audio, microphone output and horn input is controlled by audio processing circuitry 419. In the preferred embodiment, microprocessor 409 is a 68HC11 microprocessor, available from Motorola, Inc., and performs the necessary processing functions under the control of the programs stored in a conventional ROM 421. The characterization settings of the PCC 101 are stored in the EEPROM 423 (which can also be stored in the microprocessor, EEPROM on board) and include the number assignment (NAM) required for the operation in a conventional cellular system and the base identification (BID) reque rida for the operation with the user's own wireless base. The transmitter 403 of the PCC 101 has the ability to transmit with the full range of output power that is required for operation in a conventional cellular system. This output energy range consists of six groups of output power magnitudes ranging from a high output power level of approximately 600 milliwatts to a low output power level of 6 milliwatts. This range of six power output groups is enabled when the PCC 101 is in the cellular system mode. In accordance with the preferred embodiment of the present invention, the same PCC 101 is compatible with both the cellular and wireless telephone systems 103. This is achieved by allowing the PCC 101 to operate on both cellular and wireless telephone systems 103 using only cellular telephone frequencies. .
The installation of the radiotelephone has desirable advantages for the user. The PCC 101, in combination with the wireless base station 115, can automatically direct, via the ACRE 117, an incoming call to the telephone system in which the PCC 101 is located without causing inconvenience to the user. The TELCO 14, in combination with the ACRE 117, can automatically direct an incoming call to the PCC 101 without causing inconvenience to the user. The established priority for PCC 101 is that the wireless base station 115 is the first desired path for a user's telephone call and the conventional cellular (or microcellular system) is the second alternative, the implementation process of that priority is shown in FIG. Figure 6. The representation in Figure 6 is of the reception of the PCC receiver 401 of the output signaling channel or of the group of signaling channels transmitted from the cellular system, the wireless base, and the microcellular system in relation to time. This diagram helps the understanding of the unique scanning priority configuration of the present invention. The PCC receiver 401 can monitor 431 the output message stream that is transmitted from the signaling channel of the cellular system (which was selected from among the plurality of cellular signaling channels in a conventional manner). At the appropriate time, the PCC receiver 401 is instructed by its microprocessor 409 to tune in to the frequency or one of the frequencies that is used by the wireless base station 115 as a signaling channel. The PCC receiver 401 scans the channel or output signaling channels of the wireless base 433 for a period of time t2. If the signaling data stream is not received with sufficient quality, the PCC receiver 401 is returned to the previously selected signaling channel of the cellular system 103. It remains tuned to this signaling channel 435 for a period of time, ti, before Try another exploration of a signaling channel of one of the alternative systems. The relation of ti and t2 is such that a cell page message (i.e., a radiotelephone call or other transmitted requirement) that is repeated, conventionally, after a 5 second pause will not be omitted because the PCC receiver 401 I was exploring an alternative system during both cell page message transmission times. The time ti must be greater than the sum of the pause between the two pages and the typical time to transmit two pages. The time t2 must be less than the time between the two pages. If the time pause is 5 seconds and the typical time to transmit a page is 185.2 milliseconds, you must be greater than 5.3704 seconds and t2 must be less than 5 seconds. After monitoring the signaling channel of the cellular system for a ti time, the PCC 401 receiver can be instructed to tune to the signaling channel or to the signaling channels, sequentially, of the microcellular system, as shown in 437. If not a suitable microcellular signaling channel is found during scanning of the predetermined signaling channel frequencies, the PCC 401 receiver is tuned back to the cellular system signaling channel, as shown at 439. An exploration of the signaling channels , 441, of the wireless base station 115 that discovers a signaling data stream that meets the appropriate quality requirements results in the PCC receiver 401 continuing to monitor the wireless signaling channel. The PCC receiver 401 remains in the wireless signaling channel without re-scanning another system until the PCC 101 can not receive the transmitted signal from the wireless base for a period of time of 5 continuous seconds. The effect of this priority process is to give priority to the wireless base station 115 in PCC 101.
Once the signaling channel of the wireless base station 115 is discovered, the PCC 101 remains tuned to this channel. In this way, when the PCC 101 is initially tuned to the cellular system, it will automatically switch to the wireless base station when it is possible to access the wireless base station. Once the PCC receiver 401 has found the wireless base signaling channel, it remains tuned to that channel. When the PCC transceiver is first turned on, its first scan of the signaling channels is the restored signaling channel or channels of the wireless base station 115. Of course, the user can modify the hierarchy of the automatic priority scan by entering a modification code in the PCC 101. In this way, the user can only force the exploration of the signaling channels of the cellular system, only the signaling channels of the wireless base, only the signaling channels of the microcellular system, or combinations of the systems. The user can also carry out a call origin with changing once to the system of his choice. Once the signaling channel of a system has been monitored, a visual indication is given to the user of the PCC transceiver. In the preferred embodiment, this indicator is a set of light emitting diodes (LEDs) 415, 417, one of which is illuminated in a unique manner to indicate to which system the PCC transceiver is tuned. Other indicators may alternatively be used to communicate the same information. For example, an identifier system may appear in the numerical display of PCC 101, or a flashing symbol (having different flashing rates) may be used. However, this indication allows the user to determine which system he is in and decide if he wants to complete a radiotelephone call in the indicated system. In order for the PCC 101 to communicate with the wireless base station 115 it must be authorized to use a particular channel. Authorization is required since the cellular spectrum license is required by the FCC to maintain control of its transmitters. The wireless base station 115 is programmed to periodically update this authorization. To do this, the personal base station 115 initiates a telephone call to the ACRE 117. The ACRE 117 responds with a connection message 502 (see figure 7) which contains a first random number to be used in the authentication process. The wireless base station 115 responds with an authentication message 504. The authentication message 504 contains a wireless base station ID, a first authentication result calculated by using the first random number, and a second random number. The ACRE 117 responds with an authorization and authentication message 506, which contains a second authentication result calculated by using a second random number, and information describing which channels the wireless base station 115 can communicate with the PCC 101. The station The wireless base 115 responds with a registration message 507 which contains the mobile identification number of the PCC 101. The registration message 507 is sent only when a PCC 101 is in the range of the wireless base station 115. The registration message 507 informs the ACRE 117 to direct calls to the PCC 101 to the wireless base station 115. The ACRE 117 responds by sending a knowledge message of the register 508 to the wireless base station 115, which informs the wireless base station 115 that the registration message 507 was received. The wireless base station 115 then responds with a release message 509, the l indicates whether the authorization message sequence was successful. In Figure 8 the wireless base station 115 determines which of the authorized channels to use in communication with the PCC 101. In the block 510 the authorization message 506 is received by the wireless base station 115. Then the wireless base station 115 calculates a set of authorized channels from the information in authorization message 506, as shown in block 512. Next, the wireless base station 115 communicates only over those channels that are authorized and that meet a channel criteria as shown in block 514. In figures 9-11 the process is described. to determine if a channel meets a quality criterion. The channel quality criterion test, shown in block 514, can be carried out in a number of ways. For example, a minimum channel criterion can be established and only a channel that meets this minimum criterion will be available for communication. This implementation is shown in greater detail in Figures 9 and 10. Another way to determine a channel quality criterion is to communicate only on the channel that has the best channel quality. This process is described in Figure 11. Figures 9 and 10 show an implementation of the process of determining if a channel meets a minimum channel criterion. The process begins in block 520. The interference signal energy for a channel is measured in block 522. This signal energy is compared against a maximum signal or threshold resistance in block 524. If the signal energy exceeds the maximum then starts or resets a timer associated with the channel in block 526, and the next channel is selected in block 528. If the maximum signal strength in block 524 is not exceeded, the next channel is selected in the block 528. The processing for the next channel then begins again in block 522. Through this process it can be determined how much time has passed since the maximum interference signal strength for each channel was exceeded. In figure 10 this information is used to determine which channels meet the channel quality criteria as required in block 514 of figure 8. The algorithm starts at block 530. Then it is determined whether the channel chronometer is greater or equal to the time of the block in block 532. If so, then the channel meets the channel quality criteria, in block 534, and is available for use in communication between the wireless base station 115 and PCC 101. If not , then the channel is blocked in block 536 and the channel is not available for use in communication between the wireless base station 115 and PCC 101. The process begins again with the next channel in block 538. For those experts in the matter it will be obvious to make a number of changes in this process without deviating from the scope of the invention. Such modification could include measuring the bit error rate (BER) for a channel in block 522 of FIG. 9 and determining whether it is greater than a maximum allowable BER. Other parameters such as a received signal resistance could be measured or a combination of these could be used. Also the block time in block 532 of FIG. 10 could be set to zero, so that a channel needs to meet only the test of block 524 of FIG. 9 instantaneously. Figure 11 describes a better channel algorithm and begins at block 540. The channel quality is then measured and stored for all channels, at block 542. This measurement could be the interference signal resistance, the BER or the received signal strength or some combination of these. In block 544, the channel having the best channel quality is selected. The selected channel could be the best channel and the channel over which the wireless base station 115 could communicate with the PCC 101. The process is then repeated beginning at block 542. The wireless base station 115 can select between the minimum criterion algorithm of channel of Figures 9 and 10 and the algorithm of the best channel of Figure 11 based on the information contained in the authorization and authentication message 506. In one implementation, the algorithm of minimum channel criterion is favored when the authorized channels are shared with different wireless services, whereas the algorithm of the best channel is favored when the authorized channels are used only for the wireless service. One of the interesting features of the wireless base station 115 is that it is designed to operate on three channels that are not shared with the cellular communication system. This is illustrated in Figure 12, which shows a frequency band 560 or a cellular band that is distributed by the FCC to a cellular system provider. The FCC also defines channels 562 (cellular channels) within the band over which cellular communication may occur. This set of channels leaves a channel unassigned from the frequency band 560. The wireless base station 115 uses this unassigned frequency 564 to define three unshared channels, two at the lower end of the spectrum and one at the upper end of the spectrum. spectrum, on which the wireless base station 115 can communicate with the PCC 101. These three channels can be used by the wireless base station 115 when none of the channels meets the minimum channel criteria as set forth in FIGS. 9 and 10. These channels could also be used when none of the channels have been authorized, as in Figure 8. A problem may occur after the initial energization of a wireless base station 115 using a minimum channel criterion algorithm where the channel must meet a criteria for a fixed period of time before being available for use. The problem occurs after the initial energization or any case of initialization when the set of authorized channels is changed suddenly. When this happens it is impossible to know if a channel has been exceeding a minimum channel criterion or for how long it has been exceeding a minimum channel criterion. Due to that and to the energization an assumption must be made: either that all the channels meet the required criteria in block 514 of figure 8; or none of the channels meets the criteria required in block 514 for a predetermined period of time. These two assumptions are shown in Figures 13 and 14. In Figure 13 the energization occurs in block 570. Then all channel timers are reset in block 572. Then the authorization message is received, in block 574, which corresponds to block 510 of figure 8. Since the chronometers were reset, none of the channels will exceed the block time in block 532 of figure 10 for at least one period equal to block time. In this way, the assumption in Figure 13 is that none of the channels meet the channel criteria after energization. Figure 14 shows the initial energization of the wireless base station 115 in block 576. The initial energization could be replaced by any initialization case as described above with respect to figure 13. The base station 115 then receives the authorization message in block 578. Then all channel timers are set at the block time in block 580. In this way, it is assumed that after the energization of the wireless base station, the channels have met the channel criteria for the period of time required as shown in block 532 of FIG. 10. Turning now to FIG. 15, the authentication process of the wireless base station 115 and the ACRE 117 is shown. The authentication process begins at step 602. According to the process of the present invention, the ACRE authenticates the wireless base station to operate in the communication system in a step 603 after of the start of a call, and the wireless base station authenticates separately to the ACRE to operate in the communication system in a step 604. In the first step 605 the authentication process of the wireless base station begins. If the wireless base station is not authenticated in step 606, the authentication process is terminated in step 608. If the wireless base station is authenticated in step 606, the authentication process of the ACRE is initiated in step 610. If the ACRE is not authenticated in step 612, the authentication process ends in step 608. However, if the ACRE is authenticated, a communication link is allowed in step 614. In a step 615, a key may optionally be updated wired line interface (WIKEY), which is used in the authentication process for both the wireless base station and the ACRE. The use of a WIKEY in the authentication process for the wireless base station and the ACRE will be described in detail with reference to figures 16 to 20. Although the authentication process of the figure shows the process of authentication of the wireless base station followed by the authentication process of the ACRE, it will be understood that these processes could occur in the reverse order, or simultaneously. For example, as shown in Figure 7, the authentication processes occur simultaneously where the authentication message 504 of Figure 7 can include an authentication result of the wireless base station generated in step 606 and also a demand ACRE authentication in step 610. Returning now to figure 16, the authentication process of the wireless base station is shown. In step 622, the ACRE sends an authentication request from the wireless base station to the wireless base station. The authentication request of the wireless base station could be included in the connection message 502 of the general signaling protocol of FIG. 7. The wireless base station receives the authentication request in step 624. In a step 626, the wireless base station generates an authentication result of the wireless base station. In a step 628, the wireless base station sends an authentication response containing the result of the wireless base station to the ACRE. The authentication response is received in the ACRE in a step 630. The authentication response could be included in the authentication message 504 (of figure 7) and preferably includes information of the wireless base station, such as a wireless base station identification uniquely associated with the wireless base station.
However, it will be understood that the wireless base station identification could already exist in the ACRE or could be sent as a separate message at a different time. In a step 631, the ACRE independently generates an authentication result of the wireless base station. The process for generating an authentication result of the wireless base station generated in steps 626 and 631 is described in detail with reference to figure 17. In a step 632, the ACRE determines whether the authentication result of the wireless base station generated by the wireless base station is equal to the authentication result of the wireless base station generated by the ACRE. If the authentication results are the same, the wireless base station is determined to be valid in a step 634. However, if the authentication results are not the same, the wireless base station is determined to be invalid in a step 636. The process of authentication of the wireless base station is terminated in a step 638. Turning now to FIG. 17, the preferred process for generating an authentication result of the wireless base station (shown generally in steps 626 and 631 of FIG. Figure 16). When generating an authentication result, entries 640 are required which include a RANDACRE 642 (a random number generated by the ACRE), the wireless base station identification (CBSID) 644, the telephone number of the ACRE 646, and an interface key Wired Line (WIKEY) 648. Preferably, the authorization signing procedure 650 uses 640 entries to generate the authentication result of the wireless base station 652. Many different algorithms may be suitable for this authorization signing procedure as this makes it difficult determining the WIKEY 648 given to a set of values for the RANDACRE 642, the CBSID 644, the telephone number of the ACRE 646, and the authentication result of the wireless base station 652. This is possible since the WIKEY, which is preferably 64 bits long, it has a substantially larger number of possible combinations than the authentication result of the latter. wireless base, which is preferably 18 bits long. In other words, there is a large number of WIKEY values that will generate the same authentication result of the wireless base station given a set of values for the RANDACRE, the CBSID, and the ACRE telephone number. The feature of the authorization signature procedure described above is desirable since some experts in the field who are familiar with WIKEY 648, CBSID 644, which is associated with WIKEY, and authorization signing procedure 650, could build a fraudulent device. Because the authorization signing procedure 650 could be discovered by an unauthorized user and it is inconvenient to change this algorithm in the wireless base stations that have proliferated, the WIKEY 648 is the basic means of security. Therefore, the confidentiality of this number must be protected by the algorithm. Returning now to Figure 18, the ACRE authentication process is shown. In a step 662, an ACRE authentication request is sent from the wireless base station to the ACRE. The authentication request of the ACRE could be included, for example, in the authentication message 504 of Figure 1, or it could be sent as a separate message. The authentication request is received by the ACRE in step 664. In a step 666, the wireless base station and in a step 667, the ACRE, independently generate an ACRE authentication result. The generation of the ACRE authentication result will be described in detail below with reference to Figure 19. In a step 668, the ACRE sends an authentication response containing the authentication result of the ACRE generated by the ACRE. The authentication response could be included in the authorization and authentication message 506 of Figure 7. The authentication response is received by the wireless base station in a step 669. In a step 670, the wireless base station determines whether the result of The ACRE authentication generated by the ACRE is equal to the authentication result of the ACRE generated by the wireless base station. If the authentication results are the same, the ACRE is determined to be valid in a step 672. However, if the results of -x- ACRE authentication are not equal, the ACRE is determined as invalid in a step 674. The authentication process of the ACRE ends in a step 676. Turning now to FIG. 19, the authentication signature procedure 692 uses the entries 680 to generate the authentication result of the ACRE 694. entries include the random number RANDCBS 682, the CBSID 684, the telephone number of the ACRE 686, and the WIKEY 690. The authorization signing procedure 692 operates in the same manner and has the same characteristics as the authorization signature procedure 650 which is shows in Figure 17. In Figure 20, the WIKEY 708 generation procedure uses the 696 entries to generate a new WIKEY 710. Entries to this algorithm include a random number RANDWIKEY 698, Reserved 702, the CBSID 704, and WIKEY 706. The WIKEY 708 generation procedure also works in the same manner and has the same characteristics as authorization signature procedure 650 (shown in Figure 17) to generate a new WIKEY. Although these algorithms need to have the same characteristics as the authorization signature procedure 650, they do not need to be the same algorithms. The WIKEY 708 generation procedure is unique in that it uses the value of the original WIKEY 706 in combination with the random number RANDWIKEY 698 to generate a new value of WIKEY 710. If someone were to obtain a value from the WIKEY, the ACRE could generate a new WIKEY in the next phone call. Since the person does not get the RANDWIKEY 698 during that call, it would be very difficult to determine the new value of the WIKEY based on the value of the original WIKEY. This has the advantageous effect of rendering the values of the original WIKEY useless for the construction purposes of a fraudulent wireless base station. Turning now to Figure 21, the preferred signaling protocol for communication between the wireless base station and the ACRE is shown. For ease of understanding, the signals will be described with reference to the messages shown in the general signaling protocol of Figure 7. However, before describing some specific messages that can be transmitted, the signaling protocol in general advance will be described. the ACRE to the wireless base station and the reverse signaling protocol from the wireless base station to the ACRE. In particular, the signaling format in advance is shown in Figure 21-1. A signal from the ACRE to the wireless base station includes a call field 720, a forward message type 722, a message length field 724, a data field 726, and a cyclic redundancy code (CRC) field 728. Because fields 720, 722, 724, and 728 are included in all signals transferred from the ACRE to the wireless base station, only the data field 726 will be described with reference to the specific messages transferred from the ACRE to the wireless base station. Figure 21-2 shows the reverse signaling format in general. In particular, the signals sent from the wireless base station to the ACRE include a reverse message type field 730, a message length field 732, a data field 734, and a CRC 736 field. messages transferred from the wireless base stations to the ACRE include fields 730, 732, and 736, only the data field 734 will be described with reference to the specific signals from the wireless base station to the ACRE.
- - Having described the general signaling format in the forward and inverse directions, the data fields of specific signals will be described. In particular, Figure 21-3 shows the data field of a preferred connection message 502 from the ACRE to the wireless base station. The preferred connection message includes a protocol version field 738 which indicates the version of a wireframe interface specification which is supported by the ACRE and which would be used by the wireless base station to determine the level of support provided by the ACRE. The connection message also preferably includes a location report field 740 which determines whether the wireless base station should identify its location by transmitting the optional parameter that contains the optional wireless telephone base station number parameter in the authentication message of the wireless base station. the wireless base station (described below with reference to Figures 21-6 and 21-7).
The connection message also includes a reserved field 742 for future signaling bits. Finally, the connection message 744 includes a RANDACRE which is a 32-bit random number generated by the ACRE (described above with reference to Figure 17) and is used in the generation of the authentication result of the wireless base station described above. .
The data field for the authentication message 504 of Figure 7 is shown in Figure 21-4. In particular, the authentication message includes a wireless base station identification field 746 which uniquely identifies the individual wireless base station connected in the communication system. The authentication message also includes a reserved field 748 for the future signaling bits. A field 750 includes a random signal from the wireless base station (RANDCBS) generated by the wireless base station. The RANDCBS field is used to generate the ACRE authentication result as described above in Figure 19. Field 752 includes the authentication result of the wireless base station generated in step 652 of Figure 17. Field 754 it is an authorization count field. The authorization count preferably contains a module counter 64 which is used to count the number of successive authorizations. Finally, field 756 is available for the optional parameters. Figure 21-5 shows an example of an optional parameter that includes a field 758 for the type of parameter and a field 764 for the parameter length, and a field 762 for transmitting the telephone number of the wireless base station.
Turning now to Figure 21-6, the data field for the authentication and authorization message (shown as message 506 in Figure 7) is shown. In particular, the authorization and authentication message includes an authentication result field of the ACRE 764, as shown by the one generated in step 694 of FIG. 19. The authentication result of the ACRE is generally compared to an authentication result of the ACRE. generated by the wireless base station to determine if the ACRE is authorized to operate in the communication system. A field of permitted use is also included to indicate whether the wireless base station is authorized to share the spectrum, such as a distributed cellular spectrum. Also included is a spectrum usage field 768 to indicate whether the spectrum that is distributed in the field of the channel assignment device 778 is used by the cellular system. If the spectrum is used by the cellular system, the wireless base station will not use the channel if it detects activity in the channel. If the spectrum is not used by the cell phone, the wireless base station will use the channel that will provide the lowest level of interference. An authorization start field 772 is also provided in the authorization and authentication message. The authorization start field indicates when the next authorization should start. A reserved field 774 is also included in the authorization and authentication message, followed by an initial channel number field 776. The initial channel field contains the initial channel number of 10 kHz for the channel allocation management system. The field of the channel allocation directive system 778 indicates the 10 kHz channels that are allowed to be used. Each bit in this directive system preferably corresponds to a given channel number of 10 kHz. The most left bit in this directive system corresponds preferably to the 10 kHz channel specified by the initial channel number. The rightmost bit in the directing system corresponds to the 10 kHz channel which is 63 channels above the 10 kHz channel specified by the initial channel number field 776. The authorization and authentication message also includes a number of fields of data related to signal strength levels. In particular, a maximum signal strength field received from the wireless base station 780 indicates the maximum received signal strength that is allowed for the use of a channel. If the signal strength of the channel is above a predetermined value, the channel is not used by the wireless base station. Similarly, the - Maximum resistance field of the signal received from PCC 782 indicates the maximum signal energy level for the reception frequencies of the PCC. A time field per block 784 indicates the continuous time that the signal strength of the channel must be less than or equal to the maximum signal strength before use by the wireless base station. A maximum transmission level of the wireless base station 786 indicates the maximum level of r. energy in which the base station can transmit wireless. Similarly, field 788 indicates the maximum transmission power level of the PCC allowed in the system. Finally, an optional parameter 790 is included in the data field for the authorization and authentication message. 15 Figure 21-7 shows a first example of an optional message. The data field includes a field of type parameter 792, a field of parameter length 794, and a telephone number of ACRE 796. Figure 21-8 shows a second optional parameter that can be sent.
The data field for this field of optional parameter type 798, a field of parameter length 800, and a field of the RANDWIKEY 802. The RANDWIKEY is used to generate a new WIKEY as described in figure 20. Returning to the Figure 21-9, the message is displayed of registration (message 507 in figure 7). The registration message includes a registration type field 804, a mobile identification number (MIN) 806, an electronic serial number (ESN) 808, and optional parameters 810. An example of an example is shown in Figure 21-10. optional parameter that could be used for multiple routing of telephone number calls. In particular, the optional field could include a parameter field 812, a parameter length field 814, a record type field 816, a MIN field 818 and an ESN 820. The record recognition message 508 of FIG. 7 could be sent from the ACRE to the wireless base station by the standard of Figure 21-1 to the signaling format without a data field. Finally, the release message 509 of Fig. 7 is shown in Fig. 21. Preferably, the release message includes a release ratio 822. Although Fig. 21 shows some preferred signals that could be transmitted between the ACRE and the station. wireless base, and some preferred fields that could be included in the signals, Figure 21 is not an exhaustive list of the signals that could be transferred, or an exhaustive list of the fields that could be included. Also, the bit length of the various fields could vary and would depend on the preference of a system operator.
In summary, the only method of the present invention satisfies a need to validate a communication link between a wireless base station and an authorization call routing equipment in order to ensure that the PCC is allowed to operate in the communication system ( that is, ensure that a PCC user does not fraudulently access the service in a system) and allow ACRE to provide the spectrum of the communication system (ie, ensure that the ACRE is not established by a fraudulent operator that uses illegally the spectrum). In particular, the method validates a communication link between a wireless base station and an authorization and call routing equipment by authenticating the wireless base station to communicate with said authorization equipment and by authenticating the authorization equipment to communicate with the base station. Wireless Preferably, the step of authenticating the wireless base station is based on a first random number generated within the authorization equipment and the step of authenticating the authorization equipment is based on a second random number generated within the wireless base station. A communication link between the wireless base station and the authorization equipment is allowed when both the wireless base station and the authorization equipment have been authenticated,

Claims (12)

  1. NOVELTY OF THE INVENTION Having described the present invention, it is considered as a novelty and therefore the property described in the following claims is claimed as property. 1. A method for validating a communication link between a wireless base station and authorization equipment, said wireless base station is coupled to a telephone network and adapted to communicate with a wireless communication device, the method comprising the steps of: authenticating said wireless base station to communicate with said authorization equipment, said step of authenticating said wireless base station is based on a first random number generated within said authorization equipment; authenticating said authorization equipment to communicate with said wireless base station, said step of authenticating said authorization equipment being based on a second random number generated within said wireless base station; and allowing a communication link between said wireless base station and said authorization equipment when said wireless base station and said authorization equipment have been authenticated. The method for validating a communication link according to claim 1, characterized in that said step of authenticating said base station - -
  2. wireless comprises the transmission of a connection message of said authorization equipment to said wireless base station, said connection message includes said first random number generated by said authorization equipment.
  3. 3. The method for validating a communication link according to claim 2, characterized in that said step of authenticating said wireless base station further comprises transmitting an authentication result of the wireless base station from said wireless base station to said authorization equipment.
  4. The method for validating a communication link according to claim 1, characterized in that said step of authenticating said authorization equipment further comprises transmitting an authentication message from the authorization equipment from said wireless base station to said authorization equipment, said The authorization equipment authentication message includes said second random number generated by said wireless base station.
  5. The method for validating a communication link according to claim 4, characterized in that said step of authenticating said authorization equipment further comprises transmitting an authentication result of the authorization equipment from said authorization equipment to said wireless base station.
  6. 6. A method for validating a wire communication link between a base station and a second connected device in a telecommunications network, the method comprising the steps of: (a) transmitting a first authentication request signal from said second device to said base station, said first authentication request signal has a first random number;
    (b) generating within said base station a first authentication result based on said first random number; (c) generating within said second device a second authentication result based on said first random number; (d) comparing said first authentication result and said second authentication result to authenticate said base station; (e) transmitting a second authentication request signal from said base station to said second device, said second authentication request signal includes a second random number; (f) generating within said second device a third authentication result based on said second random number; (g) generating within said base station a fourth authentication result based on said second random number; and (h) compare - -
    said third authentication result and said fourth authentication result for authenticating said second device.
  7. 7. A method for updating a key that is located both in a first device and in a second device coupled in a communication system, the method comprises the steps of: generating a random number in said first device; generating a new key in said first device based on said random number in said key; transmitting said random number to said second device; and generating said new key in said second device based on said random number and said key.
  8. The method of updating a key according to claim 7, characterized in that said step of generating a new key in said first device is based on said random number and an identification code associated with said second device; and wherein said step of generating a new key in said second device is based on said random number and an identification code associated with said second device.
  9. 9. A method for authenticating a wireless base station operating in a communication system having authorization equipment, said wireless base station having an identification code associated therewith, the method comprising the steps of: transmitting an authentication request from said authorization equipment to said wireless base station, said authentication request includes a random number generated in said authorization equipment; generating a first authentication result based on said random number and a first identification number; transmitting said first authentication result to said authorization equipment; transmitting said identification code associated with said wireless base station to said authorization equipment; generating a second authentication result in said authorization equipment based on said random number and said first identification number; and comparing said first authentication result and said second authentication result to authenticate said wireless base station.
  10. 10. A method for authenticating authorization equipment operating in a communication system having a wireless base station coupled to a telephone network, said wireless base station having an identification code associated therewith, the method comprising the steps of: transmitting an authentication request from said wireless base station to said authorization equipment, said authentication request includes a random number generated in said wireless base station and a first identification number; generating a first authentication result in said wireless base station, said first authentication result being based on said random number and said first identification number; generating a second authentication result in said authorization equipment based on said random number and said identification code of the wireless base station; transmitting said second authentication result to said wireless base station; and comparing said first authentication result and said second authentication result to authenticate said authentication equipment.
  11. 11. A method for authenticating authorization equipment operating in a communication system having a wireless base station coupled to a telephone network, said wireless base station having an identification code associated therewith, the method comprising the steps of: transmitting an authentication request from said wireless base station to said authorization equipment, said authentication request includes a random number generated in said wireless base station and a first identification number; generating a first authentication result in said wireless base station, said first authentication result being based on said random number and said first identification number; receiving in said wireless base station a second authentication result generated in said authorization equipment based on said random number and said identification code of the wireless base station; and comparing said first authentication result and said second authentication result to authenticate said authentication equipment.
  12. 12. A method for validating a wired communication link between a base station and a second device connected in a telecommunications network, the method comprising the steps of: (a) transmitting a first authentication request signal from said second device to said base station, said first authentication request signal has a first random number; (b) transmitting a second authentication request signal from said base station to said second device, said second authentication request signal includes a second random number and a first authentication result generated within said base station based on said first number random; (c) authenticating said base station by comparing said first authentication result with a second authentication result generated within said second device based on said first random number; (d) transmitting a third authentication result from said second device to said base station, said third authentication result generated within said second device based on said second random number; and (e) authenticating said second device when comparing said third authentication result with a fourth authentication result generated within said base station based on said second random number.
    -
    A METHOD FOR VALIDATING A COMMUNICATION LINK Summary of the Invention The method of the present invention generally validates a communication link in a communication system. In particular, the method validates a communication link between a wireless base station and a call routing and authorization equipment by authenticating the wireless base station to communicate with said authorization equipment (603) and by authenticating the authorization equipment to communicate with the wireless base station (604). Preferably, the step of authenticating the wireless base station is based on a first random number generated within the authorization equipment (502) and the step of authenticating the authorization equipment is based on a second random number generated within the wireless base station ( 504). A communication link between the wireless base station and the authorization equipment is permitted when both the wireless base station and the authorization equipment have been authorized (614).
MXPA/A/1996/000129A 1994-05-06 1996-01-05 A method to validate a communication link MXPA96000129A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US08239012 1994-05-06
US08/239,012 US5488649A (en) 1994-05-06 1994-05-06 Method for validating a communication link

Publications (2)

Publication Number Publication Date
MX9600129A MX9600129A (en) 1998-11-30
MXPA96000129A true MXPA96000129A (en) 1999-01-15

Family

ID=

Similar Documents

Publication Publication Date Title
US5488649A (en) Method for validating a communication link
US6052595A (en) Method of and apparatus for selecting a communication channel
JP3093273B2 (en) Call routing system for wireless data devices
US6360091B1 (en) Method and apparatus for establishing a communication link
EP0965240B1 (en) Authentication key management for mobile stations
US6363246B1 (en) Call routing method for a radiotelephone in multiple radiotelephone systems
WO1993016534A1 (en) Frequency sharing in multiple radiotelephone systems
US5854980A (en) Radio communication apparatus connected with a base station used in a service area prior to the others
EP1101372B1 (en) Method and apparatus for allowing cordless communication attempts in a multiple mode system
CA2080709C (en) Radio telecommunication apparatus using system identification number
US6006107A (en) Radio telecommunication apparatus and method having stored system identification numbers
MXPA96000129A (en) A method to validate a communication link
MXPA96000127A (en) Call addressing system for a wireless device of da
KR970002950B1 (en) Call control method for neglecting illegal subscribers in wireless network
KR100389826B1 (en) Wireless pbx operating state display method
MXPA96000130A (en) System to explore cana
MXPA99009205A (en) Systems and methods for implementing private wireless communications
MXPA00010948A (en) System and method for delivering a call for a mobile station using either a wireless network or a wireline network