NO336812B1 - Method and apparatus for enabling re-authentication in a cellular communication system - Google Patents

Abstract

There is described a method (and associated equipment) for use in re-authentication - after a first, full, authentication of a first identification server (23a) - of a communication session involving the exchange of information between a terminal (21) and a server (24), wherein the method comprises: a step (11) wherein the first authentication server (23a) and second authentication servers (23b) are each assigned their own unique real name, and a step (13) wherein the first authentication server (23a) transmits a authentication identity , comprising the unique "Yealrn" name assigned to the first authentication server, to the terminal (21) during authentication between the terminal and the first authentication server (23a). Later, during re-authentication, to enable the re-authentication to be performed by the same authentication server (23a) that performed the full authentication, i.e., by the first authentication server (23a), the re-authentication identity is included in a re-authentication request.

Description

Technical field

The present invention relates to an Extensible Authentication Protocol (EAP) mechanism for authentication and session key distribution in a communication system, such as the EAP mechanism for Authentication and (session) Key (distribution) Agreement (AKA) Universal Mobile Telecommunications System (UMTS), and also as the EAP mechanism for AKA as implemented in the Subscriber Identity Module (SIM) used in the common European system for mobile communications (Global System for Mobile Communications) (GSM). More specifically, the present invention relates to re-authentication in communication systems that use the EAP mechanism for GSM SIM or UMTS AKA authentication.

Known technique

AKA is based on call response mechanisms and symmetric encryption and as presented in 3GPP (Third Generation Partnership Program) TS (Technical Specification) 33.102 V3.6.0: "Technical Specification Group Services and System Aspects; 3G Security; Security Architecture (Release 1999)," 3rd Generation Partnership Project, November 2000. AKA typically runs in a UMTS User Identity Module (USIM), which is a smart card-like device. However, the applicability of AKA is not limited to client devices with smart cards; for example, AKA mechanisms can also be implemented in host software. AKA also provides backward compatibility to authentication mechanisms for GSM as presented in GSM 03.20 (ETS 300 534): "Digital cellular telecommunication system (phase 2); Security related network functions," European Telecommunications Standards, Institute, August 1997. Compared to the GSM mechanism AKA provides significantly longer key lengths and also server-side (in addition to client-side) authentication.

In order for a client device, such as a wireless terminal (more precisely, such as a mobile station), to be able to use services provided by a server, such as a server in a communication system provided and operated by an operator (or indeed the services of a server for any type of network, including, for example, the Internet), the terminal or the user must in some cases (for some networks and for some services for those networks) authenticate themselves to the server and vice versa (the latter at least in some networks, especially UMTS), i.e. each must prove to the other that it is what it claims to be. In dial-up networks, wireless LANs, wired LANs and various Digital Subscriber Line networks (xDSL), the network operator typically uses what is often called an AAA (Authentication, Authorization and Accounting) server to authenticate a client and to to authenticate the server in the operator network to which the client has directed a service request (or to authenticate the operator server independently of a specific server). An AAA server may be responsible for storing shared secrets and other credential information necessary for the authentication of users (terminals with components specific to a particular user and thus identifying the user), otherwise an AAA server may separate user database information to save the credential information. The Extensible Authentication Protocol (EAP) is often used for networks that use AAA servers for authentication between an AAA server and a terminal. If the operator of the network is a cellular operator for a UMTS or GSM network, the EAP method can encapsulate extended GSM authentication and key agreement, as in EAP SIM, or extended UMTS authentication and key agreement, as in EAP AKA. The terminal exchanges authentication packets with a relay device on the local network. The relay device is different on different types of network, but it can be, for example, a wireless LAN access point, an Ethernet switch or a dial-up Network Access Server (NAS). The intermediary usually acts as what is called an AAA client, and the AAA client and the AAA server perform the authentication using what is called an AAA protocol.

At the start of a communication session established with EAP SIM or EAP AKA, the terminal and the AAA server perform what is here called a full authentication, i.e. authentication that starts from a state in which neither the terminal nor the AAA server has grounds to authenticate each other.

After full authentication is established, it may be that after a predetermined time or in the event that some condition is met, re-authentication is required to reduce the chance that a "bad guy" has either started to simulate system access by false identification as the original authenticated object by using another device (a server device or a client device), or has even somehow gained physical control of the original authenticated device (for example, a user has left an authenticated terminal and gone their way) and has started to send requests. A reauthentication may also be required to determine that the terminal is still using the network resources required by the report messages sent by the local network. A re-authentication can also be used to negotiate new security keys in cases where the lifespan of the keys is limited for security reasons. Re-authentication is identical in EAP SIM (for GSM) and EAP AKA (for UMTS).

The prior art of EAP SIM and EAP AKA protocols provides for reauthentication by adopting separate reauthentication user identities that are provided from the AAA server to the terminal being reauthenticated. Re-authentication is based on session keys and other context information that is established during full authentication.

An operator may provide multiple AAA servers for load balancing and other reasons in a network. Because an AAA server may be randomly selected to authenticate a terminal, or may be selected by a predetermined mechanism such as a "round-robin" mechanism, a terminal (user) may not always authenticate with the same AAA server. In such a network, re-authentication becomes a problem in that the context information is only stored in the AAA server that performs the full authentication. Since reauthentication assumes the availability of some information produced during full authentication, it will not work (ie cannot be performed) if a terminal's AAA request for reauthentication is forwarded to a different AAA server than the AAA server that performed the full authentication.

The document SCHAEFER, G.; KARL, H.; FESTAG, A.: "Current Approaches to Authentication in Wireless and Mobile Communications Networks", Technical Report TKN-01.002, [Online], 26.03.2001, provides an overview of authentication techniques used for mobile and wireless networks. The document describes a combined authentication network formed by schemes based on mobile IP and AAA network nodes.

There is a need for a way to make re-authentication work in networks where a request for re-authentication could possibly be forwarded to a AAA server other than the AAA server performing the full authentication.

Description of the invention

The invention is defined in the patent claims.

Brief description of the figures

The above and other objects, features and advantages of the invention will now be apparent from the following more detailed description referring to the accompanying figures, in which Figure 1 shows a flow diagram of a method for re-authentication of a terminal (with an authentication server acting as an authentication agent ) according to the invention. Figure 2 shows a block diagram/flow diagram of a terminal that authenticates and then re-authenticates with an authentication server according to the invention.

Preferred embodiment of the invention

The present invention provides a solution to the problem of how to ensure that re-authentication works in networks where a request for re-authentication can possibly be forwarded to a AAA server other than the AAA server that performs the full authentication. To solve the problem, the present invention makes it possible to select an AAA server for reauthentication that performed the full authentication.

The invention is described below in connection with the Extensible Authentification Protocol (EAP) mechanism for authentication and session key distribution in the Universal Mobile Telecommunications System (UMTS) Authentication and Key Agreement (AKA), as presented in 3GPP TS 33.102 V3.6.0: "Technical Specification Group Services and System Aspects; 3G Security; Security Architecture (Release 1999)", 3rd Generation Partnership Project, November 2000, and in the IETF (Internet Engineering Task Force) draft document, "EAP AKA Authentiifcation," draft-arkko-pppext-eap-aka- 04.txt, by J. Arkko and H. Haverinen, June 2002. UTMS is a global third-generation mobile network standard. The invention is also clear for use in connection with the EAP mechanism for authentication and session key distribution using the Global System for Mobile communications (GSM) Subscriber Identity Module (SIM), as set forth in GSM Technical Specification GSM 03.20 (ETS 300 534): "Digital cellular telecommunication system (Phase 2); Security related network functions", European Telecommunications Standards, Institute, August 1997, and in the IETF draft document, "EAP SIM Authentification," by H. Haverinen, draft-haverinen-pppext-eap-sim- 05.txt, 2 July 2002. Although the invention is described specifically for use with the Extensible Authentication Protocol and its methods for UMTS and GSM, it should be understood that the invention is not limited for use in the Extensible Authentication Protocol or cellular communication systems according to UMTS or GSM -standards; indeed, the invention is for use in any communication system that provides authentication in a manner similar or comparable to the use of the Extensible Authentication Protocol in conjunction with AAA protocols. The invention in the case of the described embodiment uses the so-called EAP (Extensible Authentication Protocol), as presented in RFC 2284, entitled "PPP Extensible Authentication Protocol (EAP). The EAP (PPP) is a general protocol for authentication, it supports several authentication mechanisms.

Referring to figures 1 and 2 to ensure that re-authentication is always possible, the invention provides a method comprising a first step 11, in which each AAA server 23a 23b (in the same or different operator networks) is assigned a unique "realm" name , and in the case of UMTS or GSM and authentication of IP services, it is a name of a type that can be used in (as part of, i.e. as, for example, in bruker@reelltnavn where "realm name" is the unique "realm " the name) a Network Access Identifier (NAI), which is the identifier (of a terminal) used in AAA protocols in connection with authentication for network access. In established EAP and AAA protocols, the authentication request includes the Network Access Identifier of the user. In the case of full authentication, the EAP SIM and EAP AKA specify the identity format that the terminal should use to request full authentication. According to the established specifications, the username part of the NAI comprises either the International Mobile Subscriber Identifier (IMSI) or a temporary identifier called a pseudonym in the EAP SIM and EAP AKA specifications. The "realm" name used in the NAI is typically a common identifier for the home operator. Multiple AAA servers may have been executed to serve requests sent to this "realm" name. According to the prior art, a "realm" name in the NAI can therefore usually be shared by several AAA servers. For example: subscribers of MyOperator could use the "realm" name myoperator.com, and AAA messages would be routed to one of myoperator.com's servers. That the "realm" name possibly indicates a group of AAA servers is the case in EAP SIM and EAP AKA full authentication. According to the invention, however, each AAA server will also be assigned a unique "realm" name, such as, for example, serverX.myoperator.com., and it is the unique "realm" name that would have been used in reauthentication identities. Here, the third-level name serverX makes the "realm" name serverX.myoperator.com a unique "realm" name. The structured format of the "realm" name may allow some of the AAA elements to route all "realm" names ending with myoperator.com to the next correct transfer path regardless of a third-level name that might need to be added to make a " realm" name unique; for example, the mediator 21a may not need to worry about the full "realm" name and may instead apply a simple rule: Route<*>.myoperator. com to MyOperator AAA proxy" (where the character<*> acts as a wild card, i.e. indicating that any set of letters in the name is allowed).

In a next step 12, one first 23a of the AAA servers 23a 23b receives a request from a mediation device 21a (i.e. an AAA client, and more specifically, e.g. a service access point) via a proxy AAA server 22 for (full) authentication with regard to a terminal 21, so that the mediation device 21a can grant the terminal 21 access to a network 24 (such as the Internet). Not shown (for clarity) in Figure 2 are a number of the elements of the carrier network(s) that enable the wireless communication between the terminal 21 and the AAA servers 23a 23b (ie, more specifically, the radio access networks of each carrier network) as well as other elements that routes communications to one or the other of the AAA servers 23a 23b.

In a next step 13, the first AAA server 23a transfers to the terminal 21 (via the proxy server 22 and the mediation device 221a) a reauthentication identity (for use by the terminal in a later reauthentication), and includes the unique "realm" name in the reauthentication identity, which also includes a bmker name part. The reauthentication identity is different from the IMSI-based identity and the pseudonym identity used in full authentication. Step 13 is performed as part of the full authentication procedure, which includes steps other than those that have been omitted from Figure 1 for clarity. The username part of the reauthentication identity is a one-time username chosen by the server. It can be a name or an identifier chosen at random. So a reauthentication identity could be, for example:

1209834387@serverl5. mvoperator. com

In a next step 14, the terminal 21 sends a reauthentication request to perform a reauthentication (typically based on a condition that must be met) using the reauthentication identity comprising the unique "realm" name. In general, there are several ways in which the reauthentication can be initiated. One way is that the mediation device 21a can initiate reauthentication. In this case, in wireless LANs - where the "reauthentication request" forwarded based on the unique "realm" name includes an EAP identity response packet - the relay device 21a sends an EAP identity response packet to the terminal 21, and the terminal responds with an EAP identity response that includes the reauthentication identity. This packet is then forwarded over an AAA protocol to the correct AAA server. Alternatively, the terminal 21 can itself initiate reauthentication. On wireless LANs, the terminal 21 sends an EAPOL-Start (EAP over LAN start) packet to the relay device 21a. Upon receipt of EAPOL-Start, the intermediary device 21a issues the EAP identity response packet to the terminal, and the reauthentication exchange is performed as described below.

In a next step 15, an AAA network element (the intermediary device 21a, the proxy 22 and the AAA servers 23a 23b) that receives the request examines the reauthentication identity contained in the request to determine where to route the request (based on the reauthentication identity, which indicates the first AAA -server 23a via the "realm" name). The routing is based on e.g. a routing table or other common routing tool that fits. Typically, the proxy server 22 examines the "realm" name and routes the request directly to the first AAA server 23a. The request is therefore received sooner or later by the AAA server which performs the full authentication, i.e. by the first AAA server 23a.

In a next step 16, the first AAA server 23a responds to the request for re-authentication per an established protocol for re-authentication. In subsequent step 17, subsequent communication is communicated from the terminal 21 to the first AAA server 23a per established AAA protocols between the terminal 21 and the first AAA server 23a via the mediation device 21a. The subsequent communication can be routed directly between the mediation device 21a and the first AAA server 23a or can be routed via intermediate AAA elements. The established AAA protocols typically include means to ensure that the AAA server 23a performing authentication is not changed during an authentication exchange.

In some cases, the terminal 21 can have communication via several different sessions at the same time by using the method for full authentication for each session. The sessions may be authenticated by the same AAA server or by different AAA servers, and may use the same or different radio technologies and the same or different applications to perform authentication. According to the invention, the terminal 21 maintains separate state information for each such session to accommodate such variation, and the terminal 21 can then perform re-authentication separately for each such session, as described in connection with Figure 1. Similarly, each AAA server 23a 23b, which is used in authentication for one or more concurrent sessions, separate state information for each such session.

Note that although the invention relates to wireless LAN authentication, it is also relevant to xDSL, dial-up, Ethernet and other authentication contexts. The Extensible Authentication Protocol procedures for UMTS and GSM authentication are aimed at mobile operators who want to manage WLAN or other complementary access networks; it is possible that the invention will never be applied to actual UMTS or GSM networks.

It should be understood that the above arrangements are only illustrative of the application of the principles of the present invention. A number of modifications and alternative arrangements may be derived by those skilled in the art without departing from the scope of the present invention, and the accompanying claims are intended to cover such modifications and arrangements.

Claims (12)

1. Method of application when reauthenticating a communication session involving the exchange of information between a terminal (21) and a network of content servers (24) via an authentication network (28), where the communication session has already been authenticated by the terminal (21) and a first authentication server (23a) to the authentication network (28), characterized by including: that the first authentication server (23a) and second authentication servers (23b) each receive their own unique "realm" name, that the first authentication server (23a) receives an authentication request for a terminal, and that the first authentication server (23a) transmitting a reauthentication identity, comprising the unique "realm" name assigned to the first authentication server, to the terminal (21) during authentication between the terminal and the first authentication server (23a). 2. Method in accordance with claim 1, characterized by including: that a network element for authentication (21a 22 23a 23b) receives a request for re-authentication which is transmitted by the terminal (21), by using the re-authentication identity that includes the unique "realm" the name, and that the authentication network element (21a 22 23a 23b) determines the unique "realm" name from the reauthentication identity contained in the request. 3. Method according to claim 2, characterized in that: the authentication network element (21a 22 23b) forwards the request to the authentication server (23a) indicated by the unique "realm" name included as part of the reauthentication identity, and that the terminal (21) and the authentication server (23a), indicated by the unique "realm" name, performs reauthentication. 4. Authentication server (23a 23b) in a cellular communication system, comprising means for reauthentication of a communication session between a terminal (21) and a content server (25), where the authentication server (23a 23b) is characterized by comprising: means for performing authentication, and means (13) for transmitting a reauthentication identity to a terminal (21) requesting authentication, including a unique "realm" name that uniquely identifies the authentication server. 5. Authentication server in accordance with claim 4, characterized by comprising: means (15) for receiving a request from a terminal for reauthentication, where the request includes the reauthentication identity, and for determining from the reauthentication identity the unique "realm" name included in the request. 6. Authentication server in accordance with claim 5, characterized by further comprising: means (16) for forwarding the request to another authentication server if the unique "realm" name indicates the other authentication server. 7. Computer program, comprising: a computer-readable storage device including a computer program code thereon for execution by a computer processor in an authentication server (23a), wherein said computer program code is characterized in that it includes instructions to transmit to a terminal requesting authentication an authentication identity comprising a unique " realm" name that identifies the authentication server. 8. Computer program product in accordance with claim 7, characterized by including instructions for receiving a request from a terminal for reauthentication, where the request includes the reauthentication identity, and for determining from the reauthentication identity the unique "realm" name included in the request. 9. Computer program product according to claim 7, characterized by including instructions for receiving a request from a terminal for reauthentication, wherein the request includes the reauthentication identity, and for determining from the reauthentication identity the unique "realm" name included in the request. 10. System, comprising a number of terminals (21), a number of authentication servers (23a, 23b), and at least one content server (24), where the terminals (21) are arranged to request the content from the content server (24) after authentication and random re-authentication with one of the authentication servers (23a 23b), where the system is characterized in that at least two of the authentication servers (23a 23b) are in accordance with claim 4. 11. Terminal (21), characterized by comprising: means for requesting reauthentication of a communication session between the terminal (21) and a content server, means for receiving a reauthentication identity from a first authentication server (23a) comprising a unique "realm" name that is assigned the first authentication server (23a), and means for transmitting a request for authentication to an authentication network element (21a 22 23 a 23b) using the reauthentication identity including the unique "realm" name. 12. Terminal in accordance with claim 11, characterized in that means for transmitting a request for re-authentication to an authentication network element that uses the re-authentication identity, which includes the unique "realm" name, comprises the re-authentication identity in an identity response packet according to an extensible authentication protocol (Extensible Authentication Protocol).