WO1999049688A1 - System and method of authenticating a mobile station's identity and handling authentication failures in a radio telecommunications network - Google Patents
System and method of authenticating a mobile station's identity and handling authentication failures in a radio telecommunications network Download PDFInfo
- Publication number
- WO1999049688A1 WO1999049688A1 PCT/SE1999/000356 SE9900356W WO9949688A1 WO 1999049688 A1 WO1999049688 A1 WO 1999049688A1 SE 9900356 W SE9900356 W SE 9900356W WO 9949688 A1 WO9949688 A1 WO 9949688A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- mobile station
- subscriber
- count
- network
- determining
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/043—Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
- H04W12/0431—Key distribution or pre-distribution; Key agreement
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/126—Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning
Definitions
- This invention relates to telecommunication systems and, more particularly, to a system and method of authenticating a mobile station's identity and handling authentication failures in a radio telecommunications network.
- existing networks include an authentication center (AC) which is normally co-located with a home location register (HLR).
- the AC is utilized to perform a verification of the identity of a mobile station each time the mobile station accesses the network.
- Each subscriber has an authentication key (A-key) stored in the AC and in the mobile station. For security reasons, the A-key is never sent out to other nodes in the network. Instead, the AC constructs what is known as Shared Secret Data (SSD). SSD is authentication data which may be shared between the AC, the HLR, the mobile station, and the mobile switching center (MSC) serving the mobile station.
- SSD Shared Secret Data
- the SSD is normally calculated utilizing a random number, the subscriber's A-key, and some other factor such as the mobile identification number (MIN) of the subscriber's mobile station.
- the SSD may be sent from the AC to any MSC where the subscriber roams.
- the access is challenged by the network which determines whether the information stored in the mobile station matches the information stored in the network's authentication center (AC).
- AC authentication center
- a verification counter is incremented in the mobile station and in the AC. The verification count from the mobile station and the verification count from the network are compared at each system access, and must match for access to be granted.
- V-MSC visited mobile switching center
- the SSD has been sent to the V-MSC
- the verification count is maintained in the V-MSC as long as the mobile station continues to operate there.
- the AC goes back to the previous serving MSC to fetch the verification count. In this way, the AC always has the latest verification count associated with the mobile station.
- the present invention is a method of authenticating a mobile station's identity when a subscriber is attempting to access a radio telecommunications network to place a call.
- the radio telecom-munications network includes a mobile switching center (MSC) serving the mobile station.
- the method begins by determining in the MSC whether the mobile station's verification count received from the mobile station matches the mobile station's verification count received from the network. If the verification count received from the mobile station does not match the verification count received from the network, the method routes the call to a system operator who determines whether the subscriber is an authorized subscriber. The operator may obtain identification data from the subscriber to validate the subscriber's identity, and attempt a Shared Secret Data (SSD) update.
- SSD Shared Secret Data
- the present invention is a system for authenticating a mobile station's identity when a subscriber is attempting to access a radio telecommunications network to place a call.
- the system includes a mobile switching center (MSC) serving the mobile station.
- the MSC includes means for determining whether the mobile station's verification count received from the mobile station matches the mobile station's verification count received from the network, and means for routing the call to a system operator upon determining that the mobile station's verification count received from the mobile station does not match the mobile station's verification count -4- received from the network.
- the system also includes means for establishing a voice channel between the system operator and the mobile station which is utilized to obtain identification data from the subscriber, means for permitting access to the network upon determining that the subscriber is an authorized subscriber, and means for dropping the call upon determining that the subscriber is not an authorized subscriber.
- the subscriber's record in the home location register may also be flagged so that when the legitimate subscriber attempts to access the network, the call is forwarded to an operator.
- FIG. 1 is a simplified block diagram of the components of the authentication system of the present invention.
- FIG. 2 is a flow chart of the steps of the method of the present invention when a count mismatch is detected in the MSC.
- FIG. 1 is a simplified block diagram of the components of the authentication system 10 of the present invention.
- the system includes a mobile station (MS) 11, a base station (BS) 12 serving the mobile station, a mobile switching center (MSC) 13, a home location register and authentication center (HLR/AC) 14, and a system operator 15.
- the HLR/AC 14 includes a database of subscriber profiles and mobile station information 16, a database of subscriber authentication keys (A-keys) 17, a function for generating shared secret data (SSD) 18, and a verification count record 19.
- A-keys subscriber authentication keys
- SSD shared secret data
- the MSC 13 includes a central processor (CP) 20, a group switching subsystem (GSS) 21 for routing calls, and exchange terminal circuits (ETC) 22 and 23 for interfacing with the BS 12.
- the MSC also includes a special treatment designator 24 which directs the routing of calls requiring special treatment, and a count mismatch detector 25 which compares verification count information received from the mobile station 11 and the HLR/AC 14.
- the mobile station 11 includes a verification count record 26.
- FIG. 2 is a flow chart of the steps of the method of the present invention when a count mismatch is detected in the MSC.
- the process begins at step 31 where the MS 11 sends its ID/count information to the MSC 13.
- the MSC requests the ID/count information stored in the network from the HLR/AC 14.
- the count mismatch detector 25 determines whether or not the ID/count information received from the MS (the mobile station count) matches the ID/count information received from the HLR/AC (the network count). If the mobile station count matches the network count, the process moves to step 34 where access to the network is permitted. If the counts do not match, the process moves from step 33 to step 35 where the MSC designates the call for special treatment in the special treatment designator 24.
- the MSC then routes the call at step 36 to the system operator 15. If the attempted access is an originating or terminating access, a voice channel is established between the system operator and the mobile station, and at step 37, the system operator, while on the voice channel with the mobile station, obtains personal identification data from the subscriber, which may be personal information on file with the operator. The operator then attempts a SSD update. If the attempted access is a registration, no voice channel is necessary. The operator merely attempts the SSD update. At step 38 it is determined whether or not the SSD update was successful. If not, the process determines that the subscriber attempting the access is fraudulent, and moves to step 39 where the call is dropped.
- the process may additionally flag the subscriber's record indicating that a change of the subscriber's A-key may be necessary. This step assists in re-validating the legitimate subscriber when he next accesses the system. If the SSD update was successful, however, the process moves from step 38 to step 41 where access is permitted to the network. Then, at step 42, the count received from the MS for this access is utilized to reset the valid count in the HLR/AC to match the count in the MS.
Abstract
A system and method of authenticating a mobile station's identity and handling authentication failures when a subscriber is attempting to access a radio telecommunications network (10). The radio telecommunications network includes a mobile switching center (MSC) (13) serving the mobile station (11). A Home Location Register/Authentication Center (HLR/AC) (14) maintains a network count (19) of the number of system access made by the mobile station. The mobile station maintains a mobile station count (26) of the number of system access made by the mobile station. When the mobile station attempts a system access, the MSC (13) determines whether the mobile station count (26) equals the network count (19). If the mobile station count does not equal the network count, the call is routed to a system operator (15) who determines whether or not the subscriber is an authorized subscriber. If the attempted access is an originating access or a terminating access, a voice channel is established, and the operator obtains personal identification data from the subscriber and attempts an SSD update (37). If the attempted access is a registration, the operator merely attempts the SSD update. If the SSD update is unsuccessful, the call is dropped, and the subscriber's record may be flagged (40) to indicate that an authentication key (A-key) update is required. If the SSD update is successful, the subscriber is permitted (41) to access the network, and the network count is reset (42) to match the mobile station count.
Description
-1-
SYSTEM AND METHOD OF AUTHENTICATING A MOBILE STATION'S IDENTITY AND HANDLING AUTHENTICATION FAILURES IN A RADIO TELECOMMUNICATIONS NETWORK
BACKGROUND OF THE INVENTION
Technical Field of the Invention
This invention relates to telecommunication systems and, more particularly, to a system and method of authenticating a mobile station's identity and handling authentication failures in a radio telecommunications network. Description of Related Art
In order to reduce fraud in radio telecommunications networks, existing networks include an authentication center (AC) which is normally co-located with a home location register (HLR). The AC is utilized to perform a verification of the identity of a mobile station each time the mobile station accesses the network. Each subscriber has an authentication key (A-key) stored in the AC and in the mobile station. For security reasons, the A-key is never sent out to other nodes in the network. Instead, the AC constructs what is known as Shared Secret Data (SSD). SSD is authentication data which may be shared between the AC, the HLR, the mobile station, and the mobile switching center (MSC) serving the mobile station. The SSD is normally calculated utilizing a random number, the subscriber's A-key, and some other factor such as the mobile identification number (MIN) of the subscriber's mobile station. The SSD may be sent from the AC to any MSC where the subscriber roams. Each time a mobile station accesses the radio telecommunications network, the access is challenged by the network which determines whether the information stored in the mobile station matches the information stored in the network's authentication center (AC). Each time the mobile station makes a system access in the network, and the authentication passes, a verification counter is incremented in the mobile station and in the AC. The verification count from the mobile station and the verification count from the network are compared at each system access, and must match for access to be granted. If the subscriber has roamed to a visited mobile
switching center (V-MSC), and the SSD has been sent to the V-MSC, the verification count is maintained in the V-MSC as long as the mobile station continues to operate there. When the subscriber roams to a different MSC and registers in the network, the AC goes back to the previous serving MSC to fetch the verification count. In this way, the AC always has the latest verification count associated with the mobile station.
A problem arises, however, when a fraudulent user makes and uses a clone of the legitimate subscriber's mobile station. If a fraudulent user has cloned the subscriber's mobile station (including MIN, A-key, and verification count), he will be able to access to the network. At that time, the verification count in the fraudulent mobile station and the AC is incremented. Then, when the legitimate subscriber subsequently attempts to access the network, the verification count in the legitimate mobile station does not match the verification count in the AC. Therefore, the legitimate subscriber is denied access.
In existing radio telecommunications networks, when a mobile station fails the verification count, the call is immediately dropped. Therefore, the legitimate subscriber cannot even utilize his mobile station to call the operator to correct the problem because each time he attempts to access the network, his call is dropped. To correct the problem, the subscriber must instead find a wireline telephone, or borrow someone else's mobile station to make the call to the operator. If another telephone is not readily available, the legitimate subscriber's mobile station is useless until the subscriber can be reinstated as an authorized subscriber.
Although there are no known prior art teachings of a solution to the aforementioned deficiency and shortcoming such as that disclosed herein, U.S. Patent Number 5,557,676 to Naslund discusses subject matter that bears some relation to matters discussed herein. Naslund discloses a method and system for authenticating the identification of mobile stations during system access. Naslund essentially describes the aforementioned method of storing event counts in both the mobile station and the network, and verifying that the event counts match before providing system access. Naslund further describes a method of encrypting the count information so that it is not readily discernable by fraudulent users ease dropping on network channels. However, Naslund does not teach or suggest a solution to the problem facing a legitimate subscriber who cannot access the network due to a verification
count mismatch.
Review of each of the foregoing references reveals no disclosure or suggestion of a system or method such as that described and claimed herein.
In order to overcome the disadvantage of existing solutions, it would be advantageous to have a method and system for authenticating a mobile station's identity and handling authentication failures in a radio telecommunications network which enables a legitimate subscriber to access a network operator following a verification count mismatch. The present invention provides such a method and system.
SUMMARY OF THE INVENTION
In one aspect, the present invention is a method of authenticating a mobile station's identity when a subscriber is attempting to access a radio telecommunications network to place a call. The radio telecom-munications network includes a mobile switching center (MSC) serving the mobile station. The method begins by determining in the MSC whether the mobile station's verification count received from the mobile station matches the mobile station's verification count received from the network. If the verification count received from the mobile station does not match the verification count received from the network, the method routes the call to a system operator who determines whether the subscriber is an authorized subscriber. The operator may obtain identification data from the subscriber to validate the subscriber's identity, and attempt a Shared Secret Data (SSD) update. If the subscriber is an authorized subscriber, access to the network is permitted. If it is determined that the subscriber is not an authorized subscriber, the call is dropped. In another aspect, the present invention is a system for authenticating a mobile station's identity when a subscriber is attempting to access a radio telecommunications network to place a call. The system includes a mobile switching center (MSC) serving the mobile station. The MSC includes means for determining whether the mobile station's verification count received from the mobile station matches the mobile station's verification count received from the network, and means for routing the call to a system operator upon determining that the mobile station's verification count received from the mobile station does not match the mobile station's verification count
-4- received from the network. The system also includes means for establishing a voice channel between the system operator and the mobile station which is utilized to obtain identification data from the subscriber, means for permitting access to the network upon determining that the subscriber is an authorized subscriber, and means for dropping the call upon determining that the subscriber is not an authorized subscriber.
The subscriber's record in the home location register (HLR) may also be flagged so that when the legitimate subscriber attempts to access the network, the call is forwarded to an operator.
BRIEF DESCRIPTION OF THE DRAWINGS
The invention will be better understood and its numerous objects and advantages will become more apparent to those skilled in the art by reference to the following drawings, in conjunction with the accompanying specification, in which:
FIG. 1 is a simplified block diagram of the components of the authentication system of the present invention; and
FIG. 2 is a flow chart of the steps of the method of the present invention when a count mismatch is detected in the MSC.
DETAILED DESCRIPTION OF EMBODIMENTS FIG. 1 is a simplified block diagram of the components of the authentication system 10 of the present invention. The system includes a mobile station (MS) 11, a base station (BS) 12 serving the mobile station, a mobile switching center (MSC) 13, a home location register and authentication center (HLR/AC) 14, and a system operator 15. The HLR/AC 14 includes a database of subscriber profiles and mobile station information 16, a database of subscriber authentication keys (A-keys) 17, a function for generating shared secret data (SSD) 18, and a verification count record 19. In an exemplary configuration, the MSC 13 includes a central processor (CP) 20, a group switching subsystem (GSS) 21 for routing calls, and exchange terminal circuits (ETC) 22 and 23 for interfacing with the BS 12. The MSC also includes a special treatment designator 24 which directs the routing of calls requiring special treatment, and a count mismatch detector 25 which compares verification count information received from the mobile station 11 and the HLR/AC 14. The mobile station 11
includes a verification count record 26.
FIG. 2 is a flow chart of the steps of the method of the present invention when a count mismatch is detected in the MSC. The process begins at step 31 where the MS 11 sends its ID/count information to the MSC 13. At step 32, the MSC requests the ID/count information stored in the network from the HLR/AC 14. At step 33, the count mismatch detector 25 determines whether or not the ID/count information received from the MS (the mobile station count) matches the ID/count information received from the HLR/AC (the network count). If the mobile station count matches the network count, the process moves to step 34 where access to the network is permitted. If the counts do not match, the process moves from step 33 to step 35 where the MSC designates the call for special treatment in the special treatment designator 24. The MSC then routes the call at step 36 to the system operator 15. If the attempted access is an originating or terminating access, a voice channel is established between the system operator and the mobile station, and at step 37, the system operator, while on the voice channel with the mobile station, obtains personal identification data from the subscriber, which may be personal information on file with the operator. The operator then attempts a SSD update. If the attempted access is a registration, no voice channel is necessary. The operator merely attempts the SSD update. At step 38 it is determined whether or not the SSD update was successful. If not, the process determines that the subscriber attempting the access is fraudulent, and moves to step 39 where the call is dropped. At step 40, the process may additionally flag the subscriber's record indicating that a change of the subscriber's A-key may be necessary. This step assists in re-validating the legitimate subscriber when he next accesses the system. If the SSD update was successful, however, the process moves from step 38 to step 41 where access is permitted to the network. Then, at step 42, the count received from the MS for this access is utilized to reset the valid count in the HLR/AC to match the count in the MS.
It is thus believed that the operation and construction of the present invention will be apparent from the foregoing description. While the method, apparatus and system shown and described has been characterized as being preferred, it will be readily apparent that various changes and modifications could be made therein without
-6- departing from the spirit and scope of the invention as defined in the following claims.
Claims
1. A method of authenticating a mobile station's identity when a subscriber is attempting to access a radio telecommunications network to place a call, the radio telecommunications network having a mobile switching center (MSC) serving the mobile station, and a home location register/authentication center (HLR/AC) which maintains a network count of the number of system accesses made by the mobile station, the method comprising the steps of: maintaining in the mobile station, a mobile station count of the number of system accesses made by the mobile station; determining in the MSC, upon an attempted access by the mobile station, whether the mobile station count equals the network count; routing the call to a system operator upon determining that the mobile station count does not equal the network count; determining, by the system operator, whether the subscriber is an authorized subscriber; permitting access to the network upon determining that the subscriber is an authorized subscriber; and dropping the call upon determining that the subscriber is not an authorized subscriber.
2. The method of authenticating a mobile station's identity of claim 1 further comprising flagging the subscriber's record to indicate that a change to the subscriber's authentication key (A-key) is required, upon determining that the subscriber is not an authorized subscriber and dropping the call.
3. The method of authenticating a mobile station's identity of claim 1 wherein the step of routing the call to a system operator includes the step of designating the call for special treatment in the MSC upon determining that the mobile station count does not equal the network count.
4. The method of authenticating a mobile station's identity of claim 1 -8- wherein the step of routing the call to a system operator includes establishing a voice channel between the system operator and the mobile station, if the attempted access is an originating or terminating access.
5. The method of authenticating a mobile station's identity of claim 4 wherein the step of determining, by the system operator, whether the subscriber is an authorized subscriber includes the step of obtaining personal identification data from the subscriber over the voice channel.
6. The method of authenticating a mobile station's identity of claim 5 wherein the step of determining, by the system operator, whether the subscriber is an authorized subscriber also includes the steps of: attempting, by the system operator, a Shared Secret Data (SSD) update; and determining that the subscriber is an authorized subscriber if the SSD update is successful.
7. The method of authenticating a mobile station's identity of claim 6 further comprising the step of resetting the network count to equal the mobile station count upon successfully completing the SSD update.
8. A method of authenticating a mobile station's identity during a subscriber's attempted access to a radio telecommunications network, the radio telecommunications network having a mobile switching center (MSC) serving the mobile station, the method comprising the steps of: determining whether a count stored in the mobile station of how many times the mobile station has accessed the network (the mobile station count) equals a count stored in the network of how many times the mobile station has accessed the network (the network count); designating the access for special treatment in the MSC, upon determining that the mobile station count does not match the network count; routing the access to a system operator; determining whether the attempted access is either an originating or a -9- terminating access; establishing a voice channel between the system operator and the mobile station, upon determining that the attempted access is either an originating or a terminating access; determining, by the system operator, whether the subscriber is an authorized subscriber, said determining step including: obtaining personal identification data from the subscriber over the voice channel, if a voice channel has been established; attempting, by the system operator, a Shared Secret Data (SSD) update; and determining that the subscriber is an authorized subscriber if the SSD update is successful; permitting access to the network upon determining that the subscriber is an authorized subscriber; dropping the call upon determining that the subscriber is not an authorized subscriber; and resetting the network count to equal the mobile station count upon determining that the subscriber is an authorized subscriber.
9. The method of authenticating a mobile station's identity of claim 8 further comprising flagging the subscriber's record to indicate that a change to the subscriber's authentication key (A-key) is required, upon determining that the subscriber is not an authorized subscriber and dropping the call.
10. In an existing method of authenticating a mobile station's identity when a subscriber is attempting to access a radio telecommunications network to place a call, the existing method having the steps of: verifying an identification number for the mobile station; determining whether a count stored in the mobile station of how many time the mobile station has accessed the network (the mobile station count) equals a count stored in the network of how many time the mobile station has accessed the network (the network count); and -10- dropping the call upon determining that the mobile station count does not equal the network count, an improvement wherein the step of dropping the call includes the steps of: routing the call to a system operator; determining, by the system operator, whether the subscriber is an authorized subscriber; permitting access to the network upon determining that the subscriber is an authorized subscriber; and dropping the call upon determining that the subscriber is not an authorized subscriber.
11. The method of claim 10 further comprising the step of resetting the network count to equal the mobile station count upon determining that the subscriber is an authorized subscriber.
12. The method of claim 10 further comprising the step of flagging the subscriber's record to indicate that a change to the subscriber's authentication key (A- key) is required, upon determining that the subscriber is not an authorized subscriber and dropping the call.
13. A system for authenticating a mobile station's identity when a subscriber is attempting to access a radio telecommunications network to place a call, the system comprising: an authentication center (AC) which maintains a network count of the number of system accesses made by the mobile station;
means within the mobile station for maintaining a mobile station count of the number of system accesses made by the mobile station; a mobile switching center (MSC) serving the mobile station, the MSC comprising: means for determining whether the mobile station count equals the network count; and -11- means for routing the call to a system operator upon determining that the mobile station count does not equal the network count; means for establishing a voice channel between the system operator and the mobile station, the voice channel being utilized to obtain personal identification data from the subscriber; means for permitting access to the network upon determining that the subscriber is an authorized subscriber; and means for dropping the call upon determining that the subscriber is not an authorized subscriber.
14. The system for authenticating a mobile station's identity of claim 11 wherein the network also includes a home location register (HLR) which stores the subscriber's record, and the system further comprises means for flagging the subscriber's record to indicate that a change to the subscriber's authentication key (A- key) is required, upon determining that the subscriber is not an authorized subscriber and dropping the call.
15. The system for authenticating a mobile station's identity of claim 13 wherein the means for routing the call to a system operator includes means for designating the call for special treatment upon determining that the mobile station count does not equal the network count.
16. The system for authenticating a mobile station's identity of claim 13 further comprising means for the system operator to determine whether the subscriber is an authorized subscriber, said determining means including means for attempting a Shared Secret Data (SSD) update.
17. The system for authenticating a mobile station's identity of claim 16 further comprising means for resetting the network count to equal the mobile station count upon successfully completing the SSD update. -12-
18. A system for authenticating a mobile station's identity when a subscriber is attempting to access a radio telecommunications network to place a call, the system comprising: a mobile switching center (MSC) serving the mobile station, the MSC comprising: means for determining whether a count stored in the mobile station of how many times the mobile station has accessed the network (the mobile station count) equals a count stored in the network of how many times the mobile station has accessed the network (the network count); means for designating the call for special treatment upon determining that the mobile station count does not equal the network count; and means for routing the call to a system operator upon designating the call for special treatment; means for establishing a voice channel between the system operator and the mobile station, the voice channel being utilized to obtain personal identification data from the subscriber; means for the system operator to determine whether the subscriber is an authorized subscriber, said determining means attempting a Shared Secret Data (SSD) update; means for permitting access to the network upon determining that the subscriber is an authorized subscriber; and means for dropping the call upon determining that the subscriber is not an authorized subscriber.
19. The system for authenticating a mobile station's identity of claim 18 further comprising means for resetting the network count to equal the mobile station count upon successfully completing the SSD update.
20. The system for authenticating a mobile station's identity of claim 18 wherein the network also includes a home location register (HLR) which stores the subscriber's record, and the system further comprises means for flagging the subscriber's record to indicate that a change to the subscriber's authentication key (A- -13- key) is required, upon determining that the subscriber is not an authorized subscriber and dropping the call.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| AU33485/99A AU3348599A (en) | 1998-03-25 | 1999-03-09 | System and method of authenticating a mobile station's identity and handling authentication failures in a radio telecommunications network |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US4818898A | 1998-03-25 | 1998-03-25 | |
| US09/048,188 | 1998-03-25 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| WO1999049688A1 true WO1999049688A1 (en) | 1999-09-30 |
Family
ID=21953179
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/SE1999/000356 WO1999049688A1 (en) | 1998-03-25 | 1999-03-09 | System and method of authenticating a mobile station's identity and handling authentication failures in a radio telecommunications network |
Country Status (3)
| Country | Link |
|---|---|
| AR (1) | AR025121A1 (en) |
| AU (1) | AU3348599A (en) |
| WO (1) | WO1999049688A1 (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| AU736371B2 (en) * | 1999-03-15 | 2001-07-26 | Samsung Electronics Co., Ltd. | Method for preventing illegal use of a mobile station |
| WO2001063853A1 (en) * | 2000-02-22 | 2001-08-30 | Nokia Networks Oy | Method of checking amount of transmitted data |
| GB2361601A (en) * | 2000-04-17 | 2001-10-24 | Ericsson Telefon Ab L M | Detecting faults on an uplink channel |
| WO2002043407A2 (en) * | 2000-11-21 | 2002-05-30 | Telefonaktiebolaget Lm Ericsson (Publ) | Methods and system for customer management communications in a telecommunications network |
| KR100632118B1 (en) | 2004-09-06 | 2006-10-04 | 주식회사 팬택앤큐리텔 | Mobile communication terminal for intercept to connect illegal terminal with voice call and Call processing method for mobile communication terminal |
| KR100706382B1 (en) | 2004-10-01 | 2007-04-10 | 주식회사 팬택앤큐리텔 | Mobile communication terminal and Method for processing authentication failure for mobile communication terminal |
| US7418257B2 (en) | 2004-08-31 | 2008-08-26 | Pantech & Curitel Communications, Inc. | Mobile communication terminal, wireless data service authentication server, system for automatically blocking voice call connection, and method of processing various messages in mobile communication terminal |
| EP1987650A2 (en) * | 2006-02-22 | 2008-11-05 | Axalto SA | An authentication token for identifying a cloning attack onto such authentication token |
| CN100536612C (en) * | 2006-09-22 | 2009-09-02 | 华为技术有限公司 | A method and device to perfect the terminal authentication |
| CN102325325A (en) * | 2011-06-29 | 2012-01-18 | 中兴通讯股份有限公司 | Illegal terminal detection method and device |
| CN101835150B (en) * | 2010-02-09 | 2013-01-30 | 华为技术有限公司 | Method, device and system for updating shared enciphered data |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0163358A2 (en) * | 1984-06-01 | 1985-12-04 | Philips Patentverwaltung GmbH | Method for recognizing the misuse of the call number pertaining to a mobile station in a radio-communication system |
| WO1993009640A1 (en) * | 1991-11-08 | 1993-05-13 | Electronic Data Systems Corporation | Apparatus for detecting and preventing subscriber number cloning in a cellular mobile telephone system |
| US5615267A (en) * | 1995-07-17 | 1997-03-25 | Bell Communications Research, Inc. | Method for adaptively switching between PCS authentication schemes |
-
1999
- 1999-03-09 WO PCT/SE1999/000356 patent/WO1999049688A1/en active Application Filing
- 1999-03-09 AU AU33485/99A patent/AU3348599A/en not_active Abandoned
- 1999-03-24 AR ARP990101306A patent/AR025121A1/en not_active Application Discontinuation
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0163358A2 (en) * | 1984-06-01 | 1985-12-04 | Philips Patentverwaltung GmbH | Method for recognizing the misuse of the call number pertaining to a mobile station in a radio-communication system |
| WO1993009640A1 (en) * | 1991-11-08 | 1993-05-13 | Electronic Data Systems Corporation | Apparatus for detecting and preventing subscriber number cloning in a cellular mobile telephone system |
| US5615267A (en) * | 1995-07-17 | 1997-03-25 | Bell Communications Research, Inc. | Method for adaptively switching between PCS authentication schemes |
Non-Patent Citations (1)
| Title |
|---|
| LUNDIN C ET AL: "FRAUD MANAGEMENT AND PREVENTION IN ERICSSON'S AMPS/D8AMPS SYSTEM", ERICSSON REVIEW, vol. 73, no. 4, 1 January 1996 (1996-01-01), pages 144 - 150, XP000638011 * |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| AU736371B2 (en) * | 1999-03-15 | 2001-07-26 | Samsung Electronics Co., Ltd. | Method for preventing illegal use of a mobile station |
| US7962121B2 (en) | 2000-02-22 | 2011-06-14 | Nokia Corporation | Method of checking amount of transmitted data |
| WO2001063853A1 (en) * | 2000-02-22 | 2001-08-30 | Nokia Networks Oy | Method of checking amount of transmitted data |
| US7366496B2 (en) | 2000-02-22 | 2008-04-29 | Nokia Corporation | Method of checking amount of transmitted data |
| CN100393144C (en) * | 2000-02-22 | 2008-06-04 | 诺基亚公司 | Method for checking transmitting data volume |
| GB2361601A (en) * | 2000-04-17 | 2001-10-24 | Ericsson Telefon Ab L M | Detecting faults on an uplink channel |
| GB2361601B (en) * | 2000-04-17 | 2004-03-03 | Ericsson Telefon Ab L M | Detecting faults on an uplink channel |
| US6711405B2 (en) | 2000-04-17 | 2004-03-23 | Telefonaktiebolaget Lm Ericsson (Publ) | Communication system |
| WO2002043407A2 (en) * | 2000-11-21 | 2002-05-30 | Telefonaktiebolaget Lm Ericsson (Publ) | Methods and system for customer management communications in a telecommunications network |
| WO2002043407A3 (en) * | 2000-11-21 | 2002-10-10 | Ericsson Telefon Ab L M | Methods and system for customer management communications in a telecommunications network |
| US7418257B2 (en) | 2004-08-31 | 2008-08-26 | Pantech & Curitel Communications, Inc. | Mobile communication terminal, wireless data service authentication server, system for automatically blocking voice call connection, and method of processing various messages in mobile communication terminal |
| KR100632118B1 (en) | 2004-09-06 | 2006-10-04 | 주식회사 팬택앤큐리텔 | Mobile communication terminal for intercept to connect illegal terminal with voice call and Call processing method for mobile communication terminal |
| KR100706382B1 (en) | 2004-10-01 | 2007-04-10 | 주식회사 팬택앤큐리텔 | Mobile communication terminal and Method for processing authentication failure for mobile communication terminal |
| EP1987650A2 (en) * | 2006-02-22 | 2008-11-05 | Axalto SA | An authentication token for identifying a cloning attack onto such authentication token |
| CN100536612C (en) * | 2006-09-22 | 2009-09-02 | 华为技术有限公司 | A method and device to perfect the terminal authentication |
| CN101835150B (en) * | 2010-02-09 | 2013-01-30 | 华为技术有限公司 | Method, device and system for updating shared enciphered data |
| CN102325325A (en) * | 2011-06-29 | 2012-01-18 | 中兴通讯股份有限公司 | Illegal terminal detection method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| AU3348599A (en) | 1999-10-18 |
| AR025121A1 (en) | 2002-11-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US6427073B1 (en) | Preventing misuse of a copied subscriber identity in a mobile communication system | |
| US5572193A (en) | Method for authentication and protection of subscribers in telecommunications systems | |
| CA2141318C (en) | Method and apparatus for efficient real-time authentication and encryption in a communication system | |
| US6236852B1 (en) | Authentication failure trigger method and apparatus | |
| US5661806A (en) | Process of combined authentication of a telecommunication terminal and of a user module | |
| US5799084A (en) | System and method for authenticating cellular telephonic communication | |
| US5708710A (en) | Method and apparatus for authentication in a communication system | |
| US6393270B1 (en) | Network authentication method for over the air activation | |
| EP1603361B1 (en) | A self-synchronizing authentication and key agreement protocol | |
| US6266525B1 (en) | Method for detecting fraudulent use of a communications system | |
| WO1998049856A2 (en) | Method for user identity protection | |
| US6173174B1 (en) | Method and apparatus for automated SSD updates on an a-key entry in a mobile telephone system | |
| JP2684118B2 (en) | Method for subscriber authentication and protection in a telephone communication system | |
| WO1993011646A1 (en) | Apparatus for detecting and preventing subscriber number tumbling in a cellular mobile telephone system | |
| US6668166B1 (en) | Apparatus and method for mobile authentication employing international mobile subscriber identity | |
| WO1999049688A1 (en) | System and method of authenticating a mobile station's identity and handling authentication failures in a radio telecommunications network | |
| EP1424868B1 (en) | Method, apparatus and system for handling an authentication error of a mobile user roaming between a GSM and a WLAN network | |
| US6310538B1 (en) | Process of access restriction to a telecommunications network, telecommunications system and unit for such a system | |
| Peng | GSM and GPRS security | |
| KR20040041195A (en) | Method for Prevention of Using Illegal Mobile Equipment in Mobile Communication Network | |
| WO1999007178A1 (en) | System and method for preventing replay attacks in wireless communication | |
| KR20010004463A (en) | Method for user authentication using User Identity Module in digital cellular telecommunication system | |
| EP1580936B1 (en) | Subscriber authentication | |
| WO1998031162A2 (en) | Method and apparatus for limiting authentication directive initiation in a mobile telephone system | |
| MXPA99010399A (en) | Processing of emergency calls in wireless communications system with fraud protection |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AK | Designated states |
Kind code of ref document: A1 Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG UZ VN YU ZW |
|
| AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW SD SL SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
| DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
| NENP | Non-entry into the national phase |
Ref country code: KR |
|
| REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
| 122 | Ep: pct application non-entry in european phase |