WO2002019593A2 - Authentification d'un utilisateur final basee sur la boite a outils d'application du module d'identification d'abonne (sat), independante du fournisseur de services - Google Patents

Authentification d'un utilisateur final basee sur la boite a outils d'application du module d'identification d'abonne (sat), independante du fournisseur de services Download PDF

Info

Publication number
WO2002019593A2
WO2002019593A2 PCT/SE2001/001814 SE0101814W WO0219593A2 WO 2002019593 A2 WO2002019593 A2 WO 2002019593A2 SE 0101814 W SE0101814 W SE 0101814W WO 0219593 A2 WO0219593 A2 WO 0219593A2
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
token
external application
authentication server
user
Prior art date
Application number
PCT/SE2001/001814
Other languages
English (en)
Other versions
WO2002019593A3 (fr
Inventor
Jose-Luis Mariz-Rios
Jose-Luis Ruiz-Sanchez
Ulf Schuberth
Jürgen KNORR
Original Assignee
Telefonaktiebolaget Lm Ericsson (Publ)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget Lm Ericsson (Publ) filed Critical Telefonaktiebolaget Lm Ericsson (Publ)
Priority to AU2001282795A priority Critical patent/AU2001282795A1/en
Priority to EP01961535A priority patent/EP1314278A2/fr
Publication of WO2002019593A2 publication Critical patent/WO2002019593A2/fr
Publication of WO2002019593A3 publication Critical patent/WO2002019593A3/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys

Definitions

  • the present invention relates generally to methods and apparatus for providing end- user authentication services for network access providers and more particularly methods and apparatus that apply network security procedures to authenticate users who are requesting access to network applications.
  • a private network is typically a network in which access to host sites of the private network is limited to authorized users.
  • security procedures including authentication procedures, should be carried out to ensure that only authorized users from authorized hosts can gain access to the private network. For example, when a user requests access to a host site of the private network from a remote location, the user must be authenticated before the user is granted access to the host site.
  • passwords are strings of characters that may be recognized by automatic means to permit a user to access protected files or other system resource.
  • Most sophisticated systems use authentication schemes based on passwords.
  • a password may be generated at a remote site that is requesting access to a host site of the private network.
  • Some systems utilize either symmetric or asymmetric cryptographic techniques to create and authenticate the password.
  • the continuous development of data networks has generated a wide range of computer services. In some cases, the services are restricted to a number of users providing service on a first-come, first-served basis. In other cases, the services are accessed on a commercial basis, i.e., the users pay to utilize the services. In the latter case, users must authenticate themselves using a service provision system of a service provider before they can gain access to the desired services. Typically, this requires the user to provide a unique username and password. The service provider verifies the username and password entered by the user against a database maintained by the service provider and grants access if the entered information matches the information in the database. In this manner, the service provider ensures that only users entitled to access the services can do so.
  • the mobile station e.g., GSM phone
  • SIM Subscriber Identity Module
  • the SIM contains subscriber information, including data that permits the mobile station to gain access to the GSM network and utilize subscriber-based function of the network (e.g., calling party identification, voice mail, etc.).
  • Weak authentication also known as single-factor authentication, uses a single method to authenticate a user.
  • Weak authentication encompasses static passwords and one-time passwords.
  • Static passwords can be broken by software programs, including keyboard strike monitoring programs, cracking programs for guessing passwords, and network sniffing programs.
  • Static passwords can be protected from such software programs by generating a one-time password (one per session) that can not be calculated from previous passwords, e.g., by using a pseudo-random sequence as a calculation factor.
  • the one-time password is generated from a "real" password that would never be transmitted over the network, and such a "real" password thus constitutes secret data that is shared by the user and the network.
  • Strong authentication also known as two-factor authentication, is safer than weak authentication because it authenticates the user by two methods, typically a token and a password.
  • Systems that generate one time passcodes from a token and a password are already available in the market, such as Security Dynamic's Secure ID, Safeword's Safeword DES Gold Card, and Digital Pathway's Defender.
  • the token may be a hardware device and the password may be a Personal Identification Number ("PIN") code needed to access the hardware device.
  • PIN Personal Identification Number
  • the token typically contains some unique identification code.
  • a passcode is generated by encrypting the user's PIN and the token's identification code. The network would then use the passcode to verify the user's identity.
  • Strong authentication can be made still safer, for example, by introducing explicit authentication, in which the network generates a random factor as input to the user's password generation operation. This is known as a "challenge-response" procedure, in which the network challenges the user to give a correct response.
  • the life of the passcode can be short, e.g., one minute, and the authentication process can be repeated periodically during the session.
  • more sophisticated keys and algorithms based either in symmetric or asymmetric cryptography, can be used. Nevertheless, increased sophistication usually requires additional time and processing power to perform the authentication task.
  • weak and strong authentication techniques have limitations. For example, static login/password methods provide weak security, and strong authentication methods require a user to hold additional devices, i.e., token devices. Some strong authentication mechanisms require specific hardware, e.g., smart card readers. Furthermore, some strong authentication methods require specific hardware and software configurations that create administrative burdens.
  • the token can be embedded in the hardware needed to access the network, like embedding a SIM card in a GSM phone.
  • Reliable authentication can also be achieved by using two different communication channels.
  • One communication channel can be used to access a private service network and the other communication channel can be used to authenticate the user requesting access.
  • one of the communication channels can be an unsecured channel connected to a data network over an access network and the other communication channel can be a secured channel that would exchange security information between a mobile station and the data network over a Public Land Mobile Network ("PLMN").
  • PLMN Public Land Mobile Network
  • the authentication would take place over the secure channel, making it more difficult to steal authentication information.
  • the secure channel would be released and could be used by others.
  • Such an authentication scheme could be implemented using a GSM network as the secured communication path. This is discussed in commonly assigned, co-pending U.S. Patent Application No. 09/386,253, which was filed on August 31, 1999, by Jose Luis Mariz Rios and Jose Luis Ruiz Sanchez, entitled “GSM Security for Packet Data Networks", and which is incorporated in its entirety here by reference.
  • GSM Service Provider the provider of cellular communication services
  • the SIM based on smart- card technology, is personalized and distributed to the end-user by the GSM Service Provider.
  • GSM-based identification of end-users can be re-used for applications that reside outside of the cellular system ("External Applications").
  • Example Applications A typical implementation is shown in Figure 1.
  • the end-user 100 uses a remote access device, such as a computer 102, to send an access request 104 to an External Application 106 through an Access Network 108, such as the Internet.
  • the access request 104 is forwarded to an Authentication Server 110 that identifies the end-user 100 through his her Cellular Terminal 112 via communication over the GSM network 114.
  • Typical examples of External Applications 106 that can utilize GSM- based authentication schemes include Internet services that require safe identification of the end-user, such as Internet banking and remote access to corporate local area networks ("LANs").
  • LANs corporate local area networks
  • a simple authentication scheme is based on the generation of a Token 116 in the Authentication Server 110.
  • the Token 116 typically a number or alphanumeric string that is preferably randomly generated, is sent in plain text over the GSM network 114 to the cellular terminal 112 of the end-user 100.
  • the end-user 100 returns this Token 116 to the External Application 106 using the computer 102 connected to the External Application 106 through the access network 108. If the generated and returned Token is the same, the result of the authentication is positive.
  • the advantage with such simple authentication schemes is that they are straightforward to implement and can be operated and controlled by the provider of the External Application, with minimal involvement of the GSM Service Provider.
  • SAT SIM Application Toolkit
  • the GSM Service Provider can store tailor-made software on the SIM card ("SAT Application").
  • the Authentication Server communicates with the SAT application over the GSM network, and identifies the end-user via an interaction on the cellular terminal. The result of the authentication procedure is communicated to the External Application.
  • the GSM Service Provider issues the SIM card, and, for security purposes, may desire to retain the control of this component.
  • the GSM Service Provider is the only entity that will have access to the SIM card to insert SAT applications.
  • a SAT-based authentication mechanism requires a back-end Authentication Server, and from the perspective of the GSM Service Provider, the Authentication Server should remain under the control of the GSM Service Provider.
  • the Authentication Server will contain the same secret key of the end-user as the one stored on the SIM card, and can therefore not be under the control of an external party.
  • the provider of the External Application requires (in the majority of cases) to be in control of the authentication procedure for the External Application, and the associated end-user data base. From this perspective, it is the provider of the External Application that should control the Authentication Server.
  • a system to authenticate an end-user comprising an external application in communication with a first communication device through a first communication network.
  • An authentication server is also in communication with the external application.
  • the authentication server is adapted to receive an authentication request from the extemal application in response to an access attempt by the first communication device.
  • the authentication server generates a token in response to the authentication request and sends the token through the external application to the first communication device.
  • An authentication gateway is in communication with a second communication device through a second communication network.
  • the authentication gateway is adapted to receive a token from the second communication device and transmit the token to the authentication server. When the token is received from the authentication gateway, the received token is compared to the token generated by the authentication server.
  • the token is generated and verified by the authentication server, the authentication server and external application being controlled by a first common entity.
  • the token may be encrypted throughout all communication paths, and the authentication server can simultaneously support encrypted and unencrypted tokens.
  • a secret key may be stored in an authentication gateway, and the secret key may be used to decrypt the token transmitted from the first communication device to the authentication gateway, the authentication gateway and the first communication network being controlled by a second common entity. .
  • the first common entity may be distinct from the second common entity, and advertisements related to the external application can be presented to the end-user via the first communication device.
  • a method for authenticating an end-user comprises the steps of requesting access to an External Application; sending an authentication request from the External Application to the Authentication Server; generating a random Generated Token in the Authentication Server; presenting the Generated Token to the end-user via the External Application; and entering the end-user's PIN and the Generated Token.
  • the method further includes calculating a cryptographic response based on the PIN, Generated Token, and Secret Key, and the calculation uses a cryptographic algorithm and the Secret Key resides within the SAT application; transmitting the response to an Authentication Gateway and an Authentication Server.
  • the method still further includes decrypting the response with the Secret Key in the Authentication Gateway and decrypting the response with the PIN in the Authentication Server, with the decrypted response resulting in a Returned Token.
  • the Returned Token is compared with the Generated Token, and access to the External Application may be granted if the Returned Token and the Generated Token are the same and if the Returned Token is received within a pre-defined time.
  • a network architecture for authenticating an end-user comprising at least one gateway connected to at least one communication network, wherein the at least one gateway provides authentication services to the at least one communication network.
  • at least one server connected to at least one external application, wherein the at least one server provides authentication services to the at least one external application.
  • At least one switch connects the at least one gateway to the at least one server, wherein any of the at least one gateways is accessible, through the at least one switch, by the at least one server.
  • a system for authenticating an end-user comprises an external application in commumcation with a first communication device through a first communication network.
  • An authentication server is in communication with the external application.
  • the authentication server receives an authentication request from the external application in response to an access attempt by the first communication device.
  • the authentication server generates a token in response to the authentication request and sends the token through the external application to the first communication device.
  • An authentication gateway is in communication with a second communication device through a second communication network. The authentication gateway receives a first message from the second communication device and transmits a second message to the authentication server.
  • the first message is based on the token and an end-user's PIN code
  • the second message is compared to a result of a computation based on the token generated by the authentication server and a PIN code stored in the authentication server and associated with the end-user.
  • Figure 1 is a block diagram that illustrates a method of authenticating a user known to the art
  • Figure 2 is a block diagram that illustrates a method of authenticating a user according to an exemplary embodiment of the present invention
  • Figure 3 is a block diagram that illustrates a method of implementing a service to provide user authentication to a plurality of External Applications through a plurality of GSM networks; and Figure 4 is a flow diagram of the method for authenticating an end-user.
  • a SAT-based authentication method whereby end-user authentication is based on three components: a secret PIN, a Secret Key, and a random number (Token). Control of these components is divided between two nodes: an Authentication Gateway (under the control of the GSM Service Provider), and an Authentication Server (under the control of the provider of the External Application). Preferably, communication between the Authentication Gateway and Authentication Server is encrypted.
  • An exemplary architecture is depicted in Figure 2.
  • the PIN includes a secret string of keystrokes (e.g., an alphanumeric string) that is known by the end-user.
  • the PIN can be stored and/or checked in the Authentication Gateway, in the Authentication Server, or locally on the SIM card.
  • the Secret Key is stored on the SIM-card in connection with the SAT apphcation and, in the case of symmetric keys, in the Authentication Gateway.
  • the Token (e.g., a random numeric or alphanumeric string) is generated and checked in the Authentication Server.
  • an end-user 200 requests access (via an access request 202) to the External Application 204 and identifies himself/herself, e.g., by his/her Mobile Subscriber ISDN number ("MSISDN ”) or other suitably unique user name.
  • MSISDN Mobile Subscriber ISDN number
  • an access device 208 transmits an access request 202 to an External Application 204 through an access network 206.
  • the access network 206 can be a GSM network, a PSTN, or other communication network, including a LAN.
  • Access device 208 can be any suitable network terminating device, including, for example, telephones, computers, and personal digital assistants ("PDA").
  • the External Application 204 sends an authentication request 210 to the Authentication Server 212.
  • the Authentication Server 212 generates a random Token 214 and presents the Token to the end-user 200 via the External Application 204.
  • the end-user 200 reads the Token 214 from the External Application 204 and may select an "Authentication-option" from a menu on the authenticating device 216 (this option can be presented on the menu with the SAT application).
  • the SAT application advantageously prompts the end-user 200 for a PIN and then for a Token. After the end-user 200 has entered the PIN and Token, the SAT application generates a response based on the PIN, Token, and Secret Key, using a predetermined cryptographic algorithm (e.g., Triple DES).
  • a predetermined cryptographic algorithm e.g., Triple DES
  • the response may be based only on the Token and Secret Key.
  • the authenticating device 216 sends the response 218 back to the Authentication Gateway 222 via the GSM network 220.
  • the response 218 is decrypted with the Secret Key (and the PIN, if available) in the Authentication Gateway 222, which forwards the decrypted response, now a Returned Token, to the Authentication Server 212.
  • the response forwarded from the Authentication Gateway 222 to the Authentication Server 212 is decrypted by the Authentication Server 212 to produce the Returned Token.
  • the Authentication Server 212 compares the Returned Token with the Generated Token. If the correct Token is returned within a pre-defined period of time (e.g., one minute), the result of the authentication request is positive and is communicated to the External Application 204 in the form of an authentication result 224.
  • the Returned Token can be generated using non-reversible cryptographic algorithms.
  • a common cryptographic transformation such as a hash function, that uses the Generated Token and/or PIN as input can be used to calculate the Returned Token.
  • the Authentication Server 212 may also use the same hash function to calculate the expected response, again based on the Generated Token and/or PIN. The expected response would then be compared to the Returned Token.
  • the Network Initiated scenario differs from the Mobile Initiated case in the way the SAT dialogue on the authenticating device 216 is activated.
  • the SAT dialogue is initiated by the end-user, e.g., by selecting an "Authentication-option" from a menu displayed on the cellular terminal.
  • the dialogue is initiated from the Authentication Server 212, via the Authentication Gateway 222, and further to the SIM card/cellular terminal via a message sent from the Authentication Gateway 222 over the GSM Network.
  • FIG. 4 is a flowchart of the steps of a method of authenticating an end-user that is in accordance with Applicants' invention.
  • an External Apphcation receives an access request.
  • this access request will be the result of an end-user's actively accessing the External Application, such as an internet banking website.
  • the External Application sends an authentication request to an Authentication Server in step 402.
  • the Authentication Server and the External Application may both be software tasks running on the same computer, or they may be on separate computers connected by a network.
  • the network may be a LAN or a telecommunication network.
  • the Authentication Server In step 403, the Authentication Server generates a Token that preferably token is a pseudo-random sequence, e.g., of numbers and letters.
  • the Token in step 404, is transmitted to the accessing device.
  • the end-user reads the Token from the accessing device and enters it into the authenticating device.
  • the end-user may also need to enter a PIN into the authentication device to verify his identity, but the Token could also be transmitted without user intervention by cable, infra-red, or radio-frequency methods known to the art.
  • the authenticating device Once the Token is entered into the authenticating device, the authenticating device generates a cryptographic response based on the Token, a Secret Key resident in the authenticating device, and possibly the PIN (step 405).
  • the Secret Key is preferably embedded within the authentication device, but may also be encoded in a smart card or other access card that is held by the end-user and read by the authentication device.
  • step 406 the response is sent to an Authentication Gateway and the Authentication Server.
  • step 407 the Authentication Gateway decrypts the response based on the Secret Key.
  • the Authentication Server decrypts the Token based on the PIN or, if the PIN is not used in generating the response, the Authentication Server receives the Token from the
  • Authentication Gateway As previously noted, one-way algorithms, such as hash functions, can also be used in place of reversible cryptographic algorithms. If the received Token matches the generated Token, access to the External Application is granted. The Authentication Server may also require that the response be received in a pre-determined period of time. If this is required and the response is received late, access to the external application may be denied.
  • the Token should be long enough so that it cannot be guessed by an intruder within the time allowed for response.
  • the length of the Token is related to the cryptographic function used to combine it with the PIN and the encryption algorithm in the SIM- Authentication Gateway communication.
  • the Token should also be short enough so that the end-user can successfully enter it into the authenticating device within the allowed response time.
  • Applicants' invention has significant benefits over the prior art.
  • the provider of the External Application is in control of the Authentication Server and the associated end-user database (MSISDNs, and optionally, the associated user names and/or PINs).
  • the provider of the External Application has the final control of the authentication procedure (comparing the Generated and Returned Token in the Authentication Server). This ensures that the provider of the External Application has full control over access to its content.
  • the Service Provider While the provider of the External Application retains control of the application, the Service Provider remains in control of the SIM card, SAT application, and the associated Secret Key. Via the Authentication Gateway, the GSM Service Provider gains access to a prime advertising channel. Advertisements related to accessed External Applications can be presented to the end-user via a SAT interaction on the Cellular Terminal.
  • the Token is transported in encrypted form throughout the transmission path SIM - GSM Network - Authentication Gateway - Authentication Server.
  • every authentication request results in strong two-factor authentication of the end-user: it is verified that the end-user knows the PIN, and holds the SIM card.
  • the PIN is stored and checked locally on the SIM card or in the Authentication Gateway, the end-user will only need to remember one password (PIN) for all External Applications that utilize the authentication method.
  • PIN password
  • the MSISDN is used as user name, there will not be any need to remember application-specific user-names.
  • the Authentication Server in the proposed SAT-based scheme performs the same Token-based authentication check as in simple solutions, where the Token is sent in clear text over the GSM network. This makes it possible to support both solutions in the same Authentication Server. It also enables smooth migration from the simple solution to the more advanced SAT-solution, as more and more end-users acquire SAT-enabled SHVIs (and Cellular Terminals).
  • a method of service-provider independent authentication is complicated by the fact that there are currently more than 350 GSM networks in operation, a number that is constantly increasing. For a provider of an External Application, whose end-users can have subscriptions with any GSM network, relations must be maintained with a large number of GSM networks. This is needed both for simple authentication schemes (based on sending random Tokens in clear text over GSM), as well as for the more advanced SAT-based mechanism just described. The solution is to launch an operator-independent Authentication Service.
  • Figure 3 is an exemplary network architecture that could be used to provide an Authentication Service.
  • the provider of the Authentication Service supplies Authentication Servers 310a, 31 Ob, 310c, 31 Od, 31 Oe, 31 Of to providers of External Apphcations 320a, 320b, 320c, 320d, 320e, 320f, such as Internet banks, enterprises offering remote intranet/extranet access, providers of high- valued Internet content, etc.
  • These Authentication Servers 310a- 31 Of can preferably support both the simple, clear-text Token-based authentication mechanism, as well as the more advanced SAT mechanism.
  • each Authentication Server 31 Oa-31 Of can concurrently service more than one External Application 320a-320f.
  • the Authentication Service also supplies Authentication Gateways 340a, 340b, 340c, 340d, 340e to GSM Service Providers 330a-330d to handle the SAT-based authentication mechanism.
  • Authentication Gateways 340a-340e can also be made available for a network-based authentication mechanism for networks other than GSM.
  • the Authentication Service operates one or more central switches 350 to provide simplified connectivity between providers of External Applications 320a-320f and GSM Service Providers 330a-330d. While the system shown in Figure 3 employs only one switch, the system could be duplicated to accommodate multiple switches with appropriate inter-switch connectivity. A variety of inter-switch connection schemes are known to the art.
  • the Authentication Service is also responsible for monitoring the overall quality and security of the service, including the connections between the Authentication Servers 310a-310f and Authentication Gateways 340a-340e.
  • the first and second access device and network can be the same, thereby allowing an External Application to be accessed by a mobile phone.
  • the invention can be embodied in other network technologies.
  • mobile networks that use a subscriber module, analogous to a SDVI, to identify an end-user can use Applicants' invention.
  • additional services, such as advertising can be provided to the GSM device during the authentication process.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un système et un procédé de vérification de l'identité d'un utilisateur final. Ce dernier demande un accès à une application externe. Cette application envoie une demande d'authentification à un serveur d'authentification qui engendre un jeton aléatoire. Le jeton généré est transmis à l'utilisateur final qui entre ledit jeton conjointement au numéro d'identification personnel dans un terminal cellulaire connecté au réseau GSM. Le jeton est codé au moyen d'une clé secrète stockée à l'intérieur du terminal cellulaire et transmis par le biais du réseau GSM à un portail d'authentification. Le jeton est décodé par ledit portail au moyen de la même clé secrète ou d'une clé correspondant à la clé secrète. Le jeton est ensuite transmis au serveur d'authentification, au niveau duquel la clé est comparée à la clé engendrée. Les résultats de la comparaison sont transmis à l'application externe.
PCT/SE2001/001814 2000-08-30 2001-08-24 Authentification d'un utilisateur final basee sur la boite a outils d'application du module d'identification d'abonne (sat), independante du fournisseur de services WO2002019593A2 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
AU2001282795A AU2001282795A1 (en) 2000-08-30 2001-08-24 End-user authentication independent of network service provider
EP01961535A EP1314278A2 (fr) 2000-08-30 2001-08-24 Authentification d'un utilisateur final basee sur la boite a outils d'application du module d'identification d'abonne (sat), independante du fournisseur de services

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US65136400A 2000-08-30 2000-08-30
US09/651,364 2000-08-30

Publications (2)

Publication Number Publication Date
WO2002019593A2 true WO2002019593A2 (fr) 2002-03-07
WO2002019593A3 WO2002019593A3 (fr) 2002-09-06

Family

ID=24612590

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SE2001/001814 WO2002019593A2 (fr) 2000-08-30 2001-08-24 Authentification d'un utilisateur final basee sur la boite a outils d'application du module d'identification d'abonne (sat), independante du fournisseur de services

Country Status (3)

Country Link
EP (1) EP1314278A2 (fr)
AU (1) AU2001282795A1 (fr)
WO (1) WO2002019593A2 (fr)

Cited By (46)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002093967A1 (fr) * 2001-05-14 2002-11-21 Nokia Corporation Authentification en communications de donnees
WO2003088577A1 (fr) * 2002-04-16 2003-10-23 Nokia Corporation Procede et systeme d'authentification d'un utilisateur d'un dispositif de transfert de donnees
WO2004017560A1 (fr) * 2002-08-15 2004-02-26 Telefonaktiebolaget Lm Ericsson (Publ) Surveillance d'un contenu numerique fourni par un fournisseur de contenu sur un reseau
WO2004043107A1 (fr) * 2002-11-08 2004-05-21 Nokia Corporation Schema de liaison de contexte
GB2397731A (en) * 2003-01-22 2004-07-28 Ebizz Consulting Ltd Authenticating a user access request to a secure service over a primary communication channel using data sent over a secondary communication channel
WO2004102901A1 (fr) 2003-05-14 2004-11-25 Philips Intellectual Property & Standards Gmbh Procedes et dispositifs pour compter les unites d'equipement d'utilisateurs dans un reseau de radiotelecommunications mobiles
WO2005041608A1 (fr) * 2003-10-23 2005-05-06 Siltanet Ltd Procede permettant d'authentifier un utilisateur
WO2005064882A2 (fr) * 2003-12-29 2005-07-14 Telefonaktiebolaget Lm Ericsson (Publ) Moyens et procede pour acces par ouverture de session unique a un reseau de service, via un reseau d'acces
WO2006077075A1 (fr) * 2005-01-19 2006-07-27 Giesecke & Devrient Gmbh Carte d'abonne pour services internet de blog
WO2006108831A1 (fr) * 2005-04-14 2006-10-19 Vodafone Holding Gmbh Procede de confirmation d'une demande de prestation de service
FR2900019A1 (fr) * 2006-04-12 2007-10-19 Alcatel Sa Procede d'authentification, terminal et operateur associes
WO2007136277A1 (fr) * 2006-05-18 2007-11-29 Fronde Anywhere Limited Procédé d'authentification pour des transactions sans fil
WO2007143795A1 (fr) 2006-06-16 2007-12-21 Fmt Worldwide Pty Ltd Système et procédé d'authentification
DE102006037167A1 (de) * 2006-08-09 2008-02-14 Deutsche Telekom Ag Verfahren und System zur Durchführung eines Zahlungsvorgangs mit einem Zahlungsmittel
EP1919157A1 (fr) * 2006-11-06 2008-05-07 Axalto SA Procédé et systéme d'autentification utilisant un seul message
US20080119276A1 (en) * 2006-11-16 2008-05-22 Alderucci Dean P Using a first device to verify whether a second device is communicating with a server
CN100418324C (zh) * 2004-03-19 2008-09-10 富士通株式会社 利用多个令牌的通信网络中的数据传输
CN100461780C (zh) * 2003-07-17 2009-02-11 华为技术有限公司 一种基于媒体网关控制协议的安全认证方法
WO2009022052A1 (fr) * 2007-08-15 2009-02-19 Elisa Oyj Accès à un réseau pour un utilisateur visiteur
EP2086658A2 (fr) * 2006-11-15 2009-08-12 Cfph, Llc Systèmes et procédés pour déterminer qu'un dispositif de jeu communique avec un serveur de jeu
WO2010003202A2 (fr) 2008-07-07 2010-01-14 Nobre Tacito Pereira Système, procédé et dispositif d’authentification de relations par des moyens électroniques
WO2010031142A1 (fr) * 2008-09-22 2010-03-25 Joseph Elie Tefaye Procédé et système d’authentification d’utilisateur
FR2940580A1 (fr) * 2008-12-23 2010-06-25 Solleu Yann Le Procede et systeme de controle d'acces a un service
US20110016320A1 (en) * 2008-01-28 2011-01-20 Paycool International Ltd. Method for authentication and signature of a user in an application service, using a mobile telephone as a second factor in addition to and independently of a first factor
US7942738B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Verifying a gaming device is in communications with a gaming server
US7942742B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Accessing identification information to verify a gaming device is in communications with a server
US7942741B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Verifying whether a device is communicating with a server
US7942739B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Storing information from a verification device and accessing the information from a gaming device to verify that the gaming device is communicating with a server
US7942740B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Verifying a first device is in communications with a server by storing a value from the first device and accessing the value from a second device
US8012015B2 (en) 2006-11-15 2011-09-06 Cfph, Llc Verifying whether a gaming device is communicating with a gaming server
EP2453379A1 (fr) * 2010-11-15 2012-05-16 Deutsche Telekom AG Procédé, système, équipement d'utilisateur et programme d'authentification d'utilisateur
WO2012162843A1 (fr) 2011-06-03 2012-12-06 Research In Motion Limted Système et procédé pour accéder à des réseaux privés
WO2013044307A1 (fr) * 2011-09-30 2013-04-04 Cocoon Data Holdings Limited Système et procédé de distribution de données sécurisées
CN103220257A (zh) * 2012-01-19 2013-07-24 中国石油天然气集团公司 一种计算机通信的方法、网络主机及系统
EP2795560A1 (fr) * 2011-12-19 2014-10-29 Sagemcom Documents SAS Procédé d'appairage d'un appareil électronique et d'un compte utilisateur au sein d'un service en ligne
EP2770458A3 (fr) * 2013-02-20 2014-11-12 Fmr Llc Porte-clés de sécurité mobile
WO2014197403A1 (fr) * 2013-06-03 2014-12-11 Tangome, Inc. Coordonnateur de communication
EP2849403A1 (fr) * 2013-09-13 2015-03-18 Alcatel Lucent Procédé et système pour commander l'échange d'informations confidentielles
FR3028334A1 (fr) * 2015-04-07 2016-05-13 Orange Procede d'authentification forte d'un utilisateur d'un equipement consommateur via un equipement d'authentification equipe d'un module de securite
US10440627B2 (en) 2014-04-17 2019-10-08 Twilio Inc. System and method for enabling multi-modal communication
US10469670B2 (en) 2012-07-24 2019-11-05 Twilio Inc. Method and system for preventing illicit use of a telephony platform
US10560495B2 (en) 2008-04-02 2020-02-11 Twilio Inc. System and method for processing telephony sessions
EP1807966B1 (fr) * 2004-10-20 2020-05-27 Salt Group Pty Ltd. Procede d'authentification
US10694042B2 (en) 2008-04-02 2020-06-23 Twilio Inc. System and method for processing media requests during telephony sessions
CN112154634A (zh) * 2018-05-18 2020-12-29 瑞典爱立信有限公司 应用程序访问控制
US20230196357A9 (en) * 2005-10-07 2023-06-22 Multiple Shift Key, Inc. Secure authentication and transaction system and method

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5668876A (en) * 1994-06-24 1997-09-16 Telefonaktiebolaget Lm Ericsson User authentication method and apparatus
WO1999044114A1 (fr) * 1998-02-25 1999-09-02 Telefonaktiebolaget Lm Ericsson Procede, dispositif, et appareil d'authentification par un reseau de communication
US6061650A (en) * 1996-09-10 2000-05-09 Nortel Networks Corporation Method and apparatus for transparently providing mobile network functionality
US6078908A (en) * 1997-04-29 2000-06-20 Schmitz; Kim Method for authorizing in data transmission systems
WO2000044130A1 (fr) * 1999-01-20 2000-07-27 Netcom Ab Procede, systeme et agencement pour fournir des services sur l'internet
WO2002001516A2 (fr) * 2000-06-26 2002-01-03 Intel Corporation Procede et appareil d'utilisation d'un telephone cellulaire comme dispositif d'authentification

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5668876A (en) * 1994-06-24 1997-09-16 Telefonaktiebolaget Lm Ericsson User authentication method and apparatus
US6061650A (en) * 1996-09-10 2000-05-09 Nortel Networks Corporation Method and apparatus for transparently providing mobile network functionality
US6078908A (en) * 1997-04-29 2000-06-20 Schmitz; Kim Method for authorizing in data transmission systems
WO1999044114A1 (fr) * 1998-02-25 1999-09-02 Telefonaktiebolaget Lm Ericsson Procede, dispositif, et appareil d'authentification par un reseau de communication
WO2000044130A1 (fr) * 1999-01-20 2000-07-27 Netcom Ab Procede, systeme et agencement pour fournir des services sur l'internet
WO2002001516A2 (fr) * 2000-06-26 2002-01-03 Intel Corporation Procede et appareil d'utilisation d'un telephone cellulaire comme dispositif d'authentification

Cited By (101)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7444513B2 (en) 2001-05-14 2008-10-28 Nokia Corporiation Authentication in data communication
WO2002093967A1 (fr) * 2001-05-14 2002-11-21 Nokia Corporation Authentification en communications de donnees
WO2003088577A1 (fr) * 2002-04-16 2003-10-23 Nokia Corporation Procede et systeme d'authentification d'un utilisateur d'un dispositif de transfert de donnees
US7395050B2 (en) 2002-04-16 2008-07-01 Nokia Corporation Method and system for authenticating user of data transfer device
WO2004017560A1 (fr) * 2002-08-15 2004-02-26 Telefonaktiebolaget Lm Ericsson (Publ) Surveillance d'un contenu numerique fourni par un fournisseur de contenu sur un reseau
KR100755981B1 (ko) * 2002-11-08 2007-09-06 노키아 코포레이션 콘텍스트 링크 방식
WO2004043107A1 (fr) * 2002-11-08 2004-05-21 Nokia Corporation Schema de liaison de contexte
US7970423B2 (en) 2002-11-08 2011-06-28 Nokia Corporation Context linking scheme
CN1711793B (zh) * 2002-11-08 2015-03-11 诺基亚公司 一种将服务上下文链接到终端连接的方法和设备
GB2397731A (en) * 2003-01-22 2004-07-28 Ebizz Consulting Ltd Authenticating a user access request to a secure service over a primary communication channel using data sent over a secondary communication channel
GB2397731B (en) * 2003-01-22 2006-02-22 Ebizz Consulting Ltd Authentication system
KR101110799B1 (ko) * 2003-05-14 2012-03-08 코닌클리즈케 필립스 일렉트로닉스 엔.브이. 사용자 장비 유닛을 카운트하는 방법, 무선 네트워크 제어기, 사용자 장비 유닛 및 컴퓨터 판독가능 저장 매체
WO2004102901A1 (fr) 2003-05-14 2004-11-25 Philips Intellectual Property & Standards Gmbh Procedes et dispositifs pour compter les unites d'equipement d'utilisateurs dans un reseau de radiotelecommunications mobiles
US7958542B2 (en) 2003-05-14 2011-06-07 Koninklijke Philips Electronics N.V. Methods and devices for counting user equipment units in a mobile radio telecommunication network
JP2007501584A (ja) * 2003-05-14 2007-01-25 コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ 移動無線電気通信ネットワーク内のユーザ機器ユニットをカウントする方法及び装置
CN100461780C (zh) * 2003-07-17 2009-02-11 华为技术有限公司 一种基于媒体网关控制协议的安全认证方法
WO2005041608A1 (fr) * 2003-10-23 2005-05-06 Siltanet Ltd Procede permettant d'authentifier un utilisateur
EP2184934A1 (fr) * 2003-12-29 2010-05-12 Telefonaktiebolaget L M Ericsson (PUBL) Méthode et dispositifs pour accès par ouverture de session unique a un réseau de service, via un réseau d'accès
WO2005064882A3 (fr) * 2003-12-29 2007-12-27 Ericsson Telefon Ab L M Moyens et procede pour acces par ouverture de session unique a un reseau de service, via un reseau d'acces
WO2005064882A2 (fr) * 2003-12-29 2005-07-14 Telefonaktiebolaget Lm Ericsson (Publ) Moyens et procede pour acces par ouverture de session unique a un reseau de service, via un reseau d'acces
CN100418324C (zh) * 2004-03-19 2008-09-10 富士通株式会社 利用多个令牌的通信网络中的数据传输
EP1807966B1 (fr) * 2004-10-20 2020-05-27 Salt Group Pty Ltd. Procede d'authentification
WO2006077075A1 (fr) * 2005-01-19 2006-07-27 Giesecke & Devrient Gmbh Carte d'abonne pour services internet de blog
WO2006108831A1 (fr) * 2005-04-14 2006-10-19 Vodafone Holding Gmbh Procede de confirmation d'une demande de prestation de service
US20230196357A9 (en) * 2005-10-07 2023-06-22 Multiple Shift Key, Inc. Secure authentication and transaction system and method
FR2900019A1 (fr) * 2006-04-12 2007-10-19 Alcatel Sa Procede d'authentification, terminal et operateur associes
WO2007136277A1 (fr) * 2006-05-18 2007-11-29 Fronde Anywhere Limited Procédé d'authentification pour des transactions sans fil
AU2007260593B2 (en) * 2006-06-16 2012-01-19 Fmt Worldwide Pty Ltd An authentication system and process
US8943573B2 (en) 2006-06-16 2015-01-27 Fmt Worldwide Pty Ltd Authentication system and process
WO2007143795A1 (fr) 2006-06-16 2007-12-21 Fmt Worldwide Pty Ltd Système et procédé d'authentification
DE102006037167A1 (de) * 2006-08-09 2008-02-14 Deutsche Telekom Ag Verfahren und System zur Durchführung eines Zahlungsvorgangs mit einem Zahlungsmittel
EP1919157A1 (fr) * 2006-11-06 2008-05-07 Axalto SA Procédé et systéme d'autentification utilisant un seul message
US7942741B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Verifying whether a device is communicating with a server
US11083970B2 (en) 2006-11-15 2021-08-10 Cfph, Llc Storing information from a verification device and accessing the information from a gaming device to verify that the gaming device is communicating with a server
US11710365B2 (en) 2006-11-15 2023-07-25 Cfph, Llc Verifying whether a device is communicating with a server
US7942739B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Storing information from a verification device and accessing the information from a gaming device to verify that the gaming device is communicating with a server
US7942740B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Verifying a first device is in communications with a server by storing a value from the first device and accessing the value from a second device
US9064373B2 (en) 2006-11-15 2015-06-23 Cfph, Llc Storing information from a verification device and accessing the information from a gaming device to verify that the gaming device is communicating with a server
US9590965B2 (en) 2006-11-15 2017-03-07 Cfph, Llc Determining that a gaming device is communicating with a gaming server
US8012015B2 (en) 2006-11-15 2011-09-06 Cfph, Llc Verifying whether a gaming device is communicating with a gaming server
US7942738B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Verifying a gaming device is in communications with a gaming server
US9685036B2 (en) 2006-11-15 2017-06-20 Cfph, Llc Verifying a gaming device is in communications with a gaming server by passing an indicator between the gaming device and a verification device
US10991196B2 (en) 2006-11-15 2021-04-27 Cfph, Llc Verifying a first device is in communications with a server by storing a value from the first device and accessing the value from a second device
US10810823B2 (en) 2006-11-15 2020-10-20 Cfph, Llc Accessing known information via a devicve to determine if the device is communicating with a server
EP2086658A4 (fr) * 2006-11-15 2011-01-05 Cfph Llc Systèmes et procédés pour déterminer qu'un dispositif de jeu communique avec un serveur de jeu
US7942742B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Accessing identification information to verify a gaming device is in communications with a server
US10525357B2 (en) 2006-11-15 2020-01-07 Cfph, Llc Storing information from a verification device and accessing the information from a gaming device to verify that the gaming device is communicating with a server
US10212146B2 (en) 2006-11-15 2019-02-19 Cfph, Llc Determining that a gaming device is communicating with a gaming server
US9111411B2 (en) 2006-11-15 2015-08-18 Cfph, Llc Verifying a first device is in communications with a server by strong a value from the first device and accessing the value from a second device
US10181237B2 (en) 2006-11-15 2019-01-15 Cfph, Llc Verifying a gaming device is in communications with a gaming server by passing an indicator between the gaming device and a verification device
EP2086658A2 (fr) * 2006-11-15 2009-08-12 Cfph, Llc Systèmes et procédés pour déterminer qu'un dispositif de jeu communique avec un serveur de jeu
US9875341B2 (en) 2006-11-15 2018-01-23 Cfph, Llc Accessing information associated with a mobile gaming device to verify the mobile gaming device is in communications with an intended server
US9767640B2 (en) 2006-11-15 2017-09-19 Cfph, Llc Verifying a first device is in communications with a server by storing a value from the first device and accessing the value from a second device
US10068421B2 (en) 2006-11-16 2018-09-04 Cfph, Llc Using a first device to verify whether a second device is communicating with a server
US20080119276A1 (en) * 2006-11-16 2008-05-22 Alderucci Dean P Using a first device to verify whether a second device is communicating with a server
WO2009022052A1 (fr) * 2007-08-15 2009-02-19 Elisa Oyj Accès à un réseau pour un utilisateur visiteur
US8819432B2 (en) * 2008-01-28 2014-08-26 Paycool International Ltd. Method for authentication and signature of a user in an application service, using a mobile telephone as a second factor in addition to and independently of a first factor
US20110016320A1 (en) * 2008-01-28 2011-01-20 Paycool International Ltd. Method for authentication and signature of a user in an application service, using a mobile telephone as a second factor in addition to and independently of a first factor
US10560495B2 (en) 2008-04-02 2020-02-11 Twilio Inc. System and method for processing telephony sessions
US11283843B2 (en) 2008-04-02 2022-03-22 Twilio Inc. System and method for processing telephony sessions
US11856150B2 (en) 2008-04-02 2023-12-26 Twilio Inc. System and method for processing telephony sessions
US11843722B2 (en) 2008-04-02 2023-12-12 Twilio Inc. System and method for processing telephony sessions
US11831810B2 (en) 2008-04-02 2023-11-28 Twilio Inc. System and method for processing telephony sessions
US11765275B2 (en) 2008-04-02 2023-09-19 Twilio Inc. System and method for processing telephony sessions
US11722602B2 (en) 2008-04-02 2023-08-08 Twilio Inc. System and method for processing media requests during telephony sessions
US10694042B2 (en) 2008-04-02 2020-06-23 Twilio Inc. System and method for processing media requests during telephony sessions
US11706349B2 (en) 2008-04-02 2023-07-18 Twilio Inc. System and method for processing telephony sessions
US10893078B2 (en) 2008-04-02 2021-01-12 Twilio Inc. System and method for processing telephony sessions
US11611663B2 (en) 2008-04-02 2023-03-21 Twilio Inc. System and method for processing telephony sessions
US11575795B2 (en) 2008-04-02 2023-02-07 Twilio Inc. System and method for processing telephony sessions
US11444985B2 (en) 2008-04-02 2022-09-13 Twilio Inc. System and method for processing telephony sessions
US10893079B2 (en) 2008-04-02 2021-01-12 Twilio Inc. System and method for processing telephony sessions
US10986142B2 (en) 2008-04-02 2021-04-20 Twilio Inc. System and method for processing telephony sessions
WO2010003202A2 (fr) 2008-07-07 2010-01-14 Nobre Tacito Pereira Système, procédé et dispositif d’authentification de relations par des moyens électroniques
WO2010031142A1 (fr) * 2008-09-22 2010-03-25 Joseph Elie Tefaye Procédé et système d’authentification d’utilisateur
FR2940580A1 (fr) * 2008-12-23 2010-06-25 Solleu Yann Le Procede et systeme de controle d'acces a un service
EP2453379A1 (fr) * 2010-11-15 2012-05-16 Deutsche Telekom AG Procédé, système, équipement d'utilisateur et programme d'authentification d'utilisateur
EP2716094A1 (fr) * 2011-06-03 2014-04-09 BlackBerry Limited Système et procédé pour accéder à des réseaux privés
US9118667B2 (en) 2011-06-03 2015-08-25 Blackberry Limited System and method for accessing private networks
EP2716094A4 (fr) * 2011-06-03 2014-12-03 Blackberry Ltd Système et procédé pour accéder à des réseaux privés
WO2012162843A1 (fr) 2011-06-03 2012-12-06 Research In Motion Limted Système et procédé pour accéder à des réseaux privés
CN103583060A (zh) * 2011-06-03 2014-02-12 黑莓有限公司 用于接入私有网络的系统和方法
WO2013044307A1 (fr) * 2011-09-30 2013-04-04 Cocoon Data Holdings Limited Système et procédé de distribution de données sécurisées
EP2795560A1 (fr) * 2011-12-19 2014-10-29 Sagemcom Documents SAS Procédé d'appairage d'un appareil électronique et d'un compte utilisateur au sein d'un service en ligne
CN103220257A (zh) * 2012-01-19 2013-07-24 中国石油天然气集团公司 一种计算机通信的方法、网络主机及系统
US11882139B2 (en) 2012-07-24 2024-01-23 Twilio Inc. Method and system for preventing illicit use of a telephony platform
US10469670B2 (en) 2012-07-24 2019-11-05 Twilio Inc. Method and system for preventing illicit use of a telephony platform
US11063972B2 (en) 2012-07-24 2021-07-13 Twilio Inc. Method and system for preventing illicit use of a telephony platform
US9124582B2 (en) 2013-02-20 2015-09-01 Fmr Llc Mobile security fob
EP2770458A3 (fr) * 2013-02-20 2014-11-12 Fmr Llc Porte-clés de sécurité mobile
US9843578B2 (en) 2013-02-20 2017-12-12 Fmr Llc Mobile security fob
WO2014197403A1 (fr) * 2013-06-03 2014-12-11 Tangome, Inc. Coordonnateur de communication
US10237057B2 (en) 2013-09-13 2019-03-19 Alcatel Lucent Method and system for controlling the exchange of privacy-sensitive information
EP2849403A1 (fr) * 2013-09-13 2015-03-18 Alcatel Lucent Procédé et système pour commander l'échange d'informations confidentielles
WO2015036087A1 (fr) * 2013-09-13 2015-03-19 Alcatel Lucent Procédé et système pour commander l'échange d'informations privées-sensibles
US10440627B2 (en) 2014-04-17 2019-10-08 Twilio Inc. System and method for enabling multi-modal communication
US11653282B2 (en) 2014-04-17 2023-05-16 Twilio Inc. System and method for enabling multi-modal communication
US10873892B2 (en) 2014-04-17 2020-12-22 Twilio Inc. System and method for enabling multi-modal communication
FR3028334A1 (fr) * 2015-04-07 2016-05-13 Orange Procede d'authentification forte d'un utilisateur d'un equipement consommateur via un equipement d'authentification equipe d'un module de securite
US11785013B2 (en) 2018-05-18 2023-10-10 Telefonaktiebolaget Lm Ericsson (Publ) Application program access control
CN112154634A (zh) * 2018-05-18 2020-12-29 瑞典爱立信有限公司 应用程序访问控制

Also Published As

Publication number Publication date
AU2001282795A1 (en) 2002-03-13
EP1314278A2 (fr) 2003-05-28
WO2002019593A3 (fr) 2002-09-06

Similar Documents

Publication Publication Date Title
EP1314278A2 (fr) Authentification d'un utilisateur final basee sur la boite a outils d'application du module d'identification d'abonne (sat), independante du fournisseur de services
CN101009561B (zh) 用于imx会话控制和认证的系统和方法
FI115098B (fi) Todentaminen dataviestinnässä
EP2368339B1 (fr) Authentification de transaction sécurisée
US7231203B2 (en) Method and software program product for mutual authentication in a communications network
US5497421A (en) Method and apparatus for protecting the confidentiality of passwords in a distributed data processing system
US8423768B2 (en) Method for controlling the location information for authentication of a mobile station
CA2463286C (fr) Systeme d'authentification multifactorielle
US20060262929A1 (en) Method and system for identifying the identity of a user
KR20060135630A (ko) 데이터 처리 시스템의 사용자 인증 방법 및 장치
JP2002215582A (ja) 認証方法及び装置
CN103249045A (zh) 一种身份识别的方法、装置和系统
US7913096B2 (en) Method and system for the cipher key controlled exploitation of data resources, related network and computer program products
Rao et al. Authentication using mobile phone as a security token
Di Pietro et al. A two-factor mobile authentication scheme for secure financial transactions
RU2354066C2 (ru) Способ и система для аутентификации пользователя системы обработки данных
WO2001011817A2 (fr) Protocole d'authentification d'utilisateurs de reseau
Pashalidis et al. Using GSM/UMTS for single sign-on
EP3582469B1 (fr) Authentification au moyen d'un système d'opérateur de réseau mobile
FI115097B (fi) Todentaminen dataviestinnässä
Schuba et al. Internet id-flexible re-use of mobile phone authentication security for service access
FI110150B (fi) Menetelmä tietoverkkoresurssin käyttäjän tunnistus- ja todennustietojen lähettämiseksi tietoverkkoresurssin suuntaan
Ubisafe The Mobile Phone as Authentication Token
Ghiasvand One-Time Passwords via SMS
Nguyen SMS_OTP

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PH PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2001961535

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2001961535

Country of ref document: EP

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWW Wipo information: withdrawn in national office

Ref document number: 2001961535

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: JP