WO2005107213A1 - Subscriber identities - Google Patents

Subscriber identities Download PDF

Info

Publication number
WO2005107213A1
WO2005107213A1 PCT/IB2005/001584 IB2005001584W WO2005107213A1 WO 2005107213 A1 WO2005107213 A1 WO 2005107213A1 IB 2005001584 W IB2005001584 W IB 2005001584W WO 2005107213 A1 WO2005107213 A1 WO 2005107213A1
Authority
WO
WIPO (PCT)
Prior art keywords
entity
identities
identity
checking
home subscriber
Prior art date
Application number
PCT/IB2005/001584
Other languages
French (fr)
Inventor
Auvo Hartikainen
Kalle Tammi
Toni Miettinen
Lauri Laitinen
Philip Ginzboorg
Pekka Laitinen
Original Assignee
Nokia Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Corporation filed Critical Nokia Corporation
Priority to EP05742449A priority Critical patent/EP1741267A1/en
Priority to JP2007510160A priority patent/JP4567729B2/en
Publication of WO2005107213A1 publication Critical patent/WO2005107213A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/10Architectures or entities
    • H04L65/1016IP multimedia subsystem [IMS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • H04L65/1101Session protocols
    • H04L65/1104Session initiation protocol [SIP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/60Network streaming of media packets
    • H04L65/75Media network packet handling
    • H04L65/762Media network packet handling at the source 
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/22Processing or transfer of terminal data, e.g. status or physical capabilities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • H04L65/1101Session protocols

Definitions

  • the present invention relates to the identities of a communication terminal, especially in a mobile terminal and in particular, but not exclusively, the invention relates to a mechanism for verification between a public identity and a private identity of a terminal.
  • the current development towards truly mobile computing and networking has brought on the evolution of various access technologies, which also provide the users with access to the Internet when they are outside their own home network.
  • the first public communication network that provides a truly ubiquitous World Wide Web (WWW) access is the GSM-based mobile telephone network.
  • IP Multimedia Subsystem IMS
  • 3GPP 3rd Generation Partnership Project
  • the inventors have identified an important problem with mobile multimedia communications in third generation wireless networks, namely that of identity coherence checking. This problem permeates both the field of application authentication and Generic Authentication Architecture.
  • the new multimedia capable mobile terminals (multimedia phones) provide an open development platform for application developers, allowing independent application developers to design new services and applications for the multimedia environment. The users may, in turn, download the new applications/services to their mobile terminals and use them therein.
  • a network operator In addition to application authentication, a network operator needs to be able to monitor whether an application is being used by a bone fide subscriber.
  • a bone fide subscriber is a subscriber who has loaded the application legally, and paid any fees required by the application owner.
  • Network operators typically apply security measures in terminals or delivery systems in order to ensure only bone fide subscribers have access to the application. Monitoring information can be used to detect possible cracking of security measures applied to terminal or delivery systems, where this cracking relates to application authentication. Once detected, an unauthorized user of an application can be prevented from using the application on the network.
  • a first terminal 10 loads (1) application and related information needed for application authentication, a secret key for example, from a Delivery Server (DS) 11.
  • DS 11 provides (2) necessary information needed for application authentication, a secret key and possibly a Mobile Station ISDN Number (MSISDN) for example, to an Application Authentication (AA) Proxy 15.
  • An application in the first terminal 10 is started, and the first terminal 10 sends (3) a Session Initiation Protocol (SIP) message such as INVITE to a Proxy Call State Control Function (P-CSCF) 12 in order to start for example a game session with a second terminal.
  • SIP Session Initiation Protocol
  • P-CSCF Proxy Call State Control Function
  • the SIP message is sent to the P-CSCF 12, it is passed from the P-CSCF 12 to an Interrogating Call State Control Function (l-CSCF) 13.
  • the l-CSCF 13 receives the SIP message from P- CSCF 12 and sends it to a Serving Call State Control Function (S-CSCF) 14.
  • the S-CSCF 14 receives the SIP message and identifies a need for application authentication (4), the S-CSCF 14 forwards the SIP message to AA proxy 15.
  • the S-CSCF 14 also sends the terminal subscriber's IMPU (IMS Public Identity) to the AA proxy 15.
  • the AA proxy 15 receives the SIP message and the IMPU from S-CSCF 14 and sends a challenge towards the first terminal 10.
  • the AA proxy 15 sends the challenge to S-CSCF 14.
  • S- CSCF 14 passes the challenge to l-CSCF 13.
  • l-CSCF 13 passes the challenge to P-CSCF 12.
  • P-CSCF 12 delivers the challenge to
  • the first terminal 10 receives the challenge and calculates a challenge response (6) based on a secret key for example.
  • the first terminal 10 then sends the challenge response to the AA proxy 15.
  • the AA proxy 15 receives (7) the challenge response from the first terminal 10. Only if the challenge response from the first terminal 10 is correct does the application receive authentication and session establishment continues.
  • the S-CSCF 14 Upon receiving authentication from the AA proxy 15, the S-CSCF 14 allows session establishment to continue (8) by forwarding the SIP message towards the second terminal.
  • Application authentication can be used on an IP (Internet Protocol) based IMS (IP Multimedia Subsystems) network to ensure that peer-to-peer applications operating on the network use identifiers assigned to them.
  • Applications and related rights may be loaded from a Delivery Server (DS) 11 to a terminal.
  • DS Delivery Server
  • Other information can be loaded, for example a secret key that may also be needed for application authentication.
  • the Delivery Server receives a subscriber's MSISDN during the loading of an application.
  • the MSISDN may be sent to the AA Proxy with the other information needed for application authentication.
  • Peer-to-peer application usage may be started as described above by sending a SIP message through the IMS network from a first peer to a second peer.
  • the message is authenticated by the AA Proxy.
  • the subscriber identity used is an IMS Public Identity (IMPU).
  • IMPU IMS Public Identity
  • the AA Proxy In order for the AA Proxy to check that the IMPU sent belongs to the first peer, and that the first peer has loaded the used application legally (i.e. that the first peer is a bone fide subscriber), it is necessary to be able to verify between the IMPU and MSISDN, but no mechanism for this has been suggested or disclosed.
  • An IP Multimedia Subsystem uses two identities, an IMPU and an IMPI (IMS Private Identity).
  • the IMPI may be derived from the International Mobile Subscriber Identity (IMSI). This method is mandatory in the 3GPP standards, where an IMPI is to be formed in the case of Universal Subscriber Identity Module (USIM) being used in a terminal.
  • IMSI International Mobile Subscriber Identity
  • USIM Universal Subscriber Identity Module
  • a subscriber has an IMPI, but may have a plurality of IMPUs. These IMPUs may be said to be correlated to the IMPI.
  • a Home Subscriber Server stores a list of IMPUs for each IMPI.
  • GAA Generic Authentication Architecture
  • GAA is to be used as a security procedure for a plurality of future applications and services.
  • the inventors have identified a flaw in GAA where it is used as a security system for applications that use a terminal's Public Identity as a user identity.
  • GAA uses IMPI (IMS Private Identity) as a user's identity in security specific signalling.
  • IMS Private Identity IMS Private Identity
  • Some applications that use GAA use only IMPU as a user identity, not IMPI.
  • These GAA applications may use the IMPU as obtained from the User Equipment (UE) as a key in security procedure.
  • UE User Equipment
  • a problem with the GAA is that a first terminal having a private identity may use the public identity of a second terminal, so that the first terminal is allowed to obtain services that it is not entitled to.
  • FIG. 2 illustrates some elements of a network in order to show prior art GAA identifier flows for GAA applications.
  • FIG. 1 A comparison between the two prior art systems of figures 1 and 2 will now be made.
  • the delivery server 11 of figure 1 loosely corresponds to the Bootstrapping Server Function BSF 28 of figure 2.
  • the AA proxy 15 and S-CSCF 14 of figure 1 correspond to the NAF 29.
  • FIG. 1 and 2 relate to different embodiments of a wireless communication network. For example, a difference is that the UE 20 of figure 2 does not download an application from BSF 28, UE 20 simply establishes a security association by running a bootstrapping procedure with BSF (as defined in 3GPP TS 33.220).
  • BSF 28 of figure 2 does not send information about the security association to the NAF 29, the NAF 29 must request the security association from BSF 28 using a TID as the key. Further, part of the functionality of the AA proxy 15 of figure 1 would be performed by the BSF 28 of figure 2, i.e., an authentication process related to an Authentication and Key Agreement (AKA) procedure.
  • AKA Authentication and Key Agreement
  • a User Entity which may be a mobile terminal, sends its IMPI to a Bootstrapping Server Function (BSF) 28 via a Ub interface.
  • BSF Bootstrapping Server Function
  • This step may also be described as the UE 20 performing bootstrapping with its IMPI, wherein this bootstrapping session is uniquely identified by a TID.
  • BSF 28 communicates with a Home Subscriber Server (HSS) 27 via a Zh interface using the received IMPI.
  • HSS Home Subscriber Server
  • the NAF 29 receives the TID and the IMPU from UE 20 via the Ua interface after the bootstrapping has been carried out. The NAF 29 then communicates with the BSF 28 using the Zn interface.
  • the NAF 29 optionally comprises an Authorisation Proxy (AP) 25 and an Application Specific Server (AS) 26.
  • the NAF 29 may communicate with the HSS 27 via an Sh interface
  • the Sh interface is used to get IMPU specific profile information from the HSS 27.
  • the IMPU specific profile information may be related to a service that the NAF 29 is implementing. It should be noted that either an Sh interface or a Generic User Profile (GUP) may be used to do this.
  • GUP Generic User Profile
  • the transfer of an IMPI from BSF 28 to NAF 29 is optional, Such a transfer is only performed with NAFs that are trusted to receive the IMPI. Typically, only a verification that the IMPU belongs to a subscriber is sufficient, this may be ascertained by verifying TID-to-IMPU mapping, where TID is a Transaction Identifier. TID-to-IMPU mapping requires identification of a bootstrapping session in BSF 28. Only the BSF 28 and the UE 20 are capable of verifying TID-to-IMPI mapping.
  • the apparatus shown in Figure 2 disadvantageously does not comprise a mechanism to verify coherence between the IMPI and the IMPU used by GAA services.
  • Embodiments of the present invention seek to address the above-described problems.
  • Embodiments of the present invention provide means to verify coherence of a subscriber's identities; both in the field of application authentication and Generic Authentication Architecture.
  • Embodiments of the present invention may verify a subscriber's MSISDN/IMPU relation or an IMPI/IMPU relation using MAP (Mobile Application Part) and diameter interfaces defined by 3GPP.
  • MAP Mobile Application Part
  • Embodiments of the present invention may also provide improvement to a DIAMETER interface, so as to allow generic retrieval of a subscriber's IMS identities (IMPI and IMPU).
  • IMPI and IMPU subscriber's IMS identities
  • the verification of binding between a subscriber's MSISDN and IMS identities is envisaged to be useful in a wide variety of problems.
  • a method for verifying a first identity and a second identity of an entity comprising: receiving a first and second identity of said entity at a checking entity; sending information relating to at least one of the first and second identities to a home subscriber entity; and verifying that said first and second identities both belong to the entity from which said first and second identities have been received.
  • a system comprising an entity, a first identity and a second identity of which is to be verified, a checking entity arranged to receive a first and second identity of said entity; a home subscriber entity arranged to receive information relating to at least one of the first and second identities, wherein one of said checking entity and said home subscriber entity is arranged to verify that said first and second identities both belong to the entity from which said first and second identities have been received.
  • a checking entity for use in a system comprising an entity, a first identity and a second identity of which is to be verified, said checking entity being arranged to receive a first and second identity of said entity; to send information relating to at least one of the first and second identities to a home subscriber entity, and to verify that said first and second identities both belong to the entity from which said first and second identities have been received.
  • a home subscriber entity for use in a system comprising an entity, a first identity and a second identity of which is to be verified, said home subscriber entity arranged to receive information relating to the first and second identities, and to verify that said first and second identities both belong to the entity.
  • Figure 1 shows an overview of application authentication
  • Figure 2 shows known GAA identifier flows for GAA applications
  • Figure 3 shows an identity binding verification method using SAR/SAA
  • Figure 4 shows an identity binding verification method using UAR UAA
  • Figure 5 shows an identity binding verification method using modified
  • Figure 7 shows GAA application identifier flows using Zh/Zn for IMPU transfer
  • Figure 8 shows GAA application identifier flows using Zh/Zn for USS transfer
  • Figure 9 shows GAA application identifier flows using Sh for IMPI transfer
  • Figure 10 shows alternative GAA application identifier flows using Sh for IMPI transfer.
  • Figure 11 shows alternative GAA application identifier flows using Zh/Zn for IMPU transfer.
  • the MAP (Mobile Application Part) interface in a Home Subscriber Server (HSS) 17 has an operation called SendJMSI, which can be used to fetch a subscriber's IMSI based on a given MSISDN.
  • 3GPP has defined Cx interface (DIAMETER protocol is used), which is used between the HSS 17 and the I- CSCF 13 and also between the HSS 17 and the S-CSCF 14 in an IMS network.
  • the IMPI is derived from the IMSI and utilizing information available in AA Proxy (MSISDN and IMPU), the AA Proxy can verify IMPU/MSISDN relation by using interfaces towards HSS.
  • Figure 3 presents a first phase of one embodiment in which MSISDN/IMPU binding is checked.
  • Checking can be done in real time every time an application authentication is performed, alternatively the AA Proxy 15 can perform a check just once for a pre defined time period and then store the MSISDN/IMPU binding for later use.
  • the AA proxy 15 sends a SendJMSI instruction with MSISDN set as a parameter in the instruction to the HSS 17.
  • the HSS 17 replies to AA proxy 15 with a SendJMSI_ack command, which comprises the subscriber's IMSI.
  • a first phase in which the AA proxy 15 receives both the public and private identity of a first terminal or user.
  • the AA proxy 15 receives the MSISDN of the first terminal 10 from the delivery server (DS) 11.
  • the IMPI of the first terminal 10 may be derived from its IMSI, which is obtained by using the SendJMSI command as described above.
  • the IMPU of the first terminal 10 is received by AA proxy 15 when the SIP message is forwarded from S-CSCF 14.
  • the AA proxy 15 has received the IMPU from the first terminal 10, and derived the first terminal's IMPI from the IMSI, the IMSI being fetched from HSS using the MSISDN received from the first terminal 10.
  • a SendJMSI command is used by the AA proxy 15 to obtain a subscriber's IMSI from HSS 17, this IMSI is based on the MSISDN received from the first terminal.
  • the IMPI is then derived from the IMSI, such that the AA proxy 15 has the IMPI and IMPU as transmitted by the first terminal.
  • the AA proxy can verify that the two identities received from the first terminal belong to the same subscriber. This is achieved by means of one of four methods which will be described below with reference to respective first to fourth embodiments.
  • FIG. 3 shows a first embodiment of the present invention, wherein the second phase comprises using a Server-Assignment-Request (SAR) command sent from the AA proxy 15 to the HSS 17.
  • SAR Server-Assignment-Request
  • a SAR command is normally used by the Serving Call State Control Function (S-CSCF) 14 to update a subscriber's registration status in the Home Subscriber Server (HSS) 17.
  • S-CSCF Serving Call State Control Function
  • HSS 17 contains both the IMPI and the IMPU derived from the first terminal 10.
  • the HSS 17 sends a Server-Assignment-Acknowledge command to the S-CSCF 14.
  • a SAR command is sent from the AA proxy 15 to the HSS 17, as shown in figure 3.
  • This SAR command contains both the IMPI and the IMPU used by the first terminal 10.
  • the HSS 17 returns the subscriber's data to the AA proxy 15 in a Service-Assignment- Answer (SAA) acknowledge command.
  • SAA Service-Assignment- Answer
  • the HSS 17 verifies consistency of the IMPI and the IMPU of the first terminal 10. Implicitly, the HSS verification ascertains whether the IMPU and the MSISDN used by the first terminal 10 belong to same subscriber. This is because the IMPI is derived from IMSI, which is fetched by using MSISDN.
  • the AA proxy sends a SAR command to the HSS 17 to verify that MSISDN and IMPU belong to the same user and thus verify that the user with the received IMPU has loaded the application legally.
  • the HSS 17 receives the SAR command containing IMPU and IMPI from the AA proxy 15.
  • the HSS 17 only replies by sending an SAA command to the AA proxy 15 if the IMPI and the IMPU sent in the SAR command correlate with each other, in other words the HSS 17 will check that the IMPI and the IMPU relate to the same entity.
  • the HSS 17 checks that the SAR command comes from the subscriber's current S-CSCF address. This step may be unnecessary in the present embodiment and so the HSS 17 is preferably modified to skip the address checking step.
  • FIG. 4 shows a second embodiment of the present invention, wherein the second phase comprises using a User-Authorization-Request (UAR) command.
  • UAR User-Authorization-Request
  • the UAR command is used by the Interrogating Call State Control Function (l-CSCF) 13 to fetch a subscriber's current S-CSCF address from the Home Subscriber Server (HSS) 17.
  • the UAR command contains IMPI and IMPU.
  • the HSS 17 replies to the l-CSCF 13 with a User-Authorization-Answer (UAA), which includes a current S-CSCF address.
  • UAA User-Authorization-Answer
  • the AA proxy 15 sends a UAR command to the HSS 17.
  • the UAR command contain the IMPI and IMPU of the first terminal.
  • the HSS 17 performs verification between the IMPI and the IMPU used in the UAR command.
  • the HSS 17 verifies that a particular IMPI (which is derived from the MSISDN, as described above) and a particular IMPU belong to the same user and so verify that the subscriber with the particular IMPU has legally loaded the application in use.
  • the HSS 17 only replies by sending a UAA command to the AA proxy 15 if the IMPI and the IMPU sent in the UAR command correlate with each other.
  • the second embodiment can be implemented into existing communication networks without the need for modification to the system. Further, this embodiment provides a solution where a subscriber's public and private identity relation can be verified by using existing MAP and DIAMETER interfaces defined by 3GPP.
  • FIG. 5 shows a third embodiment of the present invention, wherein the second phase comprises the use of an extended User-Authorization-Request (UAR) command sent from the AA proxy 15 to the HSS 17.
  • UAR User-Authorization-Request
  • the messaging will now be described.
  • the extended UAR command is sent from the AA Proxy 15 to the HSS 17.
  • the UAR command contains both IMPI and IMPU and is extended to carry a new value in an existing User-Authorization-Type Attribute value pair (AVP). This new value could be for example APPLICATION_AUTHENTICATION.
  • the extended UAR command is indicated as UAR-AVP in figure 5.
  • the HSS 17 will return to the AA Proxy 15 an extended UAA (User- Authorization-Answer) command comprising a new optional grouped AVP (e.g. Public-Identity-List AVP) to carry all of a plurality of the user's IMPUs, each of which is related to the IMPI.
  • the extended UAA command is identified as UAA-AVP in figure 5.
  • the AA Proxy 15 may verify that the list of IMPUs comprises the IMPU received from the first terminal 10, and thus verify coherence between the IMPI and IMPU used by the first terminal.
  • the above embodiment of the present invention allows wider use UAR/UAA commands for checking identity coherence.
  • the use of extended UAR/UAA commands is not limited to AA proxy.
  • FIG. 6 shows a fourth embodiment of the present invention, wherein the second phase comprises the use of an extended Server-Assignment-Request (SAR) command, identified as SAR-AVP in figure 6.
  • SAR Server-Assignment-Request
  • the SAR command is extended to implement functionality in the HSS similar to that of the third embodiment. This requires a new value used in the existing Server- Assignment-Type AVP, for example APPLICATION_ AUTHENTICATION.
  • the AA Proxy 15 sends the SAR-SVP command to the HSS 17. This causes the HSS 17 to verify that the IMPI and the IMPU are correlated and further causes the HSS 17 to return to the AA Proxy 15 a list of the user's IMPUs.
  • This list of IMPUs is incorporated in an extended Server-Assignment-Answer (SAA) command, identified as SAA-AVP in figure 6.
  • SAA Server-Assignment-Answer
  • the list of IMPUs is sent in a new grouped AVP, for example a Public-Identity-List AVP.
  • the extended SAA command is identified as SAA-AVP in figure 6.
  • the AA Proxy 15 may verify that the list of IMPUs comprises the IMPU received from the first terminal 10, and thus verify coherence between the IMPI and IMPU used by the first terminal.
  • the above embodiment of the present invention allows wider use SAR/SAA commands for checking identity coherence.
  • the use of extended SAR/SAA commands is not limited to AA proxy 15.
  • the third and fourth embodiments of the present invention provide a dedicated behaviour for application authentication in the Home Subscriber Server.
  • the AA Proxy 15 could use a Zh or an Sh interface with the HSS 17 in order to verify correlation of at least one identity.
  • one of a Network Application Function (NAF) and a Bootstrapping Server Function (BSF) is empowered to verify coherence between a private identity (e.g. IMPI) and a public identity (e.g. IMPU).
  • NAF Network Application Function
  • BSF Bootstrapping Server Function
  • the verification allows the usage of General Application Authentication (GAA) architecture with services that use IMPU (not IMPI) as an only user identity.
  • GAA General Application Authentication
  • a plurality of protocols are used in interfaces within the GAA architecture.
  • Ua and Ub interfaces are required for HTTP (Hyper Text Transfer Protocol) and TCP (Transmission Control Protocol) communication.
  • Zh and Zn are required for SCTP (Simple Control Transport Protocol) communication and DIAMETER messages.
  • GBA Generic Bootstrapping Architecture
  • AKA Authentication and Key Agreement
  • AKA is a very powerful mechanism used in mobile networks.
  • GBA advantageously uses this mechanism to bootstrap application security.
  • GBA introduces a network element (NE) called the Bootstrapping Server Function (BSF) 28.
  • BSF 28 has an interface with the HSS 27.
  • the UE 20 runs AKA with the HSS 27 via the BSF 28 and a session key is derived for use by both the BSF 28 and UE 20.
  • An application server called Network Application Function (NAF) 29) can fetch the session key from the BSF 28 together with a set of subscriber profile information. In this way the application server (NAF 29) and the UE 20 share a secret key that can subsequently be used for application security.
  • NAF Network Application Function
  • the secret key may be used to authenticate UE 20 and NAF 29 at the start of the application session (for at least one of integrity and confidentiality protection).
  • the following communication is application independent: communication between the UE 20 and the BSF 28; communication between NAF 29 and BSF 28; and communication between BSF 28 and HSS 27.
  • the method embodying the present invention advantageously minimises the number of different types of network elements as well as the total number of network elements that retrieve Authentication Vectors (AVs) from the HSS 27.
  • Authentication Vectors are needed by the BSF 28 to perform AKA with UE 20.
  • Authentication Vectors are subscriber specific and change each time AKA is performed.
  • the present invention further provides one generic mechanism for a plurality of different applications, thus avoiding a large diversity of mechanisms and allowing security issues to be addressed once and in a consistent way.
  • FIG. 7 shows a fifth embodiment of the present invention.
  • the GAA can download IMPUs in respect of a given IMPI from the HSS 27 to NAF 29 via a Bootstrapping Server Function (BSF) 28.
  • BSF Bootstrapping Server Function
  • the IMPI is sent from the BSF 28 to the HSS 27 via a Zh interface.
  • the related IMPUs are sent by the HSS 27 as separate DIAMETER AVPs.
  • the IMPUs are downloaded from HSS 27 via Zh to BSF 28.
  • These IMPUs are subsequently downloaded from BSF 28 to NAF 29 via a Zn interface by adding optional Public-Identifier AVPs to the Multimedia-Authentication-Answers.
  • a list of all the IMPUs correlated with that TID and optionally the IMPI itself are received by NAF 29 from HSS 27.
  • NAF 29 may then verify that an IMPU used by UE 20 is included in the received list of IMPUs in order to ensure correlation between the IMPI and the IMPU used by UE 20.
  • the IMPU may be received by the NAF 29 from the user equipment 20.
  • FIG. 8 shows a sixth embodiment of the present invention.
  • the BSF 28 sends the IMPI to the HSS 27 via a Zh interface.
  • the related IMPUs are sent by the HSS 27 in an application's User Security
  • a User Profile i.e. User Security
  • the user profile information is stored separately in the HSS
  • IMPUs may therefore be defined as a part of a downloaded User profile of applications that use IMPU, via both a Zh and Zn interface - that is: from the HSS 27 to the NAF 29 via BSF 28.
  • This embodiment provides definition of a Presence specific user-profile AVP (Presence-Profile) that contains the IMPUs for which the home operator allows verification.
  • Presence-Profile Presence specific user-profile AVP
  • the USS data includes subscriber's security settings related to a particular GAA application.
  • the USS data would contain two flags indicating to the PKI portal (i.e. NAF 29) whether it is allowed to issue a user certificate to the subscriber (UE 20); one flag for the status of the authentication certificate, and another for the status of the non- repudiation certificate.
  • the USS data may comprise IMPUs, resulting in an communication scheme very similar to that shown in figure 7.
  • Figure 9 shows a seventh embodiment of the present invention.
  • This embodiment extends the capabilities of the Sh interface between the NAF 29 and HSS 27.
  • the Sh interface is enabled to allow the NAF 29 to request a user profile using an IMPI sent from the UE 20 via the BSF 28 and an IMPU received from the UE. This is done by adding an IMPI (i.e. User-Name AVP) to a User-Identity AVP in the Sh interface. This can be implemented by broadening the capabilities of the grouped User-Identity AVP by adding a new optional IMPI AVP.
  • the HSS 27 returns a list of IMPUs associated with the received IMPU. The NAF 29 may then verify that an IMPU used by UE 20 is included in the received list of IMPUs in order to ensure correlation between the received IMPI and the IMPU used by UE 20.
  • FIG 10 shows an eighth embodiment of the present invention.
  • This embodiment extends the capabilities of the Sh interface between the NAF 29 and HSS 27.
  • the NAF receives the IMPU from the UE and the IMPI from the UE via the BSF.
  • the Sh interface is enabled to allow the NAF 29 to request a user profile using an IMPI sent from the UE 20 via the BSF 28. This is done by combining an IMPI sent by the UE 20 via the BSF 28 and an IMPU sent by the UE 20 into a User-Data AVP.
  • a User-Data-Answer message is sent to the NAF 29 from the HSS 27, containing a list of all the IMPUs associated with the IMPI as well as the IMPI of the sent IMPU.
  • the NAF 29 may then verify that an IMPU used by UE 20 is included in the received list of IMPUs in order to ensure correlation between the received IMPI and the IMPU used by UE 20.
  • the Sh interface is used to fetch subscriber profile information from the HSS 27 to an application server based on a subscriber's
  • IMPU The Sh interface specification does not support retrieval of profile information using IMPI in a request. IMPI is not usually sent over a Zh interface, even when a subscriber's profile is sent from HSS 27 to application server 26. In order to transmit a subscriber's IMPI over an Sh interface, it is necessary to provide both support for IMPI-based profile retrieval and an IMPI-AVP in the corresponding subscriber profile.
  • FIG 11 shows a ninth embodiment of the present invention.
  • the BSF 28 performs the identification verification.
  • the BSF 28 receives an IMPI from the UE 20 via a Ub interface.
  • the BSF 28 sends the received IMPI to HSS 27 via a Zh interface.
  • the HSS 27 sends a list of IMPUs to BSF 28 via the Zh interface.
  • the NAF 29 receives an IMPU from UE 20.
  • the NAF 29 sends this IMPU to BSF
  • the BSF 28 may then verify that an IMPU used by UE 20 is included in the list of IMPUs received from HSS 27 in order to ensure correlation between the received IMPI and the IMPU used by UE 20. Upon completion of this verification, the BSF 28 sends an indication to NAF 29 confirming verification or not, this confirmation is shown as "ok or not" in figure 11.
  • Ks_naf is a NAF specific key used by NAF 29 to authenticate the UE 20,
  • the prior art apparatus shown in Figure 2 disadvantageously does not comprise a mechanism to verify coherence between the IMPI and the IMPU used by GAA services. While the NAF 29 does receive the IMPU from the UE 20 and optionally may receive the IMPI from the BSF 28 (the IMPI originating from the UE 20), no verification is performed by the NAF 29 to ensure that the IMPU used by the UE 20 is correlated to the IMPI used by the UE 20. Accordingly, embodiments of the present invention seek to address this problem by independently delivering the IMPI and IMPU to the NAF 29 so that the NAF
  • the fifth to eighth embodiments enable a NAF to check the coherence between a user's IMPI and IMPU for an application that utilizes GAA.
  • the ninth embodiment enables the BSF to check the coherence between user's
  • IMPI and IMPU for an application that uses GAA.
  • the checking or verification enables the usage of GAA architecture with services that use IMPU (not IMPI) as a user identity.
  • the fifth and sixth embodiments enable IMPI/IMPU coherence checking in the NAF for a GAA application that does not have an interface with the HSS nor an interface that downloads IMPUs directly from the HSS.
  • the seventh and eighth embodiments can be implemented as extensions of application specific interfaces to the HSS.
  • the ninth embodiment enables IMPI/IMPU coherence checking in the BSF for a GAA application.
  • Embodiments of the present invention thus provide a method of verification of public and private identities of a terminal that may be deployed in real time as part of a session establishing procedure.
  • Embodiments of the present invention can be used in communications system other than the 3 rd Generation systems described.
  • Embodiments of the present invention can be used to verify any two identities of user equipment or associated subscriber and not just the examples of public and private identities.
  • embodiments of the present invention have been described with reference to an IP Multimedia subsystem wherein the private and public identities used are IMPI and IMPU.
  • the present invention may be applied to any communication system wherein a plurality of user identities are used for one entity.
  • Embodiments of the invention have been described in the context of authenticating an INVITE message. It should be appreciated that any other
  • SIP message can be similarly authenticated such as MESSAGE, REFER,
  • embodiments of the invention can be used to verify non SIP messages. Embodiments of the invention may be applied in any situation where an entity uses two or more identities and a check needs to be made between the entities.

Landscapes

  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Databases & Information Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

There is disclosed a method for verifying a first identity and a second identity of an entity, said method comprising: receiving a first and second identity of said entity at a checking entity; sending information relating to at least one of the first and second identities to a home subscriber entity; and verifying that said first and second identities both belong to the entity from which said first and second identities have been received.

Description

SUBSCRIBER IDENTITIES
Field of the Invention
The present invention relates to the identities of a communication terminal, especially in a mobile terminal and in particular, but not exclusively, the invention relates to a mechanism for verification between a public identity and a private identity of a terminal.
Background of the Invention
The current development towards truly mobile computing and networking has brought on the evolution of various access technologies, which also provide the users with access to the Internet when they are outside their own home network. The first public communication network that provides a truly ubiquitous World Wide Web (WWW) access is the GSM-based mobile telephone network.
So far, the use of the Internet has been dominated by person-to-machine communications, i.e. information services. The evolution towards the so-called third generation (3G) wireless networks brings along mobile multimedia communications, which will also change the way IP-based services are utilized in public mobile networks. The IP Multimedia Subsystem (IMS), as specified by the 3rd Generation Partnership Project (3GPP), integrates mobile voice communications with Internet technologies, allowing IP-based multimedia services to be utilized in mobile networks.
The inventors have identified an important problem with mobile multimedia communications in third generation wireless networks, namely that of identity coherence checking. This problem permeates both the field of application authentication and Generic Authentication Architecture. The new multimedia capable mobile terminals (multimedia phones) provide an open development platform for application developers, allowing independent application developers to design new services and applications for the multimedia environment. The users may, in turn, download the new applications/services to their mobile terminals and use them therein.
In addition to application authentication, a network operator needs to be able to monitor whether an application is being used by a bone fide subscriber. A bone fide subscriber is a subscriber who has loaded the application legally, and paid any fees required by the application owner. Network operators typically apply security measures in terminals or delivery systems in order to ensure only bone fide subscribers have access to the application. Monitoring information can be used to detect possible cracking of security measures applied to terminal or delivery systems, where this cracking relates to application authentication. Once detected, an unauthorized user of an application can be prevented from using the application on the network.
The basic principle of application authentication and a plurality of related network elements, comprising a part of a network are presented in figure 1. A first terminal 10 loads (1) application and related information needed for application authentication, a secret key for example, from a Delivery Server (DS) 11. DS 11 provides (2) necessary information needed for application authentication, a secret key and possibly a Mobile Station ISDN Number (MSISDN) for example, to an Application Authentication (AA) Proxy 15. An application in the first terminal 10 is started, and the first terminal 10 sends (3) a Session Initiation Protocol (SIP) message such as INVITE to a Proxy Call State Control Function (P-CSCF) 12 in order to start for example a game session with a second terminal. After the SIP message is sent to the P-CSCF 12, it is passed from the P-CSCF 12 to an Interrogating Call State Control Function (l-CSCF) 13. The l-CSCF 13 receives the SIP message from P- CSCF 12 and sends it to a Serving Call State Control Function (S-CSCF) 14. The S-CSCF 14 receives the SIP message and identifies a need for application authentication (4), the S-CSCF 14 forwards the SIP message to AA proxy 15. The S-CSCF 14 also sends the terminal subscriber's IMPU (IMS Public Identity) to the AA proxy 15. The AA proxy 15 receives the SIP message and the IMPU from S-CSCF 14 and sends a challenge towards the first terminal 10. The AA proxy 15 sends the challenge to S-CSCF 14. S- CSCF 14 passes the challenge to l-CSCF 13. l-CSCF 13 passes the challenge to P-CSCF 12. P-CSCF 12 delivers the challenge to the first terminal 10.
The first terminal 10 receives the challenge and calculates a challenge response (6) based on a secret key for example. The first terminal 10 then sends the challenge response to the AA proxy 15. The AA proxy 15 receives (7) the challenge response from the first terminal 10. Only if the challenge response from the first terminal 10 is correct does the application receive authentication and session establishment continues. Upon receiving authentication from the AA proxy 15, the S-CSCF 14 allows session establishment to continue (8) by forwarding the SIP message towards the second terminal.
Application authentication can be used on an IP (Internet Protocol) based IMS (IP Multimedia Subsystems) network to ensure that peer-to-peer applications operating on the network use identifiers assigned to them. Applications and related rights may be loaded from a Delivery Server (DS) 11 to a terminal. Other information can be loaded, for example a secret key that may also be needed for application authentication. Once an application is started in a first terminal an INVITE is sent towards another party, which may comprise a second terminal. The network is then able to authenticate the application. With reliable application authentication it is possible to use, for example, advanced charging models. Authentication at network side is done by the Application Authentication Proxy (AA Proxy) 15. The application authentication may be performed by exploiting interfaces defined in Generic Authentication Architecture GAA. GAA which will be described later.
The Delivery Server (DS) receives a subscriber's MSISDN during the loading of an application. The MSISDN may be sent to the AA Proxy with the other information needed for application authentication.
However, this mechanism has a problem. Peer-to-peer application usage may be started as described above by sending a SIP message through the IMS network from a first peer to a second peer. The message is authenticated by the AA Proxy. In the SIP message, the subscriber identity used is an IMS Public Identity (IMPU). In order for the AA Proxy to check that the IMPU sent belongs to the first peer, and that the first peer has loaded the used application legally (i.e. that the first peer is a bone fide subscriber), it is necessary to be able to verify between the IMPU and MSISDN, but no mechanism for this has been suggested or disclosed.
An IP Multimedia Subsystem (IMS) uses two identities, an IMPU and an IMPI (IMS Private Identity). The IMPI may be derived from the International Mobile Subscriber Identity (IMSI). This method is mandatory in the 3GPP standards, where an IMPI is to be formed in the case of Universal Subscriber Identity Module (USIM) being used in a terminal. A subscriber has an IMPI, but may have a plurality of IMPUs. These IMPUs may be said to be correlated to the IMPI. A Home Subscriber Server stores a list of IMPUs for each IMPI.
The problem of identity binding checking will now be described with reference to Generic Authentication Architecture (GAA). GAA is to be used as a security procedure for a plurality of future applications and services. However, the inventors have identified a flaw in GAA where it is used as a security system for applications that use a terminal's Public Identity as a user identity. GAA uses IMPI (IMS Private Identity) as a user's identity in security specific signalling. Some applications that use GAA use only IMPU as a user identity, not IMPI. These GAA applications may use the IMPU as obtained from the User Equipment (UE) as a key in security procedure. In this situation, the opportunity is available for the UE to perform bootstrapping operations with its IMPI in order to receive services based on security certificates etc. with an IMPU corresponding to another IMPI. In other words, a problem with the GAA is that a first terminal having a private identity may use the public identity of a second terminal, so that the first terminal is allowed to obtain services that it is not entitled to.
The inventors have identified a problem with the currently defined mechanism in GAA, in that it is not possible to deliver independently the bootstrapped IMPI and the IMPU, used in GAA services, to the Network Application Function (NAF), so that the NAF can perform coherence checking. Figure 2 illustrates some elements of a network in order to show prior art GAA identifier flows for GAA applications.
A comparison between the two prior art systems of figures 1 and 2 will now be made. The delivery server 11 of figure 1 loosely corresponds to the Bootstrapping Server Function BSF 28 of figure 2. Similarly loosely, the AA proxy 15 and S-CSCF 14 of figure 1 correspond to the NAF 29. These items loosely correspond in that they perform similar roles in the authentication process, however it should be borne in mind that figures 1 and 2 relate to different embodiments of a wireless communication network. For example, a difference is that the UE 20 of figure 2 does not download an application from BSF 28, UE 20 simply establishes a security association by running a bootstrapping procedure with BSF (as defined in 3GPP TS 33.220). Also, BSF 28 of figure 2 does not send information about the security association to the NAF 29, the NAF 29 must request the security association from BSF 28 using a TID as the key. Further, part of the functionality of the AA proxy 15 of figure 1 would be performed by the BSF 28 of figure 2, i.e., an authentication process related to an Authentication and Key Agreement (AKA) procedure. The AKA procedure will be described in more detail below.
Upon session initialisation, a User Entity (UE) 20, which may be a mobile terminal, sends its IMPI to a Bootstrapping Server Function (BSF) 28 via a Ub interface. This step may also be described as the UE 20 performing bootstrapping with its IMPI, wherein this bootstrapping session is uniquely identified by a TID. BSF 28 communicates with a Home Subscriber Server (HSS) 27 via a Zh interface using the received IMPI. The NAF 29 receives the TID and the IMPU from UE 20 via the Ua interface after the bootstrapping has been carried out. The NAF 29 then communicates with the BSF 28 using the Zn interface. The NAF 29 optionally comprises an Authorisation Proxy (AP) 25 and an Application Specific Server (AS) 26. Optionally, the NAF 29 may communicate with the HSS 27 via an Sh interface The Sh interface is used to get IMPU specific profile information from the HSS 27. The IMPU specific profile information may be related to a service that the NAF 29 is implementing. It should be noted that either an Sh interface or a Generic User Profile (GUP) may be used to do this.
The transfer of an IMPI from BSF 28 to NAF 29 is optional, Such a transfer is only performed with NAFs that are trusted to receive the IMPI. Typically, only a verification that the IMPU belongs to a subscriber is sufficient, this may be ascertained by verifying TID-to-IMPU mapping, where TID is a Transaction Identifier. TID-to-IMPU mapping requires identification of a bootstrapping session in BSF 28. Only the BSF 28 and the UE 20 are capable of verifying TID-to-IMPI mapping.
The apparatus shown in Figure 2 disadvantageously does not comprise a mechanism to verify coherence between the IMPI and the IMPU used by GAA services. Embodiments of the present invention seek to address the above-described problems.
Summary of the Invention
Embodiments of the present invention provide means to verify coherence of a subscriber's identities; both in the field of application authentication and Generic Authentication Architecture.
Embodiments of the present invention may verify a subscriber's MSISDN/IMPU relation or an IMPI/IMPU relation using MAP (Mobile Application Part) and diameter interfaces defined by 3GPP.
Embodiments of the present invention may also provide improvement to a DIAMETER interface, so as to allow generic retrieval of a subscriber's IMS identities (IMPI and IMPU). The verification of binding between a subscriber's MSISDN and IMS identities is envisaged to be useful in a wide variety of problems.
According to a first aspect of the present invention, there is provided a method for verifying a first identity and a second identity of an entity, said method comprising: receiving a first and second identity of said entity at a checking entity; sending information relating to at least one of the first and second identities to a home subscriber entity; and verifying that said first and second identities both belong to the entity from which said first and second identities have been received.
According to a second aspect of the present invention, there is provided a system comprising an entity, a first identity and a second identity of which is to be verified, a checking entity arranged to receive a first and second identity of said entity; a home subscriber entity arranged to receive information relating to at least one of the first and second identities, wherein one of said checking entity and said home subscriber entity is arranged to verify that said first and second identities both belong to the entity from which said first and second identities have been received.
According to a third aspect of the present invention, there is provided a checking entity for use in a system comprising an entity, a first identity and a second identity of which is to be verified, said checking entity being arranged to receive a first and second identity of said entity; to send information relating to at least one of the first and second identities to a home subscriber entity, and to verify that said first and second identities both belong to the entity from which said first and second identities have been received.
According to a fourth aspect of the present invention, there is provided a home subscriber entity for use in a system comprising an entity, a first identity and a second identity of which is to be verified, said home subscriber entity arranged to receive information relating to the first and second identities, and to verify that said first and second identities both belong to the entity.
Brief Description of the Drawings
For a better understanding of the present invention and as to how the same may be carried into effect, reference will now be made by way of example to the accompanying drawings in which:
Figure 1 shows an overview of application authentication; Figure 2 shows known GAA identifier flows for GAA applications;
Figure 3 shows an identity binding verification method using SAR/SAA;
Figure 4 shows an identity binding verification method using UAR UAA;
Figure 5 shows an identity binding verification method using modified
UAR/UAA; Figure 6 shows an identity binding verification method using modified
SAR/SAA;
Figure 7 shows GAA application identifier flows using Zh/Zn for IMPU transfer; Figure 8 shows GAA application identifier flows using Zh/Zn for USS transfer; Figure 9 shows GAA application identifier flows using Sh for IMPI transfer; and
Figure 10 shows alternative GAA application identifier flows using Sh for IMPI transfer.
Figure 11 shows alternative GAA application identifier flows using Zh/Zn for IMPU transfer.
Detailed Description of the Invention
The MAP (Mobile Application Part) interface in a Home Subscriber Server (HSS) 17 has an operation called SendJMSI, which can be used to fetch a subscriber's IMSI based on a given MSISDN. 3GPP has defined Cx interface (DIAMETER protocol is used), which is used between the HSS 17 and the I- CSCF 13 and also between the HSS 17 and the S-CSCF 14 in an IMS network. The IMPI is derived from the IMSI and utilizing information available in AA Proxy (MSISDN and IMPU), the AA Proxy can verify IMPU/MSISDN relation by using interfaces towards HSS.
The embodiments described in relation to Figure 3 to 6 are in the context of an IMS system having an architecture similar to that of Figure 1 and accordingly the architecture will not be described in detail again.
Figure 3 presents a first phase of one embodiment in which MSISDN/IMPU binding is checked. Checking can be done in real time every time an application authentication is performed, alternatively the AA Proxy 15 can perform a check just once for a pre defined time period and then store the MSISDN/IMPU binding for later use. The AA proxy 15 sends a SendJMSI instruction with MSISDN set as a parameter in the instruction to the HSS 17. The HSS 17 replies to AA proxy 15 with a SendJMSI_ack command, which comprises the subscriber's IMSI. Four alternative embodiments for the implementation of embodiments of the invention will now be described. Common to these embodiments, is a first phase, in which the AA proxy 15 receives both the public and private identity of a first terminal or user. The AA proxy 15 receives the MSISDN of the first terminal 10 from the delivery server (DS) 11. The IMPI of the first terminal 10 may be derived from its IMSI, which is obtained by using the SendJMSI command as described above. The IMPU of the first terminal 10 is received by AA proxy 15 when the SIP message is forwarded from S-CSCF 14. Thus, the AA proxy 15 has received the IMPU from the first terminal 10, and derived the first terminal's IMPI from the IMSI, the IMSI being fetched from HSS using the MSISDN received from the first terminal 10.
In the first phase, a SendJMSI command is used by the AA proxy 15 to obtain a subscriber's IMSI from HSS 17, this IMSI is based on the MSISDN received from the first terminal. The IMPI is then derived from the IMSI, such that the AA proxy 15 has the IMPI and IMPU as transmitted by the first terminal. In a second phase, the AA proxy can verify that the two identities received from the first terminal belong to the same subscriber. This is achieved by means of one of four methods which will be described below with reference to respective first to fourth embodiments.
Figure 3 shows a first embodiment of the present invention, wherein the second phase comprises using a Server-Assignment-Request (SAR) command sent from the AA proxy 15 to the HSS 17. A SAR command is normally used by the Serving Call State Control Function (S-CSCF) 14 to update a subscriber's registration status in the Home Subscriber Server (HSS) 17. The SAR command contains both the IMPI and the IMPU derived from the first terminal 10. Normally, in reply to a SAR command, the HSS 17 sends a Server-Assignment-Acknowledge command to the S-CSCF 14. According to an embodiment of the present invention, a SAR command is sent from the AA proxy 15 to the HSS 17, as shown in figure 3. This SAR command contains both the IMPI and the IMPU used by the first terminal 10. The HSS 17 returns the subscriber's data to the AA proxy 15 in a Service-Assignment- Answer (SAA) acknowledge command. The HSS 17 verifies consistency of the IMPI and the IMPU of the first terminal 10. Implicitly, the HSS verification ascertains whether the IMPU and the MSISDN used by the first terminal 10 belong to same subscriber. This is because the IMPI is derived from IMSI, which is fetched by using MSISDN.
According to one embodiment of the present invention, the AA proxy sends a SAR command to the HSS 17 to verify that MSISDN and IMPU belong to the same user and thus verify that the user with the received IMPU has loaded the application legally. The HSS 17 receives the SAR command containing IMPU and IMPI from the AA proxy 15. The HSS 17 only replies by sending an SAA command to the AA proxy 15 if the IMPI and the IMPU sent in the SAR command correlate with each other, in other words the HSS 17 will check that the IMPI and the IMPU relate to the same entity.
By default, the HSS 17 checks that the SAR command comes from the subscriber's current S-CSCF address. This step may be unnecessary in the present embodiment and so the HSS 17 is preferably modified to skip the address checking step.
Figure 4 shows a second embodiment of the present invention, wherein the second phase comprises using a User-Authorization-Request (UAR) command. Normally, the UAR command is used by the Interrogating Call State Control Function (l-CSCF) 13 to fetch a subscriber's current S-CSCF address from the Home Subscriber Server (HSS) 17. The UAR command contains IMPI and IMPU. Normally, the HSS 17 replies to the l-CSCF 13 with a User-Authorization-Answer (UAA), which includes a current S-CSCF address.
According to the second embodiment of the present invention, the AA proxy 15 sends a UAR command to the HSS 17. The UAR command contain the IMPI and IMPU of the first terminal. The HSS 17 performs verification between the IMPI and the IMPU used in the UAR command. Thus, the HSS 17 verifies that a particular IMPI (which is derived from the MSISDN, as described above) and a particular IMPU belong to the same user and so verify that the subscriber with the particular IMPU has legally loaded the application in use. The HSS 17 only replies by sending a UAA command to the AA proxy 15 if the IMPI and the IMPU sent in the UAR command correlate with each other.
The second embodiment can be implemented into existing communication networks without the need for modification to the system. Further, this embodiment provides a solution where a subscriber's public and private identity relation can be verified by using existing MAP and DIAMETER interfaces defined by 3GPP.
Figure 5 shows a third embodiment of the present invention, wherein the second phase comprises the use of an extended User-Authorization-Request (UAR) command sent from the AA proxy 15 to the HSS 17. The messaging will now be described. The extended UAR command is sent from the AA Proxy 15 to the HSS 17. The UAR command contains both IMPI and IMPU and is extended to carry a new value in an existing User-Authorization-Type Attribute value pair (AVP). This new value could be for example APPLICATION_AUTHENTICATION. The extended UAR command is indicated as UAR-AVP in figure 5. Where the check yields an affirmative result, the HSS 17 will return to the AA Proxy 15 an extended UAA (User- Authorization-Answer) command comprising a new optional grouped AVP (e.g. Public-Identity-List AVP) to carry all of a plurality of the user's IMPUs, each of which is related to the IMPI. The extended UAA command is identified as UAA-AVP in figure 5. Upon receipt of the plurality of the user's IMPUs, the AA Proxy 15 may verify that the list of IMPUs comprises the IMPU received from the first terminal 10, and thus verify coherence between the IMPI and IMPU used by the first terminal. The above embodiment of the present invention allows wider use UAR/UAA commands for checking identity coherence. In alternative embodiments, the use of extended UAR/UAA commands is not limited to AA proxy. For example, in some embodiments it may be advantageous for the l-CSCF 13 to use the extended UAR/UAA commands.
Figure 6 shows a fourth embodiment of the present invention, wherein the second phase comprises the use of an extended Server-Assignment-Request (SAR) command, identified as SAR-AVP in figure 6. The SAR command is extended to implement functionality in the HSS similar to that of the third embodiment. This requires a new value used in the existing Server- Assignment-Type AVP, for example APPLICATION_ AUTHENTICATION. The AA Proxy 15 sends the SAR-SVP command to the HSS 17. This causes the HSS 17 to verify that the IMPI and the IMPU are correlated and further causes the HSS 17 to return to the AA Proxy 15 a list of the user's IMPUs. This list of IMPUs is incorporated in an extended Server-Assignment-Answer (SAA) command, identified as SAA-AVP in figure 6. The list of IMPUs is sent in a new grouped AVP, for example a Public-Identity-List AVP. The extended SAA command is identified as SAA-AVP in figure 6. Upon receipt of the plurality of the user's IMPUs, the AA Proxy 15 may verify that the list of IMPUs comprises the IMPU received from the first terminal 10, and thus verify coherence between the IMPI and IMPU used by the first terminal.
The above embodiment of the present invention allows wider use SAR/SAA commands for checking identity coherence. In alternative embodiments, the use of extended SAR/SAA commands is not limited to AA proxy 15. For example, in some embodiments it may be advantageous for the S-CSCF 14 to use the extended SAR/SAA commands.
The third and fourth embodiments of the present invention provide a dedicated behaviour for application authentication in the Home Subscriber Server.
It is envisaged by the inventors that at least one interface of the Generic Authentication Architecture described herein may be exploited by the AA Proxy 15 described above. For example, instead of using the SAR/SAA and UAR UAA commands, the AA Proxy 15 could use a Zh or an Sh interface with the HSS 17 in order to verify correlation of at least one identity.
In alternative embodiments of the present invention using the GAA, one of a Network Application Function (NAF) and a Bootstrapping Server Function (BSF) is empowered to verify coherence between a private identity (e.g. IMPI) and a public identity (e.g. IMPU). The verification allows the usage of General Application Authentication (GAA) architecture with services that use IMPU (not IMPI) as an only user identity. The following embodiments use the same general structure as the embodiment shown in Figure 2 and accordingly the architecture will not be described again.
A plurality of protocols are used in interfaces within the GAA architecture. Ua and Ub interfaces are required for HTTP (Hyper Text Transfer Protocol) and TCP (Transmission Control Protocol) communication. Zh and Zn are required for SCTP (Simple Control Transport Protocol) communication and DIAMETER messages.
As well as GAA, embodiments of the present invention may be applied to a network incorporating Generic Bootstrapping Architecture (GBA). GBA provides a mechanism using Authentication and Key Agreement (AKA) to install a shared secret between a UE and a server.
AKA is a very powerful mechanism used in mobile networks. GBA advantageously uses this mechanism to bootstrap application security. GBA introduces a network element (NE) called the Bootstrapping Server Function (BSF) 28. This BSF 28 has an interface with the HSS 27. The UE 20 runs AKA with the HSS 27 via the BSF 28 and a session key is derived for use by both the BSF 28 and UE 20. An application server (called Network Application Function (NAF) 29) can fetch the session key from the BSF 28 together with a set of subscriber profile information. In this way the application server (NAF 29) and the UE 20 share a secret key that can subsequently be used for application security. In particular, the secret key may be used to authenticate UE 20 and NAF 29 at the start of the application session (for at least one of integrity and confidentiality protection). The following communication is application independent: communication between the UE 20 and the BSF 28; communication between NAF 29 and BSF 28; and communication between BSF 28 and HSS 27.
The method embodying the present invention advantageously minimises the number of different types of network elements as well as the total number of network elements that retrieve Authentication Vectors (AVs) from the HSS 27. Authentication Vectors are needed by the BSF 28 to perform AKA with UE 20. Authentication Vectors are subscriber specific and change each time AKA is performed.
The present invention further provides one generic mechanism for a plurality of different applications, thus avoiding a large diversity of mechanisms and allowing security issues to be addressed once and in a consistent way.
Figure 7 shows a fifth embodiment of the present invention. The GAA can download IMPUs in respect of a given IMPI from the HSS 27 to NAF 29 via a Bootstrapping Server Function (BSF) 28. The IMPI is sent from the BSF 28 to the HSS 27 via a Zh interface. In response to this, the related IMPUs are sent by the HSS 27 as separate DIAMETER AVPs. The IMPUs are downloaded from HSS 27 via Zh to BSF 28. These IMPUs are subsequently downloaded from BSF 28 to NAF 29 via a Zn interface by adding optional Public-Identifier AVPs to the Multimedia-Authentication-Answers. Hence, for a TID and an IMPU used by the UE 20 in the Ua interface, a list of all the IMPUs correlated with that TID and optionally the IMPI itself are received by NAF 29 from HSS 27. NAF 29 may then verify that an IMPU used by UE 20 is included in the received list of IMPUs in order to ensure correlation between the IMPI and the IMPU used by UE 20. The IMPU may be received by the NAF 29 from the user equipment 20.
Figure 8 shows a sixth embodiment of the present invention. The BSF 28 sends the IMPI to the HSS 27 via a Zh interface. In response to this, the related IMPUs are sent by the HSS 27 in an application's User Security
Settings (USS) to the BSF 28. These IMPUs are subsequently downloaded from BSF 28 to NAF 29 via a Zn interface. A User Profile (i.e. User Security
Settings, USS) is arranged such that it supports GAA application specific user profile information. In some embodiments, a user profile is created for every
GAA application. The user profile information is stored separately in the HSS
27 and automatically transferred via both Zh and Zn interfaces. IMPUs may therefore be defined as a part of a downloaded User profile of applications that use IMPU, via both a Zh and Zn interface - that is: from the HSS 27 to the NAF 29 via BSF 28. This embodiment provides definition of a Presence specific user-profile AVP (Presence-Profile) that contains the IMPUs for which the home operator allows verification.
The structure and content of the USS data is dependant on the GAA application it is pertinent to. Generally, the USS data includes subscriber's security settings related to a particular GAA application. By way of example, if the NAF 29 is a Public Key Infrastructure (PKI) portal, then the USS data would contain two flags indicating to the PKI portal (i.e. NAF 29) whether it is allowed to issue a user certificate to the subscriber (UE 20); one flag for the status of the authentication certificate, and another for the status of the non- repudiation certificate. The USS data may comprise IMPUs, resulting in an communication scheme very similar to that shown in figure 7. Figure 9 shows a seventh embodiment of the present invention. This embodiment extends the capabilities of the Sh interface between the NAF 29 and HSS 27. The Sh interface is enabled to allow the NAF 29 to request a user profile using an IMPI sent from the UE 20 via the BSF 28 and an IMPU received from the UE. This is done by adding an IMPI (i.e. User-Name AVP) to a User-Identity AVP in the Sh interface. This can be implemented by broadening the capabilities of the grouped User-Identity AVP by adding a new optional IMPI AVP. In response to this new request, the HSS 27 returns a list of IMPUs associated with the received IMPU. The NAF 29 may then verify that an IMPU used by UE 20 is included in the received list of IMPUs in order to ensure correlation between the received IMPI and the IMPU used by UE 20.
Figure 10 shows an eighth embodiment of the present invention. This embodiment extends the capabilities of the Sh interface between the NAF 29 and HSS 27. The NAF receives the IMPU from the UE and the IMPI from the UE via the BSF. The Sh interface is enabled to allow the NAF 29 to request a user profile using an IMPI sent from the UE 20 via the BSF 28. This is done by combining an IMPI sent by the UE 20 via the BSF 28 and an IMPU sent by the UE 20 into a User-Data AVP. A User-Data-Answer message is sent to the NAF 29 from the HSS 27, containing a list of all the IMPUs associated with the IMPI as well as the IMPI of the sent IMPU. This later information is contained in a User-Data AVP of the User-Data-Answer message. The NAF 29 may then verify that an IMPU used by UE 20 is included in the received list of IMPUs in order to ensure correlation between the received IMPI and the IMPU used by UE 20.
Regarding figures 9 and 10, the Sh interface is used to fetch subscriber profile information from the HSS 27 to an application server based on a subscriber's
IMPU. The Sh interface specification does not support retrieval of profile information using IMPI in a request. IMPI is not usually sent over a Zh interface, even when a subscriber's profile is sent from HSS 27 to application server 26. In order to transmit a subscriber's IMPI over an Sh interface, it is necessary to provide both support for IMPI-based profile retrieval and an IMPI-AVP in the corresponding subscriber profile.
Figure 11 shows a ninth embodiment of the present invention. In this embodiment the BSF 28 performs the identification verification. The BSF 28 receives an IMPI from the UE 20 via a Ub interface. The BSF 28 sends the received IMPI to HSS 27 via a Zh interface. In response to receiving this IMPI, the HSS 27 sends a list of IMPUs to BSF 28 via the Zh interface. The NAF 29 receives an IMPU from UE 20. The NAF 29 sends this IMPU to BSF
28 via a Zn interface. The BSF 28 may then verify that an IMPU used by UE 20 is included in the list of IMPUs received from HSS 27 in order to ensure correlation between the received IMPI and the IMPU used by UE 20. Upon completion of this verification, the BSF 28 sends an indication to NAF 29 confirming verification or not, this confirmation is shown as "ok or not" in figure 11. Ks_naf is a NAF specific key used by NAF 29 to authenticate the UE 20,
The prior art apparatus shown in Figure 2 disadvantageously does not comprise a mechanism to verify coherence between the IMPI and the IMPU used by GAA services. While the NAF 29 does receive the IMPU from the UE 20 and optionally may receive the IMPI from the BSF 28 (the IMPI originating from the UE 20), no verification is performed by the NAF 29 to ensure that the IMPU used by the UE 20 is correlated to the IMPI used by the UE 20. Accordingly, embodiments of the present invention seek to address this problem by independently delivering the IMPI and IMPU to the NAF 29 so that the NAF
29 can perform coherence checking.
The fifth to eighth embodiments enable a NAF to check the coherence between a user's IMPI and IMPU for an application that utilizes GAA. The ninth embodiment enables the BSF to check the coherence between user's
IMPI and IMPU for an application that uses GAA. The checking or verification enables the usage of GAA architecture with services that use IMPU (not IMPI) as a user identity.
The fifth and sixth embodiments enable IMPI/IMPU coherence checking in the NAF for a GAA application that does not have an interface with the HSS nor an interface that downloads IMPUs directly from the HSS.
The seventh and eighth embodiments can be implemented as extensions of application specific interfaces to the HSS.
The ninth embodiment enables IMPI/IMPU coherence checking in the BSF for a GAA application.
Embodiments of the present invention thus provide a method of verification of public and private identities of a terminal that may be deployed in real time as part of a session establishing procedure.
Embodiments of the present invention can be used in communications system other than the 3rd Generation systems described.
Embodiments of the present invention can be used to verify any two identities of user equipment or associated subscriber and not just the examples of public and private identities. In particular, embodiments of the present invention have been described with reference to an IP Multimedia subsystem wherein the private and public identities used are IMPI and IMPU. However, the present invention may be applied to any communication system wherein a plurality of user identities are used for one entity.
Embodiments of the invention have been described in the context of authenticating an INVITE message. It should be appreciated that any other
SIP message can be similarly authenticated such as MESSAGE, REFER,
SUBSCRIBE etc. It should be appreciated that embodiments of the invention can be used to verify non SIP messages. Embodiments of the invention may be applied in any situation where an entity uses two or more identities and a check needs to be made between the entities.
The applicant hereby discloses in isolation each individual feature described herein and any combination of two or more such features, to the extent that such features or combinations are capable of being carried out based on the present specification as a whole in the light of the common general knowledge of a person skilled in the art, irrespective of whether such features or combinations of features solve any problems disclosed herein, and without limitation to the scope of the claims. The applicant indicates that aspects of the present invention may consist of any such individual feature or combination of features. In view of the foregoing description it will be evident to a person skilled in the art that various modifications may be made within the scope of the invention.

Claims

Claims
1. A method for verifying a first identity and a second identity of an entity, said method comprising: receiving a first and second identity of said entity at a checking entity; sending information relating to at least one of the first and second identities to a home subscriber entity; and verifying that said first and second identities both belong to the entity from which said first and second identities have been received.
2. A method as claimed in claim 1 , wherein in said sending step, a request for a third identity relating to said first identity is sent.
3. A method as claimed in claim 2, wherein said third identity is an IMSI.
4. A method as claimed in claim 2 or 3, wherein in said sending step information on said third identity is sent optionally with said first identity or said second identity or both to said home subscriber entity.
5. A method as claimed in any preceding claim, wherein said sending step comprises sending said information from said checking entity or from a boot strapping function.
6. A method as claimed in any preceding claim, wherein said verification step is carried out in said home subscriber entity, said checking entity or in both said home subscriber server and said checking entity.
7. A method as claimed in any preceding claim, wherein said sending step comprises sending information relating to both of said first and second identities or only one of said first and second identities.
8. A method as claimed in any preceding claim, wherein said sending step comprises sending at least one of a SAR and UAR message.
9. A method as claimed in claim 8 wherein said at least one of a SAR and UAR message is sent from at least one of said checking entity, an S-CSCF, and an l-CSCF.
10. A method as claimed in claim 8 or 9, wherein an attribute value pair is included in said SAR or UAR message which is arranged to cause to home subscriber entity to verify the first and second identities.
11. A method as claimed in any of claims 8 to 10, comprising sending an answer to said UAR or SAR message only if said identities are verified.
12. A method as claimed in any preceding claim, comprising the step of sending from the home subscriber entity to the checking entity information relating to a plurality of identities related to one of said first and second identities.
13. A method as claimed in claim 12, wherein said verification step comprises determining if one of said first and second identities is in said information relating to a plurality of identities received from said home subscriber entity.
14 A method as claimed in claim 12 or 13, wherein said information relating to a plurality of identities is sent via an Sh interface or via a boot strapping function.
15. A method as claimed in claim 12, 13 or 14, wherein said plurality of identities comprise at least one public identity and/or at least one private identity.
16. A method as claimed in any of claims 12 to 15, wherein said information relating to said plurality of identities are sent in AVP format.
17. A method as claimed in any preceding claim, wherein said checking entity comprises an authentication proxy.
18. A method as claimed in any preceding claim, wherein at least one of said first and second identities comprises a private identity.
19. A method as claimed in claim 18, wherein said private identity comprises an IMPI.
20. A method as claimed in any preceding claim, wherein at least one of said first and second identities comprises a public identity.
21. A method as claimed in claim 20, wherein said public identity comprises an IMPU.
22. A method as claimed in any preceding claim, wherein the sending of information relating to said at least one of said first and second identities comprises sending information relating to at least one third identity derived from at least one of said first and second identities.
23. A method as claimed in any preceding claim, wherein said checking entity comprises one of an AA proxy, a NAF and a bootstrapping function.
24. A method as claimed in any preceding claim, wherein said checking entity is arranged to receive one of said first and second identities from a NAF.
25. A method as claimed in any preceding claim, wherein said first and second identities are provided to said checking entity via different routes.
26. A system comprising an entity, a first identity and a second identity of which is to be verified, a checking entity arranged to receive a first and second identity of said entity; a home subscriber entity arranged to receive information relating to at least one of the first and second identities, wherein one of said checking entity and said home subscriber entity is arranged to verify that said first and second identities both belong to the entity from which said first and second identities have been received.
27. A system as claimed in claim 26, wherein said system comprises an IMS system or a GAA system.
28. A system as claimed in claim 26 or 27, wherein said entity comprises user equipment.
29. A system as claimed in any of claims 26 to 28, wherein said checking entity comprises at least one of a boot strapping function, a NAF and a AA proxy.
30. A checking entity for use in a system comprising an entity, a first identity and a second identity of which is to be verified, said checking entity being arranged to receive a first and second identity of said entity; to send information relating to at least one of the first and second identities to a home subscriber entity, and to verify that said first and second identities both belong to the entity from which said first and second identities have been received.
31. A home subscriber entity for use in a system comprising an entity, a first identity and a second identity of which is to be verified, said home subscriber entity arranged to receive information relating to the first and second identities, and to verify that said first and second identities both belong to the entity.
PCT/IB2005/001584 2004-04-28 2005-04-27 Subscriber identities WO2005107213A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP05742449A EP1741267A1 (en) 2004-04-28 2005-04-27 Subscriber identities
JP2007510160A JP4567729B2 (en) 2004-04-28 2005-04-27 Subscriber identity

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB0409496.7 2004-04-28
GBGB0409496.7A GB0409496D0 (en) 2004-04-28 2004-04-28 Subscriber identities

Publications (1)

Publication Number Publication Date
WO2005107213A1 true WO2005107213A1 (en) 2005-11-10

Family

ID=32408192

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2005/001584 WO2005107213A1 (en) 2004-04-28 2005-04-27 Subscriber identities

Country Status (7)

Country Link
US (1) US8213901B2 (en)
EP (1) EP1741267A1 (en)
JP (1) JP4567729B2 (en)
KR (1) KR100882326B1 (en)
CN (1) CN1957581A (en)
GB (1) GB0409496D0 (en)
WO (1) WO2005107213A1 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2086167A1 (en) * 2006-10-20 2009-08-05 Huawei Technologies Co., Ltd. User device registering, enabling system, method and device in private network management
JP4824813B2 (en) * 2006-03-28 2011-11-30 ノキア コーポレイション Application authentication
EP2560342A3 (en) * 2006-03-14 2013-06-12 Huawei Technologies Co., Ltd. Method, system and apparatus for protecting a BSF entity from attack, and BSF entity
US8625433B2 (en) 2007-12-19 2014-01-07 Telefonaktiebolaget L M Ericsson (Publ) Method and apparatus for use in a communications network
WO2014063744A1 (en) * 2012-10-26 2014-05-01 Nokia Solutions And Networks Oy Enhanced data access technique for user data from a home subscriber server

Families Citing this family (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8046824B2 (en) * 2005-04-11 2011-10-25 Nokia Corporation Generic key-decision mechanism for GAA
US8799490B2 (en) * 2005-08-26 2014-08-05 Hewlett-Packard Development Company, L.P. Automated application server (AS) permissions provisioning
US7783618B2 (en) 2005-08-26 2010-08-24 Hewlett-Packard Development Company, L.P. Application server (AS) database with class of service (COS)
US8213411B2 (en) * 2005-08-26 2012-07-03 Hewlett-Packard Development Company, L.P. Charging database with class of service (COS)
US20070055874A1 (en) * 2005-09-05 2007-03-08 Nokia Corporation Bundled subscriber authentication in next generation communication networks
CN100450207C (en) * 2005-09-30 2009-01-07 华为技术有限公司 Method and telecommunication system for accessing IMS domain to circuit domain users
US8948012B2 (en) * 2005-12-29 2015-02-03 Nokia Corporation System and method for interactive session provision
CN101496387B (en) 2006-03-06 2012-09-05 思科技术公司 System and method for access authentication in a mobile wireless network
US7715562B2 (en) 2006-03-06 2010-05-11 Cisco Technology, Inc. System and method for access authentication in a mobile wireless network
GB2437344B (en) * 2006-04-21 2008-06-18 Motorola Inc A subscriber server system for a cellular communication system
US8090944B2 (en) * 2006-07-05 2012-01-03 Rockstar Bidco Lp Method and apparatus for authenticating users of an emergency communication network
US20080092226A1 (en) * 2006-10-12 2008-04-17 Motorola, Inc. Pre-registration secure and authenticatedsession layer path establishment
WO2008074366A1 (en) * 2006-12-19 2008-06-26 Telefonaktiebolaget Lm Ericsson (Publ) Managing user access in a communications network
US7885640B2 (en) * 2007-01-11 2011-02-08 Nokia Corporation Authentication in communication networks
US8613058B2 (en) * 2007-05-31 2013-12-17 At&T Intellectual Property I, L.P. Systems, methods and computer program products for providing additional authentication beyond user equipment authentication in an IMS network
ATE528905T1 (en) * 2007-11-30 2011-10-15 Ericsson Telefon Ab L M STORAGE OF NETWORK DATA
US9166799B2 (en) * 2007-12-31 2015-10-20 Airvana Lp IMS security for femtocells
US8181030B2 (en) * 2008-12-02 2012-05-15 Electronics And Telecommunications Research Institute Bundle authentication system and method
JP5350395B2 (en) 2008-12-10 2013-11-27 パナソニック株式会社 Terminal device, signal spreading method, and integrated circuit
CN101478753B (en) * 2009-01-16 2010-12-08 中兴通讯股份有限公司 Security management method and system for IMS network access by WAPI terminal
CN102111759A (en) * 2009-12-28 2011-06-29 中国移动通信集团公司 Authentication method, system and device
US9019954B2 (en) * 2010-06-18 2015-04-28 Telefonaktiebolaget L M Ericsson (Publ) Methods and apparatuses for handling public identities in an internet protocol multimedia subsystem network
EP2583427B1 (en) * 2010-06-18 2016-06-01 Telefonaktiebolaget LM Ericsson (publ) Method and apparatus for handling public identities in an internet protocol multimedia subsystem network
WO2012039655A1 (en) * 2010-09-21 2012-03-29 Telefonaktiebolaget L M Ericsson (Publ) Network signal tracing using charging identifiers as trace recording session references
US8327006B2 (en) * 2011-02-24 2012-12-04 Jibe Mobile Endpoint device and article of manufacture for application to application communication over a network
US9372963B2 (en) * 2012-08-30 2016-06-21 Verizon Patent And Licensing Inc. User device selection
FR2996096A1 (en) * 2012-09-24 2014-03-28 France Telecom METHODS OF VERIFICATION AND CONTROL IN A CORE OF IP MULTIMEDIA NETWORK, AND SERVERS
FR3001595A1 (en) * 2013-01-28 2014-08-01 France Telecom METHOD FOR DETECTING FRAUD IN AN IMS NETWORK
EP2785011A1 (en) * 2013-03-27 2014-10-01 Gemalto SA Method to establish a secure voice communication using generic bootstrapping architecture
EP2785004A1 (en) * 2013-03-28 2014-10-01 Nokia Solutions and Networks Oy Imei based lawful interception for ip multimedia subsystem
US10110692B2 (en) 2013-11-29 2018-10-23 Nec Corporation Apparatus, system and method for MTC
CN105472296B (en) * 2014-09-09 2019-02-05 联想(北京)有限公司 Real-time method of calibration and device
EP3285506B1 (en) * 2015-05-07 2020-01-01 Huawei Technologies Co., Ltd. Service processing method and user equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002081431A1 (en) 2001-04-09 2002-10-17 Centre National De La Recherche Scientifique (C.N.R.S.) Preparation of sulphinic perfluoroalkane acid salts
WO2003005669A1 (en) 2001-07-03 2003-01-16 Telefonaktiebolaget Lm Ericsson (Publ) Method and system for handling multiple registration
WO2003081431A1 (en) * 2002-03-22 2003-10-02 Nokia Corporation Temporary identity for authentication with session initiation protocol__________________________
EP1365620A1 (en) 2002-05-22 2003-11-26 Siemens Aktiengesellschaft Method for registration of a communication terminal in a service network (IMS)

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH08140136A (en) * 1994-11-07 1996-05-31 Oki Electric Ind Co Ltd Communication system
US5943620A (en) * 1996-12-09 1999-08-24 Ericsson Inc. Method for associating one directory number with two mobile stations within a mobile telecommunications network
US6253327B1 (en) * 1998-12-02 2001-06-26 Cisco Technology, Inc. Single step network logon based on point to point protocol
US7221935B2 (en) * 2002-02-28 2007-05-22 Telefonaktiebolaget Lm Ericsson (Publ) System, method and apparatus for federated single sign-on services
EP1492296B1 (en) * 2003-06-26 2007-04-25 Telefonaktiebolaget LM Ericsson (publ) Apparatus and method for a single a sign-on authentication through a non-trusted access network
EP1649658B1 (en) * 2003-08-01 2007-08-01 Telefonaktiebolaget LM Ericsson (publ) Method and apparatus for routing a service request

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002081431A1 (en) 2001-04-09 2002-10-17 Centre National De La Recherche Scientifique (C.N.R.S.) Preparation of sulphinic perfluoroalkane acid salts
WO2003005669A1 (en) 2001-07-03 2003-01-16 Telefonaktiebolaget Lm Ericsson (Publ) Method and system for handling multiple registration
WO2003081431A1 (en) * 2002-03-22 2003-10-02 Nokia Corporation Temporary identity for authentication with session initiation protocol__________________________
EP1365620A1 (en) 2002-05-22 2003-11-26 Siemens Aktiengesellschaft Method for registration of a communication terminal in a service network (IMS)

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
"3GPP TS 33.220 - 3RD GENERATION PARTNERSHIP PROJECT; TECHNICAL SPECIFICATION GROUP SERVICES AND SYSTEM ASPECTS; GENERIC AUTHENTICATION ARCHITECTURE (GAA); GENERIC BOOTSTRAPPING ARCHITECTURE (RELEASE 6)", 3GPP TS 33.220 V6.0.0, XX, XX, March 2004 (2004-03-01), pages 1 - 18, XP002334596 *
GARCIA D MILLS / NOKIA G MAYER F DEROME H SHIEH / MOTOROLA / BT / LUCENT J BHARATIA / NORTEL / HUTCHISON D WILLIS / DYNAMICSOFT M: "3GPP requirements on SIP", IETF STANDARD-WORKING-DRAFT, INTERNET ENGINEERING TASK FORCE, IETF, CH, no. 1, November 2001 (2001-11-01), XP015013488, ISSN: 0000-0004 *
See also references of EP1741267A1

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2560342A3 (en) * 2006-03-14 2013-06-12 Huawei Technologies Co., Ltd. Method, system and apparatus for protecting a BSF entity from attack, and BSF entity
US8707041B2 (en) 2006-03-14 2014-04-22 Huawei Technologies Co., Ltd. Protecting a BSF entity from attack
JP4824813B2 (en) * 2006-03-28 2011-11-30 ノキア コーポレイション Application authentication
EP2086167A1 (en) * 2006-10-20 2009-08-05 Huawei Technologies Co., Ltd. User device registering, enabling system, method and device in private network management
EP2086167A4 (en) * 2006-10-20 2010-08-18 Huawei Tech Co Ltd User device registering, enabling system, method and device in private network management
US8625433B2 (en) 2007-12-19 2014-01-07 Telefonaktiebolaget L M Ericsson (Publ) Method and apparatus for use in a communications network
WO2014063744A1 (en) * 2012-10-26 2014-05-01 Nokia Solutions And Networks Oy Enhanced data access technique for user data from a home subscriber server

Also Published As

Publication number Publication date
JP2007535259A (en) 2007-11-29
US20050278420A1 (en) 2005-12-15
KR100882326B1 (en) 2009-02-11
US8213901B2 (en) 2012-07-03
CN1957581A (en) 2007-05-02
EP1741267A1 (en) 2007-01-10
JP4567729B2 (en) 2010-10-20
KR20070004131A (en) 2007-01-05
GB0409496D0 (en) 2004-06-02

Similar Documents

Publication Publication Date Title
US8213901B2 (en) Subscriber identities
US7574735B2 (en) Method and network element for providing secure access to a packet data network
CA2532538C (en) Apparatus and method for authenticating a user when accessing to multimedia services
US8265090B2 (en) Storing access network information for an IMS user in a subscriber profile
US9882943B2 (en) Method of access provision
US20080155658A1 (en) Authentication type selection
EP1683322B1 (en) Shared secret usage for bootstrapping
US20060101270A1 (en) Determining a key derivation function
US20110173687A1 (en) Methods and Arrangements for an Internet Multimedia Subsystem (IMS)
US20160119788A1 (en) Authentication of browser-based services via operator network
JP2007528650A (en) Method for verifying first ID and second ID of entity
US20070055874A1 (en) Bundled subscriber authentication in next generation communication networks
US20130091546A1 (en) Transmitting Authentication Information
WO2006072219A1 (en) An ip multimedia subsystem network authentication system and the method thereof
WO2007022800A1 (en) Method and apparatus for providing access security in a communications network
US20090327721A1 (en) Method and Apparatuses for Securing Communications Between a User Terminal and a SIP Proxy Using IPSEC Security Association
US20090089425A1 (en) Systems, Methods and Computer Program Products for Coordinated Session Termination in an IMS Network
JP2009026215A (en) Verification processor, verification processing method, and verification processing system
Sher et al. Secure Access to IMS Services Based
IMS Implementation of the Diameter-based Cx Interface in the IP Multimedia Subsystem
KR20100051884A (en) Method and device for authentication control of terminal

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2007510160

Country of ref document: JP

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2005742449

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: DE

WWE Wipo information: entry into national phase

Ref document number: 6452/DELNP/2006

Country of ref document: IN

WWE Wipo information: entry into national phase

Ref document number: 200580016726.3

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 1020067025053

Country of ref document: KR

WWP Wipo information: published in national office

Ref document number: 1020067025053

Country of ref document: KR

WWP Wipo information: published in national office

Ref document number: 2005742449

Country of ref document: EP