WO2006079953A1 - Procede et dispositif d'authentification destines a etre utilises dans un systeme de communication radio - Google Patents

Procede et dispositif d'authentification destines a etre utilises dans un systeme de communication radio Download PDF

Info

Publication number
WO2006079953A1
WO2006079953A1 PCT/IB2006/050213 IB2006050213W WO2006079953A1 WO 2006079953 A1 WO2006079953 A1 WO 2006079953A1 IB 2006050213 W IB2006050213 W IB 2006050213W WO 2006079953 A1 WO2006079953 A1 WO 2006079953A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
wireless communication
communication network
mobile terminal
network
Prior art date
Application number
PCT/IB2006/050213
Other languages
English (en)
Inventor
Xiaohui Jin
Xiaoling Shao
Bo Liu
Robert James Davies
Original Assignee
Koninklijke Philips Electronics N.V.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics N.V. filed Critical Koninklijke Philips Electronics N.V.
Publication of WO2006079953A1 publication Critical patent/WO2006079953A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]

Definitions

  • the present invention relates to wireless communication system, and more particularly to an authentication method and device for use in wireless communication system.
  • Wireless local area network (WLAN) technology and cellular network technology are complementary wireless communication network technologies. The complementarity of them is mainly shown as: WLAN is able to provide high-speed data services over a relatively small coverage range, and cellular networks, such as General Packet Radio Service (GPRS) and 3 rd -generation mobile communication network, are able to provide relatively low- speed speech and data services over a comparatively broad coverage range.
  • GPRS General Packet Radio Service
  • 3 rd -generation mobile communication network are able to provide relatively low- speed speech and data services over a comparatively broad coverage range.
  • SIM subscriber identity module
  • SIM card credential information subscriber identity information carried by a SIM card and resident in a mobile terminal so as to decide the subscriber's validity and the kind of service that can be provided to, through communication between a network and a cellular phone.
  • Authentication ensures that the network is being used by a paying customer and the call ends up with charging and generating actual revenue for the cellular operator.
  • there are two types of possible fraud a) Making "free” calls using a stolen SIM and/or equipment; and b) Making "free” calls using a clone SEVI.
  • cellular operators have set up a sophisticated fraud detection and management system. For example, cellular networks prohibit duplicate SIMs to be active simultaneously.
  • a SEVI cannot access cellular network from two different locations, such as different cells and/or MSCs access cellular networks.
  • WLAN networks can be categorized into three classes. a) Using SSID, media access control (MAC) address, and/or other specific identities compliant to the IEEE802.il standards to identify a WLAN user. b) Using username/password to authenticate a WLAN user. c) Using SIM-based information to authenticate a WLAN user.
  • SSID media access control
  • MAC media access control
  • the SIM-based authentication has inherent advantages over the first two classes.
  • SIM-based WLAN authentication methods such as EAP-SIM (Extensible Authentication Protocol-SIM), EAP ((Extensible Authentication Protocol) /AKA (Authentication and Key Agreement), SIM-based authentication over IEEE802.1x and so on.
  • EAP-SIM Extensible Authentication Protocol-SIM
  • EAP Extensible Authentication Protocol
  • AKA Authentication and Key Agreement
  • SIM-based WLAN authentication requires a SIM reader attached to the terminal device so that the authentication software can use the SIM credential.
  • MS represents mobile terminal in cellular networks and terminal device in WLAN networks for the purpose of unification.
  • Fig. 1 shows composite parts involved in the SIM-based WLAN authentication procedure.
  • the system comprises a mobile terminal 20, a wireless local area network 21 and AAA server 22.
  • the mobile terminal 20 has a SIM reader 201 and SIM 202.
  • the wireless local area network 21 has access points 211, 211', and an access controller 212.
  • the AAA server 22 includes an authentication server 221, subscriber information unit 222, and secure WLAN connection unit 223.
  • AAA server 22 has a secure connection 223 to HLR (Home Location Register) of cellular network:
  • the EAP-SIM client resident in the mobile terminal, starts the authentication process by sending the authentication request to the AAA server 22 through wireless communication link provided by the WLAN network 21.
  • the AAA server 22 issues a challenge through the wireless communication link provided by the WLAN, which is then forwarded to the SIM reader 201 by the EAP-SIM client.
  • the EAP-SIM client communicates with the SIM 202 through the SIM reader, and the SIM computes the response according to corresponding cellular authentication algorithms.
  • the EAP-SIM client forwards this response to the AAA server to check the response and provide access appropriately.
  • the WLAN operator can get the SEVI credential, which serves as identity information of users and cellular operators and wish to be reserved only by users and cellular operators. Potential risks are left if the information is known by a third party (e.g. some untrustworthy WLAN operators).
  • Peer-to-Peer wide area network connection and service level agreement are needed for all WLAN operating equipment and cellular operating equipment, otherwise some WLAN networks cannot provide services for some cellular networks' subscribers. In the case of numerous WLAN and cellular networks in a region, it is hard to establish a full-mesh network among them. If a WLAN owner only sets up service level agreement (SLA) with operator A, it cannot provide service for operator B's subscribers, which limits its revenue. Therefore, there is a need for a novel authentication method and device using wireless communication system, in order to overcome the above-described disadvantages in the prior art.
  • SLA service level agreement
  • the present invention provides a method of authentication performed in a first wireless communication network, including the steps of: (a) receiving an authentication request from a mobile terminal, said authentication request being used to request authentication for said mobile terminal and a second wireless communication network so that said mobile terminal can communicate with said second wireless communication network; (b) authenticating said mobile terminal and said second wireless communication network in accordance with said authentication request; and
  • the present invention further provides a device of authentication performed in a first wireless communication network, comprising: receiving means for receiving an authentication request from a mobile terminal, said authentication request being used to request authentication for said mobile terminal and a second wireless communication network so that said mobile terminal can communicate with said second wireless communication network; processing means for authenticating said mobile terminal and said second wireless communication network in accordance with said authentication request; and transmitting means for notifying said mobile terminal and said second wireless communication network of results from the authentication.
  • the present invention further provides a method of authentication in a mobile terminal, including the steps of:
  • the present invention further provides a device of authentication performed in a mobile terminal, comprising: communicating means for exchanging with a second wireless communication network information used for authentication; transmitting means for transmitting to a first wireless communication network an authentication request for requesting said first wireless communication network to perform authentication for said mobile terminal and said second wireless communication network, wherein said authentication request contains said information used for authentication; and receiving means for receiving authentication results from said first wireless communication network.
  • the present invention further provides a method of authentication performed in a second wireless communication network, including the steps of:
  • the present invention further provides a device of authentication operating in a second wireless communication network, comprising: communicating means for exchanging with a mobile terminal information used for authentication; processing means for cooperating with a first wireless communication network in authenticating said second wireless communication network; and receiving means for receiving notification of authentication results from said first wireless communication network.
  • cellular subscribers' SIM credential will never be transferred over the insecure WLAN radio link; WLAN owner will never get all information of cellular subscribers' SIM credential; attack from mendacious WLANs can be detected and prevented; and attack from mendacious MSs can be detected and prevented.
  • Fig. 1 is a block diagram of authentication procedure in WLAN
  • Fig. 2 shows a system used for SIM-based asymmetric authentication according to an embodiment of the present invention
  • Fig. 3 shows SIM-based asymmetric authentication according to an embodiment of the present invention.
  • Fig. 4 shows WLAN-initiated SIM-based asymmetric authentication according to an embodiment of the present invention.
  • Authentication according to the present invention employs an asymmetric authentication approach, which prevents the transfer of cellular subscribers' identity information (e.g. SIM credential) on the insecure WLAN radio link.
  • identity information e.g. SIM credential
  • a SIM-based asymmetric authentication approach is proposed.
  • wireless overlay network cellular networks have stronger and more mature security property than WLAN networks.
  • cellular networks have a very successful business operating mode characterized in larger coverage, stronger roaming function, mature AAA (Authentication, Authority, Accounting) systems, and large numbers of subscribers.
  • AAA Authentication, Authority, Accounting
  • cellular network always play dominating roles during the cooperation with other networks.
  • WLAN owners usually called as WISPs (Wireless Internet Service Provider)
  • WISPs Wireless Internet Service Provider
  • the approach proposed in the present invention utilizes cellular networks' secure channel, existing authentication and accounting system, to provide secure authentication for WLAN networks.
  • SIM credential refers to some credential information stored in SIM card and used to identify subscriber's identity during network communication. If someone's SIM credential is leaked to other person, it is possible to masquerade this subscriber without being detected by the network.
  • mobile station communicates with the WLAN to exchange WLAN information and part of the MS's information between the MS and the WLAN, the part of the MS's information being limited to prevent computing out the MS's credential information; next, the MS transmits authentication notification to an authentication server of the cellular network so as to notify the MS of the request for authentication in the WLAN, the authentication notification containing the MS's information and WLAN information; afterwards, the authentication server of the cellular network communicates with the MS and the WLAN and verifies the MS and the WLAN; then, having verified the MS and the WLAN, the authentication server notifies the WLAN of accepting the authentication request of the MS; and lastly, after the notification by the authentication server, the WLAN confirms the authentication request of the MS.
  • MS mobile station
  • Fig. 2 shows a system used for SEVI-based asymmetric authentication according to an embodiment of the present invention. As shown in Fig. 2, there are defined four network units.
  • Mobile terminal 30, which is able to access cellular network 31 and WLAN network 33, and comprises an authentication- aid module 301 for accomplishing the asymmetric authentication for the WLAN network.
  • the authentication- aid module 301 comprises: communicating means for exchanging information used for authentication with the WLAN network, transmitting means for transmitting to the cellular network 31 an authentication request for requesting the cellular network 31 to authenticate the mobile terminal 30 and the WLAN network 33, and receiving means for receiving authentication results from the cellular network 31.
  • Cellular network 31 can be existing cellular mobile network, such as GSM network, besides the following enhanced authentication server 311.
  • the authentication server 311 comprises: receiving means for receiving an authentication request from mobile terminal 30, processing means for authenticating the mobile terminal 30 and WLAN network 33 in accordance with said authentication request, and transmitting means for notifying the mobile terminal 30 and the WLAN network 33 of authentication results.
  • WLAN network 33 refers to networks, which are compliant to the IEEE802.il standards, except for the following authenticator 331.
  • the authenticator 331 comprises: communicating means for exchange information used for authentication with mobile terminal 30, processing means for cooperating with cellular network 31 in authenticating the WLAN network 33, and receiving means for receiving notification of authentication results from the cellular network.
  • Transmission network (Cloud) 32 which provides inter-connection between authentication server 311 and authenticator 331, can be dedicated channel or public Internet using RADIUS, DIAMETER or other protocols.
  • the authentication server 311 of the cellular network 31 can authenticate MS's identity utilizing SIM credential of MS 30 and appropriate algorithms. Besides the conventional authentication functions, the authentication server 311 can also communicate with the authenticator 331 of the WLAN network 33 to verify identity of the MS 30.
  • the authenticator 331 of the WLAN network 33 can communicate with the authentication server 311 of the home cellular network 31 of the MS 30 to exchange identity application and information of the MS 30.
  • symmetrical authentication authentication information is transferred between MS 30 and cellular network 31 when the MS 30 wants to be authenticated in the cellular network 31, or between the MS 30 and WLAN network 33 when the MS 30 wants to be authenticated in the WLAN network 33.
  • symmetrical authentication in symmetrical authentication, authentication information is transferred between MS 30 and cellular network 31 when the MS 30 wants to be authenticated in the cellular network 31, or between the MS 30 and WLAN network 33 when the MS 30 wants to be authenticated in the WLAN network 33.
  • the MS 30 Having been authenticated by the cellular network 31, the MS 30 communicates with its corresponding node through the cellular network 31.
  • Step S40 After detecting an available WLAN network 33, the MS 30 communicates with or monitors the WLAN to get necessary identification information, such as the WLAN's ID and address.
  • This WLAN identification information should be enough to exclusively identify a WLAN network in a certain range.
  • the WLAN gets some of the MS's identification information, such as its MAC address, a random number, portion of its SIM code and MSISDN code, or other information.
  • An important identifier, the MS's temporary ID can be set by the MS, or by the WLAN, or negotiated by them. The temporary ID must be unique in a certain range in a period to exclusively identify the MS in this WLAN.
  • Step S50 The MS transmits an authentication request (including necessary information) to the authentication server 311 so as to notify that it wants to be authenticated within the specific WLAN network 33 using the temporary ID.
  • the information is generated by authentication- aid module 301 located in the MS and includes identification information of the MS and the WLAN, such as temporary ID, SIM credential, and information of the specific WLAN. From the aspect of the cellular network 31, all the identification information provided by the MS 30 should exclusively identify the MS 30 and the WLAN 33 in a certain range.
  • Step S60 The authentication server 311 authenticates the MS. Receiving the MS's SIM credential, the authentication server can verify the MS and its profile (such as identification information, service type, subscription records and the like). If the MS is not legal, the application is out of the registered profile, or the WLAN is in the black list, then the authentication will fail.
  • the verification method can be checking HLR/VLR database or using challenge-response method.
  • Step S61 According to the WLAN information provided by the MS, the authentication server 311 can authenticate the WLAN network.
  • the authentication server 311 According to the WLAN information provided by the MS, the authentication server 311 can authenticate the WLAN network.
  • Step S70 After the successful verification of the MS 30 and the WLAN 33, the authentication server 311 sends messages to the authenticator 331 that is located in the WLAN network, to notify the validity of the MS and the WLAN.
  • Step S71 The authentication server 311 sends messages to the MS 30 to inform the validity of the WLAN network 33.
  • Step S80 After receiving the notification, the authenticator 331 accepts the MS's validity and sends back a response message to the authentication server 311.
  • Step S81 The authenticator 331 confirms the MS's authentication application.
  • the cellular network starts authenticating the mobile terminal and the WLAN upon receipt of the authentication request initiated by the mobile terminal, or the authentication request based on the WLAN.
  • the authentication application is initiated from the authenticator 331 of the WLAN network 33.
  • the decision authority is still in the control of the authentication server 311 of the cellular network 31. The difference is that information transferred over the WLAN radio network 33 and obtained by WLAN owners is different.
  • steps S40' ⁇ S81' are explained in detail in Fig. 4.
  • the MS 30 communicates with its corresponding node through the cellular network 31 after being authenticated by the cellular network 31.
  • Step S40' is substantially identical to step S40 in Fig. 3.
  • the information to be exchanged between the MS and the WLAN should be limited to prevent eavesdroppers from computing out the MS's credential information. The difference is that the information must be adequate for the WLAN authenticator 331 to compute out the MS's home network. Therefore, the WLAN can locate the MS's home authentication server 311.
  • the mobile country code (MCC) and mobile network code (MNC) of IMSI, country code (CC) (optional) and national destination code (NDC) of MSIDSN should be transmitted to the authenticator 331 if the MS supports NAI [RFC2486], or the APN (Access Point Name) should be transmitted to the authenticator 331 if the MS supports it. This information is enough for the WLAN to compute the MS's home network, but not enough to compute the
  • the exchange procedure can be encrypted (predefined or negotiated) or in plain text.
  • Step S50' is substantially identical to step S50 in Fig. 3.
  • Step S51' After computing out the MS's home network and the authentication server 311, the authenticator 331 sends an authentication application to the authentication server 311 to verify the MS.
  • Many methods can be used to deal with the problem when the authentication application of the authenticator 331 arrives at the authentication server 311 before the MS's message. For example, the authentication server 311 starts a timer when the authentication application arrives. If the timer expires before the MS's notification arrives, the authentication fails. Consequently, the MS's authentication fails.
  • Step 60' is substantially identical to step S60 in Fig. 3.
  • Step 61' is substantially identical to step S61 in Fig. 3.
  • Step 70' is substantially identical to step S70 in Fig. 3.
  • Step 71' is substantially identical to step S71 in Fig. 3.
  • the authentication server 311 sends messages to the MS to notify the validity of the WLAN network, or refuses to authentication because of failure of the WLAN authentication.
  • Step 80' is substantially identical to step S80 in Fig. 3.
  • Step 81' is substantially identical to step S81 in Fig. 3.
  • the SIM-based asymmetric authentication of the present invention it is not necessary to wholly transmit the complete information of the MS's credential over the insecure WLAN air interface, so that the secure information of users can be protected maximally.
  • the asymmetric authentication of the present invention can be extended to exchange of encrypted keys.
  • the keys pass through the authenticator 331, the authentication server 311 and the MS, but they are never transmitted over the WLAN air interface. Therefore, users' information security can be protected maximally.
  • the asymmetric authentication of the present invention further has the function of preventing the attack from a mendacious WLAN. Sometimes, a mendacious WLAN or mendacious equipment pretends as another legal WLAN to get cellular subscriber's information. It accepts the MS's connection and authentication request, and asks the MS to send its credential information. If the MS sends out the information, its credential is leaked.
  • the verification of the WLAN network i.e. steps S70 and S71 of SIM-based asymmetric authentication in Fig. 3 and steps S70' and S71' of WLAN- initiated SIM-based asymmetric authentication in Fig. 4, can detect any mendacious WLAN and inform the MS not to apply for authentication and submit it with respect to that network.
  • the asymmetric authentication of the present invention further has the function of preventing the attack from a mendacious MS.
  • MSs A and B are both legal subscribers of a cellular network.
  • MS B wants to attack MS A.
  • MS B pretends as MS A and files authentication application with a WLAN.
  • the WLAN sends an authentication application to the cellular network for MS A, and MS B sends the relative information to the cellular network pretending as MS A.
  • the cellular network will approve the authentication and the traffic for MS A will be forwarded to the WLAN.
  • the denial- of- service occurs on MS A, which is more likely to happen when MSs A and B are in the same cell.
  • SIM-based asymmetric authentication approaches by checking the HLR/VLR database and/or communicating with MS, i.e.
  • SIM-based asymmetric authentication according to the present invention there are such advantages as: cellular subscribers' SEVI credential will never be transferred over the insecure WLAN radio link; WLAN owner will never get all information of cellular subscribers' SIM credential; the attack from mendacious WLANs can be detected and prevented; and the attack from mendacious MSs can be detected and prevented.
  • Some credentials used between WLAN and MS can also be transmitted in this asymmetric authentication process, such as encryption algorithm used in WLAN air interface and so on.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention porte sur un procédé de notification réalisé dans un premier réseau de communication radio et consistant à: (a) recevoir une demande d'authentification d'un terminal mobile, cette demande étant utilisée pour demander l'authentification du terminal mobile et d'un second réseau de communication radio de sorte que le terminal mobile puisse communiquer avec le terminal mobile et le second réseau de communication radio conformément à la demande d'authentification et (c) notifier au terminal mobile et au second réseau de communication radio les résultats de l'authentification.
PCT/IB2006/050213 2005-01-31 2006-01-20 Procede et dispositif d'authentification destines a etre utilises dans un systeme de communication radio WO2006079953A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200510005055.2 2005-01-31
CN200510005055 2005-01-31

Publications (1)

Publication Number Publication Date
WO2006079953A1 true WO2006079953A1 (fr) 2006-08-03

Family

ID=36576006

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2006/050213 WO2006079953A1 (fr) 2005-01-31 2006-01-20 Procede et dispositif d'authentification destines a etre utilises dans un systeme de communication radio

Country Status (1)

Country Link
WO (1) WO2006079953A1 (fr)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2958428A1 (fr) * 2010-03-30 2011-10-07 Radiotelephone Sfr Procede d'execution d'un premier service alors qu'un deuxieme service est en cours d'execution, au moyen d'un terminal informatique equipe d'une carte a circuit integre.
US8356179B2 (en) 2007-10-23 2013-01-15 China Iwncomm Co., Ltd. Entity bi-directional identificator method and system based on trustable third party
US8751792B2 (en) 2009-09-30 2014-06-10 China Iwncomm Co., Ltd. Method and system for entity public key acquiring, certificate validation and authentication by introducing an online credible third party
FR3002399A1 (fr) * 2013-02-21 2014-08-22 France Telecom Technique d'appairage dans un reseau sans fil
WO2016136647A1 (fr) * 2015-02-25 2016-09-01 京セラ株式会社 Dispositif de réseau, et terminal d'utilisateur
GB2594898A (en) * 2019-08-09 2021-11-10 Prevayl Innovations Ltd Garment, server and method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003091858A2 (fr) * 2002-04-26 2003-11-06 Thomson Licensing S.A. Systeme d'authentification, autorisation, comptabilisation base sur certificat pour l'interfonctionnement par couplage lache
WO2003094438A1 (fr) * 2002-05-01 2003-11-13 Telefonaktiebolaget Lm Ericsson (Publ) Systeme, appareil et procede d'authentification a base de module sim et de cryptage dans un acces a un reseau local radio

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003091858A2 (fr) * 2002-04-26 2003-11-06 Thomson Licensing S.A. Systeme d'authentification, autorisation, comptabilisation base sur certificat pour l'interfonctionnement par couplage lache
WO2003094438A1 (fr) * 2002-05-01 2003-11-13 Telefonaktiebolaget Lm Ericsson (Publ) Systeme, appareil et procede d'authentification a base de module sim et de cryptage dans un acces a un reseau local radio

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
"Broadband Radio Access Networks (BRAN); HIPERLAN Type 2; Requirements and Architectures for Interworking between HIPERLAN/2 and 3rd Generation Cellular systems; ETSI TR 101 957", ETSI STANDARDS, EUROPEAN TELECOMMUNICATIONS STANDARDS INSTITUTE, SOPHIA-ANTIPO, FR, vol. BR, no. V111, August 2001 (2001-08-01), XP014005038, ISSN: 0000-0001 *
"Universal Mobile Telecommunications System (UMTS); 3G security; Wireless Local Area Network (WLAN) interworking security (3GPP TS 33.234 version 6.3.0 Release 6); ETSI TS 133 234", ETSI STANDARDS, EUROPEAN TELECOMMUNICATIONS STANDARDS INSTITUTE, SOPHIA-ANTIPO, FR, vol. 3-SA3, no. V630, December 2004 (2004-12-01), XP014028226, ISSN: 0000-0001 *
3GPP: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3GPP system to Wireless Local Area Network (WLAN) Interworking; System Description", 3RD GENERATION PARTNERSHIP PROJECT, December 2004 (2004-12-01), XP002385978, Retrieved from the Internet <URL:http://www.arib.or.jp/IMT-2000/V440Mar05/5_Appendix/Rel6/23/23234-630.pdf> *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8356179B2 (en) 2007-10-23 2013-01-15 China Iwncomm Co., Ltd. Entity bi-directional identificator method and system based on trustable third party
US8751792B2 (en) 2009-09-30 2014-06-10 China Iwncomm Co., Ltd. Method and system for entity public key acquiring, certificate validation and authentication by introducing an online credible third party
FR2958428A1 (fr) * 2010-03-30 2011-10-07 Radiotelephone Sfr Procede d'execution d'un premier service alors qu'un deuxieme service est en cours d'execution, au moyen d'un terminal informatique equipe d'une carte a circuit integre.
FR3002399A1 (fr) * 2013-02-21 2014-08-22 France Telecom Technique d'appairage dans un reseau sans fil
WO2014128390A1 (fr) * 2013-02-21 2014-08-28 Orange Technique d'appairage dans un reseau sans fil
US9955347B2 (en) 2013-02-21 2018-04-24 Orange Technique of pairing in a wireless network
WO2016136647A1 (fr) * 2015-02-25 2016-09-01 京セラ株式会社 Dispositif de réseau, et terminal d'utilisateur
GB2594898A (en) * 2019-08-09 2021-11-10 Prevayl Innovations Ltd Garment, server and method
GB2594898B (en) * 2019-08-09 2022-03-16 Prevayl Innovations Ltd Garment, server and method

Similar Documents

Publication Publication Date Title
US8533798B2 (en) Method and system for controlling access to networks
AU2005236981B2 (en) Improved subscriber authentication for unlicensed mobile access signaling
EP1273197B1 (fr) Facturation dans un reseau de donnees par paquets
AU2003243680B2 (en) Key generation in a communication system
US8462947B2 (en) Managing user access in a communications network
KR100762644B1 (ko) Wlan-umts 연동망 시스템과 이를 위한 인증 방법
KR101068424B1 (ko) 통신시스템을 위한 상호동작 기능
US9668139B2 (en) Secure negotiation of authentication capabilities
US8094821B2 (en) Key generation in a communication system
US20070178885A1 (en) Two-phase SIM authentication
US20100106966A1 (en) Method and System for Registering and Verifying the Identity of Wireless Networks and Devices
EP2952030A1 (fr) Commande d&#39;accès d&#39;un équipement utilisateur à des services
CN102318386A (zh) 向网络的基于服务的认证
WO2006079953A1 (fr) Procede et dispositif d&#39;authentification destines a etre utilises dans un systeme de communication radio
CN112423299B (zh) 一种基于身份认证进行无线接入的方法及系统
KR100723678B1 (ko) 1x EV-DO 패킷망에서 단말기의 복제를 방지하는 방법및 시스템
RU2779029C1 (ru) Доступ не отвечающего спецификациям 3gpp устройства к базовой сети
KR101068426B1 (ko) 통신시스템을 위한 상호동작 기능

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06710711

Country of ref document: EP

Kind code of ref document: A1

WWW Wipo information: withdrawn in national office

Ref document number: 6710711

Country of ref document: EP