WO2008083928A1 - Procédé et serveur destinés à l'établissement d'une communication d'appel d'urgence - Google Patents

Procédé et serveur destinés à l'établissement d'une communication d'appel d'urgence Download PDF

Info

Publication number
WO2008083928A1
WO2008083928A1 PCT/EP2007/064615 EP2007064615W WO2008083928A1 WO 2008083928 A1 WO2008083928 A1 WO 2008083928A1 EP 2007064615 W EP2007064615 W EP 2007064615W WO 2008083928 A1 WO2008083928 A1 WO 2008083928A1
Authority
WO
WIPO (PCT)
Prior art keywords
emergency call
access network
server
emergency
eid
Prior art date
Application number
PCT/EP2007/064615
Other languages
German (de)
English (en)
Inventor
Dirk Kröselberg
Murugaraj Shanmugam
Hannes Tschofenig
Original Assignee
Siemens Aktiengesellschaft
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens Aktiengesellschaft filed Critical Siemens Aktiengesellschaft
Priority to EP07858209A priority Critical patent/EP2116094A1/fr
Publication of WO2008083928A1 publication Critical patent/WO2008083928A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/90Services for handling of emergency or hazardous situations, e.g. earthquake and tsunami warning systems [ETWS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/50Connection management for emergency connections
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/26Network addressing or numbering for mobility support

Definitions

  • the invention relates to a method for establishing an emergency call connection from a mobile device via an access network, in particular via a wireless access network, to a server
  • FIG. 1 shows the structure of an emergency call connection in a conventional system according to the prior art.
  • a mobile terminal or mobile device (MS: Mobile Station) establishes a wireless connection for the emergency call via an interface R 1 with an access network ASN (ASN: Access Service Network).
  • the access network ASN is a wireless access network, for example a WLAN network or a WiMax network.
  • the WiMax network is an abbreviation for "Worldwide Interoperability for Microware Access", which is based on the IEEE 802.16 standard.
  • a WiMax network also supports emergency services, such as emergency calls to the police, the fire department or an ambulatory Emergency services are increasingly being demanded via such networks since the wireless access network ASN contains, for example, several base stations BS for setting up a radio connection with the mobile terminal MS
  • This access network server ASN-S is connected to a connectivity service network CSN via another interface R3, which may be a wired or wireless interface, while the access network ASN is for network access via an access point is competent, s
  • the network CSN provides the user with the desired services.
  • the network CSN can be connected via other networks, for example the Internet, with an emergency answering device PSAP (Public Safety Answering Point).
  • the emergency answering device is, for example, an emergency answering device of the police, the fire brigade or an out-patient aid service. tes.
  • the Connectivity Service Network CSN contains an emergency call server ECS (Emergency Call Server), which forwards incoming emergency calls to the emergency answering device PSAP.
  • ECS Emergency Call Server
  • the emergency call server ECS is connected to a mapping server, which uses an integrated database to select the most suitable emergency answering system. This happens, for example, based on information about the location of the mobile terminal MS. For example, by means of the mapping server, the emergency answering device which is located locally close to the mobile terminal MS is selected. For example, if a mobile terminal calls the emergency call of the police, the nearest police station is selected to answer the emergency call.
  • Figure 2 shows the treatment of an emergency call according to the prior art.
  • the caller is an anonymous caller who is not an authenticated user of a mobile telephone service.
  • conventional mobile terminals MS it is possible for a person, even without approval to a mobile service to make an emergency call, for example, an emergency call to the police or fire department.
  • an emergency call for example, an emergency call to the police or fire department.
  • the user of a mobile phone without a SIM card by typing a specific emergency number, for example, "110" or "112" in Germany to send a police emergency call or emergency call for an outpatient service.
  • the user of the mobile terminal MS which has no authenticated network access, first sends an emergency call request EAR (emergency access request) to the access network ASN, which forwards this emergency call request EAR to the emergency call server ECS in the connectivity service network CSN.
  • the emergency call server ECS recognizes the emergency call request EAR, it allows the mobile terminal MS to reach the connectivity service network CSN by sending an OK message or a permission message and transmits corresponding configuration data to the access network ASN, which for example has an IP address. a default gateway address or a DNS server address, ie configuration data that the mobile terminal MS needs to reach the emergency call server ECS in the connectivity service network CSN.
  • These configuration data are forwarded by the access network server of the access network ASN to the mobile terminal MS.
  • the transmission of the configuration data to the mobile terminal MS takes place within an unauthenticated network connection (Unauthenticated Network Attachment).
  • Unauthenticated Network Attachment After transmission of the configuration data, the user of the mobile terminal MS is able to send an emergency call to the emergency call server ECS. This is the emergency call with a specific
  • Emergency number for example, with the police emergency number, sent to the access network ASN, which forwards this emergency call or E-Call (Emergency Call) to the emergency call server ECS.
  • E-Call Emergency Call
  • the incoming emergency numbers identify the caller as an emergency call.
  • the telephone number "110" is stored as an emergency number in a database of the access network server or access gateway identified as such
  • the emergency call server queries the access location ASN for the location of the mobile terminal MS with an appropriate request
  • the access network server ASN transmits the emergency server the coordinates of the access point or, for example, the address of the corresponding access point AP.
  • the mapping server that emergency answering PSAP, which is the most suitable, for example, which is locally closest to the mobile terminal MS.
  • the mapping server provides the emergency call server ECS with the address for the most suitable emergency answering device
  • PSAP so that the emergency server can forward the emergency call (e-call) to the emergency answering system (PSAP). Subsequently, an emergency call connection is established between the emergency answering device PSAP and the mobile terminal MS via the telephone system shown in FIG.
  • the emergency call server ECS Since the anonymous user of the mobile terminal MS without authentication by sending the emergency call request EAR (Emergency Access Request) has received configuration data, this puts an attacker or malicious user in a position to make other service requests, for example, for other services to the access network ASN. These service requirements are forwarded in the conventional procedure by the access network ASN to the emergency call server ECS. Only the emergency call server ECS recognizes that the service request is an inadmissible request. Accordingly, the emergency call server ECS denies the requested service and ignores the service request of the mobile terminal MS.
  • EAR Emergency Access Request
  • the procedure illustrated in FIGS. 1, 2 has the disadvantage that the transmission of the configuration data to the mobile terminal MS in response to the emergency call request EAR enables the malicious user of a mobile terminal MS to make a service request via the access network ASN to the emergency call server ECS.
  • this allows a malicious user to overload an emergency call server ECS by a variety of incorrect service requests such that it fails.
  • the service requirements (bogus requests) transmitted by the mobile terminal MS are transferred non-automatically, so that it is not possible to determine from which user the service requests originate.
  • An attacker can thus overload an emergency server by sending a variety of service requests based on the configuration data obtained by the emergency call request, so that it is no longer available for emergency calls from third parties.
  • the interface R3 between the access network ASN and the connectivity service network CSN is burdened by the malicious service requirements of the malicious user, ie the bandwidth and the corresponding resources are wasted. It is therefore the object of the present invention and method to provide a server which protects an emergency call server from attack by a plurality of invalid service request messages of an anonymous mobile terminal.
  • the invention provides a method for establishing an emergency call connection for a mobile device, wherein upon receiving an emergency call from a particular emergency number from the mobile device through an access network, an emergency call connection between the mobile device and an emergency answering device is established via the access network only if the emergency call is a predetermined emergency call identification having.
  • the emergency call identification is formed in response to an IP address within a predetermined IP address space.
  • an access network server of the access network ASN checks on receipt of an emergency call, if the emergency call has an identification that is identical to a predetermined emergency call identifier EID, the access network server only forwards the emergency call to an emergency call server ECS, if the Identification match the predetermined emergency call identifier EID.
  • the access network server of the access network ASN forwards a permissible emergency call, which has the predetermined emergency call identifier EID, to the emergency answering device PSAP via the emergency call server ECS. In one embodiment of the method according to the invention, the access network server of the access network ASN blocks an inadmissible emergency call which does not have the predetermined emergency call identification EID.
  • the emergency call identifier EID is formed as a function of a predetermined IP client address, an IP server address of the emergency call server ECS and further parameters by the emergency call server ECS.
  • the further parameters have a time stamp and a validity period.
  • the predetermined emergency call identification EID can be configured in the access network server of the access network ASN.
  • the predetermined emergency call identifier EID is formed in the access network server of the access network ASN as a function of a predetermined IP client address, an IP server address IP-ECS of the emergency call server ECS and other parameters.
  • the mobile device MS receives the emergency call identification EID from the emergency call server ECS in response to an authenticated emergency call request EAR.
  • a suitable emergency answering system is selected based on the emergency call number and closing the emergency call forwarded to the selected emergency answering PSAP.
  • the access network server of the access network ASN provides the emergency call server ECS with information about the location of the mobile device MS together with the emergency call.
  • the emergency call server ECS is connected to a mapping server which selects the most suitable emergency answering device PSAP on the basis of the information data about the location of the mobile device MS.
  • the access network is formed by a wireless access network.
  • the wireless access network is formed by a WLAN network.
  • the wireless access network is formed by a WiMax network.
  • the invention further provides an access network server for setting up an emergency call connection for a mobile device MS, wherein the access network server, upon receiving an emergency call with a predetermined emergency number from the mobile device MS establishes an emergency call connection between the mobile device MS and an emergency answering device PSAP if the emergency call reaches a predetermined one Emergency Identification EID.
  • Figure 1 shows a telephone system for establishing an emergency call connection according to the prior art
  • Figure 2 is a signal diagram showing the structure of an emergency call connection according to the prior art
  • FIG. 3 shows a diagram for illustrating a possible attack in a conventional telephone system according to the prior art
  • FIG. 4 shows a signal diagram to illustrate the method according to the invention for setting up an emergency call connection
  • FIG. 5 shows a diagram for illustrating the defense against an attack in a telephone system which uses the method according to the invention for setting up an emergency call connection.
  • an emergency call request EAR is first sent to the access network ASN by the mobile terminal MS.
  • the emergency call request EAR is sent, for example, via a wireless interface from the mobile terminal MS to a base station BS of a wireless access network ASN and from there to an access network server ASN-S or to a gateway of the access network ASN.
  • the access network server forwards the emergency call request EAR via a further interface to an emergency call server ECS within a connectivity service network CSN.
  • the emergency call server ECS recognizes the emergency call request, it transmits the necessary configuration data for setting up an emergency call connection via the access network ASN to the mobile terminal MS. It contains the corresponding confirmation message or OK message a predetermined NotrufIdentity EID.
  • the emergency call identifier EID is, for example, a specific unique IP address, a specific IP address range, source and / or destination MAC addresses, or even source and / or port numbers.
  • the emergency call identifier EID is generated as a function of an IP address within a predetermined IP address space in accordance with a predetermined function.
  • the emergency call identification is formed as a function of a plurality of IP addresses, namely a predetermined IP client address, an IP server address of the emergency call server ECS and other parameters. These further parameters include, for example, a timestamp and a validity period of the emergency call identification EID.
  • This emergency call identifier EID is transmitted by the emergency call server ECS together with the confirmation message, which contains the configuration data, for example as SFID (Service Flow Identifier) to the mobile terminal MS.
  • the access network server of the access network ASN also has the emergency call identification EID.
  • this emergency call identifier EID is configured in the access network in one embodiment.
  • the access network server of the access network ASN receives the emergency call identifier EID from the emergency call server ECS by means of a message.
  • the mobile terminal MS Once the mobile terminal MS has received configuration data including the emergency call identification EID from the access network server of the access network ASN, it is now able to make the actual emergency call. For this purpose, the user of the mobile terminal MS selects a predetermined emergency number and transmits the emergency call (ECal) including the configuration data with the received emergency call identification EID to the access network server of the access network ASN. Is the emergency call or emergency call (ECal) an additional call A casual emergency call containing the correct emergency call identification EID, the access network server of the access network ASN forwards the emergency call received from the mobile terminal MS. If the emergency call is an inadmissible emergency call that does not have the correct emergency call identification EID, the access network server of the access network ASN blocks the received emergency call.
  • the emergency call is an inadmissible emergency call that does not have the correct emergency call identification EID
  • the access network server of the access network ASN blocks the received emergency call.
  • the access network server of the access network ASN Upon receipt of the emergency call, the access network server of the access network ASN checks whether the emergency call contains an emergency call identification and whether this emergency call identification is identical or not to the prescribed emergency call identification EID. The emergency call is forwarded by the access network server to the emergency call server ECS only if the emergency call identification contained in the emergency call matches the predetermined emergency call identifier EID. If the emergency call identification contained in the emergency call is not identical to the predetermined emergency call identification, the access network server refuses to forward the emergency call or ignores the emergency call.
  • the emergency call server ECS queries the access network server for the spatial location of the mobile terminal MS.
  • the access network server provides, for example, the coordinates of the access point AP (access point) of the mobile terminal MS or a mailing address of such an access point AP.
  • the emergency call server ECS thus receives, as shown in FIG. 4, information on the location of the mobile device MS on request.
  • this information data is sent directly to the emergency call server ECS together with the emergency call (e-call) without the latter having to request the information data from the access network ASN.
  • the emergency call server ECS As soon as the emergency call server ECS has received the permissible emergency call together with the information about the location of the mobile terminal MS, it performs a selection for a suitable emergency answering device PSAP with the aid of a mapping server.
  • the mapping server is connected to the emergency call server ECS and contains a database which contains the network addresses of a plurality of emergency answering devices. On the basis of the whereabouts of the mobile terminal MS, for example, the emergency call answering device PSAP located next to it is selected and made available to the emergency call server ECS.
  • the mapping server thus transmits the PSAP address of the suitable emergency answering device as a function of the location of the mobile terminal MS.
  • the emergency call server ECS As soon as the emergency call server ECS has received the PSAP address from the mapping server, it forwards the permissible emergency call E-Call to the selected emergency answering device PSAP. Subsequently, an emergency call connection between the emergency answering device PSAP and the mobile terminal MS is established. As can be seen from FIG. 4, in the case of the method according to the invention, it is thus still possible to use a mobile terminal
  • MS an emergency call to an emergency answering PSAP, such as a police emergency call or a fire service emergency call to build.
  • PSAP emergency answering PSAP
  • the access network server recognizes, on the basis of the identification contained therein, that it is an emergency identification EID that merely establishes the user of the mobile terminal MS authorized an emergency call.
  • Other services can not be used by the user of the mobile terminal MS with the EID emergency identification.
  • the access network server of the access network ASN refuses the service request for another service if it contains an emergency call identification EID. Only the service request for an emergency call is forwarded to the emergency call server ECS.
  • the access network server of the access network ASN already blocks an attacker's service request, which includes an emergency call identification EID, if the service request is a Bogus request requesting a different service, in which it is not about setting up an emergency call.
  • an attacker in the inventive method is prevented from sending a plurality of invalid service request messages directly to the emergency call server ECS to overload it if necessary.
  • the interface between the access network server of the access network ASN and the emergency call server ECS is not burdened by such inadmissible service requirements or these resources are spared.
  • the access networks ASN can be any access networks, for example wireless access networks such as WLAN or WiMax.
  • the mobile terminal MS receives an acknowledgment message on an emergency call request EAR (emergency access request) from the emergency call server ECS together with a predetermined emergency call identifier EID as configuration data.
  • EAR emergency call request
  • EID emergency call identifier
  • Services eg B. require the establishment of a normal telephone connection to a friend of the user, recognizes the access network server of the access network ASN based on the contained emergency call identification EID that it is an unacceptable service request and denied the corresponding service. Only one emergency call service request with a correct emergency call identification is sent to the emergency call server ECS of the connectivity service network. works CSN forwarded.
  • a shield against illegal BSR Bogus service request
  • BSR Bogus service request

Abstract

Procédé destiné à l'établissement d'une communication d'appel d'urgence pour un appareil mobile (MS), selon lequel, à la réception d'un appel d'urgence (ECALL) au moyen d'un numéro d'urgence prédéterminé provenant d'un appareil mobile (MS) par un réseau d'accès (ASN), une communication d'appel d'urgence n'est établie entre l'appareil mobile (MS) et un dispositif de réponse d'urgence (PSAP) par le réseau d'accès que lorsque l'appel d'urgence (ECALL) présente une identification d'appel d'urgence (EID) prédéfinie.
PCT/EP2007/064615 2007-01-11 2007-12-28 Procédé et serveur destinés à l'établissement d'une communication d'appel d'urgence WO2008083928A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP07858209A EP2116094A1 (fr) 2007-01-11 2007-12-28 Procédé et serveur destinés à l'établissement d'une communication d'appel d'urgence

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102007001690.7 2007-01-11
DE102007001690A DE102007001690B4 (de) 2007-01-11 2007-01-11 Verfahren und Server zum Aufbau einer Notrufverbindung

Publications (1)

Publication Number Publication Date
WO2008083928A1 true WO2008083928A1 (fr) 2008-07-17

Family

ID=39509744

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2007/064615 WO2008083928A1 (fr) 2007-01-11 2007-12-28 Procédé et serveur destinés à l'établissement d'une communication d'appel d'urgence

Country Status (4)

Country Link
EP (1) EP2116094A1 (fr)
CN (1) CN101622890A (fr)
DE (1) DE102007001690B4 (fr)
WO (1) WO2008083928A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8634797B2 (en) 2008-07-15 2014-01-21 Vodafone Group Plc Emergency communication device

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102010046863B4 (de) 2010-09-29 2014-06-05 Oecon Products & Services Gmbh Testeinrichtung für mobile Notrufgeräte und Verfahren zum Überprüfen mobiler Notrufgeräte
CN103812757A (zh) * 2012-11-13 2014-05-21 中兴通讯股份有限公司 一种实时通信的浏览器紧急呼叫方法、系统和移动装置
DE102014110888A1 (de) 2014-07-31 2016-02-04 Wolfsburg Ag Informationsanordnung, Logistikinfrastrukturanordnung und Verfahren zur logistischen Steuerung von mobile Objekte betreffenden Prozessen
WO2016167222A1 (fr) * 2015-04-13 2016-10-20 株式会社Nttドコモ Dispositif de commande de sip, système de communication mobile et procédé de commande d'appel d'urgence
CN110351416B (zh) * 2019-06-06 2021-05-28 杭州数梦工场科技有限公司 通信方法、装置、电子设备及存储介质
RU201122U1 (ru) * 2020-09-09 2020-11-27 Общество с ограниченной ответственностью «Новые инженерные технологии» Устройство тестирования средства вызова экстреннных служб

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002003718A2 (fr) * 2000-04-10 2002-01-10 Nokia Corporation Services de telephonie dans des reseaux ip
US20040190522A1 (en) * 2003-03-31 2004-09-30 Naveen Aerrabotu Packet filtering for level of service access in a packet data network communication system

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000023956A1 (fr) * 1998-10-22 2000-04-27 University Of Maryland Procede et systeme permettant de fournir des informations specifiques d'un lieu et des informations d'identification personnelle a un service d'assistance charge de la protection de la population
US20060072547A1 (en) * 2004-09-29 2006-04-06 Lucent Technologies Inc. Systems and methods for serving VolP emergency calls
EP1655894A1 (fr) * 2004-11-05 2006-05-10 Alcatel Procédé pour permettre d'un appel d'urgence dans un réseau local sans fil selon IEEE 802.11e
US8116720B2 (en) * 2005-05-06 2012-02-14 Alcatel Lucent Method and apparatus for emergency call routing using an end node

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002003718A2 (fr) * 2000-04-10 2002-01-10 Nokia Corporation Services de telephonie dans des reseaux ip
US20040190522A1 (en) * 2003-03-31 2004-09-30 Naveen Aerrabotu Packet filtering for level of service access in a packet data network communication system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
HEPWORTH E ET AL: "TGu Proposal for E911 support", IEEE P802.11 WIRELESS LANS, XX, XX, no. 802.11-06/280R0, 17 February 2006 (2006-02-17), pages 1 - 12, XP002418840 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8634797B2 (en) 2008-07-15 2014-01-21 Vodafone Group Plc Emergency communication device

Also Published As

Publication number Publication date
EP2116094A1 (fr) 2009-11-11
DE102007001690A1 (de) 2008-07-17
CN101622890A (zh) 2010-01-06
DE102007001690B4 (de) 2008-10-09

Similar Documents

Publication Publication Date Title
US11917516B2 (en) Internet protocol multimedia subsystem emergency calls for roaming user equipments
US7346340B2 (en) Provision of user policy to terminal
DE102007001690B4 (de) Verfahren und Server zum Aufbau einer Notrufverbindung
DE60201522T2 (de) Ermöglichen legales abfangen von ip-verbindungen
EP2327234B1 (fr) Procédé servant à fournir une session de communication de groupe mixte
EP1529374A1 (fr) Procede et systeme d'authentification gsm pour une itinerance wlan
DE60132211T2 (de) Steuerung von unchiffriertem benutzerverkehr
CN103339989A (zh) 用于通信网络中的用户设备和数据网络之间的通信的技术
EP2654365A1 (fr) Configuration d'un terminal pour l'accès à un réseau de communication sans fil
DE102014000763B4 (de) Kommunikationssystem und Kommunikationsverfahren
CN103703750B (zh) 用于在接收方装置上显示源的标识符的系统与方法
EP2055087A1 (fr) Procede pour la transmission de messages d'urgence d'un terminal dans un reseau de communication
DE10238928B4 (de) Verfahren zur Authentifizierung eines Nutzers eines Kommunikationsendgerätes bei Nutzung eines Dienstnetzes
DE102016221233B3 (de) Verfahren zum Verwalten einer ersten Kommunikationsverbindung, System umfassend einen ersten Kommunikationspartner und einen zweiten Kommunikationspartner sowie Fahrzeug
DE102006054091A1 (de) Bootstrapping-Verfahren
KR100510669B1 (ko) 패킷 무선 서비스 네트워크에서 착신 호를 설정하는 방법 및 이를 위한 시스템
EP2323334B1 (fr) Libération d'une liaison à travers un pare-feu d'un appareil d'accès au réseau
DE602004005876T2 (de) Vorrichtung und Verfahren zur Weitergabe einer an ein mobiles Endgerät zugeordneten Identitätsinformation
DE102006060042A1 (de) Verfahren und Server zum Bereitstellen eines zweckgebundenen Schlüssels

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200780051995.2

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07858209

Country of ref document: EP

Kind code of ref document: A1

REEP Request for entry into the european phase

Ref document number: 2007858209

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2007858209

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE