Authentication device selection to facilitate authentication via an updateable subscriber identifier

US 10,136,318 B1
Filed: 06/21/2017
Issued: 11/20/2018
Est. Priority Date: 06/21/2017
Status: Active Grant

First Claim

Patent Images

1. A network device, comprising:

a processor; and

a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising;

receiving an authentication request from a user equipment associated with a subscriber identity, wherein the authentication request seeks to authenticate the subscriber identity to a service capable of being provided by network devices of a network, and wherein the authentication request comprises;

a hardware identifier affiliated with the user equipment,a subscriber identifier affiliated with the subscriber identity, anda payload;

based on the hardware identifier, facilitating routing of the authentication request to an authentication device of the network;

receiving an authentication response comprising an updated subscriber identifier to facilitate updating the subscriber identifier at the user equipment from the authentication device; and

facilitating routing of the authentication response to the user equipment, such that a subsequent authentication request received by the network device from the user equipment comprises the hardware identifier affiliated with the user equipment and the updated subscriber identifier affiliated with the subscriber identity.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Steering an authentication request to a determined authentication device based on a correlation between a user equipment (UE) identity and an authentication device is disclosed. The authentication request comprises an updateable subscriber identity. The authentication request can be associated with the UE identity, which can be correlated to an authentication device as a result of a prior authentication event. The updateable subscriber identity can have been updated during the prior authentication event, such that the authentication device has record of the updated subscriber identity. Therefore, the authentication device can to perform an authentication based on the updated subscriber identity while other authentication devices lacking record of the updated subscriber identity would be unable to perform the authentication. The disclosed subject matter can be operable with existing deployed authentication systems with little to no modification of those systems.

Citations

20 Claims

1. A network device, comprising:
- a processor; and
  
  a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising;
  
  receiving an authentication request from a user equipment associated with a subscriber identity, wherein the authentication request seeks to authenticate the subscriber identity to a service capable of being provided by network devices of a network, and wherein the authentication request comprises;
  
  a hardware identifier affiliated with the user equipment,a subscriber identifier affiliated with the subscriber identity, anda payload;
  
  based on the hardware identifier, facilitating routing of the authentication request to an authentication device of the network;
  
  receiving an authentication response comprising an updated subscriber identifier to facilitate updating the subscriber identifier at the user equipment from the authentication device; and
  
  facilitating routing of the authentication response to the user equipment, such that a subsequent authentication request received by the network device from the user equipment comprises the hardware identifier affiliated with the user equipment and the updated subscriber identifier affiliated with the subscriber identity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The network device of claim 1, wherein the authentication device is previously associated with the hardware identifier based on a prior occurrence of an authentication event.
  - 3. The network device of claim 2, wherein the subscriber identifier is an updateable subscriber identifier.
  - 4. The network device of claim 1, wherein the authentication device is not previously associated with the hardware identifier.
  - 5. The network device of claim 4, wherein the subscriber identifier is an international mobile subscriber identity identifier.
  - 6. The network device of claim 4, wherein the subscriber identifier is an updateable subscriber identifier.
  - 7. The network device of claim 1, wherein the hardware identifier is a media access control identifier.
  - 8. The network device of claim 1, wherein the subscriber identifier is a pseudonym identity in accord with an extensible authentication protocol-authentication and key agreement process.
  - 9. The network device of claim 1, wherein the the receiving the authentication response from the authentication device is in response to an authentication being performed by the authentication device pursuant to the authentication request.
  - 10. The network device of claim 9, wherein the payload is a first payload, and wherein the subsequent authentication request received by the network device from the user equipment further comprises a second payload different than the first payload.

11. A method, comprising:
- receiving, by a system comprising a processor, an authentication request comprising;
  
  a hardware identifier affiliated with a user equipment to be authenticated,a subscriber identifier affiliated with a subscriber identity associated with the user equipment, anda payload;
  
  facilitating, by the system, routing of the authentication request to an authentication device based on a correlation between the hardware identifier and the authentication device, wherein, in response to a previous authentication event being determined to have taken place between the user equipment and the authentication device, the correlation is made based on a result of the previous authentication event;
  
  receiving, by the system, an authentication response comprising an updated subscriber identifier to facilitate updating the subscriber identifier at the user equipment from the authentication device; and
  
  facilitating, by the system, routing of the authentication response to the user equipment, such that a subsequent authentication request received by the system from the user equipment comprises the hardware identifier affiliated with the user equipment and the updated subscriber identifier affiliated with the subscriber identity.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The method of claim 11, wherein, in response to the previous authentication event being determined not to have taken place between the user equipment and any authentication device of the network, the facilitating the routing is based on the correlation being an undefined correlation between the hardware identifier and the authentication device.
  - 13. The method of claim 11, wherein the facilitating the routing is based on the correlation being a failed correlation between the hardware identifier and the authentication device resulting from the authentication device not comprising a record of the subscriber identity despite the previous authentication event between the user equipment and the authentication device having been determined to have taken place.
  - 14. The method of claim 11, wherein the receiving the authentication response from the authentication device in response to an authentication being performed based on the authentication request.
  - 15. The method of claim 14, wherein the receiving the authentication response comprises receiving an international mobile subscriber identity as the subscriber identifier.
  - 16. The method of claim 11, wherein the receiving the authentication request comprises receiving a radio media access controller identity for the hardware identifier.

17. A non-transitory machine-readable storage medium, comprising executable instructions that, when executed by a processor, facilitate performance of operations, comprising:
- receiving a first instance of a hardware identifier affiliated with a user equipment;
  
  receiving an updateable subscriber identifier affiliated with a subscriber identity; and
  
  receiving a first payload;
  
  determining a first authentication device based on a first correlation between the hardware identifier and the first authentication device;
  
  communicating the updateable subscriber identifier and the first payload to the first authentication device;
  
  updating the updateable subscriber identifier at the user equipment based on a first authentication response received from first the authentication device, wherein the first authentication response comprises the first updated subscriber identifier which is employed in the updating the updateable subscriber identifier, and wherein a subsequent authentication request from the user equipment is to comprise the hardware identifier affiliated with the user equipment and the first updated subscriber identifier.
- View Dependent Claims (18, 19, 20)
- - 18. The non-transitory machine-readable storage medium of claim 17, wherein the updateable subscriber identifier is generated in response to an occurrence of an authentication event.
  - 19. The non-transitory machine-readable storage medium of claim 17, wherein the hardware identifier is a radio media access controller identity, and wherein the updateable subscriber identifier is an international mobile subscriber identity.
  - 20. The non-transitory machine-readable storage medium of claim 17, wherein the operations further comprise:
    - receiving a second instance of the hardware identifier;
      
      receiving the first updated subscriber identifier;
      
      receiving a second payload;
      
      communicating the first updated subscriber identifier and the second payload to a second authentication device based on a second correlation between the hardware identifier and the second authentication device;
      
      receiving a second authentication response from the second authentication device in response to the subsequent authentication request, wherein the second authentication response comprises a second updated subscriber identifier; and
      
      facilitating routing of the second authentication response to the user equipment, wherein the second updated subscriber identifier enables the first updated subscriber identifier to be updated to the second updated subscriber identifier at the user equipment.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Hancock, Paul R., Steele, Stuart, Bhat Mangalore, Shanker, Pandeshwar Krishna, Manjunath
Primary Examiner(s)
Cumming, William D

Application Number

US15/628,883
Time in Patent Office

517 Days
Field of Search

455410, 455411, 455419, 4554352, 455445
US Class Current
CPC Class Codes

H04L 63/0876   based on the identity of th...

H04L 63/0892   by using authentication-aut...

H04W 12/06   Authentication

H04W 12/72   Subscriber identity

Authentication device selection to facilitate authentication via an updateable subscriber identifier

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication device selection to facilitate authentication via an updateable subscriber identifier

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links