Authentication failure handling for access to services through untrusted wireless networks
First Claim
1. A method to control service access for a wireless communication device, the method comprising:
- by the wireless communication device;
establishing an encrypted connection with an evolved packet data gateway (ePDG) server through a non-third generation partnership project (non-3GPP) wireless access network;
requesting access to a particular service of a third generation partnership project (3GPP) cellular wireless network via the ePDG server and the non-3GPP wireless access network;
receiving an authentication failure message from the ePDG server, the authentication failure message comprising a specific error indication mapped by the ePDG server based on an error code received from an authentication server of the 3GPP cellular wireless network;
determining a failure cause based at least in part on the specific error indication of the authentication failure message; and
disallowing retry attempts to request access to the particular service until one or more criteria are satisfied.
1 Assignment
0 Petitions
Accused Products
Abstract
Apparatus and methods to support authentication failure handling by network elements and by a wireless communication device when attempting access to services through non-cellular wireless networks by the wireless communication device are disclosed. Error messages received from evolved packet core (EPC) network elements, such as an authentication, authorization, and accounting (AAA) server, are mapped to failure messages provided to wireless communication devices by internetworking equipment, such as an evolved packet data gateway (ePDG). The wireless communication device determines a failures cause based on the failure messages and disallows retry attempts until select criteria are satisfied.
21 Citations
20 Claims
-
1. A method to control service access for a wireless communication device, the method comprising:
-
by the wireless communication device; establishing an encrypted connection with an evolved packet data gateway (ePDG) server through a non-third generation partnership project (non-3GPP) wireless access network; requesting access to a particular service of a third generation partnership project (3GPP) cellular wireless network via the ePDG server and the non-3GPP wireless access network; receiving an authentication failure message from the ePDG server, the authentication failure message comprising a specific error indication mapped by the ePDG server based on an error code received from an authentication server of the 3GPP cellular wireless network; determining a failure cause based at least in part on the specific error indication of the authentication failure message; and disallowing retry attempts to request access to the particular service until one or more criteria are satisfied. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A wireless communication device comprising:
-
one or more antennas, wireless circuitry communicatively coupled to the one or more antennas and to processing circuitry; and the processing circuitry comprising one or more processors and a storage medium storing instructions that, when executed on the one or more processors, cause the wireless communication device to; establish an encrypted connection with an evolved packet data gateway (ePDG) server through a non-third generation partnership project (non-3GPP) wireless access network; request access to a particular service of a third generation partnership project (3GPP) cellular wireless network via the ePDG server and the non-3GPP wireless access network; receive an authentication failure message from the ePDG server, the authentication failure message comprising a specific indication mapped by the ePDG server based on an error code received from an authentication server of the 3GPP cellular wireless network; determine a failure cause based at least in part on the specific error indication of the authentication failure message; and disallow retry attempts to request access to the particular service until one or more criteria are satisfied. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. An apparatus configurable for operation in a wireless communication device, the apparatus comprising:
-
processing circuitry including a processor and a memory storing instructions that, when executed by the processor, cause the wireless communication device to; establish an encrypted connection with an evolved packet data gateway (ePDG) server through a non-third generation partnership project (non-3GPP) wireless access network; request access to a particular service of a third generation partnership project (3GPP) cellular wireless network via the ePDG server and the non-3GPP wireless access network; receive an authentication failure message from the ePDG server, the authentication failure message comprising a specific error indication mapped by the ePDG server based on an error code received from an authentication server of the 3GPP cellular wireless network; determine a failure cause based at least in part on the specific error indication of the authentication failure message; and disallow retry attempts to request access to the particular service until one or more criteria are satisfied.
-
Specification