Methods, systems, and computer readable media for mobility management entity (MME) authentication for outbound roaming subscribers using diameter edge agent (DEA)
First Claim
1. A method for authenticating a mobility management entity (MME) for outbound roaming subscribers, the method comprising:
- maintaining a Diameter authentication information request/update location request (AIR/ULR) mapping database at a Diameter edge agent (DEA), wherein the AIR/VLR mapping database stores mappings between visited public land mobile network identifiers (VPLMN IDs) from Diameter AIR messages and international mobile subscriber identities (IMSIs) obtained from the AIR messages;
receiving, at the DEA, a first Diameter AIR message for a subscriber;
determining, by the DEA, that the first Diameter AIR message includes a first IMSI not of record in the AIR/ULR mapping database at the DEA;
recording, for the subscriber, a VPLMN ID extracted from the first Diameter AIR message in the Diameter AIR/ULR mapping database at the DEA, wherein recording the VPLMN ID extracted from the first Diameter AIR message in the Diameter AIR/ULR mapping database at the DEA includes creating a new record in the Diameter AIR/ULR mapping database at the DEA for the first IMSI and the VPLMN ID;
receiving, at the DEA, a first Diameter ULR message and reading a VPLMN ID in the first Diameter ULR message;
determining that the VPLMN ID read from the first Diameter ULR message does not match the VPLMN ID extracted from the first Diameter AIR message and recorded for the subscriber in the Diameter AIR/ULR mapping database at the DEA; and
in response to determining that the VPLMN ID read from the first Diameter ULR message does not match the VPLMN ID extracted from the first Diameter AIR message and recorded for the subscriber in the Diameter AIR/ULR mapping database at the DEA, rejecting the first Diameter ULR message.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for authenticating a mobility management entity (MME) for outbound roaming subscribers includes maintaining a Diameter authentication information request (AIR)/update location request (ULR) mapping database at a Diameter edge agent (DEA). A Diameter AIR message is received at the DEA. The DEA determines that the AIR message includes a visited public land mobile network identifier (VPLMN ID) not of record in the database. The DEA records the VPLMN ID in the database. A Diameter ULR message is received at the DEA, and a VPLMN ID is read from the ULR message. The DEA determines that the VPLMN ID read from the ULR message does not match the VPLMN ID recorded for the subscriber in the database. In response to determining that the VPLMN ID does not match the VPLMN ID recorded for the subscriber in the database, the DEA rejects the ULR message.
-
Citations
18 Claims
-
1. A method for authenticating a mobility management entity (MME) for outbound roaming subscribers, the method comprising:
-
maintaining a Diameter authentication information request/update location request (AIR/ULR) mapping database at a Diameter edge agent (DEA), wherein the AIR/VLR mapping database stores mappings between visited public land mobile network identifiers (VPLMN IDs) from Diameter AIR messages and international mobile subscriber identities (IMSIs) obtained from the AIR messages; receiving, at the DEA, a first Diameter AIR message for a subscriber; determining, by the DEA, that the first Diameter AIR message includes a first IMSI not of record in the AIR/ULR mapping database at the DEA; recording, for the subscriber, a VPLMN ID extracted from the first Diameter AIR message in the Diameter AIR/ULR mapping database at the DEA, wherein recording the VPLMN ID extracted from the first Diameter AIR message in the Diameter AIR/ULR mapping database at the DEA includes creating a new record in the Diameter AIR/ULR mapping database at the DEA for the first IMSI and the VPLMN ID; receiving, at the DEA, a first Diameter ULR message and reading a VPLMN ID in the first Diameter ULR message; determining that the VPLMN ID read from the first Diameter ULR message does not match the VPLMN ID extracted from the first Diameter AIR message and recorded for the subscriber in the Diameter AIR/ULR mapping database at the DEA; and in response to determining that the VPLMN ID read from the first Diameter ULR message does not match the VPLMN ID extracted from the first Diameter AIR message and recorded for the subscriber in the Diameter AIR/ULR mapping database at the DEA, rejecting the first Diameter ULR message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for authenticating a mobility management entity (MME) for outbound roaming subscribers, the system comprising:
-
a memory in connection with at least one processor, wherein the memory comprises; a Diameter edge agent (DEA); a Diameter authentication information request/update location request (AIR/ULR) mapping database local to the DEA for storing records for authenticating MMEs, wherein the AIR/VLR mapping database stores mappings between visited public land mobile network identifiers (VPLMN IDs) from Diameter AIR messages and international mobile subscriber identities (IMSIs) obtained from the AIR messages; and an MME authentication application local to the DEA and implemented using the at least one processor for receiving a first Diameter AIR message for a subscriber, determining that the first Diameter AIR message includes a first IMSI not of record in the AIR/ULR mapping database at the DEA, recording, for the subscriber, a VPLMN ID extracted from the first Diameter AIR message in the AIR/ULR mapping database at the DEA, wherein recording the VPLMN ID extracted from the first Diameter AIR message in the Diameter AIR/ULR mapping database at the DEA includes creating a new record in the Diameter AIR/ULR mapping database at the DEA for the first IMSI and the VPLMN ID, receiving a first Diameter ULR message and reading a VPLMN ID in the first Diameter ULR message, determining that the VPLMN ID read from the first Diameter ULR message does not match the VPLMN ID extracted from the first Diameter AIR message and recorded for the subscriber in the Diameter AIR/ULR mapping database at the DEA, and, in response to determining that the VPLMN ID read from the first ULR message does not match the VPLMN ID extracted from the first Diameter AIR message and recorded for the subscriber in the Diameter AIR/ULR mapping database at the DEA, rejecting the first Diameter ULR message. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A non-transitory computer readable medium having stored thereon executable instructions that when executed by the processor of a computer controls the computer to perform steps comprising:
-
maintaining a Diameter authentication information request/update location request (AIR/ULR) mapping database at a Diameter edge agent (DEA), wherein the AIR/VLR mapping database stores mappings between visited public land mobile network identifiers (VPLMN IDs) from Diameter AIR messages and international mobile subscriber identities (IMSIs) obtained from the AIR messages; receiving, at the DEA, a Diameter AIR message for a subscriber; determining, by the DEA, that the Diameter AIR message includes an IMSI not of record in the AIR/ULR mapping database at the DEA; recording, for the subscriber, a VPLMN ID extracted from the Diameter AIR message in the Diameter AIR/ULR mapping database at the DEA, wherein recording the VPLMN ID extracted from the Diameter AIR message in the Diameter AIR/ULR mapping database at the DEA includes creating a new record in the Diameter AIR/ULR mapping database at the DEA for the IMSI and the VPLMN ID; receiving, at the DEA, a first Diameter ULR message and reading a VPLMN ID in the first Diameter ULR message; determining that the VPLMN ID read from the first Diameter ULR message does not match the VPLMN ID extracted from the Diameter AIR message and recorded for the subscriber in the Diameter AIR/ULR mapping database at the DEA; and in response to determining that the VPLMN ID read from the first Diameter ULR message does not match the VPLMN ID extracted from the Diameter AIR message and recorded for the subscriber in the Diameter AIR/ULR mapping database at the DEA, rejecting the first Diameter ULR message.
-
Specification