Method and system for transparently and securely interconnecting a WLAN radio access network into a GPRS/GSM core network

US 20040139201A1
Filed: 06/19/2002
Published: 07/15/2004
Est. Priority Date: 06/19/2002
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating a WLAN radio user device in a wireless local area network radio access network (WLAN RAN) using a core network supporting GSM protocols comprising:

connecting a Radio Access Controller (RAC), a Radio Link Manager (RLM), and a WLAN Access Point (WLAN AP) to a Home Location Register (HLR) of a said core network;

establishing communication of the WLAN radio user device with the WLAN AP and the RLM;

authenticating the user device having Multilink Client (MLC) capabilities to the HLR; and

thereafter attaching the user device to the core network system by;

connecting a first datalink tunnel from the MLC to the RLM.

View all claims

18 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system are provided for integrating a WLAN radio access network into a GSM/GPRS core network wherein gateways are added that transparently transport services between the two networks. A further aspect of the invention is secure authentication. The system has two network elements: a Radio Link Manager (RLM) and a Radio Access Controller (RAC), and a software application, a Multi-Link Client (MLC) to control the functionality of the integration and the authentication. The MLC resides on a user device. The RAC provides protocol stacks and interworking functions to allow the MLC to talk to a Home Location Register (HLR). The RLM and MLC set up a “tunnel” employing, for example, PPP over Ethernet (PPPOE), and all of the data packets received on this tunnel are forwarded by the RLM to the Gateway GPRS Support Node (GGSN over a further tunnel using the GPRS Tunneling Protocol (GTP).

Citations

13 Claims

1. A method for authenticating a WLAN radio user device in a wireless local area network radio access network (WLAN RAN) using a core network supporting GSM protocols comprising:
- connecting a Radio Access Controller (RAC), a Radio Link Manager (RLM), and a WLAN Access Point (WLAN AP) to a Home Location Register (HLR) of a said core network;
  
  establishing communication of the WLAN radio user device with the WLAN AP and the RLM;
  
  authenticating the user device having Multilink Client (MLC) capabilities to the HLR; and
  
  thereafter attaching the user device to the core network system by;
  
  connecting a first datalink tunnel from the MLC to the RLM.
- View Dependent Claims (2, 3, 4, 10, 11)
- - 2. The method according to claim 1 wherein said authenticating step further includes thereafter connecting a second datalink tunnel from the RLM to the GGSN packet gateway for a global packet data network.
  - 3. The method according to claim 1 wherein said authenticating step further includes thereafter connecting a second datalink tunnel from the RLM to an Internet gateway with tunneling capabilities and address assignment capabilities as part of a global packet data network.
  - 4. The method according to claim 3 wherein the Internet gateway employs Layer 2 Transport Protocol.
  - 10. The method according to claim 1 wherein said authenticating step comprises:
    - initiating a wireless attach request from the user device;
      
      transmitting from the user device an identification number (IMSI) and a fresh random number associated with the user (nonce) via a wireless link to a radio link manager;
      
      thereafter forming a conventional attach request;
      
      thereafter conveying the conventional attach request to a home location register using the IMSI and the nonce;
      
      generating at the home location register a conventional authentication request using a
      
           1) shared key of the user device,
      
           2) the imsi and
      
           3) the nonce, the conventional authentication request including as an element a conventional digital signature;
      
      thereafter conveying the conventional authentication request to the radio link manager;
      
      thereafter forming at the radio link manager a first secure digital signature of said conventional authentication request using the nonce and all elements of the conventional authentication request;
      
      thereafter conveying the first secure digital signature and a modified conventional authentication request having removed therefrom said conventional digital signature to the user device;
      
      constructing at the user device a candidate duplicate of the conventional digital signature from the modified conventional authentication request using the shared key, IMSI, and nonce;
      
      verifying the candidate duplicate and the modified conventional authentication request at the user device using
      
           1) the first secure digital signature,
      
           2) the candidate duplicate and
      
           3) the modified conventional authentication request to authenticate the radio link manager to the user device;
      
      thereafter constructing at the user device a second secure digital signature from the verified duplicate of the conventional digital signature using the shared keyed and the verified modified conventional authentication request; and
      
      thereafter reporting the second secure digital signature to the radio link manager to verify authentication of the user device to the radio link manager.
  - 11. The method according to claim 1 further including the step of using a shared key shared between the user device and the HLR to establish said first datalink tunnel as a secure datalink tunnel.

5. A method for interconnecting a wireless local area network radio access network (WLAN RAN) to a GSM core network supporting GPRS packet protocols comprising:
- connecting a Radio Access Controller (RAC), a Radio Link Manager (RLM), and a WLAN Access Point (WLAN AP) to a GPRS Gateway Serving Node (GGSN) and a Home Location Register (HLR) of a said core network;
  
  establishing communication of a WLAN radio user device with the WLAN AP;
  
  authenticating the user device having Multilink Client (MLC) capabilities to the HLR; and
  
  thereafter attaching the user device to the core network system by;
  
  connecting a first datalink tunnel from the MLC to the RLM.
- View Dependent Claims (6, 7, 8)
- - 6. The method according to claim 5 wherein said authenticating step further includes thereafter connecting a second datalink tunnel from the RLM to the GGSN packet gateway for a global packet data network.
  - 7. The method according to claim 5 wherein said authenticating step further includes thereafter connecting a second datalink tunnel from the RLM to an Internet gateway with tunneling capabilities and address assignment capabilities as part of a global packet data network.
  - 8. The method according to claim 7 wherein the Internet gateway employs Layer 2 Transport Protocol.

9. A method for mutually authenticating a user device and a GSM core network via a wireless local area network radio access network (WLAN RAN), the GSM core network supporting GPRS packet protocols, said method comprising:
- initiating a wireless attach request from the user device;
  
  transmitting from the user device an identification number (IMSI) and a fresh random number associated with the user (nonce) via a wireless link to a radio link manager;
  
  thereafter forming a conventional attach request using the IMSI and the nonce;
  
  thereafter conveying the conventional attach request to a home location register;
  
  generating at the home location register a conventional authentication request using a
  
       1) shared key of the user device,
  
       2) the imsi and
  
       3) the nonce, the conventional authentication request including as an element a conventional digital signature;
  
  thereafter conveying the conventional authentication request to the radio link manager;
  
  thereafter forming at the radio link manager a first secure digital signature of said conventional authentication request using the nonce and all elements of the conventional authentication request;
  
  thereafter conveying the first secure digital signature and a modified conventional authentication request having removed therefrom said conventional digital signature to the user device;
  
  constructing at the user device a candidate duplicate of the conventional digital signature from the modified conventional authentication request using the shared key, IMSI and nonce;
  
  verifying the candidate duplicate and the modified conventional authentication request at the user device using
  
       1) the first secure digital signature,
  
       2) the candidate duplicate and
  
       3) the modified conventional authentication request to authenticate the radio link manager to the user device;
  
  thereafter constructing at the user device a second secure digital signature from the verified duplicate of the conventional digital signature using the shared keyed, IMSI, and the nonce and the verified modified conventional authentication request; and
  
  thereafter reporting the second secure digital signature to the radio link manager to verify authentication of the user device to the radio link manager.

12. A system for interconnecting a wireless local area network radio access network (WLAN RAN) to a GSM core network supporting GPRS packet protocols comprising:
- a Radio Access Controller (RAC);
  
  a Radio Link Manager (RLM);
  
  a WLAN Access Point (WLAN AP);
  
  a GPRS Gateway Serving Node (GGSN);
  
  a Home Location Register (HLR) of a said core network;
  
  at least one WLAN radio user device for communication with the WLAN AP;
  
  means for authenticating the user device to the HLR, said user device having Multilink Client (MLC) capabilities; and
  
  means for attaching the user device to the core network system using a first datalink tunnel from the MLC to the RLM and a second datalink tunnel from the RLM to the GGSN packet gateway for a global packet data network.

13. A system for interconnecting a wireless local area network radio access network (WLAN RAN) to a GSM core network comprising:
- a Radio Access Controller (RAC);
  
  a Radio Link Manager (RLM);
  
  a WLAN Access Point (WLAN AP);
  
  an Internet Gateway Node;
  
  a Home Location Register (HLR) of a said core network;
  
  at least one WLAN radio user device for communication with the WLAN AP;
  
  means for authenticating the user device to the HLR, said user device having Multilink Client (MLC) capabilities; and
  
  means for attaching the user device to the core network system using a first datalink tunnel from the MLC to the RLM and a second datalink tunnel from the RLM to the Internet Gateway Node for a global packet data network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ruckus IP Holdings LLC
Original Assignee
Mobility Network Systems Inc.
Inventors
Kant, Nishi, Ritter, Michael W., Chaudhary, Mayank S., Ahmed, Allam Zaheer, Chuang, Chih-hsin Alan

Granted Patent

US 7,155,526 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/229
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/0869   for achieving mutual authen...

H04W 12/06   Authentication

H04W 12/72   Subscriber identity

H04W 84/04   Large scale networks; Deep ...

H04W 84/12   WLAN [Wireless Local Area N...

H04W 92/02   Inter-networking arrangements

Method and system for transparently and securely interconnecting a WLAN radio access network into a GPRS/GSM core network

First Claim

18 Assignments

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for transparently and securely interconnecting a WLAN radio access network into a GPRS/GSM core network

First Claim

18 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links