Method and apparatus enabling reauthentication in a cellular communication system

US 20040153555A1
Filed: 09/10/2003
Published: 08/05/2004
Est. Priority Date: 10/03/2002
Status: Active Grant

First Claim

Patent Images

1. A method for use in reauthentication of a communication session involving the exchange of information between a terminal (21) and a server (24) via an authentication network (28), the communication session having already been authenticated by the terminal (21) and a first authentication server (23a) of the authentication network (28), the method characterized by:

a step (11) in which the first authentication server (23a) and other authentication servers (23b) are each assigned a respective unique realm name; and

a step (13) in which during authentication between the terminal and the first authentication server (23a), the first authentication server (23a) transmits to the terminal (21) a reauthentication identity including the unique realm name assigned to the first authentication server.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method (and corresponding equipment) for use in reauthentication—after a first, full authentication by a first authentication server (23a)—of a communication session involving the exchange of information between a terminal (21) and a server (24), the method including: a step (11) in which the first authentication server (23a) and other authentication servers (23b) are each assigned a respective unique realm name; and a step (13) in which during authentication between the terminal and the first authentication server (23a), the first authentication server (23a) transmits to the terminal (21) a reauthentication identity including the unique realm name assigned to the first authentication server. Then, later, during reauthentication, to make possible that the reauthentication is performed by the same authentication server (23a) as performed the full authentication—i.e. by the first authentication server (23a)—the reauthentication identity is included in a request for reauthentication.

51 Citations

View as Search Results

12 Claims

1. A method for use in reauthentication of a communication session involving the exchange of information between a terminal (21) and a server (24) via an authentication network (28), the communication session having already been authenticated by the terminal (21) and a first authentication server (23a) of the authentication network (28), the method characterized by:
- a step (11) in which the first authentication server (23a) and other authentication servers (23b) are each assigned a respective unique realm name; and
  
  a step (13) in which during authentication between the terminal and the first authentication server (23a), the first authentication server (23a) transmits to the terminal (21) a reauthentication identity including the unique realm name assigned to the first authentication server.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1, further characterized by:
    - a step (14) in which to perform a reauthentication the terminal (21) transmits a request for reauthentication using the reauthentication identity including the unique realm name; and
      
      a step (15) in which an authentication network element (21a 22 23a 23b) receiving the request for reauthentication determines from the reauthentication identity included in the request the unique realm name indicating the authentication server (23a) that performed the full authentication.
  - 3. The method of claim 2, further characterized by:
    - a step (15) in which an authentication network element (21a 22 23b) forwards the request to the authentication server (23a) indicated by the unique realm name included as part of the reauthentication identity; and
      
      a step (16 17) in which the terminal (21) and the first authentication server (23a) perform reauthentication.

4. An authentication server (23a 23b) in a cellular communication system comprising means for reauthentication of a communication session between a terminal (21) and a content server (25), the authentication server (23a 23b) characterized by:
- means (11) for receiving an assigned unique realm name; and
  
  means (13) for transmitting to the terminal (21) a reauthentication identity including the unique realm name.
- View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12)
- - 5. An authentication server as in claim 4, further characterized by:
    - means (15) for receiving a request for reauthentication using the reauthentication identity and for determining from the reauthentication identity the unique realm name.
  - 6. An authentication server as in claim 5, further characterized by:
    - means (16) for forwarding the request to the authentication server (23a) indicated by the unique realm name included as part of the reauthentication identity.
  - 7. A computer program product comprising:
    - a computer readable storage structure embodying computer program code thereon for execution by a computer processor in an authentication server (23a), with said computer program code characterized in that it includes instructions for enabling the means of an apparatus according to claim 4.
  - 8. A computer program product comprising:
    - a computer readable storage structure embodying computer program code thereon for execution by a computer processor in an authentication server (23a), with said computer program code characterized in that it includes instructions for enabling the means of an apparatus according to claim 5.
  - 9. A computer program product comprising:
    - a computer readable storage structure embodying computer program code thereon for execution by a computer processor in an authentication server (23a), with said computer program code characterized in that it includes instructions for enabling the means of an apparatus according to claim 6.
  - 10. A system, including a plurality of terminals (21), a plurality of authentication servers (23a 23b), and at least one content server (24), the terminals (21) operative so as to request content from the content server (24) after authentication and occasional reauthentication with one or another of the authentication servers (23a 23b), the system characterized in that at least two of the authentication servers (23a 23b) are as in claim 4.
  - 11. A system, including a plurality of terminals (21), a plurality of authentication servers (23a 23b), and at least one content server (24), the terminals (21) operative so as to request content from the content server (24) after authentication and occasional reauthentication with one or another of the authentication servers (23a 23b), the system characterized in that at least two of the authentication servers (23a 23b) are as in claim 5.
  - 12. A system, including a plurality of terminals (21), a plurality of authentication servers (23a 23b), and at least one content server (24), the terminals (21) operative so as to request content from the content server (24) after authentication and occasional reauthentication with one or another of the authentication servers (23a 23b), the system characterized in that at least two of the authentication servers (23a 23b) are as in claim 6.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Technologies Oy (Nokia Corporation)
Inventors
Haverinen, Henry, Ahmavaara, Kalle

Granted Patent

US 8,972,582 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/229
CPC Class Codes

H04L 2101/345   containing wildcard characters

H04L 61/30   Managing network names, e.g...

H04L 61/301   Name conversion

H04L 63/08   for authentication of entit...

H04L 63/0853   using an additional device,...

H04L 63/0892   by using authentication-aut...

H04L 63/162   at the data link layer

H04W 12/06   Authentication

H04W 8/26   Network addressing or numbe...

H04W 84/042   Public Land Mobile systems,...

Method and apparatus enabling reauthentication in a cellular communication system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

51 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus enabling reauthentication in a cellular communication system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

51 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links