Authentication and authorisation based secure ip connections for terminals
First Claim
1. A method of facilitating the authentication of an IP data transfer between a mobile wireless terminal and a network node via a radio access network (RAN), the method comprising the steps of:
- generating a public-private key pair;
obtaining a certificate containing said public key, a unique identifier allocated to a subscriber, and a signature guaranteeing that the public key is associated with the unique identifier, the unique identifier being an identifier allocated to the terminal for the purpose of using the RAN;
storing the key pair and the certificate on a subscriber identity module (SIM) card;
coupling the SIM card to the mobile wireless terminal so that processing means of the terminal can access the key pair and the certificate; and
sending the certificate to a network node, whereby the network node can use the certificate to authenticate the subscriber.
2 Assignments
0 Petitions
Accused Products
Abstract
A method of facilitating the authentication of IP data transfer between a mobile wireless terminal 4 and a network node 2. A computer is used to generate a public-private key pair, whilst a certificate guaranteeing that the key pair is associated with a unique identifier allocated to a subscriber is obtained from a CA 8. The key pair and the certificate are stored on a subscriber identity module (SIM) card 9 which is then coupled to the mobile wireless terminal 4 so that processing means of the terminal 4 can access the key pair and the certificate for use in authenticating itself to a remote node 2. The terminal is authorised to access services of the node 2 on the basis of the unique identifier.
-
Citations
9 Claims
-
1. A method of facilitating the authentication of an IP data transfer between a mobile wireless terminal and a network node via a radio access network (RAN), the method comprising the steps of:
-
generating a public-private key pair;
obtaining a certificate containing said public key, a unique identifier allocated to a subscriber, and a signature guaranteeing that the public key is associated with the unique identifier, the unique identifier being an identifier allocated to the terminal for the purpose of using the RAN;
storing the key pair and the certificate on a subscriber identity module (SIM) card;
coupling the SIM card to the mobile wireless terminal so that processing means of the terminal can access the key pair and the certificate; and
sending the certificate to a network node, whereby the network node can use the certificate to authenticate the subscriber. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of authenticating IP data transfer between a mobile wireless terminal and a network node via a radio access network (RAN), the mobile terminal comprising a SIM card having stored thereon a public-private key pair and a certificate containing at least the public key, a unique identifier being an identifier allocated to the terminal for the purpose of using the RAN, and a signature guaranteeing that the public key is associated with the unique identifier, the method comprising:
-
sending the certificate from the mobile terminal to the node;
authenticating the terminal using said certificate; and
authorising the terminal to access a service of the node on the basis of said identifier.
-
-
9. A method of facilitating the authentication of IP data transfer between a mobile wireless terminal and a network node, the method comprising the steps of:
-
1) registering a subscriber to a mobile wireless telecommunications network;
2) generating a public-private key pair;
3) obtaining a certificate from a certification authority (CA) containing at least the public key, a unique identifier being an identifier allocated to the terminal for the purpose of using the telecommunications network, and a signature guaranteeing that the public key is associated with the unique identifier;
4) storing the key pair and the certificate on a subscriber identity module (SIM) card;
5) giving a mobile wireless terminal to the subscriber together with the SIM card; and
7) coupling the SIM card to the mobile wireless terminal whereby processing means of the terminal can access the certificate for sending to a remote node and the remote node can authenticate the subscriber on the basis of the certificate and can authorise access to services of the node on the basis of the unique identifier.
-
Specification