Mobile IP communication scheme incorporating individual user authentication

US 20060034238A1
Filed: 10/24/2005
Published: 02/16/2006
Est. Priority Date: 09/05/1997
Status: Abandoned Application

First Claim

Patent Images

1. A mobile computer management device located in a home network of a mobile computer for enabling the mobile computer to carry out communications while moving over inter-connected networks, the mobile computer management device comprising:

a registration unit for registering an information on a current location of the mobile computer, based on a registration message transmitted from the mobile computer, which is currently located outside the home network;

a transfer unit for transferring packets destined to the mobile computer to the current location of the mobile computer according to the information registered by the registration unit; and

a user authentication unit for carrying out a user authentication, prior to a registration of the information on the current location of the mobile computer, to judge a properness of a user of the mobile computer according to a user-input-based information contained in a response message returned from the mobile computer in response to a challenge message transmitted from the mobile computer management device to the mobile computer, and controlling the registration of the information by the registration unit according to a result of the user authentication.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mobile IP communication scheme capable of authenticating an individual user who is operating the mobile computer when the mobile computer is connected to a visited site network and transmits a current location registration message to the home agent is disclosed. A user authentication to judge a properness of a user of the mobile computer is carried out according to a user input based information, and the current location of the mobile computer is registered at the mobile computer management device (home agent) when the user is judged as a proper user. The user authentication can be carried out either at the mobile computer management device according to a user input based information received from the mobile computer, or at the mobile computer according to an information entered by the user at the mobile computer.

Citations

12 Claims

1. A mobile computer management device located in a home network of a mobile computer for enabling the mobile computer to carry out communications while moving over inter-connected networks, the mobile computer management device comprising:
- a registration unit for registering an information on a current location of the mobile computer, based on a registration message transmitted from the mobile computer, which is currently located outside the home network;
  
  a transfer unit for transferring packets destined to the mobile computer to the current location of the mobile computer according to the information registered by the registration unit; and
  
  a user authentication unit for carrying out a user authentication, prior to a registration of the information on the current location of the mobile computer, to judge a properness of a user of the mobile computer according to a user-input-based information contained in a response message returned from the mobile computer in response to a challenge message transmitted from the mobile computer management device to the mobile computer, and controlling the registration of the information by the registration unit according to a result of the user authentication.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The mobile computer management device of claim 1, further comprising:
    - a host authentication unit for carrying out a host authentication, prior to the registration of the information on the current location of the mobile computer, to judge a properness of the mobile computer according to the registration message received from the mobile computer, and permitting the registration of the information by the registration unit when both the host authentication and the user authentication succeed.
  - 3. The mobile computer management device of claim 1, further comprising:
    - a transmission unit for transmitting, prior to the registration of the information, a challenge message that requests returning of a user authentication information to the mobile computer when a new registration message containing the information on the current location of the mobile computer is received from the mobile computer;
      
      wherein the user authentication unit judges the properness of the user according to the user input based information which is contained in a response message returned from the mobile computer in response to the challenge message as the user authentication information.
  - 4. The mobile computer management device of claim 3, wherein the transmission unit also transmits the challenge message that requests returning of the user authentication information to the mobile computer when another registration message for re-registration of an already registered current location is received from the mobile computer and a prescribed condition indicates that the user authentication is required to be executed again, prior to the re-registration by the registration unit.
  - 5. The mobile computer management device of claim 4, wherein said another message for re-registration is received at a prescribed interval, and the challenge message is transmitted at an interval longer than the prescribed interval.
  - 6. The mobile computer management device of claim 3, wherein the transmission unit transmits the challenge message that contains a challenge code, and the user authentication unit judges the properness of the user by checking a one-time password based on the challenge code which is returned from the mobile computer as the user-input-based information.
  - 7. The mobile computer management device of claim 1, wherein the user authentication unit refuses subsequent registration requests from the mobile computer when the user authentication according to the user-input-based information received from the mobile computer fails for a prescribed number of times consecutively.
  - 8. The mobile computer management device of claim 1, wherein the user authentication unit judges the properness of the user according to whether a password returned from the mobile computer as the user-input-based information coincides with a pre-registered one.

9. A method for registering a mobile computer in a mobile computer management device for enabling the mobile computer to carry out communications while moving over inter-connected networks, the mobile computer management device having a function for managing information on a current location of the mobile computer device and transferring packets destined to the mobile computer device to the current location of the mobile computer device, the method comprising the steps of:
- transmitting a registration message containing the information on the current location of the mobile computer from the mobile computer at a visited site to a mobile computer management device at a home network of the mobile computer;
  
  carrying out a user authentication to judge a properness of a user of the mobile computer according to a user-input-based information contained in a response message returned from the mobile computer in response to a challenge message transmitted from the mobile computer management device to the mobile computer, prior to a registration of the information on the current location of the mobile computer in response to the registration message; and
  
  registering the information on the current location of the mobile computer at the mobile computer management device when the user is judged as a proper user.
- View Dependent Claims (10, 11)
- - 10. The method of claim 9, wherein the user authentication is carried out at the mobile computer management device according to a user-input-based information transmitted from the mobile computer to the mobile computer management device.
  - 11. The method of claim 9, wherein the user authentication is carried out locally at the mobile computer according to an information entered by the user at the mobile computer.

12. A computer program product for causing a computer to function as a mobile computer management device located in a home network of a mobile computer for enabling the mobile computer to carry out communications while moving over inter-connected networks, the computer program product comprising:
- a first computer program code for causing the computer to register an information on a current location of the mobile computer, based on a registration message transmitted from the mobile computer, which is currently located outside the home network;
  
  a second computer program code for causing the computer to transfer packets destined to the mobile computer to the current location of the mobile computer according to the information registered by the first computer program code; and
  
  a third computer program code for causing the computer to carry out a user authentication, prior to a registration of the information on the current location of the mobile computer, to judge a properness of a user of the mobile computer according to a user-input-based information contained in a response message returned from the mobile computer in response to a challenge message transmitted from the mobile computer management device to the mobile computer, and controlling the registration of the information by the first computer program code according to a result of the user authentication.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Original Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Inventors
Inoue, Atsushi, Fukumoto, Atsushi, Ishiyama, Masahiro, Okamoto, Toshio, Tsuda, Yoshiyuki

Application Number

US11/255,881
Publication Number

US 20060034238A1
Time in Patent Office

Days
Field of Search
US Class Current

370/338
CPC Class Codes

G06F 21/33   using certificates

G06Q 20/3224   Transactions dependent on l...

H04L 63/0428   wherein the data content is...

H04L 63/083   using passwords cryptograph...

H04L 63/0838   using one-time-passwords

H04L 67/00   Network arrangements or pro...

H04L 67/04   specially adapted for termi...

H04L 69/40   for recovering from a failu...

H04W 12/068   using credential vaults, e....

H04W 8/04   Registration at HLR or HSS ...

H04W 80/04   Network layer protocols, e....

Mobile IP communication scheme incorporating individual user authentication

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Mobile IP communication scheme incorporating individual user authentication

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links