Systems, Methods, Media, and Means for User Level Authentication

US 20080168540A1
Filed: 12/05/2007
Published: 07/10/2008
Est. Priority Date: 12/07/2006
Status: Active Grant

First Claim

Patent Images

1. A gateway in a communications network, comprisinga subscriber interface;

a Session Initiation Protocol (SIP) registrar; and

a network interface in communication with the subscriber interface, the SIP registrar, a subscriber database, and a mobile device;

whereinthe SIP registrar;

receives a first register message as a result of a request associated with a user and the mobile device seeking network authentication; and

sends a request for subscriber information to the subscriber interface;

the subscriber interface;

retrieves the subscriber information from the subscriber database; and

sends the subscriber information to the SIP registrar;

the SIP registrar further;

sends challenge information including a password request and a request for predetermined response information previously selected by the user to the mobile device;

receives a second register message including user response information in response to the challenge information from the mobile device;

authenticates the mobile device and the user based at least in part on whether the user response information matches the predetermined response information; and

notifies the subscriber interface of the authentication.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In some embodiments, a gateway in a communications network is provided including a subscriber interface and a Session Initiation Protocol (SIP) registrar; wherein the SIP registrar: receives a first register message as a result of a request associated with a user and a mobile device seeking network authentication; and sends a request for subscriber information to the subscriber interface; the subscriber interface: retrieves the subscriber information from the subscriber database; and sends the subscriber information to the SIP registrar; the SIP registrar further: sends challenge information including a password request and a request for predetermined response information previously selected by the user to the mobile device; receives a second register message including user response information in response to the challenge information; and authenticates the mobile device and the user based at least in part on whether the user response information matches the predetermined response information.

Citations

18 Claims

1. A gateway in a communications network, comprisinga subscriber interface;
- a Session Initiation Protocol (SIP) registrar; and
  
  a network interface in communication with the subscriber interface, the SIP registrar, a subscriber database, and a mobile device;
  
  whereinthe SIP registrar;
  
  receives a first register message as a result of a request associated with a user and the mobile device seeking network authentication; and
  
  sends a request for subscriber information to the subscriber interface;
  
  the subscriber interface;
  
  retrieves the subscriber information from the subscriber database; and
  
  sends the subscriber information to the SIP registrar;
  
  the SIP registrar further;
  
  sends challenge information including a password request and a request for predetermined response information previously selected by the user to the mobile device;
  
  receives a second register message including user response information in response to the challenge information from the mobile device;
  
  authenticates the mobile device and the user based at least in part on whether the user response information matches the predetermined response information; and
  
  notifies the subscriber interface of the authentication.
- View Dependent Claims (2, 3, 4)
- - 2. The gateway of claim 1, wherein the subscriber database is a Home Subscriber Server (HSS) and the SIP registrar is a serving call session control function (S-CSCF).
  - 3. The gateway of claim 1, wherein authentication includes authentication, authorization, and registration.
  - 4. The gateway of claim 1, wherein the predetermined response information includes a question to the user.

5. A method for authenticating a mobile device and a user, comprising:
- receiving a first register message as a result of a request associated with the user and the mobile device seeking network authentication at a SIP registrar; and
  
  sending a request for subscriber information to a subscriber interface from the SIP registrar;
  
  retrieving the subscriber information from a subscriber database at the subscriber interface; and
  
  sending the subscriber information to the SIP registrar from subscriber interface;
  
  sending challenge information including a password request and a request for predetermined response information previously selected by the user to the mobile device from the SIP registrar;
  
  receiving a second register message including user response information in response to the challenge information from the mobile device at the SIP registrar;
  
  authenticating the mobile device and the user based at least in part on whether the user response information matches the predetermined response information at the SIP registrar; and
  
  sending notification of authentication to the subscriber interface from the SIP registrar.
- View Dependent Claims (6, 7, 8, 9)
- - 6. The method of claim 5, wherein the subscriber database is a Home Subscriber Server (HSS) and the SIP registrar is a serving call session control function (S-CSCF).
  - 7. The method of claim 5, wherein authentication includes authentication, authorization, and registration.
  - 8. The method of claim 5, wherein the predetermined response information includes a question to the user.
  - 9. The method of claim 5, wherein the challenge information further includes an image previously selected by the user and wherein the user does not respond if the user does not recognize the image as the image previously selected by the user.

10. A gateway in a communications network, comprising:
- means for receiving a first register message as a result of a request associated with a user and a mobile device seeking network authentication at a SIP registrar;
  
  means for sending a request for subscriber information to a subscriber interface from the SIP registrar;
  
  means for retrieving the subscriber information from a subscriber database at the subscriber interface;
  
  means for sending the subscriber information to the SIP registrar from subscriber interface;
  
  means for sending challenge information including a password request and a request for predetermined response information previously selected by the user to the mobile device from the SIP registrar;
  
  means for receiving a second register message including user response information in response to the challenge information from the mobile device at the SIP registrar;
  
  means for authenticating the mobile device and the user based at least in part on whether the user response information matches the predetermined response information at the SIP registrar; and
  
  means for sending notification of authentication to the subscriber interface from the SIP registrar.
- View Dependent Claims (11, 12)
- - 11. The gateway of claim 10, wherein the subscriber database is a Home Subscriber Server (HSS) and the SIP registrar is a serving call session control function (S-CSCF).
  - 12. The gateway of claim 10, wherein authentication includes authentication, authorization, and registration.

13. A gateway in a communications network comprising:
- a subscriber interface residing in the gateway in communication with a serving-call session control function (S-CSCF) and a subscriber database to register and authenticate a mobile device and a user;
  
  the S-CSCF caches subscriber information in the gateway including a password and predetermined response information previously selected by the user and received from the subscriber database through the subscriber interface and challenges the mobile device with challenge information including a request for the password and a request for the predetermined response information; and
  
  the S-CSCF authenticates a response to the challenge information and updates the cache.
- View Dependent Claims (14, 15)
- - 14. The gateway of claim 13, wherein the subscriber database is a Home Subscriber Server (HSS).
  - 15. The gateway of claim 13, wherein the predetermined response information includes at least one of a question to the user and an image.

16. A gateway in a communications network comprising:
- means for caching subscriber information in the gateway including a password and predetermined response information previously selected by the user and received from a subscriber database through a subscriber interface and challenging the mobile device with challenge information including a request for the password and a request for the predetermined response information; and
  
  means for authenticating a response to the challenge information and updating the cache.
- View Dependent Claims (17, 18)
- - 17. The gateway of claim 16, wherein the subscriber database is a Home Subscriber Server (HSS).
  - 18. The gateway of claim 16, wherein the predetermined response information includes at least one of a question to the user and an image.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Ghai, Rajat, Agarwal, Kaitki

Granted Patent

US 8,250,634 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

H04L 45/38   Flow based routing

H04L 45/72   Routing based on the source...

H04L 45/74   Address processing for routing

H04L 45/7453   using hashing

H04L 47/125   by balancing the load, e.g....

H04L 47/2483   involving identification of...

H04L 65/1016   IP multimedia subsystem [IMS]

H04L 65/102   Gateways arrangements for c...

H04L 65/103   in the network

H04L 65/1045   Proxies, e.g. for session i...

H04L 65/1046   Call controllers; Call servers

H04L 65/1104   Session initiation protocol...

H04L 65/80   Responding to QoS

H04L 67/52   specially adapted for the l...

H04W 4/02   Services making use of loca...

Y10S 707/912   Applications of a database

Y10S 707/913   Multimedia

Y10S 707/918   Location

Systems, Methods, Media, and Means for User Level Authentication

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Systems, Methods, Media, and Means for User Level Authentication

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links