METHOD FOR AUTHENTICATING A MOBILE UNIT ATTACHED TO A FEMTOCELL THAT OPERATES ACCORDING TO CODE DIVISION MULTIPLE ACCESS

US 20090191844A1
Filed: 01/25/2008
Published: 07/30/2009
Est. Priority Date: 10/04/2007
Status: Active Grant

First Claim

Patent Images

1. A method involving a femtocell in communication with a secure network, comprising:

receiving, from the femtocell and at a first secure entity in the secure network, first authentication information generated by a mobile unit using a first random number broadcast by the femtocell in a global challenge;

receiving, from a second secure entity in the secure network, at least one security key formed based on the global challenge;

requesting, from the second secure entity in the secure network, second authentication information for uniquely challenging the mobile unit; and

providing said at least one security key to the femtocell in response to authenticating the mobile unit based upon the second authentication information.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a method involving a femtocell in communication with an Internet Protocol Multimedia Subsystem (IMS) network. In one embodiment, the femtocell operates according to code division multiple access (CDMA) standards. The method includes receiving, from the femtocell and at a first secure entity in the IMS network, first authentication information generated by the mobile unit using a first random number broadcast by the femtocell in a global challenge. The method also includes receiving, from a second secure entity in the secure network, at least one security key formed based on the global challenge and second authentication information for uniquely challenging the mobile unit. In one embodiment, the second secure entity is a CDMA-based authentication server. The method further includes providing the security key(s) to the femtocell in response to authenticating the mobile unit based upon the second authentication information.

105 Citations

View as Search Results

16 Claims

1. A method involving a femtocell in communication with a secure network, comprising:
- receiving, from the femtocell and at a first secure entity in the secure network, first authentication information generated by a mobile unit using a first random number broadcast by the femtocell in a global challenge;
  
  receiving, from a second secure entity in the secure network, at least one security key formed based on the global challenge;
  
  requesting, from the second secure entity in the secure network, second authentication information for uniquely challenging the mobile unit; and
  
  providing said at least one security key to the femtocell in response to authenticating the mobile unit based upon the second authentication information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein receiving the first authentication information comprises receiving information indicating an identifier uniquely identifying the first mobile unit, the first random number, and an authentication response computed by the mobile unit based on the first random number and a first key known by the mobile unit and not known by the femtocell.
  - 3. The method of claim 2, wherein requesting the second authentication information comprises requesting information indicating a second random number and an authentication response that is unique to the mobile unit, the second secure entity determining the authentication response based on the identifier uniquely identifying the first mobile unit.
  - 4. The method of claim 3, wherein authenticating the mobile unit comprises providing the second random number to the femtocell so that the femtocell can transmit a unique challenge including the second random number to the mobile unit.
  - 5. The method of claim 4, wherein authenticating the mobile unit comprises receiving, at the first secure entity and in response to providing the second random number, information indicating the second random number and an authentication response computed by the mobile unit based on the second random number.
  - 6. The method of claim 5, wherein authenticating the mobile unit comprises authenticating the mobile unit if the authentication response computed by the mobile unit based on the second random number corresponds to the authentication response received from the second secure entity.
  - 7. The method of claim 1, wherein requesting at least one security key from the second secure entity comprises requesting session keys for encryption of signaling and bearer traffic.
  - 8. The method of claim 1, wherein receiving the first authentication information generated by the mobile unit comprises receiving the first authentication information in response to at least one of a registration message transmitted from the mobile unit to the femtocell or an origination message transmitted from the mobile unit to the femtocell.

9. A method involving a femtocell that operates according to code division multiple access (CDMA) standards, the femtocell is also configured to communicate with an Internet Protocol Multimedia Subsystem (IMS) network, comprising:
- receiving, from the femtocell and at a first secure entity in the IMS network, first authentication information generated by a mobile unit using a first random number broadcast by the femtocell in a global challenge;
  
  receiving, from a CDMA-based authentication server connected to the IMS network, at least one encryption key formed based on the global challenge;
  
  requesting, from the CDMA-based authentication server, second authentication information for uniquely challenging the mobile unit; and
  
  providing said at least one encryption key to the femtocell in response to authenticating the mobile unit based upon the second authentication information.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The method of claim 9, wherein receiving the first authentication information comprises receiving information indicating an electronic serial number uniquely identifying the first mobile unit, the first random number, and an authentication response computed by the mobile unit based on the first random number and a first key known by the mobile unit and not known by the femtocell.
  - 11. The method of claim 10, wherein requesting the second authentication information comprises requesting information indicating a second random number and an authentication response that is unique to the mobile unit, the CDMA-based authentication server determining the authentication response based on the electronic serial number uniquely identifying the first mobile unit.
  - 12. The method of claim 11, wherein authenticating the mobile unit comprises providing the second random number to the femtocell so that the femtocell can transmit a unique challenge including the second random number to the mobile unit.
  - 13. The method of claim 12, wherein authenticating the mobile unit comprises receiving, at the first secure entity and in response to providing the second random number, information indicating the second random number and an authentication response computed by the mobile unit based on the second random number.
  - 14. The method of claim 13, wherein authenticating the mobile unit comprises authenticating the mobile unit if the authentication response computed by the mobile unit based on the second random number corresponds to the authentication response received from the CDMA-based authentication server.
  - 15. The method of claim 9, wherein requesting at least one encryption key from the CDMA-based authentication server comprises requesting at least one of a SMEKEY or a Public Long Code Mask key.
  - 16. The method of claim 9, wherein receiving the first authentication information generated by the mobile unit comprises receiving the first authentication information in response to at least one of a registration message transmitted from the mobile unit to the femtocell or an origination message transmitted from the mobile unit to the femtocell.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Alcatel-Lucent SA (Nokia Corporation)
Original Assignee
Alcatel-Lucent SA (Nokia Corporation)
Inventors
Patel, Sarvar, Thompson, Robin J., MORGAN, TODD C.

Granted Patent

US 8,428,554 B2
Time in Patent Office

Days
Field of Search
US Class Current

455/411
CPC Class Codes

H04W 12/069 using certificates or pre-s...

H04W 84/045 using private Base Stations...

METHOD FOR AUTHENTICATING A MOBILE UNIT ATTACHED TO A FEMTOCELL THAT OPERATES ACCORDING TO CODE DIVISION MULTIPLE ACCESS

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

105 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD FOR AUTHENTICATING A MOBILE UNIT ATTACHED TO A FEMTOCELL THAT OPERATES ACCORDING TO CODE DIVISION MULTIPLE ACCESS

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

105 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links