Method of Authenticating Home Operator for Over-the-Air Provisioning of a Wireless Device
First Claim
1. A method implemented by a registration server of providing authentication data to a wireless device for over-the-air provisioning of the wireless device, said method comprising:
- receiving a registration request including a temporary device identifier for the wireless device from a home network;
associating home network data for the home network with the temporary device identifier and storing the home network data;
sending the home network first authentication data associated with the temporary device identifier for authenticating the home network to the wireless device during device activation;
receiving a connection request including the temporary device identifier from the wireless device; and
sending the wireless device the stored home network data associated with the temporary device identifier.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus is provided for authentication between a home network and a wireless device during device activation using a registration server as a trusted agent. The wireless device owner subscribes to the services of the home network and the home network registers as the service provider with the registration server. When the home network registers with the registration server, the registration server provides authentication data to the home network to use for authentication with the wireless device. Because the wireless device has no prior knowledge of the home network, the wireless device connects to the registration server to obtain contact information for the home network. The registration server provides home network data to the wireless device. In some embodiments, the registration server may also provide second authentication data to the wireless device for authenticating the home network. When the wireless device subsequently connects to the home network to download permanent security credentials, the home network uses the information provided by the registration server to authenticate itself to the wireless device. The authentication procedure prevents a third party from fraudulently obtaining confidential information from the home network or the wireless device.
85 Citations
44 Claims
-
1. A method implemented by a registration server of providing authentication data to a wireless device for over-the-air provisioning of the wireless device, said method comprising:
-
receiving a registration request including a temporary device identifier for the wireless device from a home network; associating home network data for the home network with the temporary device identifier and storing the home network data; sending the home network first authentication data associated with the temporary device identifier for authenticating the home network to the wireless device during device activation; receiving a connection request including the temporary device identifier from the wireless device; and sending the wireless device the stored home network data associated with the temporary device identifier. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A registration server for providing authentication data to a wireless device for over-the-air provisioning of the wireless device, said registration server comprising:
-
a communication interface for communicating over a communication network with a wireless device and a home network for the wireless device; memory for storing registration information for said wireless device; and a registration processor connected to the communication interface and the memory, said registration processor being configured to; receive a registration request including a temporary device identifier for the wireless device from a home network; associate home network data for the home network with the temporary device identifier and store the home network data in memory; send the home network first authentication data associated with the temporary device identifier for authenticating the home network to the wireless device during device activation; receive a connection request including the temporary device identifier from the wireless device; and send the wireless device the stored home network data associated with the temporary device identifier. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method implemented by a home network for activating a wireless device subscribing to the services of the home network, said method comprising:
-
subscribing the wireless device to services of the home network and receiving a temporary device identifier from the wireless device user during a subscription process; sending a registration request including the temporary device identifier for the wireless device to a registration server to register as the service provider for the wireless device; receiving authentication data associated with the temporary device identifier from the registration server; receiving an activation request including the temporary device identifier from the wireless device; authenticating the home network to the wireless device using the authentication data provided by the registration server; and sending permanent security credentials to the wireless device to activate the wireless device. - View Dependent Claims (22, 23, 24, 25, 26)
-
-
27. A subscription system in a home network for provisioning a wireless device with permanent security credentials, said subscription system comprising:
-
a communication interface for communicating over a communication network with a wireless device and a registration server; and a subscription processor connected to the communication interface and configured to; subscribe the wireless device to services of the home network during a subscription process; receive a temporary device identifier from the wireless device during the subscription process; send a registration request including the temporary device identifier for the wireless device to the registration server to register a subscription for the wireless device with the registration server; receive authentication data associated with the temporary device identifier from the registration server; receive an activation request including the temporary device identifier from the wireless device; authenticate the home network to the wireless device using the authentication data provided by the registration server; and send permanent credentials to the wireless device to activate the home device. - View Dependent Claims (28, 29, 30, 31, 32)
-
-
33. A method implemented by a wireless device for activating the wireless device to receive services from a selected home network, said method comprising:
-
sending a connection request including a temporary device identifier to a registration server; receiving home network data identifying the home network from the registration server responsive to the connection request; connecting to the home network; receiving from the home network an authentication message generated using first authentication data provided to the home network by the registration server; authenticating the home network based on first authentication data; and downloading permanent subscription credentials from the home network. - View Dependent Claims (34, 35, 36, 37, 38)
-
-
39. A wireless device comprising:
-
a communication circuit for communicating with a home network and a registration server over a wireless communication network; and a control processor connected to the communication circuit configured to; send a connection request including a temporary device identifier to the registration server; receive home network data identifying the home network from the registration server; receive from the home network an authentication message generated using first authentication data provided to the home network by the registration server; authenticate the home network based on the first authentication data; and download permanent subscription credentials from the home network. - View Dependent Claims (40, 41, 42, 43, 44)
-
Specification