IDENTITY PRIVACY IN WIRELESS NETWORKS

US 20160262015A1
Filed: 07/24/2015
Published: 09/08/2016
Est. Priority Date: 03/05/2015
Status: Active Grant

First Claim

Patent Images

1. A method for network access by a user equipment (UE), comprising:

sending, from the UE, a privacy mobile subscriber identity (PMSI) in place of an international mobile subscriber identity (IMSI) to identify the UE with an initial attach message to a serving network;

receiving, from the serving network, an authentication request that includes a next PMSI determined by a server in communication with the serving network, the next PMSI being derived from the PMSI; and

sending, from the UE, an acknowledgment of receipt of the next PMSI to the server via the serving network.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and techniques are disclosed to protect a user equipment'"'"'s international mobile subscriber identity by providing a privacy mobile subscriber identity instead. In an attach attempt to a serving network, the UE provides the PMSI instead of IMSI, protecting the IMSI from exposure. The PMSI is determined between a home network server and the UE so that intermediate node elements in the serving network do not have knowledge of the relationship between the PMSI and the IMSI. Upon receipt of the PMSI in the attach request, the server generates a next PMSI to be used in a subsequent attach request and sends the next PMSI to the UE for confirmation. The UE confirms the next PMSI to synchronize between the UE and server and sends an acknowledgment token to the server. The UE and the server then each update local copies of the current and next PMSI values.

24 Citations

View as Search Results

49 Claims

1. A method for network access by a user equipment (UE), comprising:
- sending, from the UE, a privacy mobile subscriber identity (PMSI) in place of an international mobile subscriber identity (IMSI) to identify the UE with an initial attach message to a serving network;
  
  receiving, from the serving network, an authentication request that includes a next PMSI determined by a server in communication with the serving network, the next PMSI being derived from the PMSI; and
  
  sending, from the UE, an acknowledgment of receipt of the next PMSI to the server via the serving network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising:
    - determining, by the UE, the PMSI for network access based on an initial PMSI.
  - 3. The method of claim 2, further comprising:
    - receiving the initial PMSI during a subscriber registration of the UE with the server.
  - 4. The method of claim 2, further comprising:
    - provisioning the initial PMSI after a subscriber registration via an over-the-air communication with the server.
  - 5. The method of claim 4, further comprising:
    - generating, by the UE, a proposed PMSI;
      
      encrypting, by the UE, the generated PMSI using a server public key, wherein the server maintains a corresponding server private key; and
      
      receiving, at the UE, acknowledgement from the server to use the generated PMSI as the initial PMSI.
  - 6. The method of claim 1, further comprising:
    - determining a UE-based next PMSI; and
      
      comparing the UE-based next PMSI to the next PMSI received as part of the authentication request to determine if there is a match.
  - 7. The method of claim 6, further comprising:
    - generating an acknowledgement token in response to determining there is a match, the acknowledgement of receipt comprising the acknowledgement token; and
      
      storing the confirmed next PMSI at the UE for use in a next attach message.
  - 8. The method of claim 1, wherein the receiving the authentication request further comprises:
    - decrypting the next PMSI in the authentication request using an anonymity key, wherein the anonymity key is derived from a secret key shared between the UE and the server.

9. A user equipment comprising:
- a memory configured to store a privacy mobile subscriber identity (PMSI);
  
  a transceiver configured to;
  
  send the PMSI in place of an international mobile subscriber identity (IMSI) to identify the UE with an initial attach message to a serving network; and
  
  receive, from the serving network, an authentication request that includes a next PMSI determined by a server in communication with the serving network, the next PMSI being derived from the PMSI; and
  
  a processor configured to generate an acknowledgment of receipt, wherein the transceiver is further configured send the acknowledgement of receipt to the server via the serving network.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
- - 10. The user equipment of claim 9, wherein the processor is further configured to:
    - determine the PMSI for network access based on an initial PMSI stored in the memory.
  - 11. The user equipment of claim 10, wherein the user equipment receives the initial PMSI during a subscriber registration of the UE with the server.
  - 12. The user equipment of claim 10, wherein the user equipment is configured to provision the initial PMSI after a subscriber registration via an over-the-air communication with the server.
  - 13. The user equipment of claim 12, wherein:
    - the processor is further configured to generate a proposed initial PMSI and encrypt the generated PMSI using a server public key, wherein the server on the network maintains a corresponding server private key; and
      
      the transceiver is further configured to receive acknowledgement from the server to use the generated PMSI as the initial PMSI.
  - 14. The user equipment of claim 9, wherein the processor is further configured to:
    - determine a UE-based next PMSI and compare the UE-based next PMSI to the next PMSI received as part of the authentication request to determine if there is a match.
  - 15. The user equipment of claim 14, wherein the processor is further configured to:
    - generate an acknowledgement token in response to a determination that there is a match, the acknowledgement of receipt comprising the acknowledgement token.
  - 16. The user equipment of claim 14, wherein the memory is further configured to store the next PMSI for use in a next attach message.
  - 17. The user equipment of claim 9, wherein the processor is further configured to decrypt the next PMSI in the authentication request using an anonymity key, wherein the anonymity key is derived from a secret key shared between the UE and the server.

18. A method for setting up network access with a server on a network, comprising:
- receiving, from a user equipment (UE) via one or more network elements in an intervening serving network, a privacy mobile subscriber identity (PMSI) in place of an international mobile subscriber identity (IMSI) to identify the UE from an initial attach message;
  
  determining, by the server, a next PMSI based on the PMSI;
  
  transmitting, from the server, authentication information to the serving network that includes the next PMSI, wherein the next PMSI is relayed by the serving network to the UE as part of authentication; and
  
  receiving, from the UE via the serving network, an acknowledgement of receipt that includes confirmation of the next PMSI.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25)
- - 19. The method of claim 18, further comprising:
    - determining, by the server, the PMSI for network access based on an initial PMSI.
  - 20. The method of claim 19, further comprising:
    - receiving, at the server, the initial PMSI during a subscriber registration of the UE with the server.
  - 21. The method of claim 19, further comprising:
    - receiving, from the UE, a proposed initial PMSI;
      
      decrypting, by the server, the proposed initial PMSI using a server private key that was encrypted at the UE by a corresponding server public key; and
      
      transmitting, to the UE, an acknowledgement of the proposed initial PMSI as the initial PMSI.
  - 22. The method of claim 18, further comprising:
    - deriving an anonymity key from a secret key shared between the server and the UE;
      
      encrypting the next PMSI in the authentication information using the derived anonymity key;
      
      receiving, as part of the acknowledgment, an acknowledgement token acknowledging the next PMSI; and
      
      storing the next PMSI in place of the PMSI at the server for use in responding to a subsequent initial attach message from the UE.
  - 23. The method of claim 18, wherein the determining further comprises:
    - detecting a collision between the next PMSI and another existing PMSI associated with a different UE; and
      
      incrementing a PMSI index and determining a new next PMSI based on the next PMSI and the incremented PMSI index.
  - 24. The method of claim 18, further comprising:
    - receiving, from a mobility management entity (MME) on the serving network separate from a home network that the server is on, a request for the IMSI of the UE; and
      
      sending, in response to the request, the PMSI of the UE used in the initial attach message instead of the IMSI of the UE.
  - 25. The method of claim 18, further comprising:
    - searching one or more databases for a match to the PMSI included with the initial attach message; and
      
      sending, in response to not locating a match, a notice for the UE to modify a PMSI index maintained at the UE for generation of an updated PMSI at the UE.

26. A server comprising:
- a database configured to store a plurality of privacy mobile subscriber identities (PMSI) of user equipment (UE);
  
  a transceiver configured to receive, via one or more network elements in an intervening serving network from a UE, a privacy mobile subscriber identity (PMSI) in place of an international mobile subscriber identity (IMSI) to identify the UE from an initial attach message; and
  
  a processor configured to determine a next PMSI for the UE based on the PMSI;
  
  wherein the transceiver is further configured to transmit authentication information to the serving network that includes the next PMSI, wherein the next PMSI is relayed by the serving network to the UE as part of authentication, and receive an acknowledgement of receipt that includes confirmation of the next PMSI from the UE via the serving network.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33)
- - 27. The server of claim 26, wherein the processor is further configured to determine the PMSI for network access based on an initial PMSI.
  - 28. The server of claim 27, wherein the transceiver is further configured to receive the initial PMSI during a subscriber registration of the UE with the server.
  - 29. The server of claim 27, wherein:
    - the transceiver is further configured to receive, from the UE, a proposed initial PMSI;
      
      the processor is further configured to decrypt the proposed initial PMSI using a server private key that was encrypted at the UE by a corresponding server public key; and
      
      the transceiver is further configured to transmit, to the UE, an acknowledgement of the proposed initial PMSI as the initial PMSI.
  - 30. The server of claim 26, wherein:
    - the processor is further configured to derive an anonymity key from a secret key shared between the server and the UE and encrypt the next PMSI in the authentication information using the derived anonymity key;
      
      the transceiver is further configured to receive, as part of the acknowledgment, an acknowledgement token acknowledging the next PMSI; and
      
      the database is further configured to store the next PMSI in place of the PMSI for use in responding to a subsequent initial attach message from the UE.
  - 31. The server of claim 26, wherein the processor is further configured, as part of the determining, to:
    - detect a collision between the next PMSI and another existing PMSI associated with a different UE in the database; and
      
      increment a PMSI index and determine a new next PMSI based on the next PMSI and the incremented PMSI index.
  - 32. The server of claim 26, wherein the transceiver is further configured to:
    - receive, from a mobility management entity (MME) on the serving network separate from a home network that the server is on, a request for the IMSI of the UE; and
      
      send, in response to the request, the PMSI of the UE used in the initial attach message instead of the IMSI of the UE.
  - 33. The server of claim 26, wherein:
    - the processor is further configured to search the database for a match to the PMSI included with the initial attach message; and
      
      the transceiver is further configured to send, in response to not locating a match, a notice for the UE to modify a PMSI index maintained at the UE for generation of an updated PMSI at the UE.

34. A computer-readable medium having program code recorded thereon, the program code comprising:
- code for causing a user equipment (UE) to send a privacy mobile subscriber identity (PMSI) in place of an international mobile subscriber identity (IMSI) to identify the UE with an initial attach message to a serving network;
  
  code for causing the UE to receive, from the serving network, an authentication request that includes a next PMSI determined by a server in communication with the serving network, the next PMSI being derived from the PMSI; and
  
  code for causing the UE to send an acknowledgment of receipt of the next PMSI to the server via the serving network.
- View Dependent Claims (35, 36, 37, 38, 39, 40, 41)
- - 35. The computer-readable medium of claim 34, further comprising:
    - code for causing the UE to determine the PMSI for network access based on an initial PMSI.
  - 36. The computer-readable medium of claim 35, further comprising:
    - code for causing the UE to receive the initial PMSI during a subscriber registration of the UE with the server.
  - 37. The computer-readable medium of claim 35, further comprising:
    - code for causing the UE provision the initial PMSI after a subscriber registration via an over-the-air communication with the server.
  - 38. The computer-readable medium of claim 37, further comprising:
    - code for causing the UE to generate a proposed PMSI;
      
      code for causing the UE to encrypt the generated PMSI using a server public key, wherein the server maintains a corresponding server private key; and
      
      code for causing the UE to receive acknowledgement from the server to use the generated PMSI as the initial PMSI.
  - 39. The computer-readable medium of claim 34, further comprising:
    - code for causing the UE to determine a UE-based next PMSI; and
      
      code for causing the UE to compare the UE-based next PMSI to the next PMSI received as part of the authentication request to determine if there is a match.
  - 40. The computer-readable medium of claim 39, further comprising:
    - code for causing the UE to generate an acknowledgement token in response to determining there is a match, the acknowledgement of receipt comprising the acknowledgement token; and
      
      code for causing the UE to store the confirmed next PMSI at the UE for use in a next attach message.
  - 41. The computer-readable medium of claim 34, further comprising:
    - code for causing the UE to decrypt the next PMSI in the authentication request using an anonymity key, wherein the anonymity key is derived from a secret key shared between the UE and the server.

42. A computer-readable medium having program code recorded thereon, the program code comprising:
- code for causing a server to receive, from a user equipment (UE) via one or more network elements in an intervening serving network, a privacy mobile subscriber identity (PMSI) in place of an international mobile subscriber identity (IMSI) to identify the UE from an initial attach message;
  
  code for causing the server to determine a next PMSI based on the PMSI;
  
  code for causing the server to transmit authentication information to the serving network that includes the next PMSI, wherein the next PMSI is relayed by the serving network to the UE as part of authentication; and
  
  code for causing the server to receive, from the UE via the serving network, an acknowledgement of receipt that includes confirmation of the next PMSI.
- View Dependent Claims (43, 44, 45, 46, 47, 48, 49)
- - 43. The computer-readable medium of claim 42, further comprising:
    - code for causing the server to determine the PMSI for network access based on an initial PMSI.
  - 44. The computer-readable medium of claim 43, further comprising:
    - code for causing the server to receive the initial PMSI during a subscriber registration of the UE with the server.
  - 45. The computer-readable medium of claim 43, further comprising:
    - code for causing the server to receive, from the UE, a proposed initial PMSI;
      
      code for causing the server to decrypt the proposed initial PMSI using a server private key that was encrypted at the UE by a corresponding server public key; and
      
      code for causing the server to transmit, to the UE, an acknowledgement of the proposed initial PMSI as the initial PMSI.
  - 46. The computer-readable medium of claim 42, further comprising:
    - code for causing the server to derive an anonymity key from a secret key shared between the server and the UE;
      
      code for causing the server to encrypt the next PMSI in the authentication information using the derived anonymity key;
      
      code for causing the server to receive, as part of the acknowledgment, an acknowledgement token acknowledging the next PMSI; and
      
      code for causing the server to store the next PMSI in place of the PMSI at the server for use in responding to a subsequent initial attach message from the UE.
  - 47. The computer-readable medium of claim 42, wherein the calculating further comprises:
    - code for causing the server to detect a collision between the next PMSI and another existing PMSI associated with a different UE; and
      
      code for causing the server to increment a PMSI index and determine a new next PMSI based on the next PMSI and the incremented PMSI index.
  - 48. The computer-readable medium of claim 42, further comprising:
    - code for causing the server to receive, from a mobility management entity (MME) on the serving network separate from a home network that the server is on, a request for the IMSI of the UE; and
      
      code for causing the server to send, in response to the request, the PMSI of the UE used in the initial attach message instead of the IMSI of the UE.
  - 49. The computer-readable medium of claim 42, further comprising:
    - code for causing the server to search one or more databases for a match to the PMSI included with the initial attach message; and
      
      code for causing the server to send, in response to not locating a match, a notice for the UE to modify a PMSI index maintained at the UE for generation of an updated PMSI at the UE.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Qualcomm, Inc.
Original Assignee
Qualcomm, Inc.
Inventors
Lee, Soo Bum, Palanigounder, Anand, Escott, Adrian Edward, Horn, Gavin Bernard

Granted Patent

US 10,237,729 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 2101/654   International mobile subscr...

H04W 12/02   Protecting privacy or anony...

H04W 12/033   of the user plane, e.g. use...

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

H04W 12/72   Subscriber identity

H04W 8/04   Registration at HLR or HSS ...

H04W 8/183   Processing at user equipmen...

IDENTITY PRIVACY IN WIRELESS NETWORKS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

24 Citations

49 Claims

Specification

Solutions

Use Cases

Quick Links

IDENTITY PRIVACY IN WIRELESS NETWORKS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

24 Citations

49 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links