Method, and associated apparatus, for selectively permitting access by a mobile terminal to a packet data network
First Claim
1. In a communication system having a wireless network and a packet data network coupled thereto, the packet data network including a host site and permitting selective access thereto, the wireless network permitting radio communications with a mobile terminal, an improvement of an assembly for selectively permitting access by the mobile terminal to the packet data network, thereby to permit communications between the mobile terminal and the host site, said assembly comprising:
- a processing device releasably coupled to, and carried by, the mobile terminal, said processing device having a password-generation algorithm executable thereon, said processing device for generating a password when the password-generation algorithm is executed; and
an authentication server coupled to the packet data network and forming a portion thereof, said authentication server for receiving the password generated responsive to execution of the password-generation algorithm, said authentication server for authenticating the mobile terminal responsive to values of the password generated by said processing device and received at said authentication server, the mobile terminal permitted to communicate with the host site when the password is authenticated by said authentication server.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, and associated apparatus, improves the authentication security of authentication procedures performed by a wireless host when requesting access to communicate with a host site of a private network. A password is generated by the execution of an application at a processing device of a SIM (subscriber identity module) defined in the GSM Phase 2+ system. When generated thereat, improved authentication security results as computations need not be performed at a wireless host or other separate physical entity.
193 Citations
22 Claims
-
1. In a communication system having a wireless network and a packet data network coupled thereto, the packet data network including a host site and permitting selective access thereto, the wireless network permitting radio communications with a mobile terminal, an improvement of an assembly for selectively permitting access by the mobile terminal to the packet data network, thereby to permit communications between the mobile terminal and the host site, said assembly comprising:
-
a processing device releasably coupled to, and carried by, the mobile terminal, said processing device having a password-generation algorithm executable thereon, said processing device for generating a password when the password-generation algorithm is executed; and
an authentication server coupled to the packet data network and forming a portion thereof, said authentication server for receiving the password generated responsive to execution of the password-generation algorithm, said authentication server for authenticating the mobile terminal responsive to values of the password generated by said processing device and received at said authentication server, the mobile terminal permitted to communicate with the host site when the password is authenticated by said authentication server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method for selectively permitting access by a mobile terminal to a host site of a packet data network, the packet data network coupled to a wireless network, the wireless network permitting radio communications with the mobile terminal, said method comprising the steps of:
-
generating automatically a password at a processing device releasably coupled to the mobile terminal;
providing the password generated in said step of generating to the mobile terminal;
forwarding the password provided to the mobile terminal to an authentication server;
authenticating the mobile terminal responsive to values of the mobile terminal forwarded thereto; and
permitting the mobile terminal to communicate with the host site if the password is authenticated during said step of authenticating.
-
-
18. A method for selectively permitting access by a mobile terminal to a host site of a packet data network, the packet data network coupled to a wireless network, the wireless network permitting radio communications with the mobile terminal, said method comprising the steps of:
-
generating a password at a processing device releasably coupled to the mobile terminal;
providing the password generated in said step of generating to the mobile terminal;
forwarding the password provided to the mobile terminal to an authentication server;
authenticating the mobile terminal responsive to values of the mobile terminal forwarded thereto;
permitting the mobile terminal to communicate with the host site if the password is authenticated during said step of authenticating; and
wherein the wireless network comprises a GSM (general system for mobile communications) network, wherein the mobile terminal includes a SIM (subscriber identity module) card and wherein the processing device at which the password is generated is positioned at the SIM card.
-
-
19. A method for selectively permitting access by a mobile terminal to a host site of a packet data network, the packet data network coupled to a wireless network, the wireless network permitting radio communications with the mobile terminal, said method comprising the steps of:
-
generating automatically a password at a processing device releasably coupled to the mobile terminal;
providing the password generated in said step of generating to the mobile terminal;
forwarding the password provided to the mobile terminal to an authentication server;
authenticating the mobile terminal responsive to values of the mobile terminal forwarded thereto;
permitting the mobile terminal to communicate with the host site if the password is authenticated during said step of authenticating; and
wherein the wireless network further includes an SMS (short message service) center and provides for the communication of SMS messages with the mobile terminal and wherein said method comprises the additional step of requesting by the authentication server with an SMS message for said forwarding of the password thereto.
-
-
20. A method for selectively permitting access by a mobile terminal to a host site of a packet data network, the packet data network coupled to a wireless network, the wireless network permitting radio communications with the mobile terminal, said method comprising the steps of:
-
forming first internally-generated values at an authentication server;
forwarding the first internally-generated values to the mobile terminal;
storing the first internally-generated values at a storage location associated with a processing device removably connected to the mobile terminal, the first internally-generated values forming a password;
retrieving the password stored at the storage location during said step of storing when the mobile terminal initiates communications with the host device;
providing the password retrieved during said step of retrieving to the authentication server;
authenticating the mobile terminal responsive to values of the password provided to the authentication-server; and
permitting the communications between the mobile terminal and the host site if the mobile terminal is authenticated during said step of authenticating.
-
-
21. A method for selectively permitting access by a wireless communication station that includes a wireless host and a mobile terminal to a host site of a packet data network, the packet data network coupled to a wireless network, the wireless network permitting radio communications with the wireless communication station via the mobile terminal, said method comprising the steps of:
-
generating electronically a password at a processing device releasably coupled to the mobile terminal;
providing the password from the processing device to the mobile terminal;
providing the password from the mobile terminal to the wireless host;
requesting the password from the wireless communications station by an authentication server via a first wireline link;
forwarding the password from the wireless host to the authentication server via the first wireline link or a second wireline link;
authenticating the wireless communication station responsive to at least one value of the password forwarded to the authentication server; and
permitting the wireless communication station to communicate with the host site if the password is authenticated during said step of authenticating.
-
-
22. A method for selectively permitting access by a wireless communication station that includes a wireless host and a mobile terminal to a host site of a packet data network, the packet data network coupled to a wireless network, the wireless network permitting radio communications with the wireless communication station via the mobile terminal, said method comprising the steps of:
-
requesting a password from the wireless communication station by an authentication server via a wireless link;
generating electronically the password at a processing device releasably coupled to the mobile terminal;
providing the password from the processing device to the mobile terminal;
providing the password from the mobile terminal to the wireless host;
forwarding the password from the wireless host to the authentication server via a wireline link;
authenticating the wireless communication station responsive to at least one value of the password forwarded to the authentication server; and
permitting the wireless communication station to communicate with the host site if the password is authenticated during said step of authenticating.
-
Specification