Authentication method for enabling a user of a mobile station to access to private data or services
DCFirst Claim
1. Method for accessing private data or services from a mobile station over a public network including the step of authenticating a user of the mobile station for accessing to private data/services, comprising the steps of:
- composing a text-based request message on the mobile station using a standard public text messaging protocol, said message including a request for private data, and sending said request message to a private server (MG, PS) offering the access to said private data/services, via the telephone network,checking the authenticity of the user of the mobile station based on the request message received by the server,if the authenticity of the user of the mobile station is confirmed, composing a text-based response message using a standard public text messaging protocol, the response message including the requested private data/services of the private server, and sending back to the mobile station said text-based response message, via the telephone network,wherein the request message additionally includes a user unique identifier, and is received by the private server with an appended user mobile station number,wherein the authenticity checking performed by the private server comprises the steps of;
checking whether the user unique identifier is stored in a private directory database, andchecking whether the appended user mobile station number matches with the user mobile station number allocated to the user unique identifier stored in the private directory database;
and wherein, if the user authenticity is confirmed, an interaction between the private server and the mobile station is limited to the exchange of the text-based request message and the text-based response; and
repeating the recited steps for any further interaction between the private server and the mobile station.
2 Assignments
Litigations
1 Petition
Accused Products
Abstract
A method for accessing private data/services from a mobile station over a public network is described including: composing a text-based request message on the mobile station, sending the request message to a private server offering access to private data/services, and checking the authenticity of the user based on the request message received by the server. If user authenticity is confirmed, a text-based response message is composed and sent to the mobile station. The request message includes a user-unique identifier received by the private server with an appended user mobile station number. Authenticity checking (by the private server) includes checking whether (1) the user-unique identifier is stored in a private directory database, and (2) the appended user mobile station number matches the number allocated to the user-unique identifier stored in the private directory database. The interaction is limited to the exchange of pairs of text-based request message(s) and response(s).
-
Citations
11 Claims
-
1. Method for accessing private data or services from a mobile station over a public network including the step of authenticating a user of the mobile station for accessing to private data/services, comprising the steps of:
-
composing a text-based request message on the mobile station using a standard public text messaging protocol, said message including a request for private data, and sending said request message to a private server (MG, PS) offering the access to said private data/services, via the telephone network, checking the authenticity of the user of the mobile station based on the request message received by the server, if the authenticity of the user of the mobile station is confirmed, composing a text-based response message using a standard public text messaging protocol, the response message including the requested private data/services of the private server, and sending back to the mobile station said text-based response message, via the telephone network, wherein the request message additionally includes a user unique identifier, and is received by the private server with an appended user mobile station number, wherein the authenticity checking performed by the private server comprises the steps of; checking whether the user unique identifier is stored in a private directory database, and checking whether the appended user mobile station number matches with the user mobile station number allocated to the user unique identifier stored in the private directory database; and wherein, if the user authenticity is confirmed, an interaction between the private server and the mobile station is limited to the exchange of the text-based request message and the text-based response; and
repeating the recited steps for any further interaction between the private server and the mobile station.
-
-
2. The method of claim 1, wherein the user unique identifier is a data related to the user of the mobile station, said data being stored in the private directory database.
-
3. The method of claim 2, wherein said data related to the user of the mobile station is the lightweight directory access protocol alias of the user.
-
4. The method according to claim 1, wherein the request message is a text message based on a Short Message System (SMS).
-
5. The method according to claim 1, wherein the request message is a Multimedia Message System (MMS) based message.
-
6. The method according claim 1, wherein the response message is a text message of the SMS based on a Short Message System (SMS).
-
7. The method according to claim 1, wherein the response message is a Multimedia Message System (MMS) based message.
-
8. The method according to claim 1, wherein the request message and the response message are ciphered.
-
9. The method according to claim 1, wherein the requested data are stored in a private directory database.
-
10. The method according to claim 1, wherein between public network and private network a gateway is installed, adapted to send and receive text-based messages and identifying the user mobile station number.
-
11. The method according to claim 1, wherein the request message includes a remote control command for equipment connected to the private network.
Specification