System and method for authentication of a roaming subscriber
First Claim
Patent Images
1. A network system comprising:
- a first network control element configured to perform a first authentication of a subscriber requesting authentication;
a second network control element configured to perform a second authentication of the same subscriber; and
a communication device associated to a subscriber;
wherein the first network control element and the second network control element perform the first and second authentications independently from each other;
wherein a first predetermined number for the first authentication and a second predetermined number for the second authentication are transmitted to the communication device, and the communication device calculates a first result and a second result which are used for first and second authentication, respectively, and each authentication is performed by comparing the first and second results with a scheduled result, respectively; and
wherein the second network control element controls a home network of the subscriber and does not forward the scheduled result for the second authentication to the first network control element.
2 Assignments
0 Petitions
Accused Products
Abstract
A network system is proposed comprising a first network control element in a visited network, a second network control element in a home network and a communication device (UE) associated to a subscriber, wherein the first network control element is adapted to perform a first authentication (A9) of a roaming subscriber requesting authentication, and the second network control element is adapted to perform a second authentication (A11) of the same subscriber. By this measure, both network control elements are able to verify that the authentication was performed correctly. Also a corresponding method is proposed.
-
Citations
32 Claims
-
1. A network system comprising:
-
a first network control element configured to perform a first authentication of a subscriber requesting authentication; a second network control element configured to perform a second authentication of the same subscriber; and a communication device associated to a subscriber; wherein the first network control element and the second network control element perform the first and second authentications independently from each other; wherein a first predetermined number for the first authentication and a second predetermined number for the second authentication are transmitted to the communication device, and the communication device calculates a first result and a second result which are used for first and second authentication, respectively, and each authentication is performed by comparing the first and second results with a scheduled result, respectively; and wherein the second network control element controls a home network of the subscriber and does not forward the scheduled result for the second authentication to the first network control element. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A network system, comprising:
-
a first network control element configured to perform a first authentication of a subscriber requesting authentication; a second network control element configured to perform a second authentication of the same subscriber; and a communication device associated to the subscriber; wherein the first network control element and the second network control element perform the first and second authentications independently from each other; wherein the communication device is configured to calculate a result from a predetermined number and to establish an authentication code from a part or all of a message sent to the network containing the predetermined number, the first network control element uses the result for authentication, and the second network control element uses the authentication code for the second authentication; wherein the first authentication is performed by comparing the result received from the communication device with a scheduled result; and wherein the second network control element controls a home network of the subscriber and does not forward a key code for the second authentication to the first network control element. - View Dependent Claims (7, 8, 9, 10, 11)
-
-
12. A network system, comprising:
-
a first network control element configured to perform a first authentication of a subscriber requesting authentication; a second network control element configured to perform a second authentication of the same subscriber; and a communication device associated to subscriber; wherein the first network control element and the second network control element perform the first and second authentications independently from each other; wherein one predetermined number for the authentication is transmitted to the communication device, and the communication device calculates a result from the predetermined number, wherein a first part of the result is used for the first authentication by the first network control element and a second part of the result is used for the second authentication by the second network control element; wherein each authentication is performed by comparing a respective part of the first and second results with a scheduled result; and wherein the second network control element controls a home network of the subscriber and does not forward the scheduled result for the second authentication to the first network control element. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A method for performing authentication of a subscriber in a network system comprising a first network control element and a second network control element, the method including:
-
performing a first authentication of the subscriber by the first network control element; performing a second authentication of the same subscriber by the second network control element; transmitting a first predetermined number for the first authentication and a second predetermined number for the second authentication to a communication device; calculating a first result and a second result by the communication device; using the first result for the first authentication; using the second result for the second authentication, wherein each authentication is performed by comparing the first and second results with a scheduled result; and prohibiting the scheduled result for the second authentication from being forwarded to the first network control element; wherein the first authentication step and the second authentication step are performed independently from each other. - View Dependent Claims (18, 19, 20, 21, 22, 23)
-
-
24. A method for performing authentication of a subscriber in a network system comprising a first network control element and a second network control element, the method including:
-
performing a first authentication of the subscriber by the first network control element; performing a second authentication of the same subscriber by the second network control element, wherein the first authentication step and the second authentication step are performed independently from each other; calculating a result from a predetermined number in a communication device; establishing an authentication code from a part or all of the message sent to the network containing the predetermined number in the communication device; performing the first authentication by using the result; performing the second authentication by using the authentication code, wherein the first authentication value is performed by comparing the result received from the communication device with a scheduled result; and prohibiting the key code for the second authentication from being forwarded to the first network control element. - View Dependent Claims (25, 26, 27, 28, 29)
-
-
30. A method for performing authentication of a subscriber in a network system comprising a first network control element and a second network control element, the method including:
-
performing a first authentication of the subscriber by the first network control element; performing a second authentication of the same subscriber by the second network control element, wherein the first authentication step and the second authentication step are performed independently from each other; transmitting one predetermined number for the authentication to a communication device; calculating a result from the predetermined number in the communication device; using a first part of the result for the first authentication; using a second part of the result for the second authentication, wherein each authentication is performed by comparing a respective part of the first and second results with a scheduled result; and prohibiting the scheduled result for the second authentication from being forwarded to the first network control element. - View Dependent Claims (31, 32)
-
Specification