Method, system and apparatus for providing security in an unlicensed mobile access network or a generic access network
First Claim
1. A method for providing security in an unlicensed mobile access network, the method comprising the steps of:
- receiving a message containing a mobile identity of a mobile station at a secure gateway in the unlicensed mobile access network;
the secure gateway holding the received message until a success message is received from an unlicensed network controller, associated with the unlicensed mobile access network, the success message indicating successful receipt and storage of the mobile identity information; and
the secure gateway dropping or rejecting the message whenever the received mobile identity does not match a stored mobile identity associated with the mobile station, wherein dropping the received message further comprises;
deregistering the mobile stationblacklisting an Internet Protocol (IP) address associated with the mobile station for a period of time;
notifying a system operator of the dropped message and deregistration of the mobile station;
orlogging information about the dropped message and deregistration of the mobile station.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention provides a method, system and apparatus for providing security in an unlicensed mobile access network or a generic access network by receiving a message containing a mobile identity of a mobile station (MS) and dropping or rejecting the message whenever the received mobile identity does not match a stored mobile identity associated with the MS. The message is processed whenever the received mobile identity matches the stored mobile identity associated with the MS. The stored mobile identity is provided by a secure gateway. The mobile identity can be an International Mobile Subscriber Identity, Temporary Mobile Subscriber Identity, Packet Temporary Mobile Subscriber Identity, private Internet Protocol (IP) address or public IP address. The message can be a registration request, uplink message or a downlink message, such as a Mobility Management message, a General Packet Radio Service Mobility Management message, or a UMA or Unlicensed Radio Resources message.
36 Citations
16 Claims
-
1. A method for providing security in an unlicensed mobile access network, the method comprising the steps of:
-
receiving a message containing a mobile identity of a mobile station at a secure gateway in the unlicensed mobile access network; the secure gateway holding the received message until a success message is received from an unlicensed network controller, associated with the unlicensed mobile access network, the success message indicating successful receipt and storage of the mobile identity information; and the secure gateway dropping or rejecting the message whenever the received mobile identity does not match a stored mobile identity associated with the mobile station, wherein dropping the received message further comprises; deregistering the mobile station blacklisting an Internet Protocol (IP) address associated with the mobile station for a period of time; notifying a system operator of the dropped message and deregistration of the mobile station;
orlogging information about the dropped message and deregistration of the mobile station. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An apparatus in an unlicensed mobile access network, the apparatus comprising:
-
an unlicensed network controller; a data storage device that stores associations of mobile identities to mobile stations; a secure gateway for receiving a message containing a mobile identity of a mobile station, wherein the secure gateway includes means for holding the registration request until a success message is received from the network controller indicating successful receipt and storage of the mobility identity information; and a processor communicably coupled to the data storage device that receives the mobile identity of a mobile station and drops or rejects the message whenever the received mobile identity does not match a stored mobile identity associated with the mobile station, wherein the dropping or rejecting the message further comprises; deregistering the mobile station; blacklisting an Internet Protocol (IP) address associated with the mobile station for a period of time; notifying a system operator of the dropped message and deregistration of the mobile station;
orlogging information about the dropped message and deregistration of the mobile station.
-
-
13. A system in an unlicensed mobile access network, the system comprising:
-
a mobile station; a secure gateway communicably coupled to the mobile station that receives a message containing mobile identity information from the mobile station and holds the message until a success message is received from an unlicensed controller indicating successful receipt and storage of the mobile identity information wherein the secure gateway sends the mobile identity information to an unlicensed network controller; and the network controller being communicably coupled to the mobile station and the secure gateway, wherein the network controller stores the received mobile identity information and registers the mobile station whenever the mobile identity information within a registration request received from the mobile station matches the stored mobile identity information, wherein the network controller drops a message received from the mobile station whenever the message contains a mobile identity that does not match the stored mobile identity information. - View Dependent Claims (14, 15, 16)
-
Specification