Faster authentication with parallel message processing

US 7,458,095 B2
Filed: 11/18/2003
Issued: 11/25/2008
Est. Priority Date: 11/18/2002
Status: Expired due to Fees

First Claim

Patent Images

1. In a communication system comprising at least one network, including network entities which provide connectivity to user equipment, a method of connecting the user equipment to the at least one network comprising:

establishing a secure tunnel which provides connection between the user equipment and one of the network entities; and

authenticating the user equipment with another of the network entities, whereinthe authenticating of the user equipment with the another of the network entities occurs at least partially simultaneously with a phase of the establishing of the secure tunnel, wherein the phase is determined based on a protocol or authentication method,wherein establishing the secure tunnel begins before authenticating the user and wherein during a time between a beginning of establishing the secure tunnel with one of the network entities and a beginning of authenticating the user equipment with another of the network entities, the at least one network communicates with the user equipment to confirm that the request from the user equipment to establish a secure tunnel is not part of a denial of service attack, and whereincommunication during the time includes at least one of a request for an identification of the user equipment and a request for capability of the user equipment to support at least one data protocol.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention is a method of connecting user equipment to at least one network, a communication system, and a user equipment. In a communication system comprising at least one network, including network entities which provide connectivity to user equipment, a method of connecting the user equipment to the at least one network in accordance with the invention includes establishing a secure tunnel which provides connection between the user equipment and one of the network entities; and authenticating the user equipment with another of the network entities; and wherein the authenticating of the user equipment with the another of the network entities occurs at least partially simultaneously with the establishing of the secure tunnel.

65 Citations

View as Search Results

18 Claims

1. In a communication system comprising at least one network, including network entities which provide connectivity to user equipment, a method of connecting the user equipment to the at least one network comprising:
- establishing a secure tunnel which provides connection between the user equipment and one of the network entities; and
  
  authenticating the user equipment with another of the network entities, whereinthe authenticating of the user equipment with the another of the network entities occurs at least partially simultaneously with a phase of the establishing of the secure tunnel, wherein the phase is determined based on a protocol or authentication method,wherein establishing the secure tunnel begins before authenticating the user and wherein during a time between a beginning of establishing the secure tunnel with one of the network entities and a beginning of authenticating the user equipment with another of the network entities, the at least one network communicates with the user equipment to confirm that the request from the user equipment to establish a secure tunnel is not part of a denial of service attack, and whereincommunication during the time includes at least one of a request for an identification of the user equipment and a request for capability of the user equipment to support at least one data protocol.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A method in accordance with claim 1 wherein:
    - the one network entity comprises a server and the another network entity comprises a server.
  - 3. A method in accordance with claim 1 comprising:
    - an access network which provides connection of the user equipment to the network, the secure tunnel is established between the user equipment and the access network and the one network entity is part of the access network.
  - 4. A method in accordance with claim 1 wherein:
    - the user equipment is wirelessly connected to the at least one network.
  - 5. A method in accordance with claim 3 wherein:
    - the access network communicates with the user equipment to confirm that the request from the user equipment to establish a secure tunnel is not part of a denial of service attack.
  - 6. A method in accordance with claim 5 wherein:
    - communication during the time includes at least one of a request for an identification of the user equipment and a request for capability of the user equipment to support at least one data protocol.
  - 7. A method in accordance with claim 1 wherein:
    - the at least one network comprises a home network.
  - 8. A method in accordance with claim 1 wherein:
    - the at least one network comprises a visited network.

9. A communication system comprising at least one network including network entities which provide connectivity to user equipment and wherein:
- a secure tunnel is established which provides connection between the user equipment and one of the network entities, the user equipment is authenticated with another of the network entities, and the authenticating of the user equipment with the another of the network entities occurs at least partially simultaneously with a phase of the establishing of the secure tunnel,wherein the phase is determined based on protocol or authentication method,wherein the establishing the secure tunnel begins before authenticating the user equipment with the network and wherein during a time between a beginning of establishing the secure tunnel with one of the network entities and a beginning of authenticating the user equipment with another of the network entities, the at least one network communicates with the user equipment to confirm that the request from the user equipment to establish a secure tunnel is not part of a denial of service attack, andwherein communication during the time includes at least one of a request for an identification of the user equipment and a request for capability of the user equipment to support at least one data protocol.
- View Dependent Claims (10, 11, 12, 13)
- - 10. A system in accordance with claim 9 wherein:
    - the one network entity comprises a server and the another network entity comprises a server.
  - 11. A system in accordance with claim 9 comprising:
    - an access network which provides connection of the user equipment to the network, the secure tunnel is established between the user equipment and the access network and the one network entity is part of the access network.
  - 12. A system in accordance with claim 9 wherein:
    - the user equipment is wirelessly connected to the at least one network.
  - 13. A system in accordance with claim 9 wherein:
    - the access network communicates with the user equipment to confirm that the request from the user equipment to establish a secure tunnel is not part of a denial of service attack.

14. A user equipment in a communication system comprising at least one network, including network entities which provide connectivity to the user equipment and wherein:
- a secure tunnel is established which provides connection between the user equipment and one of the network entities, the user equipment is authenticated with another of the network entities, and the authenticating of the user equipment with the another of the network entities occurs at least partially simultaneously with a phase of the establishing of the secure tunnel, wherein the phase is determined based on a protocol or authentication method,wherein the establishing the secure tunnel begins before the authenticating the user equipment with the network and wherein during a time between a beginning of establishing the secure tunnel with one of the network entities and a beginning of authenticating the user equipment with another of the network entities, the at least one network communicates with the user equipment to confirm that the request from the user equipment to establish a secure tunnel is not part of a denial of service attack, andwherein communication during the time includes at least one of a request for an identification of the user equipment and a request for capability of the user equipment to support at least one data protocol.
- View Dependent Claims (15, 16, 17, 18)
- - 15. A user equipment in accordance with claim 14 wherein:
    - the one network entity comprises a server and the another network entity comprises a server.
  - 16. A user equipment in accordance with claim 14 comprising:
    - an access network which provides connection of the user equipment to the network, the secure tunnel is established between the user equipment and the access network and the one network entity is part of the access network.
  - 17. A user equipment in accordance with claim 14 wherein:
    - the user equipment is wirelessly connected to the at least one network.
  - 18. A user equipment in accordance with claim 14 wherein:
    - the access network communicates with the user equipment to confirm that the request from the user equipment to establish a secure tunnel is not part of a denial of service attack.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Piece Future Pte., Ltd.
Original Assignee
Nokia Solutions and Networks US LLC (Nokia Corporation)
Inventors
Forsberg, Dan
Primary Examiner(s)
Lanier; Benjamin E.
Assistant Examiner(s)
Nobahar; Abdulhakim

Application Number

US10/714,638
Publication Number

US 20040148504A1
Time in Patent Office

1,834 Days
Field of Search

713/168, 713/169, 713/178, 713/201, 713/202, 380/248, 380/247, 726/3, 726/4, 726/22, 726/23, 726/26, 726/27, 709/223, 709/224, 709/229
US Class Current

726/3
CPC Class Codes

H04L 63/0823   using certificates cryptogr...

H04L 63/0892   by using authentication-aut...

H04L 63/1458   Denial of Service

H04L 63/162   at the data link layer

Faster authentication with parallel message processing

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

65 Citations

18 Claims

Specification

Use Cases

Quick Links

Others

Faster authentication with parallel message processing

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

65 Citations

18 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others