Optimizing device authentication by discovering internet protocol version authorizations

US 8,151,325 B1
Filed: 01/29/2009
Issued: 04/03/2012
Est. Priority Date: 01/29/2009
Status: Active Grant

First Claim

Patent Images

1. One or more non-transitory computer-readable media having computer-useable instructions embodied thereon for performing a method for enabling a mobile device to establish an Internet protocol (IP) data session through a telecommunications network, the method comprising:

receiving a request from the mobile device to establish the IP data session through the telecommunications network;

prior to authenticating the mobile device, determining an IP version by which the mobile device is authorized to communicate data, wherein the determining includes,receiving a request to authenticate the mobile device, and inspecting authorization information in a customer-profile database to determine whether the mobile device is authorized to communicate data via IPv4, IPv6, or both;

communicating the authorization information to an authentication component that authenticates the mobile device based on whether the mobile device is authorized to communicate the data via IPv4, IPv6, or both;

establishing a connection with a packet-routing component that allows for an establishment of the IP data session, wherein the packet routing component has been sent and has cached the authorization information for use during session logic processing to disallow the respective IP version by which the mobile device is not authorized to communicate data though the telecommunications network; and

receiving the data from the mobile device, which the data is passed through the telecommunications network via IPv4, IPv6, or both, depending on the authorization information.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and computer-readable media are provided to enable an Internet protocol (IP) data session to be established between a mobile device and a telecommunications network. To establish an IP data session, it may be determined, prior to authenticating the device, whether the device is authorized to communicate via IPv4, IPv6, or both. A mobile device may be capable of communicating via both IPv4 and IPv6, such as a dual-stack device, but the device may only be authorized for either IPv4 or IPv6. A request to establish the IP data session may first be received from a mobile device, and an IP version with which the mobile device is authorized to communicate may then be determined by querying a customer-profile database. This authorization information may be communicated to an authentication component that authenticates the devices, and subsequently, an IP data session is initiated.

14 Citations

View as Search Results

20 Claims

1. One or more non-transitory computer-readable media having computer-useable instructions embodied thereon for performing a method for enabling a mobile device to establish an Internet protocol (IP) data session through a telecommunications network, the method comprising:
- receiving a request from the mobile device to establish the IP data session through the telecommunications network;
  
  prior to authenticating the mobile device, determining an IP version by which the mobile device is authorized to communicate data, wherein the determining includes,receiving a request to authenticate the mobile device, and inspecting authorization information in a customer-profile database to determine whether the mobile device is authorized to communicate data via IPv4, IPv6, or both;
  
  communicating the authorization information to an authentication component that authenticates the mobile device based on whether the mobile device is authorized to communicate the data via IPv4, IPv6, or both;
  
  establishing a connection with a packet-routing component that allows for an establishment of the IP data session, wherein the packet routing component has been sent and has cached the authorization information for use during session logic processing to disallow the respective IP version by which the mobile device is not authorized to communicate data though the telecommunications network; and
  
  receiving the data from the mobile device, which the data is passed through the telecommunications network via IPv4, IPv6, or both, depending on the authorization information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The media of claim 1, wherein the request to authenticate the device is received from a radio network controller (RNC) in the form of an access-request.
  - 3. The media of claim 2, wherein the access-request additionally includes a request for whether the device is authorized for IPv4, IPv6, or both.
  - 4. The media of claim 2, wherein the access-request additionally includes an electronic serial number (ESN) that uniquely identifies the device.
  - 5. The media of claim 1, wherein the authorization information further includes whether a user of the device has valid credentials.
  - 6. The media of claim 1, wherein the authorization information further includes whether the device is authorized to access the telecommunications network.
  - 7. The media of claim 1, wherein the request to authenticate the device is received via an A12 interface.
  - 8. The media of claim 1, further comprising if the authorization information indicates that the device is authorized for IPv4 only, triggering an IPv4 authentication process for the device.
  - 9. The media of claim 1, further comprising if the authorization information indicates that the device is authorized for IPv6 only, triggering an IPv6 authentication process for the device.
  - 10. The media of claim 1, further comprising:
    - if the authorization information indicates that the device is authorized for both IPv4 and IPv6, determining whether an IPv4 authentication process or an IPv6 authentication process should first be triggered;
      
      if it is determined that the IPv4 authentication process should first be triggered, then triggering the IPv4 authentication process for the device; and
      
      if it is determined that the IPv6 authentication process should first be triggered, then triggering the IPv6 authentication process for the device.

11. One or more non-transitory computer-readable media having computer-useable instructions embodied thereon for performing a method for enabling a mobile device to establish an Internet protocol (IP) data session through a telecommunications network, the method comprising:
- communicating a request to an authentication component to establish an IP data session through the telecommunications network, wherein, prior to authenticating the mobile device, the authentication component determines an IP version by which the mobile device is authorized to communicate data by,(1) inspecting authorization information in a customer-profile database to determine whether the mobile device is authorized to communicate data via IPv4, IPv6, or both, and(2) communicating the authorization information to an authentication component that authenticates the mobile device based on whether the mobile device is authorized to communicate the data via IPv4, IPv6, or both;
  
  establishing a connection with a packet-routing component that allows for an establishment of the IP data session, wherein the packet-routing component has been sent and has cached the authorization information for use during session logic processing to disallow the respective IP version by which the mobile device is not authorized to communicate data through the telecommunication network; and
  
  receiving an acknowledgment that the IP data session has been established through the telecommunications network.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The media of claim 11, further comprising establishing an airlink connection to a radio network controller (RNC).
  - 13. The media of claim 12, wherein the airlink connection is established via Point-to-Point Protocol (PPP).
  - 14. The media of claim 11, further comprising receiving an indication that Point-to-Point Protocol (PPP) setup has been completed.
  - 15. The media of claim 11, wherein the connection with the packet-routing component is established via a Point-to-Point Protocol (PPP) link.
  - 16. The media of claim 11, wherein the packet-routing component uses the authorization information for session logic processing.

17. One or more computer-readable media having computer-useable instructions embodied thereon for performing a method for enabling a mobile device to establish an Internet protocol (IP) data session through a telecommunications network, the method comprising:
- receiving a request from the mobile device to establish the IP data session through the telecommunications network;
  
  prior to authenticating the mobile device, determining an IP version by which the mobile device is authorized to communicate data, wherein the determining includes,(1) communicating the request to a querying component that inspects authorization information in a customer-profile database to determine whether the mobile device is authorized to communicate data via IPv4, IPv6, or both,(2) receiving the authorization information from the querying component, and(3) authenticating the mobile device based on the authorization information;
  
  communicating the authorization information to a packet-routing component that caches the authorization information so that the authorization information can be used by the packet-routing component during the IP data session for session logic processing to disallow the respective IP version by which the mobile device is not authorized to communicate data through the telecommunications network; and
  
  receiving the data from the mobile device, which the data is passed through the telecommunications network via IPv4, IPv6, or both, depending on the authorization information.
- View Dependent Claims (18, 19, 20)
- - 18. The media of claim 17, further comprising receiving an indication of the one or more IP version capabilities for which the device is authorized.
  - 19. The media of claim 17, wherein the request to the querying component is made via an A12 interface.
  - 20. The media of claim 17, further comprising communicating to the mobile device that the Point-to-Point Protocol (PPP) setup has been completed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
T-Mobile Innovations LLC (Deutsche Telekom AG)
Original Assignee
Sprint Communications Company LP (Deutsche Telekom AG)
Inventors
Bennett, John H. III, Breau, Jeremy R., Nebergall, Terry D., Rogers, Frederick C., Hirschman, Brent B.
Primary Examiner(s)
Chai, Longbit

Application Number

US12/362,146
Time in Patent Office

1,160 Days
Field of Search

726/4
US Class Current

726/4
CPC Class Codes

H04L 2101/686   using dual-stack hosts, e.g...

H04L 63/08   for authentication of entit...

H04L 69/167   Adaptation for transition b...

H04M 1/72445   for supporting Internet bro...

Optimizing device authentication by discovering internet protocol version authorizations

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

14 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Optimizing device authentication by discovering internet protocol version authorizations

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

14 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links