Systems, methods, media, and means for user level authentication
First Claim
1. A gateway in a communications network, comprisinga subscriber interface;
- a Session Initiation Protocol (SIP) registrar;
a local cache; and
a network interface in communication with the subscriber interface, the SIP registrar, a subscriber database, and a mobile device;
whereinthe SIP registrar is configured to;
receives a first register message sent from the mobile device, the first register message including a request made by a first of a plurality of users for access to a network, wherein a separate user account is maintained for each of the plurality of users in the network and wherein any one of the plurality of users at a time can access the network by logging on and off of the network using the mobile device; and
if the mobile device is not registered in the network,send a request for subscriber information associated with the mobile device to the subscriber interface, wherein the subscriber information includes a user profile for the mobile device and the user profile includes challenge information for the plurality of users;
the subscriber interface is configured to;
retrieves the subscriber information from the subscriber database; and
send the subscriber information to the SIP registrar; and
the SIP registrar is further configured to;
store the subscriber information in the local cache;
authenticate the mobile device based at least in part on the subscriber information;
send to the mobile device challenge information associated with the first user including a password request and at least one user challenge question previously set up or selected by the first user;
receive a second register message including user response information of the first user in response to the challenge information from the mobile device;
authenticate the first user based at least in part on whether the user response information of the first user matches predetermined answers to the at least one user challenge question, such that the first user'"'"'s airtime minutes can be used for services provided by the network that are granted specifically for the first user; and
notify the subscriber interface of the authentication of the mobile device and the first user;
,if the mobile device has been registered already in the network,the SIP registrar is further configured to;
send to the mobile device the challenge information associated with the first user that is stored in the local cache;
receive the second register message from the mobile device;
authenticate the first user based at least in part on whether the user response information of the first user matches the predetermined answers to the at least one user challenge question, such that the first user'"'"'s airtime minutes can be used for the services provided by the network that are granted specifically for the first user; and
notify the subscriber interface of the authentication of the first user.
3 Assignments
0 Petitions
Accused Products
Abstract
In some embodiments, a gateway in a communications network is provided including a subscriber interface and a Session Initiation Protocol (SIP) registrar; wherein the SIP registrar: receives a first register message as a result of a request associated with a user and a mobile device seeking network authentication; and sends a request for subscriber information to the subscriber interface; the subscriber interface: retrieves the subscriber information from the subscriber database; and sends the subscriber information to the SIP registrar; the SIP registrar further: sends challenge information including a password request and a request for predetermined response information previously selected by the user to the mobile device; receives a second register message including user response information in response to the challenge information; and authenticates the mobile device and the user based at least in part on whether the user response information matches the predetermined response information.
123 Citations
18 Claims
-
1. A gateway in a communications network, comprising
a subscriber interface; -
a Session Initiation Protocol (SIP) registrar; a local cache; and a network interface in communication with the subscriber interface, the SIP registrar, a subscriber database, and a mobile device;
whereinthe SIP registrar is configured to; receives a first register message sent from the mobile device, the first register message including a request made by a first of a plurality of users for access to a network, wherein a separate user account is maintained for each of the plurality of users in the network and wherein any one of the plurality of users at a time can access the network by logging on and off of the network using the mobile device; and if the mobile device is not registered in the network, send a request for subscriber information associated with the mobile device to the subscriber interface, wherein the subscriber information includes a user profile for the mobile device and the user profile includes challenge information for the plurality of users; the subscriber interface is configured to; retrieves the subscriber information from the subscriber database; and send the subscriber information to the SIP registrar; and the SIP registrar is further configured to; store the subscriber information in the local cache; authenticate the mobile device based at least in part on the subscriber information; send to the mobile device challenge information associated with the first user including a password request and at least one user challenge question previously set up or selected by the first user; receive a second register message including user response information of the first user in response to the challenge information from the mobile device; authenticate the first user based at least in part on whether the user response information of the first user matches predetermined answers to the at least one user challenge question, such that the first user'"'"'s airtime minutes can be used for services provided by the network that are granted specifically for the first user; and notify the subscriber interface of the authentication of the mobile device and the first user;
,if the mobile device has been registered already in the network, the SIP registrar is further configured to; send to the mobile device the challenge information associated with the first user that is stored in the local cache; receive the second register message from the mobile device; authenticate the first user based at least in part on whether the user response information of the first user matches the predetermined answers to the at least one user challenge question, such that the first user'"'"'s airtime minutes can be used for the services provided by the network that are granted specifically for the first user; and notify the subscriber interface of the authentication of the first user. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for authenticating a mobile device and a user, comprising:
-
receiving at a Session Initiation Protocol (SIP) registrar a first register message sent from a mobile device, the first register message including a request made by a first of a plurality of users for access to a network, wherein a separate user account is maintained for each of the plurality of users in the network and wherein any one of the plurality of users at a time can access the network by logging on and off of the network using the mobile device; if the mobile device is not registered in the network, sending from the SIP registrar a request for subscriber information to a subscriber interface, wherein the subscriber information is associated with the mobile device and includes a user profile for the mobile device and the user profile includes challenge information for the plurality of users; retrieving the subscriber information from a subscriber database at the subscriber interface; sending the subscriber information to the SIP registrar from subscriber interface; storing the subscriber information in a local cache; authenticating the mobile device based at least in part on the subscriber information sending to the mobile device from the SIP registrar challenge information associated with the first user including a password request and at least one user challenge question previously set up or selected by the first user; receiving a second register message including user response information of the first user in response to the challenge information from the mobile device at the SIP registrar; authenticating the first user based at least in part on whether the user response information of the first user matches predetermined answers to the at least one user challenge question at the SIP registrar, such that the first user'"'"'s airtime minutes can be used for services provided by the network that are granted specifically for the first user; and sending a notification of authentication of the mobile device and the first user to the subscriber interface from the SIP registrar; and if the mobile device has been registered already in the network, sending to the mobile device from the SIP registrar the challenge information associated with the first user that is stored in the local cache; receiving at the SIP registrar the second register message from the mobile device; authenticating the first user based at least in part on whether the user response information of the first user matches the predetermined answers to the at least one user challenge question at the SIP registrar, such that the first user'"'"'s airtime minutes can be used for the services provided by the network that are granted specifically for the first user; and sending a notification of authentication of the first user to the subscriber interface from the SIP registrar. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A non-transitory computer-readable medium storing computer-executable instructions that, when executed by a processor, cause the processor to perform a method, the method comprising:
-
receiving at a Session Initiation Protocol (SIP) registrar a first register message sent from a mobile device, the first register message including a request made by a first of a plurality of users for access to a network, wherein a separate user account is maintained for each of the plurality of users in the network and wherein any one of the plurality of users at a time can access the network by logging on and off of the network using the mobile device; if the mobile device is not registered in the network, sending from the SIP registrar a request for subscriber information to a subscriber interface, wherein the subscriber information is associated with the mobile device and includes a user profile for the mobile device and the user profile includes challenge information for the plurality of users; retrieving the subscriber information from a subscriber database at the subscriber interface; sending the subscriber information to the SIP registrar from subscriber interface; storing the subscriber information in a local cache; authenticating the mobile device based at least in part on the subscriber information; sending to the mobile device from the SIP registrar challenge information associated with the first user including a password request and at least one user challenge question previously set up or selected by the first user; receiving a second register message including user response information of the first user in response to the challenge information from the mobile device at the SIP registrar; authenticating the first user based at least in part on whether the user response information of the first user matches predetermined answers to the at least one user challenge question at the SIP registrar, such that the first user'"'"'s airtime minutes can be used for services provided by the network that are granted specifically for the first user; and sending a notification of authentication of the mobile device and the first user to the subscriber interface from the SIP registrar; and if the mobile device has been registered already in the network, sending to the mobile device from the SIP registrar the challenge information associated with the first user that is stored in the local cache; receiving at the SIP registrar the second register message from the mobile device; authenticating the first user based at least in part on whether the user response information of the first user matches the predetermined answers to the at least one user challenge question at the SIP registrar, such that the first user'"'"'s airtime minutes can be used for the services provided by the network that are granted specifically for the first user; and sending a notification of authentication of the first user to the subscriber interface from the SIP registrar. - View Dependent Claims (15, 16, 17, 18)
-
Specification