System, method, and computer-readable medium for authentication center-initiated authentication procedures for a mobile station attached with an IP-femtocell system

US 8,787,198 B2
Filed: 08/19/2013
Issued: 07/22/2014
Est. Priority Date: 11/15/2007
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving, by a convergence server located in a core network, an authentication procedure request from an authentication center for a mobile station attached with a femtocell system;

generating, by the convergence server, an authentication procedure request message that includes a registration identifier assigned to the mobile station, the registration identifier comprising a pseudo-electronic serial number derived from a mobile equipment identifier for the mobile station;

transmitting, by the convergence server, the authentication procedure request message to the femtocell system; and

receiving, by the convergence server, a response to the authentication procedure request message from the femtocell system;

wherein the authentication procedure request comprises a unique challenge, andwherein the authentication procedure request message comprises an authentication request that includes a pseudo-randomly generated value;

wherein the response includes an authentication result generated by the mobile station using the pseudo-randomly generated value and a shared secret data key.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method, and computer readable medium that facilitate authentication center-initiated authentication procedures for a mobile station attached with a femtocell system are provided. A femtocell system may generate a registration identification of a mobile station from one or more mobile station authentication parameters. A convergence server located in a core network receives an authentication procedure request from an authentication center for the mobile station attached with the femtocell system and generates an authentication procedure request message that includes the registration identification assigned to the mobile station. The convergence server then transmits the authentication procedure request message to the femtocell system and receives a response to the authentication procedure request message from the femtocell system. The authentication procedure request may comprise a unique challenge, a shared secret data update procedure, or a call history count update procedure.

Citations

16 Claims

1. A method, comprising:
- receiving, by a convergence server located in a core network, an authentication procedure request from an authentication center for a mobile station attached with a femtocell system;
  
  generating, by the convergence server, an authentication procedure request message that includes a registration identifier assigned to the mobile station, the registration identifier comprising a pseudo-electronic serial number derived from a mobile equipment identifier for the mobile station;
  
  transmitting, by the convergence server, the authentication procedure request message to the femtocell system; and
  
  receiving, by the convergence server, a response to the authentication procedure request message from the femtocell system;
  
  wherein the authentication procedure request comprises a unique challenge, andwherein the authentication procedure request message comprises an authentication request that includes a pseudo-randomly generated value;
  
  wherein the response includes an authentication result generated by the mobile station using the pseudo-randomly generated value and a shared secret data key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the femtocell system maps the authentication procedure to the mobile station using the registration identifier.
  - 3. The method of claim 1, wherein the authentication procedure request comprises a shared secret data update procedure, and wherein the authentication procedure request message comprises a shared secret data update request message.
  - 4. The method of claim 3, further comprising transmitting, by the femtocell system, an update order to the mobile station that includes a random number seed.
  - 5. The method of claim 4, further comprising receiving, by the convergence server, a base station challenge request message from the femtocell system including a pseudo-random value selected by the mobile station.
  - 6. The method of claim 5, further comprising:
    - engaging, by the convergence server, the authentication center in a base station challenge process; and
      
      transmitting, by the convergence server, a base station challenge response to the femtocell system including a base station authentication result received from the authentication center.
  - 7. The method of claim 6, further comprising updating, by the mobile station, a shared secret data key in the event the base station authentication result in the base station challenge response matches a base station authentication result produced by the mobile station.
  - 8. The method of claim 1, wherein the authentication procedure request comprises a call history count update procedure, and wherein the authentication procedure request message comprises a count update message.

9. A non-transitory computer-readable medium having computer-executable instructions tangibly embodied thereon for execution by a processing system, the computer-executable instructions, when executed, cause the processing system to:
- receive, by a convergence server located in a core network, an authentication procedure request from an authentication center for the mobile station attached with the femtocell system;
  
  generate, by the convergence server, an authentication procedure request message that includes a registration identifier assigned to the mobile station, the registration identifier comprising a pseudo-electronic serial number derived from a mobile equipment identifier for the mobile station;
  
  map the authentication procedure to the mobile station using the registration identifier;
  
  transmit, by the convergence server, the authentication procedure request message to the femtocell system; and
  
  receive, by the convergence server, a response to the authentication procedure request message from the femtocell system;
  
  wherein the authentication procedure request comprises a unique challenge, the authentication procedure request message comprises an authentication request that includes a pseudo-randomly generated value, and the response includes an authentication result generated by the mobile station using the pseudo-randomly generated value and a shared secret data key.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The non-transitory computer-readable medium of claim 9, wherein the authentication procedure request comprises a shared secret data update procedure and the authentication procedure request message comprises a shared secret data update request message, the non-transitory computer-readable medium further comprising instructions that, when executed by the processing system, cause the processing system to transmit, by the femtocell system, an update order to the mobile station that includes a random number seed.
  - 11. The non-transitory computer-readable medium of claim 10, further comprising instructions that, when executed by the processing system, cause the processing system to:
    - receive, by the convergence server, a base station challenge request message from the femtocell system including a pseudo-random value selected by the mobile station;
      
      engage, by the convergence server, the authentication center in a base station challenge process; and
      
      transmit, by the convergence server, a base station challenge response to the femtocell system including a base station authentication result received from the authentication center.
  - 12. The non-transitory computer-readable medium of claim 11, further comprising instructions that, when executed by the processing system, cause the processing system to update, by the mobile station, a shared secret data key in the event the base station authentication result in the base station challenge response matches a base station authentication result produced by the mobile station.
  - 13. The non-transitory computer-readable medium of claim 9, wherein the authentication procedure request comprises a call history count update procedure, and wherein the authentication procedure request message comprises a count update message.

14. A system, comprising:
- a core network that includes a convergence server;
  
  a mobile core network that includes an authentication center;
  
  an Internet Protocol-based femtocell system that provides a radio access point for a mobile station, wherein the convergence server receives an authentication procedure request from the authentication center for the mobile station, generates an authentication procedure request message that includes a registration identifier assigned to the mobile station, the registration identifier comprising a pseudo-electronic serial number derived from a mobile equipment identifier for the mobile station, and wherein the femtocell system maps the authentication procedure to the mobile station using the registration identifier;
  
  transmit the authentication procedure request message to the femtocell system; and
  
  receives a response to the authentication procedure request message from the femtocell system;
  
  wherein the authentication procedure request comprises a unique challenge, the authentication procedure request message comprises an authentication request that includes a pseudo-randomly generated value, and the response includes an authentication result generated by the mobile station using the pseudo-randomly generated value and a shared secret data key.
- View Dependent Claims (15, 16)
- - 15. The system of claim 14, wherein the authentication procedure request comprises a shared secret data update procedure and the authentication procedure request message comprises a shared secret data update request message, wherein the femtocell system transmits an update order to the mobile station that includes a random number seed.
  - 16. The system of claim 15, wherein the convergence server receives a base station challenge request message from the femtocell system including a pseudo-random value selected by the mobile station, engages the authentication center in a base station challenge process, and transmits a base station challenge response to the femtocell system including a base station authentication result received from the authentication center.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Red Hat, Inc. (International Business Machines Corporation)
Original Assignee
UbeeAirwalk, Inc. (Hon Hai Precision Industry Co., Ltd.)
Inventors
Osborn, Christopher Martin Edward
Primary Examiner(s)
Faroul, Farah

Application Number

US13/970,326
Publication Number

US 20130331059A1
Time in Patent Office

337 Days
Field of Search

370/252, 370/328, 370/411, 370/435.1
US Class Current

370/252
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/164   at the network layer

H04W 12/069   using certificates or pre-s...

H04W 76/10   Connection setup

H04W 84/045   using private Base Stations...

H04W 88/085   Access point devices with r...

System, method, and computer-readable medium for authentication center-initiated authentication procedures for a mobile station attached with an IP-femtocell system

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

System, method, and computer-readable medium for authentication center-initiated authentication procedures for a mobile station attached with an IP-femtocell system

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links