Method and apparatus enabling reauthentication in a cellular communication system

US 8,972,582 B2
Filed: 09/10/2003
Issued: 03/03/2015
Est. Priority Date: 10/03/2002
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving a request for full authentication of a terminal;

transmitting to the terminal a reauthentication identity including a unique realm name uniquely identifying an authentication server in response to the request for full authentication; and

receiving a request for reauthentication from the terminal, the request for reauthentication including the reauthentication identity including the unique realm name uniquely identifying the authentication server;

wherein the request for reauthentication is routed to the authentication server according to the unique realm name included in the request for reauthentication.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method (and corresponding equipment) for use in reauthentication—after a first, full authentication by a first authentication server (23a)—of a communication session involving the exchange of information between a terminal (21) and a server (24), the method including: a step (11) in which the first authentication server (23a) and other authentication servers (23b) are each assigned a respective unique realm name; and a step (13) in which during authentication between the terminal and the first authentication server (23a), the first authentication server (23a) transmits to the terminal (21) a reauthentication identity including the unique realm name assigned to the first authentication server. Then, later, during reauthentication, to make possible that the reauthentication is performed by the same authentication server (23a) as performed the full authentication—i.e. by the first authentication server (23a)—the reauthentication identity is included in a request for reauthentication.

15 Citations

15 Claims

1. A method, comprising:
- receiving a request for full authentication of a terminal;
  
  transmitting to the terminal a reauthentication identity including a unique realm name uniquely identifying an authentication server in response to the request for full authentication; and
  
  receiving a request for reauthentication from the terminal, the request for reauthentication including the reauthentication identity including the unique realm name uniquely identifying the authentication server;
  
  wherein the request for reauthentication is routed to the authentication server according to the unique realm name included in the request for reauthentication.
- View Dependent Claims (3)
- - 3. A computer program product comprising:
    - a computer readable storage structure embodying computer program code thereon for execution by a computer processor in an authentication network element, wherein said computer program code includes instructions for performing a method according to claim 1.

2. An apparatus, comprising:
- means for receiving a request for full authentication of a terminal;
  
  means for transmitting to the terminal a reauthentication identity including a unique realm name uniquely identifying an authentication server in response to the request for full authentication; and
  
  means for receiving a request for reauthentication from the terminal, the request for reauthentication including the reauthentication identity including the unique realm name uniquely identifying the authentication server;
  
  wherein the request for reauthentication is routed to the authentication server according to the unique realm name included in the request for reauthentication.
- View Dependent Claims (10, 11, 12)
- - 10. The apparatus as in claim 2, wherein the apparatus comprises an authentication server.
  - 11. The apparatus as in claim 2, wherein the apparatus comprises a proxy server.
  - 12. The apparatus as in claim 2, wherein the apparatus comprises a service access point for authentication by the authentication server.

4. A system, comprising:
- a first authentication server configured to receive a request for full authentication of a terminal, and configured to transmit to the terminal a reauthentication identity including a unique realm name uniquely identifying the first authentication server in response to the request for full authentication; and
  
  a second authentication server configured to receive a request for reauthentication from the terminal, the request for reauthentication including the reauthentication identity including the unique realm name identifying the first authentication server, and configured to route the request for reauthentication to the first authentication server according to the unique realm name identifying the first authentication server.

5. An apparatus, comprising:
- means for transmitting a request for full authentication to a first authentication server;
  
  means for receiving from the first authentication server a reauthentication identity including a unique realm name uniquely indicating the first authentication server in response to the request for full authentication; and
  
  means for transmitting to a second authentication server a request for reauthentication using the reauthentication identity including the unique realm name.
- View Dependent Claims (6)
- - 6. The apparatus as in claim 5, wherein the means for transmitting to the second authentication server includes the reauthentication identity in an identity response packet according to an Extensible Authentication Protocol.

7. An apparatus, comprising a processor configured to:
- receive a request for full authentication of a terminal;
  
  transmit to the terminal a reauthentication identity including a unique realm name uniquely identifying an authentication server in response to the request for full authentication; and
  
  receive a request for reauthentication from the terminal, the request for reauthentication including the reauthentication identity including the unique realm name uniquely identifying the authentication server;
  
  wherein the request for reauthentication is routed according to the authentication server according to the unique realm name included in the request for reauthentication.

8. An apparatus, comprising a processor configured to:
- transmit a request for full authentication to a first authentication server;
  
  receive from the first authentication server a reauthentication identity including a unique realm name uniquely indicating the first authentication server in response to the request for full authentication; and
  
  transmit to a second authentication server a request for reauthentication using the reauthentication identity including the unique realm name.
- View Dependent Claims (9)
- - 9. The apparatus as in claim 8, wherein the processor is configured to include the reauthentication identity in an identity response packet according to an Extensible Authentication Protocol.

13. A method, comprising:
- transmitting a request for full authentication to a first authentication server;
  
  receiving from the first authentication server a reauthentication identity identity including a unique realm name uniquely indicating the first authentication server in response to the request for full authentication; and
  
  transmitting to a second authentication server a request for reauthentication using the reauthentication identity including the unique realm name.
- View Dependent Claims (14, 15)
- - 14. A method as in claim 13, wherein the reauthentication identity is included in an identity response packet according to an Extensible Authentication Protocol.
  - 15. A computer program product comprising:
    - a computer readable storage structure embodying computer program code thereon for execution by a computer processor in a terminal, wherein said computer program code includes instructions for performing a method according to claim 13.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Corporation
Inventors
Haverinen, Henry, Ahmavaara, Kalle
Primary Examiner(s)
DAILEY, THOMAS J

Application Number

US10/659,774
Publication Number

US 20040153555A1
Time in Patent Office

4,192 Days
Field of Search

709/227, 709/229, 455/433
US Class Current

709/227
CPC Class Codes

H04L 2101/345   containing wildcard characters

H04L 61/30   Managing network names, e.g...

H04L 61/301   Name conversion

H04L 63/08   for authentication of entit...

H04L 63/0853   using an additional device,...

H04L 63/0892   by using authentication-aut...

H04L 63/162   at the data link layer

H04W 12/06   Authentication

H04W 8/26   Network addressing or numbe...

H04W 84/042   Public Land Mobile systems,...

Method and apparatus enabling reauthentication in a cellular communication system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

15 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus enabling reauthentication in a cellular communication system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links