Methods, systems, and computer readable media for providing access network protocol interworking and authentication proxying

US 9,918,229 B2
Filed: 04/28/2017
Issued: 03/13/2018
Est. Priority Date: 08/14/2015
Status: Active Grant

First Claim

Patent Images

1. A method for access network protocol interworking and authentication proxying comprising:

in a Diameter signaling router (DSR) including at least one processor;

receiving, on a first interface of the DSR that supports extensible authentication protocol (EAP), a message requesting authentication from a node in an access network, wherein receiving the message requesting authentication information includes receiving a Diameter SWa, STa, or SWm message requesting authentication information and including an EAP payload;

terminating the EAP on the first interface;

using a native protocol of a cellular network to obtain authentication challenge information from the cellular network, wherein using a native protocol to obtain authentication challenge information from the cellular network includes formulating and transmitting, on a second interface of the DSR that does not support the EAP, a Diameter S6a or SWx message to obtain the authentication challenge information;

communicating the authentication challenge information to the node in the access network, wherein communicating the authentication challenge information to the node in the access network includes using the Diameter protocol;

receiving an authentication response from the node in the access network;

determining whether the authentication response matches an expected response; and

in response to determining that the authentication response matches an expected response, sending a message to the node in the access network indicating successful authentication.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The subject matter described herein includes methods, systems, and computer readable media for access network protocol interworking and authentication proxying. One method includes receiving an authentication request from a node in an access network for authenticating a user using cellular network authentication. The method further includes, in response to the request, using a native protocol of the cellular network to obtain an authentication challenge from a node in the cellular network. The method further includes communicating the authentication challenge to the node in the access network. The method further includes receiving a response to the authentication challenge from the node in the access network. The method further includes determining whether the response matches an expected response. The method further includes, in response to determining that the response matches the expected response, communicating an indication of successful authentication to the node in the access network.

Citations

10 Claims

1. A method for access network protocol interworking and authentication proxying comprising:
- in a Diameter signaling router (DSR) including at least one processor;
  
  receiving, on a first interface of the DSR that supports extensible authentication protocol (EAP), a message requesting authentication from a node in an access network, wherein receiving the message requesting authentication information includes receiving a Diameter SWa, STa, or SWm message requesting authentication information and including an EAP payload;
  
  terminating the EAP on the first interface;
  
  using a native protocol of a cellular network to obtain authentication challenge information from the cellular network, wherein using a native protocol to obtain authentication challenge information from the cellular network includes formulating and transmitting, on a second interface of the DSR that does not support the EAP, a Diameter S6a or SWx message to obtain the authentication challenge information;
  
  communicating the authentication challenge information to the node in the access network, wherein communicating the authentication challenge information to the node in the access network includes using the Diameter protocol;
  
  receiving an authentication response from the node in the access network;
  
  determining whether the authentication response matches an expected response; and
  
  in response to determining that the authentication response matches an expected response, sending a message to the node in the access network indicating successful authentication.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1 wherein formulating the Diameter S6a or SWx message includes formulating a Diameter S6a message.
  - 3. The method of claim 1 formulating the Diameter S6a or SWx message includes formulating a Diameter SWx message.
  - 4. The method of claim 1 wherein communicating the authentication challenge information to the node in the access network includes communicating the authentication challenge information using a Diameter protocol.
  - 5. The method of claim 1 wherein the authentication response is computed by a mobile device and wherein determining whether the authentication response matches an expected response includes accessing state information stored by the DSR to determine whether the authentication response computed by the mobile device matches the state information stored by the DSR.

6. A system for interworking and authentication proxying, the system comprising:
- a Diameter signaling router (DSR) including at least one message processor;
  
  an authentication and internetworking proxy implemented by the at least one message processor and configured for;
  
  receiving, on a first interface of the DSR that supports extensible authentication protocol (EAP), a message requesting authentication from a node in an access network, wherein receiving the message requesting authentication information includes receiving a Diameter SWa, STa, or SWm message requesting authentication information and including an EAP payload;
  
  using a native protocol of a cellular network to obtain authentication challenge information from the cellular network, wherein using a native protocol to obtain authentication challenge information from the cellular network includes formulating and transmitting, on a second interface of the DRS that does not support the EAP, a Diameter S6a or SWx message to obtain the authentication challenge information;
  
  communicating the authentication challenge information to the node in the access network, wherein communicating the authentication challenge information to the node in the access network includes using the Diameter protocol;
  
  receiving an authentication response from the node in the access network;
  
  determining whether the authentication response matches an expected response; and
  
  in response to determining that the authentication response is equal to an expected response, sending a message to the node in the access network indicating successful authentication.
- View Dependent Claims (7, 8, 9)
- - 7. The system of claim 6 wherein formulating a Diameter S6a or SWx messages comprises formulating a Diameter S6a message.
  - 8. The system of claim 6 wherein formulating a Diameter S6a or SWx message includes formulating a Diameter SWx message.
  - 9. The system of claim 6 wherein the authentication response is computed by a mobile device and wherein determining whether the authentication response matches an expected response includes accessing state information stored by the DSR to determine whether the authentication response computed by the mobile device matches the state information stored by the DSR.

10. A non-transitory computer readable medium having stored thereon executable instructions that when executed by the processor on a computer control the computer to perform steps comprising:
- in a Diameter signaling router (DSR) including at least one processor;
  
  receiving, on a first interface of the DSR that supports extensible authentication protocol (EAP), a message requesting authentication from a node in an access network, wherein receiving the message requesting authentication information includes receiving a Diameter SWa, STa, or SWm message requesting authentication information and including an EAP payload;
  
  terminating the EAP on the first interface;
  
  using a native protocol of a cellular network to obtain authentication challenge information from the cellular network, wherein using a native protocol to obtain authentication challenge information from the cellular network includes formulating and transmitting on a second interface of the DSR that does not support the EAP, a Diameter S6a or SWx message to obtain the authentication challenge information;
  
  communicating the authentication challenge information to the node in the access network, wherein communicating the authentication challenge information to the node in the access network includes using the Diameter protocol;
  
  receiving an authentication response from the node in the access network;
  
  determining whether the authentication response matches an expected response; and
  
  in response to determining that the authentication response matches an expected response, sending a message to the node in the access network indicating successful authentication.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
McCann, Thomas Matthew
Primary Examiner(s)
Patel, Nimesh

Application Number

US15/582,591
Publication Number

US 20170238179A1
Time in Patent Office

319 Days
Field of Search
US Class Current
CPC Class Codes

H04L 61/503   using an authentication, au...

H04L 63/0884   by delegation of authentica...

H04W 12/069   using certificates or pre-s...

H04W 48/18   Selecting a network or a co...

H04W 8/04   Registration at HLR or HSS ...

H04W 84/042   Public Land Mobile systems,...

Methods, systems, and computer readable media for providing access network protocol interworking and authentication proxying

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

Methods, systems, and computer readable media for providing access network protocol interworking and authentication proxying

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links