Telecommunications – Radiotelephone system – Security or fraud prevention
Reexamination Certificate
1999-11-23
2001-01-09
Hunter, Daniel S. (Department: 2749)
Telecommunications
Radiotelephone system
Security or fraud prevention
C380S029000
Reexamination Certificate
active
06173174
ABSTRACT:
BACKGROUND OF THE INVENTION
The invention generally relates to a wireless communication network, and more particularly, relates to an improved authentication center (AC) component in a wireless communication network.
Wireless communication is one of the fastest growing segments of the telecommunication industry. With the mobility of the wireless devices, such as cellular phones and pagers, a subscriber to a wireless service can make or receive a call, or receive a message without being restricted to any particular locations. Because of the convenience provided by wireless devices, they have been widely used by average consumers.
Airtime fraud is a costly problem for wireless communications providers (also called “operators”). Callers (also called “subscribers”) can gain unauthorized access to cellular networks by “cloning” legitimate cellular phones (also called “handsets,” “Mobile Stations,” or “MSs”). The cloning process duplicates the memory contents of a legitimate cellular phone so that the clone cellular phone appears to be legitimate to the rest of the system. In certain high-crime areas, large numbers of cellular phone calls are estimated to be placed from cloned handsets. The challenge to cellular telephone companies lies in determining whether a handset communicating with the system is a legitimate handset or a clone.
In the past, operators could only detect fraudulent access after the fact. The detection process involved labor-intensive post-call analysis and did not stop cloned handsets from fraudulently obtaining service. Currently, many conventional cellular systems include one or more Authentication Center (AC) portions. When a calling person activates a handset, the AC checks the profile of the person who is registered for the handset. The AC then initiates a challenge to the handset. If the handset's response matches the AC's challenge, network access is granted. Otherwise, access is denied. The authentication process greatly reduces airtime losses and serves as a deterrent to the crime of cloning.
In many cellular phone systems, the AC performs authentication in connection with the following events: registration (when a phone roams into a new area); origination of a call; flashing (which involves, e.g., three way calling, call waiting, or paging); and call termination. In general, the MSC (Mobile Switching Center) associated with the area of the handset being authenticated sends an authentication request (AUTHRQST) message to the AC for each of these events.
To further authenticate handsets, conventional ACs periodically send “SSD update” messages and “unique challenge” messages to MSCNLRs in the system. These messages (also called “authentication messages”) are defined in the ANSI IS-41 standard produced by TIA/EIA for cellular telephones, which is herein incorporated by reference.
One cause of authentication failures occurs when a subscriber installs a new A-key in his cellular telephone handset. In order for the Authentication Center to authenticate handsets that use a unique (rather than a default) A-key,, a method to enter the A-key into the handset and into the AC is needed. Default A-keys are common to every handset and widely known authentication using only default A-keys is limited in its ability to detect clones and refuse service to them, thereby preventing cellular fraud. The value of the unique A-key must be entered into a subscriber's handset and into the subscriber's record in the AC. When the unique A-key is entered into the AC, it is marked as the “alternate Akey” because it is not known at what point in time the new A-key will be programmed into the handset. Because the authentication process will only authenticate an operation if the A-key in the handset matches the A-key in the AC, it is important to be able to detect the point in time when the new (unique) A-key is programmed into the handset.
When a new A-key is programmed into a handset, any SSD that previously existed in the handset is reset to the default SSD value. Therefore, the entry of a new A-Key into a handset may be detected by the AC when the AC recognizes that the SSD in the handset does not match the SSD maintained by the AC.
In conventional systems, the SSD in the handset was assumed to be bad if either of two situations occur: 1) an AUTHR mismatch or 2) a unique challenge failure. Both of these situations generally arise when the SSD in the handset does not match that in the AC and conventional systems assume that this is the case. In such a situation, conventional systems may attempt an SSD update using the new, unique (or alternate) A-key. If the SSD update works, then authentication succeeds and the new, unique (or alternate) A-key is assumed to be the A-key currently in use by the handset. The problem with conventional systems is that they do not provide the ability to automatically update the A-key when an SSD Update failed. They also did not allow an AC system operator to choose whether or not the automated A-key updating should be performed.
SUMMARY OF THE INVENTION
The present invention provides a method and apparatus for allowing an Authentication Center (AC) to configure whether or not to perform automated A-key updating if an authentication failure occurs. This configuration can be made, for the entire system. The AC has access to a Subscriber database describing, among other things, an “alternate A-key” for at least some of the subscribers. The AC also has access to an MPCM (MSC Point Code Database) that contains configuration information about various ones of the MSCs in the system.
Assuming that the system is configured to allow automatic A-key updating, the described embodiment of the present invention performs an automatic update whenever any of three situations occur during authentication: 1) an AUTHR mismatch occurs, 2) a unique challenge failure occurs, or 3) an SSD update failure occurs for a subscriber who has a unique or alternate A-key.
A fuller understanding of the invention will become apparent and appreciated by referring to the following description and claims taken in conjunction with the accompanying drawings.
REFERENCES:
patent: 4930150 (1990-05-01), Katz
patent: 5014298 (1991-05-01), Katz
patent: 5048075 (1991-09-01), Katz
patent: 5077790 (1991-12-01), D'Amico et al.
patent: 5091942 (1992-02-01), Dent
patent: 5128984 (1992-07-01), Katz
patent: 5204902 (1993-04-01), Reeds, III et al.
patent: 5237612 (1993-08-01), Raith
patent: 5282250 (1994-01-01), Dent et al.
patent: 5309501 (1994-05-01), Kozik et al.
patent: 5504804 (1996-04-01), Widmark et al.
patent: 5513245 (1996-04-01), Mizikovsky et al.
patent: 5551073 (1996-08-01), Sammarco
patent: 5553120 (1996-09-01), Katz
patent: 5590175 (1996-12-01), Gallant et al.
patent: 5594740 (1997-01-01), LaDue
patent: 5603081 (1997-02-01), Raith et al.
patent: 5615267 (1997-03-01), Lin et al.
patent: 5642401 (1997-06-01), Yahagi
patent: 5668875 (1997-09-01), Brown et al.
patent: 5708710 (1998-01-01), Duda
patent: 5737701 (1998-04-01), Rosenthal et al.
patent: 5754952 (1998-05-01), Hodges et al.
patent: 5754955 (1998-05-01), Ekbatani
patent: 5761500 (1998-06-01), Gallant et al.
patent: 5794139 (1998-08-01), Mizikovsky et al.
patent: 5799084 (1998-08-01), Gallagher et al.
patent: 5887251 (1999-03-01), Fehnel
patent: 6085083 (2000-07-01), Lamb
patent: 6097939 (2000-08-01), Jacobs
patent: 6111955 (2000-08-01), Mizikovsky et al.
patent: 6112079 (2000-08-01), Lamb
Compaq Computer Corporation
Fenwick & West LLP
Hunter Daniel S.
Tran Pablo
LandOfFree
Method and apparatus for automated SSD updates on an a-key... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for automated SSD updates on an a-key..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for automated SSD updates on an a-key... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2459681