Authentication between communicating parties in a...

Communications: electrical – Selective – Intelligence comparison for controlling

Reexamination Certificate

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

C380S030000, C379S219000, C379S272000

Reexamination Certificate

active

06225888

ABSTRACT:

FIELD OF THE INVENTION
This invention concerns origination of data transmission in a multiple access network, wherein the terminal equipment requests a channel for itself from the network using a common access channel intended for all terminal equipment and wherein in response to the request the network on a common access grant channel intended for all terminal equipment makes known that channel to the terminal equipment on which information transmission proper will take place.
BACKGROUND OF THE INVENTION
It is a general principle in telecommunications networks using multiple access that for using services of the network the terminal equipment by using some uplink access method must first inform the network of its desire to gain access to the network. This takes place so that e.g. a special channel is reserved in the network as a common channel for all terminal equipment, which send a request on this channel to obtain a service. Depending on the network, this request may contain just a request to have a channel for two-way data transmission or it may contain information on which particular service is desired and possibly also information on the desired channel capacity. The channel may be a stream type or packet channel. The layer relaying requests is called the Medium Access Control Sublayer (MAC layer) according to the OSI model and it uses services of the physical layer to produce services for the control layer of the logical link.
In time-division cellular multiple access networks a channel is assigned on which all mobile stations when forming mobile originated calls send a request for a traffic channel from the network. The request, which is relayed over the radio path to the base station and from this along a cable to the base station controller, contains the mobile station's identifier IMSI, so that the base station controller will know from whom the request has come. In a GSM system such a channel used by all is called Random Access Channel (RACH). Should collisions between requests occur on the channel, the mobile station will try again after a moment until the request is received. The network sends to the mobile stations acknowledgements of the requests on a channel to which all mobile stations are listening. In a GSM system this channel is called Access Grant Channel (AGCH): the acknowledgement contains the mobile station's identifier, from which the mobile station will know that the message is intended for itself, and the number of the channel allocated by the network as a traffic channel.
Access in accordance with the MAC protocol is also used in interactive cable TV systems, where a desired audiovisual service can be transferred to several recipients through a fixed network. The physical transfer path may be a coaxial cable and/or an optical cable or a radio network or the distribution may take place through a satellite. In the system the name Head End is given to a central place where an incoming dispatch is divided over several physical signal paths, such as several optical fibers, by which the dispatch is taken closer to the consumers. In the systems, transmission may take place both in downlink and uplink directions in time slots which are numbered starting from zero and ending with some max number, after which numbering starts again. The time slots 0, . . . , max form a frame. For terminals to be able to send information upwards, such a channel may be used in the uplink direction where the access form is Aloha, whereby all subscribers may send requests in any time slot. The network acknowledges a successful transmission by echo checking on a downlink channel. In the uplink direction, only a certain time slot may alternatively be used for sending requests. This is a slotted Aloha access type. It is essential also in these systems for the terminal to include its identifiers in its access message, so that the Head End may know who sent the request.
It is characteristic according to
FIG. 1
for systems of the described type that when several terminal equipment A wish to communicate with network B, they request a private channel on a common channel U. The request message contains requester A's identifier. The network element may perform authentication of the requester, and if the matter is OK, it will allocate a private channel T for the requestor and will send information about the channel either on the same common channel U or on another common return path channel D. The information contains requester A's identifier. A receives the message and begins communicating on the allocated channel T.
FIG. 2
shows exchange of messages used in network access in a known GSM mobile telephone system. When a mobile station wishes to form a call, it sends on a one-way (uplink direction) Random Access Channel (RACH) to the base station a Channel Request to have a Traffic Channel (TCH) at its disposal, step
211
. The request contains a 5-bit random number, which first functions as the mobile station's identifier. The base station receives, step
213
, and relays the request to the base station controller, which selects a free channel, activates it on the base station, step
212
, and then forms an Immediate Assignment, which the base station sends on a Paging and Access Grant Channel (PAGCH) to the mobile station, step
214
. The assignment contains a description of the allocated channel, a preset timing value, the transmission power value to be used and the same 5-bit random number which was sent by the mobile station, and also the time slot number with which the base station had received the channel request. With this information the mobile station is able to distinguish the message intended for itself and will learn the allocated traffic channel, step
215
.
The mobile station then signals to the base station on the traffic channel the link layer initial message containing the SABM frame. In this message the mobile station states its identity IMSI (International Mobile Subscriber Identity) or its Temporary Mobile Subscriber Identity (TMSI), step
224
. The base station receives the message, step
226
, and acknowledges it with a response message, the UA frame of which contains the identity of the mobile station, step
228
. The mobile station compares its own identity with the received identity, step
223
, and if the identities are similar, it will know that the traffic channel is reserved for itself.
Before starting operation, authentication is also performed on the principle that the network puts a question to the mobile station to which only the right mobile station will know the answer. Authentication is based on an authentication algorithm A
3
and on a subscriber-specific authentication key K
i
. In the early part of authentication the authentication center AuC sends a question to the mobile station which is a random number RAND. The mobile station receives the RAND, transfers it to the SIM card, which performs the A
3
algorithm with its aid and with the aid of the subscriber-specific key K
i
in the card. The Signed Result (SRES) is sent by the mobile station to the network. Authentication center AuC compares the SRES value with the value which it has computed itself using the same A
3
algorithm, RAND and key K
i
. If the SRESs are identical, the authentication is approved, otherwise the subscriber is denied access to the network. The mobile station uses the received RAND and K
i
values also for computing a connection-specific encryption key Kc. In the network, authentication center AuC performs the same algorithm with the same values, thus resulting in the same encryption key. Both store the key in memory and in addition the mobile station sends the key to authentication center AuC, which checks to make sure that both are using the same keys.
It is a noteworthy feature in the process shown in
FIG. 2
that the mobile station has sent its own identity to the network before it is quite sure that the traffic channel is allocated to itself and to nobody else.
It is taken for granted in known systems of the type shown in
FIG. 1
that the p

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Authentication between communicating parties in a... does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Authentication between communicating parties in a..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Authentication between communicating parties in a... will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-2455483

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.