Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1999-12-03
2004-08-31
Moise, Emmanuel L. (Department: 2136)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S155000, C713S168000, C380S277000
Reexamination Certificate
active
06785823
ABSTRACT:
BACKGROUND OF THE INVENTION
I. Field of the Invention
The current invention relates to wireless communications. More particularly, the present invention relates to an improved method and system for performing authentication of a wireless mobile station with a packet data network.
II. Description of the Related Art
With the increasing popularity of both wireless communications and Internet applications, a market has arisen for products and services that combine the two. As a result, various methods and systems are under development to provide wireless Internet services, such as might allow a user of a wireless telephone or terminal to access e-mail, web pages, and other network resources. Because information on the Internet is organized into discrete “packets” of data, these services are often referred to as “packet data services.”
Among the different types of wireless communication systems to be used to provide wireless packet data services are code division multiple access (CDMA) systems. The use of CDMA modulation techniques is one of several techniques for facilitating communications in which a large number of system users are present. The framing and transmission of Internet Protocol (IP) data through a CDMA wireless network is well known in the art and has been described in TIA/EIA/IS-707-A, entitled “DATA SERVICE OPTIONS FOR SPREAD SPECTRUM SYSTEMS”, hereafter referred to as IS-707.
Other multiple access communication system techniques, such as time division multiple access (TDMA), frequency division multiple access (FDMA) and AM modulation schemes such as amplitude companded single sideband (ACSSB) are known in the art. These techniques have been standardized to facilitate interoperation between equipment manufactured by different companies. Code division multiple access communications systems have been standardized in the United States in Telecommunications Industry Association TIA/EIA/IS-95-B, entitled “MOBILE STATION-BASE STATION COMPATIBILITY STANDARD FOR DUAL-MODE WIDEBAND SPREAD SPECTRUM CELLULAR SYSTEMS”, hereinafter referred to as IS-95.
The International Telecommunications Union recently requested the submission of proposed methods for providing high rate data and high-quality speech services over wireless communication channels. A first of these proposals was issued by the Telecommunications Industry Association, entitled “The cdma2000 ITU-R RTT Candidate Submission”, and hereinafter referred to as cdma2000. A second of these proposals was issued by the European Telecommunications Standards Institute (ETSI), entitled “The ETSI UMTS Terrestrial Radio Access (UTRA) ITU-R RTT Candidate Submission”, also known as “wideband CDMA” and hereinafter referred to as W-CDMA. A third proposal was submitted by U.S. TG 8/1 entitled “The UWC-136 Candidate Submission”, hereinafter referred to as EDGE. The contents of these submissions are public record and are well known in the art.
Several standards have been developed by the Internet Engineering Task Force (IETF) to facilitate mobile packet data services using the Internet. Mobile IP is one such standard, and was designed to allow a device having an IP address to exchange data with the Internet while physically travelling throughout a network (or networks). Mobile IP is described in detail in IETF request for comments (RFC), entitled ‘IP Mobility Support,’ and incorporated by reference.
Several other IETF standards set forth techniques referred to in the above named references. Point-to-Point Protocol (PPP) is well known in the art and is described in IETF RFC 1661, entitled “The Point-to-Point Protocol (PPP)” and published in July 1994, hereinafter referred to as PPP. PPP includes a Link Control Protocol (LCP) and several Network Control Protocols (NCP) used for establishing and configuring different network-layer protocols over a PPP link. One such NCP is the Internet Protocol Control Protocol (IPCP), well known in the art and described in IETF RFC 1332 entitled “The PPP Internet Protocol Control Protocol (IPCP)” published in May of 1992, hereinafter referred to hereinafter as IPCP. Extensions to the LCP are well known in the art and described in IETF RFC 1570, entitled “PPP LCP Extensions” published in January 1994, referred to hereinafter as LCP. A method for Authentication using PPP known as Challenge Handshake Authentication Protocol (CHAP) is well known in the art and is described in IETF RFC 1994, entitled “PPP Challenge Handshake Authentication Protocol (CHAP)” and published in August 1996. A standardized method for identifying users and a syntax for the Network Access Identifier (NAI) used during PPP authentication is well known in the art and is described in IETF RFC 2486, entitled “The Network Access Identifier” published in January, 1999. A protocol for carrying authentication, authorization, and configuration information between different network entities known as Remote Authentication Dial In User Service (RADIUS) is described in the IETF RFC 2138 of the same name, published in April 1997, and is also well known in the art. An Authentication, Authorization, and Accounting (AAA) server is a term known in the art, and refers to a server capable of providing Authentication, Authorization, and Accounting services. A RADIUS server is a type of AAA server.
As discussed above, there is a desire in the art for providing access to the Internet from wireless mobile devices. Existing authentication methods are thus far insufficient for providing authentication for a diverse set of mobile stations in a wireless network. There is therefore a need in the art to develop a method for performing authentication between a mobile station using packet data services and authentication servers in the network.
SUMMARY OF THE INVENTION
The present invention provides a method and apparatus for allowing a mobile station in a wireless network to perform network authentication in association with mobile packet data services. A packet data serving node (PDSN) supports authentication by buffering the contents of a CHAP challenge response message, and subsequently generating a CHAP success message based solely on the contents of the received CHAP challenge response message. The PDSN does not authenticate the mobile station with an authentication server prior to sending the CHAP success message. Rather, a mobile station is authenticated via an authentication server after the PDSN receives an IPCP message indicating whether or not the mobile station desires to use Mobile IP in the current session. If the mobile station desires to use Mobile IP, the PDSN uses authentication techniques in accordance with Mobile IP protocols. In the preferred embodiment, if the mobile station does not desire to use Mobile IP, the PDSN authenticates the mobile station querying an authentication server with the buffered contents of the aforementioned CHAP challenge response.
The methods and techniques disclosed herein may be used in junction with several alternate modulation techniques, including TDMA, cdma2000, WCDMA, and EDGE without departing from the present invention.
REFERENCES:
patent: 4901307 (1990-02-01), Gilhousen et al.
patent: 5802178 (1998-09-01), Holden et al.
patent: 5848161 (1998-12-01), Luneau et al.
patent: 6377691 (2002-04-01), Swift et al.
patent: 9845785 (1998-10-01), None
Perkins, Charlie “Mobile IP and Security Issue: An Overview” Proceedings of 1stIEEE-RPS Joint Conference on Internet Technologies and Services, pp. 131-148 (Oct. 25-28, 1999).
Abrol Nischal
Lioy Marcello
Choi Jae-Hee
Moise Emmanuel L.
Qualcomm Incorporated
Sandip(Micky) S. Minhas
Wadsworth Philip R.
LandOfFree
Method and apparatus for authentication in a wireless... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for authentication in a wireless..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for authentication in a wireless... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3350076