WO2003094438A1 - System, apparatus and method for sim-based authentication and encryption in wireless local area network access - Google Patents
System, apparatus and method for sim-based authentication and encryption in wireless local area network access Download PDFInfo
- Publication number
- WO2003094438A1 WO2003094438A1 PCT/EP2002/004865 EP0204865W WO03094438A1 WO 2003094438 A1 WO2003094438 A1 WO 2003094438A1 EP 0204865 W EP0204865 W EP 0204865W WO 03094438 A1 WO03094438 A1 WO 03094438A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- authentication
- protocol
- access controller
- point
- mobile network
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2854—Wide area networks, e.g. public data networks
- H04L12/2856—Access arrangements, e.g. Internet access
- H04L12/2858—Access network architectures
- H04L12/2859—Point-to-point connection between the data network and the subscribers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/162—Implementing security features at a particular protocol layer at the data link layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/043—Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
- H04W12/0431—Key distribution or pre-distribution; Key agreement
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0272—Virtual private networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/005—Discovery of network devices, e.g. terminals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/26—Network addressing or numbering for mobility support
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W80/00—Wireless network protocols or protocol adaptations to wireless operation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/02—Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
- H04W84/10—Small scale networks; Flat hierarchical networks
- H04W84/12—WLAN [Wireless Local Area Networks]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/02—Terminal devices
Definitions
- the present invention generally relates to authentication and encryption mechanisms in Wireless Local Area Network scenarios. More particularly, the invention pertains to means, system and methods for a SIM-based authentication and a layer-2 encryption mechanisms for protecting the communication path from the Terminal Equipment onwards .
- This specification 802.11b offers to some extent authentication and access control mechanisms as well as confidentiality, but only in the wireless path.
- two authentication methods are defined in this standard, namely "Open System” and "Shared Key”.
- a WLAN card in the Terminal Equipment (TE) announces that it wants to associate to a WLAN Access Point (hereinafter abbreviated as AP) .
- AP WLAN Access Point
- No authentication is performed and only some basic access control mechanisms are used like, for instance, Media Access Control (MAC) filters and Service Set Identifiers (SSID) .
- MAC Media Access Control
- SSID Service Set Identifiers
- These MAC filters are arranged for working so that only WLAN cards whose MAC address belongs to a list kept by the AP, such as an Access Control List (ACL) , are allowed to associate to the AP.
- ACL Access Control List
- This access control mechanism has a limited utility, since the identity of the entity trying to associate does not actually belong to a user, but rather to the equipment itself. If a terminal or card is stolen, there is no user-based authentication to prevent access to the resources by the stolen equipment.
- the MAC addresses of the WLAN card always appear in the headers of the WLAN frames, MAC-address spoofing is a trivial attack. This is of a special relevance since most of the WLAN cards in the market can change its MAC address just by using software means .
- the other access control mechanism is the aforementioned Service Set Identifier (SSID) , which is an alphanumeric code that identifies the instance of the WLAN that the Terminal Equipment (TE) is trying to associate.
- SSID Service Set Identifier
- a given AP only allows the association of WLAN cards that provide a right SSID.
- this access control mechanism is, again, rather useless since a plurality of well known attacks may occur.
- a second authentication method mentioned above is the so-called Shared Key.
- This procedure is embedded in a basic confidentiality mechanism provided by the Wired Equivalent Privacy (WEP) standard, which is a symmetric encryption algorithm based on RC4.
- WEP Wired Equivalent Privacy
- the authentication as such is performed by using a challenge-response mechanism in which both parties, the WLAN card and the AP, show to own a same key.
- this key is installed and stored in the Terminal Equipment (TE) , and hence it suffers from the same disadvantages as described when talking about MAC filters .
- TE Terminal Equipment
- SIM-based authentication is user- based since a SIM is designed for personal use, and protected by an access PIN.
- a WLAN operator must offer an authentication and encryption mechanism that implies the possession of a SIM card.
- This SIM card must be issued by the mobile operator and can be the same SIM used for mobile access, or can be a SIM issued on purpose for WLAN access only.
- a conventional WLAN operated by a third party can also have its own local users, and the authentication to be performed for said local is completely up to the WLAN operator. For instance, this authentication for local users might be just based on user identity plus password, or even no security at all. However, for those users that are subscribed to a mobile operator, the authentication and other security issues through said WLAN should be comparable to the ones in the mobile operator's network. On the other hand, a WLAN deployed and operated only by a mobile operator should deny access to users not belonging to that mobile operator, and should only implement authentication mechanisms based on a SIM card. [0018] Nevertheless, any attempt to introduce new and safer mechanisms for authentication and encryption in WLAN must be aimed to produce as less impacts as possible in current WLAN scenarios.
- This SIM-based authentication scheme is, however, intended to derive a ciphering key that is used as the key of the 802.11 native WEP algorithm for traffic encryption between the TE and the AP.
- the main advantage that this application introduces over the existing WEP capabilities is the addition of a new mechanism for renewing the keys once per session. Apart from that, this application is basically a modified version of the current WEP standards and does not solve the fundamental problems stated above for the original WEP version.
- the encrypted path goes from the Mobile Terminal to the AP, since WEP is only applicable to the radio path.
- the support for an encryption path to be established beyond the AP, and covering also the wired part of the WLAN, is a further object of the present invention.
- an important object of the present invention is the provision of a system, means and methods for allowing an effective SIM-based user authentication and for establishing a complete encryption path, starting from the TE, for WLAN users who are subscribers of a public land mobile network. Another particularly important object is that this SIM-based user authentication might be performed before giving IP connectivity to said user.
- a further object of the present invention is the support of keys of variable length, the use of security algorithms at operator choice, and provision of a key rotation procedure.
- a still further object of the present invention is the achievement of the previous objects with a minimum impact on conventional WLAN scenarios.
- the objects of the invention are achieved with a method for allowing a SIM-based authentication to users of a wireless local area network who are subscribers of a public land mobile network by means of a data link layer (layer-2) authentication mechanism.
- An important aspect of this method is that the IP connectivity is only provided to the user when the authentication process has been successfully completed.
- the objects of the invention are thus achieved with a method wherein a wireless terminal finds an accessible Access Point and requests association to the wireless local area network, and the Access Point accepts the request for that. The wireless terminal then initiates the discovering of an Access Controller interposed between the Access Point and the public land mobile network.
- the wireless terminal sends the user identifier immediately on top of a Point-to-Point layer 2 protocol toward the Access Controller which shifts the user identifier received on top of a Point-to-Point layer 2 protocol upwards to an authentication protocol residing at application layer.
- the Access Controller sends the user identifier toward an Authentication Gateway at the public land mobile network to initiate an authentication procedure.
- the authentication process is starting the Access Controller receives an authentication challenge from the public land mobile network via the Authentication Gateway; and shifts the authentication challenge received on the same protocol at application layer downwards on top of the Point-to-Point layer 2 protocol.
- the authentication challenge is sending by the Access Controller toward the wireless terminal for deriving an authentication response.
- the wireless terminal can send the authentication response immediately on top of a Point-to- Point layer 2 protocol toward the Access Controller which shifts the authentication response received on top of a Point-to-Point layer 2 protocol upwards to the authentication protocol at application layer.
- the authentication response is sending toward the Authentication Gateway from the Access Controller that receives an encryption key from the public land mobile network via the Authentication Gateway.
- the Access Controller extracts the encryption key received on the protocol at application layer for further encryption of communication path with the wireless terminal; and the Access Controller sends an assigned IP-address and other network configuration parameters toward the wireless terminal.
- an Access Controller that comprises a Point-to-Point server residing at an OSI layer- 2 for communicating with the wireless terminal; and an authentication protocol residing at an OSI application layer for communicating with the public land mobile network. Moreover, this Access Controller further comprises means for shifting the information received on top of the Point-to-Point layer-2 protocol upwards to an appropriate authentication protocol residing at application layer. Likewise, the Access Controller also comprises means for shifting the information received on the authentication protocol residing at application layer downwards on top of the Point-to-Point layer 2 protocol.
- a wireless terminal comprising functionality for acting as a Point-to-Point layer 2 protocol client and having an Extensible Authentication Protocol on top of this Point-to-Point layer 2 protocol.
- the overall solution provided by the invention results in a telecommunication system comprising a wireless local area network that includes at least one Access Point, a public land mobile network, at least one wireless terminal as above, and the Access Controller above.
- FIG. 1 represents a preferred embodiment of how a user of a conventional mobile network accessing through a WLAN, which can be accessed by mobile and non-mobile users, may be authenticated by his own mobile network and may have an encrypted path from the TE to his own mobile network.
- FIG. 2 presents a simplified architecture compared to the one in Fig. 1, and applicable to a WLAN accessed only by users of a public land mobile network.
- FIG. 3 schematically shows an embodiment of an Access Controller comprising a PPPoE Server and a RADIUS Client wherein the Extensible Authentication Protocol resides .
- FIG. 4 basically shows an exemplary sequence of actions carried out from the TE to the mobile network and throughout the WLAN entities to perform a SIM-based user authentication.
- SIM-based user authentication is performed before having given IP connectivity to said user.
- FIG. 1 An overall sketch of a preferred embodiment is presented in Fig. 1, showing a general scenario where subscribers of a public land mobile network (GSM/GPRS/UMTS), as well as other local non-mobile users, access a wireless local area network (WLAN) .
- GSM/GPRS/UMTS public land mobile network
- WLAN wireless local area network
- Fig. 1 proposes a particularly simple architecture aimed to minimise the impacts on an existing conventional WLAN in order to accomplish one of the objects of the present invention.
- This rather simple architecture involves different entities from a WLAN and from a public land mobile network, which are described following this.
- Fig. 2 presents an even more simplified architecture in accordance with another embodiment of the present invention for a WLAN giving access only to subscribers of a public land mobile network and without local WLAN users.
- a first entity in Fig. 1 and 2 is the Terminal Equipment (TE) , that is equipped with the necessary hardware and software to interface the user's SIM card as well as to send and receive the required signalling information according to the Authentication and Key Agreement (AKA) protocol.
- the TE also includes the necessary software to implement a Point-to-Point Protocol over Ethernet (PPPoE) protocol, client side, accordingly with RFC 2516.
- PPPoE Point-to-Point Protocol over Ethernet
- PPPoE client allows the establishment of a Point-to-Point Protocol (PPP) session with a specific server in the WLAN domain.
- PPP Point-to-Point Protocol
- EAP Extensible Authentication Protocol
- PPP encrypted PPP Encryption Control Protocol
- the Access Controller in both Fig. 1 and 2 that comprises the required PPPoE server functionality.
- This PPPoE server is automatically discovered by the Terminal Equipment (TE) , by means of a built-in mechanism in the PPPoE protocol, namely through a handshake initiated by a broadcast message.
- This Access Controller (AC) also comprises a RADIUS client functionality that has the responsibility of gathering client credentials, received through EAP attributes carried on top of a PPP, and sending them toward a conventional WLAN Authentication Server (WLAN-AS) , also through EAP attributes carried now on top of RADIUS messages.
- WLAN-AS WLAN Authentication Server
- a component like this Access Controller (AC) is also a core part for the purpose of the present solution.
- Both the Access Controller and the aforementioned PPPoE client, which is embedded in the Terminal Equipment, are co-operating entities intended for tunnelling a challenge-response authentication procedure as well as for establishing an encrypted path.
- WLAN-AS WLAN-Authentication Server
- This WLAN-AS also plays the role of a RADIUS proxy, when receiving authentication messages from the Access Controller and forwards them toward an Authentication Gateway (hereinafter referred to as AG) in the public land mobile network operator's domain.
- AG Authentication Gateway
- the WLAN-AS is only required for the purpose of the present invention in order to authenticate own WLAN users who are not mobile subscribers of the public land mobile network. Consequently, a WLAN intended for giving access only to subscribers of a mobile network may get rid of such entity without affecting the authentication of said mobile subscribers and the establishment of an encrypted path, scope of the present invention.
- Fig. 2 presents an embodiment of a simplified architecture for a WLAN giving access only to subscribers of a public land mobile network as explained above wherein the WLAN-AS is thus not included.
- a still further entity included in the scenarios of Fig. 1 and 2 is the Authentication Gateway (hereinafter referred to as AG) alone or likely in co-operation with a
- HLR Home Location Register
- AG Authentication Gateway
- MAP MAP protocol
- they can be a single logical entity acting as a RADIUS server and with the subscriber database built-in, together with the implementation of the necessary algorithms in AKA, such as the well-known A5, A8 and so on.
- AKA the necessary algorithms in AKA, such as the well-known A5, A8 and so on.
- the communication toward an HLR is, hence, not needed as exemplary illustrated in Fig. 2.
- the Access Controller the aforementioned PPPoE client, which is embedded in the Terminal Equipment, and this Authentication Gateway are the core entities for the purpose of the present invention.
- the particular description for the functions residing in such entities is merely illustrative and in non-restrictive manner.
- Fig. 3 shows different protocol layers involved in an Access Controller (AC) with reference to the Open System Interconnection (OSI) model.
- the PPPoE server residing underneath an IP layer, comprising a PPPoE protocol layer that naturally resides over an Ethernet layer, and having embedded the aforementioned EAP.
- the RADIUS client having a RADIUS protocol layer having embedded the EAP, residing over an UDP layer, both residing over an IP layer.
- the aforementioned Terminal Equipment is equipped with a Mobile Terminal Adapter (MTA) that allows the access to a SIM card carried by a mobile terminal.
- MTA Mobile Terminal Adapter
- This TE has a transceiver for communicating (C-401, C-402) with an AP of the WLAN, and includes the appropriate software stack to implement the PPPoE protocol in accordance with the RFC 2516.
- the Access Controller has a PPPoE server embedded.
- the discovery of the PPPoE server by the PPPoE client is an integral part of the protocol itself (C-403, C-404, C-405, C-406) .
- PPP link (C-407, C-408) is a Network Access Identifier
- NAI Network Access Security
- the IMSI could be fetched from the SIM card and sent as the user identity. This should only be used if sending the IMSI in clear-text is acceptable, which might not be the case.
- the Access Controller has a RADIUS client for sending (C-409) authentication messages to the WLAN-AS server.
- the Extensible Authentication Protocol (EAP) is run on top of PPP and RADIUS, in order to carry authentication information between the TE and the AG.
- the authentication mechanism to be used inside EAP may be the conventional AKA used in public land mobile networks.
- the WLAN-AS acts as an authentication server for regular WLAN users, whose authentication is not SIM-based, and as an authentication proxy for those users whose realm part of the NAI identifies them as subscribers of a mobile network thus using a SIM-based authentication. Then, when acting as an authentication proxy, the WLAN-AS forwards (C- 410) the received authentication messages to the Authentication Gateway (AG) .
- the Authentication Gateway When the Authentication Gateway receives (C-410) an authentication request, asks the HRL for an authentication vector (C-411) , triplet or quintet, by using a MAP interface. For this task, the Authentication Gateway (AG) has to know the IMSI of the subscriber whose NAI have been sent in the RADIUS message. This IMSI may be discovered by lookup in a directory database, for instance. The HLR answers back with the requested authentication information (C-412) for the user.
- C-411 authentication vector
- C-411 triplet or quintet
- the AG encapsulates the RAND component of the authentication vector in an EAP attribute and sends it back through the WLAN-AS (C-413) toward the AC (C-414) inside a RADIUS message. Notice that for user of newer mobile networks like UMTS, the sending of a message like AUTN might also be required.
- the AC then forwards (C-415) the received EAP information to the TE in a PPP message. Notice that the AC behaves here as a "passthrough" of EAP information between "carrier” protocols such as PPP and RADIUS.
- the TE When the TE receives the EAP information, extracts the RAND number and uses it to challenge the SIM and generate an answer (RES), that is sent back (C-416, C-417, C-418) to the AG via EAP transmitted over PPP and RADIUS again.
- RES an answer
- the TE first authenticates the network, based on the AUTN.
- the TE generates the encryption key following the standard algorithms defined in AKA. This key is used as a seed, namely keying material, to derive one or multiple session keys to be used with the PPP Encryption Control Protocol stated in RFC 1968, and any of the existing PPP encryption algorithms, for instance, the PPP triple-DES encryption protocol, RFC 2420.
- the AG receives (C-418) the EAP response and checks the validity of the challenge.
- the AKA encryption key (Kc) had been received previously in the authentication vector from the HLR likely in co-operation with an Authentication Centre (AuC) not depicted.
- the AG communicates then the AKA encryption key (Kc) to the AC (C-419, C-420) where the PPPoE server resides. This may be done in an Access-Accept RADIUS message where the EAP-Success is transmitted, but since this EAP command cannot carry any additional data, a RADIUS Vendor Specific Attribute (VSA) may be a more valuable option.
- VSA Vendor Specific Attribute
- the AC receives (C-420) an Access- Accept RADIUS message and requests an IP address from a Dynamic Host Configuration Protocol (DHCP) server, this IP address to be further sent to the TE .
- DHCP Dynamic Host Configuration Protocol
- the AC follows the same algorithm as the TE to derive session keys from the AKA encryption key (Kc) to be used with the PPP Encryption Control Protocol and the chosen PPP encryption algorithm (3DES, for instance) .
- the AC eventually sends (C-421) the EAP-success message to the TE, together with other configuration parameters destined to said TE, such as an IP address, an IP net mask, DNS servers, and so on.
- the PPP link is fully established and ready to enter the network phase.
Abstract
Description
Claims
Priority Applications (10)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/EP2002/004865 WO2003094438A1 (en) | 2002-05-01 | 2002-05-01 | System, apparatus and method for sim-based authentication and encryption in wireless local area network access |
EP02724305A EP1502388B1 (en) | 2002-05-01 | 2002-05-01 | System, apparatus and method for SIM-based authentification and encryption in wireless local area network access |
US10/510,498 US7936710B2 (en) | 2002-05-01 | 2002-05-01 | System, apparatus and method for sim-based authentication and encryption in wireless local area network access |
DE60223951T DE60223951T2 (en) | 2002-05-01 | 2002-05-01 | System, apparatus and method for SIM based authentication and encryption when accessing a wireless local area network |
CNB028288793A CN100366007C (en) | 2002-05-01 | 2002-05-01 | System, apparatus and method for SIM-based authentication and encryption in wireless local area network access |
BRPI0215728A BRPI0215728B1 (en) | 2002-05-01 | 2002-05-01 | method to enable sim-based authentication, access controller, wireless terminal, and telecommunication system |
ES02724305T ES2295336T3 (en) | 2002-05-01 | 2002-05-01 | SYSTEM, APPARATUS AND METHOD FOR SIM-BASED AUTHENTICATION AND ENCRYPTION (SUBSCRIBER IDENTIFICATION MODULE) IN ACCESS OF A WIRELESS LOCAL AREA NETWORK (WLAN). |
JP2004502552A JP4194046B2 (en) | 2002-05-01 | 2002-05-01 | SIM-based authentication and encryption system, apparatus and method for wireless local area network access |
AT02724305T ATE380424T1 (en) | 2002-05-01 | 2002-05-01 | SYSTEM, APPARATUS AND METHOD FOR SIM BASED AUTHENTICATION AND ENCRYPTION WHEN ACCESSING A WIRELESS LOCAL NETWORK |
AU2002255000A AU2002255000A1 (en) | 2002-05-01 | 2002-05-01 | System, apparatus and method for sim-based authentication and encryption in wireless local area network access |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/EP2002/004865 WO2003094438A1 (en) | 2002-05-01 | 2002-05-01 | System, apparatus and method for sim-based authentication and encryption in wireless local area network access |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2003094438A1 true WO2003094438A1 (en) | 2003-11-13 |
Family
ID=29286077
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2002/004865 WO2003094438A1 (en) | 2002-05-01 | 2002-05-01 | System, apparatus and method for sim-based authentication and encryption in wireless local area network access |
Country Status (10)
Country | Link |
---|---|
US (1) | US7936710B2 (en) |
EP (1) | EP1502388B1 (en) |
JP (1) | JP4194046B2 (en) |
CN (1) | CN100366007C (en) |
AT (1) | ATE380424T1 (en) |
AU (1) | AU2002255000A1 (en) |
BR (1) | BRPI0215728B1 (en) |
DE (1) | DE60223951T2 (en) |
ES (1) | ES2295336T3 (en) |
WO (1) | WO2003094438A1 (en) |
Cited By (32)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2004059945A1 (en) * | 2002-12-23 | 2004-07-15 | Electronic Data Systems Corporation | Method and system for demonstrating the operability of secure wireless networks |
WO2004083991A3 (en) * | 2003-03-18 | 2005-03-24 | Guillaume Bichot | Authentication of a wlan connection using gprs/umts infrastructure |
WO2005032201A1 (en) * | 2003-09-26 | 2005-04-07 | Telefonaktiebolaget Lm Ericsson (Publ) | Enhanced security design for cryptography in mobile communication systems |
JP2005341290A (en) * | 2004-05-27 | 2005-12-08 | Keio Gijuku | Communications system, and radio communications device |
EP1624639A1 (en) * | 2004-08-02 | 2006-02-08 | Service Factory SF AB | Sim-based authentication |
WO2006013150A1 (en) * | 2004-08-02 | 2006-02-09 | Service Factory Sf Ab | Sim-based authentication |
EP1635528A1 (en) * | 2004-09-13 | 2006-03-15 | Alcatel | A method to grant access to a data communication network and related devices |
WO2006079953A1 (en) * | 2005-01-31 | 2006-08-03 | Koninklijke Philips Electronics N.V. | Authentication method and device for use in wireless communication system |
WO2006095076A1 (en) * | 2005-03-11 | 2006-09-14 | France Telecom | Method of establishing a secure communication link |
EP1708458A1 (en) * | 2005-03-31 | 2006-10-04 | Sagem Communication S.A. | Method and device for assciating a communicating device to a gateway |
EP1770940A1 (en) * | 2005-09-30 | 2007-04-04 | Alcyone Holding S.A. | Method and apparatus for establishing a communication between a mobile device and a network |
WO2007114710A2 (en) * | 2006-04-04 | 2007-10-11 | Telenor Asa | A method and device for sim based authentification in ip networks |
WO2008019943A1 (en) * | 2006-08-17 | 2008-02-21 | Siemens Enterprise Communications Gmbh & Co. Kg | Method and arrangement for the creation of a wireless mesh network |
CN100372440C (en) * | 2005-07-08 | 2008-02-27 | 清华大学 | Wireless local-network discovering method based on honeycomb network positioning |
EP1916867A1 (en) * | 2004-06-25 | 2008-04-30 | Huawei Technologies Co., Ltd. | A method for managing the local terminal equipment to access the network |
CN100417296C (en) * | 2005-09-20 | 2008-09-03 | 华为技术有限公司 | Method for controlling terminal accessing to 3G network |
EP1988730A1 (en) * | 2006-02-22 | 2008-11-05 | NEC Corporation | Radio access system and radio access method |
GB2417856B (en) * | 2004-03-20 | 2008-11-19 | Alcyone Holding S A | Wireless LAN cellular gateways |
CN100459544C (en) * | 2004-07-15 | 2009-02-04 | 三星电子株式会社 | Prefix delegation system and method of ad-hoc network |
JP2009105739A (en) * | 2007-10-24 | 2009-05-14 | Nec Corp | Communication system, communicating method, certification information control server and small base station |
WO2009068740A1 (en) * | 2007-11-27 | 2009-06-04 | Teliasonera Ab | Network access authentication |
US20090307358A1 (en) * | 2006-04-28 | 2009-12-10 | Gemalto Sa | Transmission of Data Between A Server and A Communicating Object |
CN101815365A (en) * | 2010-04-02 | 2010-08-25 | 北京傲天动联技术有限公司 | Discovery, correlation and configuration method of wireless access controller |
CN102014384A (en) * | 2009-09-04 | 2011-04-13 | 黄金富 | Method for verifying WAPI (Wireless Authentication and Privacy Infrastructure) wireless network terminal identity by mobile phone network |
EP2372958A1 (en) * | 2010-03-30 | 2011-10-05 | Société Française du Radiotéléphone-SFR | Method for authenticating a terminal connecting with an internet server access |
CN102572838A (en) * | 2012-02-15 | 2012-07-11 | 刘士顺 | Wireless point-to-point protocol over Ethernet (PPPOE) dialing system |
EP1980118A4 (en) * | 2006-02-03 | 2012-12-19 | Broadcom Corp | Mobile network with packet data network backhaul |
US8769611B2 (en) | 2007-05-31 | 2014-07-01 | Qualcomm Incorporated | Methods and apparatus for providing PMIP key hierarchy in wireless communication networks |
EP2811771A1 (en) * | 2005-04-26 | 2014-12-10 | Vodafone Group plc | Telecommunications networks |
EP2866404A4 (en) * | 2012-09-27 | 2015-07-08 | Zte Corp | Mobile terminal with built-in pppoe dialing function and dialing method thereof |
EP3089495A4 (en) * | 2013-12-25 | 2017-08-30 | Sony Corporation | Terminal device and information processing device |
US11395143B2 (en) | 2017-04-18 | 2022-07-19 | Huawei Technologies Co., Ltd. | Network access method and apparatus and network device |
Families Citing this family (67)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7325246B1 (en) * | 2002-01-07 | 2008-01-29 | Cisco Technology, Inc. | Enhanced trust relationship in an IEEE 802.1x network |
US7529933B2 (en) * | 2002-05-30 | 2009-05-05 | Microsoft Corporation | TLS tunneling |
EP1512260B1 (en) * | 2002-06-07 | 2005-11-30 | Siemens Aktiengesellschaft | Method and device for authenticating a subscriber for utilizing services in a wireless lan (wlan) |
US7634230B2 (en) * | 2002-11-25 | 2009-12-15 | Fujitsu Limited | Methods and apparatus for secure, portable, wireless and multi-hop data networking |
US20050152305A1 (en) * | 2002-11-25 | 2005-07-14 | Fujitsu Limited | Apparatus, method, and medium for self-organizing multi-hop wireless access networks |
JP4475377B2 (en) * | 2002-12-27 | 2010-06-09 | 日本電気株式会社 | Wireless communication system, common key management server, and wireless terminal device |
ITRM20030100A1 (en) * | 2003-03-06 | 2004-09-07 | Telecom Italia Mobile Spa | TECHNIQUE OF MULTIPLE ACCESS TO THE NETWORK BY USER TERMINAL INTERCONNECTED TO A LAN AND RELATED REFERENCE ARCHITECTURE. |
US20060179305A1 (en) * | 2004-03-11 | 2006-08-10 | Junbiao Zhang | WLAN session management techniques with secure rekeying and logoff |
JP2007525731A (en) * | 2003-04-29 | 2007-09-06 | アザイア・ネットワークス・インコーポレーテッド | Method and system for providing SIM-based roaming to an existing WLAN public access infrastructure |
WO2005046157A2 (en) * | 2003-11-11 | 2005-05-19 | Siemens Aktiengesellschaft | Method for safeguarding data transmission between a first terminal and a first network and between a second terminal and a second network |
US7861006B2 (en) * | 2004-03-23 | 2010-12-28 | Mcnulty Scott | Apparatus, method and system for a tunneling client access point |
US7623518B2 (en) * | 2004-04-08 | 2009-11-24 | Hewlett-Packard Development Company, L.P. | Dynamic access control lists |
US20050238171A1 (en) * | 2004-04-26 | 2005-10-27 | Lidong Chen | Application authentication in wireless communication networks |
US7873350B1 (en) * | 2004-05-10 | 2011-01-18 | At&T Intellectual Property Ii, L.P. | End-to-end secure wireless communication for requesting a more secure channel |
GR1005023B (en) * | 2004-07-06 | 2005-10-11 | Atmel@Corporation | Method and system for rnhancing security in wireless stations of local area network (lan) |
DE112005001833B4 (en) * | 2004-07-30 | 2012-06-28 | Meshnetworks, Inc. | System and method for establishing the secure use of networks |
JP4689225B2 (en) * | 2004-10-15 | 2011-05-25 | パナソニック株式会社 | Wireless network system, wireless terminal accommodating device, and communication device |
US7483996B2 (en) * | 2004-11-29 | 2009-01-27 | Cisco Technology, Inc. | Techniques for migrating a point to point protocol to a protocol for an access network |
US7558866B2 (en) * | 2004-12-08 | 2009-07-07 | Microsoft Corporation | Method and system for securely provisioning a client device |
US20070192602A1 (en) * | 2004-12-17 | 2007-08-16 | Telefonaktiebolaget Lm Ericsson (Publ) | Clone resistant mutual authentication in a radio communication network |
US8059527B2 (en) * | 2005-02-19 | 2011-11-15 | Cisco Technology, Inc. | Techniques for oversubscribing edge nodes for virtual private networks |
FI20050491A0 (en) * | 2005-05-09 | 2005-05-09 | Nokia Corp | System for delivery of certificates in a communication system |
DE202005021930U1 (en) * | 2005-08-01 | 2011-08-08 | Corning Cable Systems Llc | Fiber optic decoupling cables and pre-connected assemblies with toning parts |
EP2763443B1 (en) | 2005-12-01 | 2019-05-22 | Ruckus Wireless, Inc. | On-demand services by wireless base station virtualization |
CN100452924C (en) * | 2006-01-09 | 2009-01-14 | 中国科学院软件研究所 | Method and apparatus for realizing bidirectional authentication of terminal and network using SIM card |
US20070180499A1 (en) * | 2006-01-31 | 2007-08-02 | Van Bemmel Jeroen | Authenticating clients to wireless access networks |
WO2007095995A2 (en) * | 2006-02-23 | 2007-08-30 | Togewa Holding Ag | Switching system and corresponding method for unicast or multicast end-to-end data and/or multimedia stream transmissions between network nodes |
JP4965144B2 (en) * | 2006-03-20 | 2012-07-04 | 株式会社リコー | Communication device |
US7788703B2 (en) * | 2006-04-24 | 2010-08-31 | Ruckus Wireless, Inc. | Dynamic authentication in secured wireless networks |
US9769655B2 (en) | 2006-04-24 | 2017-09-19 | Ruckus Wireless, Inc. | Sharing security keys with headless devices |
US9071583B2 (en) * | 2006-04-24 | 2015-06-30 | Ruckus Wireless, Inc. | Provisioned configuration for automatic wireless connection |
EP1865656A1 (en) * | 2006-06-08 | 2007-12-12 | BRITISH TELECOMMUNICATIONS public limited company | Provision of secure communications connection using third party authentication |
FI121560B (en) * | 2006-11-20 | 2010-12-31 | Teliasonera Ab | Authentication in a mobile communication system |
GB2446738C (en) * | 2007-02-02 | 2014-10-01 | Ubiquisys Ltd | Basestation measurement modes |
GB2447442A (en) | 2007-02-23 | 2008-09-17 | Ubiquisys Ltd | Base station for cellular communication system |
CN101282259B (en) * | 2007-04-04 | 2011-07-27 | 中国电信股份有限公司 | System, application and method for IP network access authentication based on personal identification module IM |
US9239915B2 (en) * | 2007-09-26 | 2016-01-19 | Intel Corporation | Synchronizing between host and management co-processor for network access control |
US10783232B2 (en) | 2007-09-27 | 2020-09-22 | Clevx, Llc | Management system for self-encrypting managed devices with embedded wireless user authentication |
US11190936B2 (en) | 2007-09-27 | 2021-11-30 | Clevx, Llc | Wireless authentication system |
US10181055B2 (en) | 2007-09-27 | 2019-01-15 | Clevx, Llc | Data security system with encryption |
US10778417B2 (en) * | 2007-09-27 | 2020-09-15 | Clevx, Llc | Self-encrypting module with embedded wireless user authentication |
US8775790B2 (en) * | 2007-10-30 | 2014-07-08 | Honeywell International Inc. | System and method for providing secure network communications |
GB2464553B (en) | 2008-10-22 | 2012-11-21 | Skype | Controlling a connection between a user terminal and an access node connected to a communication network |
GB2464552B (en) | 2008-10-22 | 2012-11-21 | Skype | Authentication system and method for authenticating a user terminal with an access node providing restricted access to a communication network |
US20100235900A1 (en) * | 2009-03-13 | 2010-09-16 | Assa Abloy Ab | Efficient two-factor authentication |
US9032058B2 (en) * | 2009-03-13 | 2015-05-12 | Assa Abloy Ab | Use of SNMP for management of small footprint devices |
US8873523B2 (en) * | 2009-09-30 | 2014-10-28 | Apple Inc. | Methods and apparatus for solicited activation for protected wireless networking |
US8830866B2 (en) * | 2009-09-30 | 2014-09-09 | Apple Inc. | Methods and apparatus for solicited activation for protected wireless networking |
CN102130975A (en) * | 2010-01-20 | 2011-07-20 | 中兴通讯股份有限公司 | Method and system for accessing network on public equipment by using identifier |
JP5521057B2 (en) * | 2010-03-09 | 2014-06-11 | アルカテル−ルーセント | Method and apparatus for authenticating user equipment |
JP2011199340A (en) * | 2010-03-17 | 2011-10-06 | Fujitsu Ltd | Communication apparatus and method, and communication system |
US8464061B2 (en) | 2010-08-30 | 2013-06-11 | Apple Inc. | Secure wireless link between two devices using probes |
CN102083067A (en) * | 2010-12-17 | 2011-06-01 | 中国联合网络通信集团有限公司 | Communication terminal, method and system |
CN102625306A (en) * | 2011-01-31 | 2012-08-01 | 电信科学技术研究院 | Method, system and equipment for authentication |
WO2012149219A2 (en) * | 2011-04-26 | 2012-11-01 | Apple Inc. | Electronic access client distribution apparatus and methods |
JP6066997B2 (en) | 2011-05-01 | 2017-01-25 | ラッカス ワイヤレス, インコーポレイテッド | Remote cable access point reset |
US8756668B2 (en) | 2012-02-09 | 2014-06-17 | Ruckus Wireless, Inc. | Dynamic PSK for hotspots |
US9092610B2 (en) | 2012-04-04 | 2015-07-28 | Ruckus Wireless, Inc. | Key assignment for a brand |
JP5987707B2 (en) * | 2013-01-25 | 2016-09-07 | ソニー株式会社 | Terminal device, program, and communication system |
US9432363B2 (en) * | 2014-02-07 | 2016-08-30 | Apple Inc. | System and method for using credentials of a first client station to authenticate a second client station |
JP6465108B2 (en) * | 2014-05-01 | 2019-02-06 | ソニー株式会社 | Wireless communication device |
US10223549B2 (en) * | 2015-01-21 | 2019-03-05 | Onion ID Inc. | Techniques for facilitating secure, credential-free user access to resources |
US9843885B2 (en) * | 2015-08-12 | 2017-12-12 | Apple Inc. | Methods, procedures and framework to provision an eSIM and make it multi-SIM capable using primary account information |
DE102015122936A1 (en) * | 2015-12-29 | 2017-06-29 | Deutsche Telekom Ag | A method for more flexible use of resources in telecommunications |
IL248058B (en) * | 2016-09-26 | 2021-04-29 | Verint Systems Ltd | System and method for obtaining an indentifier of a mobile communication terminal at a control checkpoint |
JP7161108B2 (en) * | 2019-02-26 | 2022-10-26 | 日本電信電話株式会社 | Communication method, communication system, relay device and relay program |
US20230354026A1 (en) * | 2022-04-29 | 2023-11-02 | Microsoft Technology Licensing, Llc | Encrypted flow of sim data between regions and edge networks |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001076297A1 (en) * | 2000-03-31 | 2001-10-11 | Nokia Corporation | Billing in a packet data network |
US20020012433A1 (en) * | 2000-03-31 | 2002-01-31 | Nokia Corporation | Authentication in a packet data network |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
SE508844C2 (en) * | 1997-02-19 | 1998-11-09 | Postgirot Bank Ab | Procedure for access control with SIM card |
FR2790177B1 (en) * | 1999-02-22 | 2001-05-18 | Gemplus Card Int | AUTHENTICATION IN A RADIOTELEPHONY NETWORK |
US8463231B1 (en) * | 1999-11-02 | 2013-06-11 | Nvidia Corporation | Use of radius in UMTS to perform accounting functions |
FI111208B (en) * | 2000-06-30 | 2003-06-13 | Nokia Corp | Arrangement of data encryption in a wireless telecommunication system |
US7043633B1 (en) * | 2000-08-28 | 2006-05-09 | Verizon Corporation Services Group Inc. | Method and apparatus for providing adaptive self-synchronized dynamic address translation |
US6854014B1 (en) * | 2000-11-07 | 2005-02-08 | Nortel Networks Limited | System and method for accounting management in an IP centric distributed network |
US20030120920A1 (en) * | 2001-12-20 | 2003-06-26 | Svensson Sven Anders Borje | Remote device authentication |
-
2002
- 2002-05-01 US US10/510,498 patent/US7936710B2/en active Active
- 2002-05-01 BR BRPI0215728A patent/BRPI0215728B1/en active IP Right Grant
- 2002-05-01 AT AT02724305T patent/ATE380424T1/en not_active IP Right Cessation
- 2002-05-01 CN CNB028288793A patent/CN100366007C/en not_active Expired - Lifetime
- 2002-05-01 EP EP02724305A patent/EP1502388B1/en not_active Expired - Lifetime
- 2002-05-01 JP JP2004502552A patent/JP4194046B2/en not_active Expired - Lifetime
- 2002-05-01 DE DE60223951T patent/DE60223951T2/en not_active Expired - Lifetime
- 2002-05-01 AU AU2002255000A patent/AU2002255000A1/en not_active Abandoned
- 2002-05-01 ES ES02724305T patent/ES2295336T3/en not_active Expired - Lifetime
- 2002-05-01 WO PCT/EP2002/004865 patent/WO2003094438A1/en active IP Right Grant
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001076297A1 (en) * | 2000-03-31 | 2001-10-11 | Nokia Corporation | Billing in a packet data network |
US20020012433A1 (en) * | 2000-03-31 | 2002-01-31 | Nokia Corporation | Authentication in a packet data network |
Cited By (46)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2004059945A1 (en) * | 2002-12-23 | 2004-07-15 | Electronic Data Systems Corporation | Method and system for demonstrating the operability of secure wireless networks |
US7565688B2 (en) | 2002-12-23 | 2009-07-21 | Hewlett-Packard Development Company, L.P. | Network demonstration techniques |
WO2004083991A3 (en) * | 2003-03-18 | 2005-03-24 | Guillaume Bichot | Authentication of a wlan connection using gprs/umts infrastructure |
JP2006521055A (en) * | 2003-03-18 | 2006-09-14 | トムソン ライセンシング | Tight coupling signaling connection management for connecting wireless and cellular networks |
WO2005032201A1 (en) * | 2003-09-26 | 2005-04-07 | Telefonaktiebolaget Lm Ericsson (Publ) | Enhanced security design for cryptography in mobile communication systems |
US7660417B2 (en) | 2003-09-26 | 2010-02-09 | Telefonaktiebolaget Lm Ericsson (Publ) | Enhanced security design for cryptography in mobile communication systems |
EP2357858A1 (en) * | 2003-09-26 | 2011-08-17 | Telefonaktiebolaget L M Ericsson (Publ) | Enhanced security design for cryptography in mobile communication systems |
GB2417856B (en) * | 2004-03-20 | 2008-11-19 | Alcyone Holding S A | Wireless LAN cellular gateways |
JP2005341290A (en) * | 2004-05-27 | 2005-12-08 | Keio Gijuku | Communications system, and radio communications device |
US8208898B2 (en) | 2004-06-25 | 2012-06-26 | Huawei Technologies Co., Ltd. | Method for managing local terminal equipment accessing a network |
EP1916867A1 (en) * | 2004-06-25 | 2008-04-30 | Huawei Technologies Co., Ltd. | A method for managing the local terminal equipment to access the network |
CN100459544C (en) * | 2004-07-15 | 2009-02-04 | 三星电子株式会社 | Prefix delegation system and method of ad-hoc network |
WO2006013150A1 (en) * | 2004-08-02 | 2006-02-09 | Service Factory Sf Ab | Sim-based authentication |
EP1624639A1 (en) * | 2004-08-02 | 2006-02-08 | Service Factory SF AB | Sim-based authentication |
EP1635528A1 (en) * | 2004-09-13 | 2006-03-15 | Alcatel | A method to grant access to a data communication network and related devices |
WO2006079953A1 (en) * | 2005-01-31 | 2006-08-03 | Koninklijke Philips Electronics N.V. | Authentication method and device for use in wireless communication system |
FR2883115A1 (en) * | 2005-03-11 | 2006-09-15 | France Telecom | METHOD OF ESTABLISHING SECURE COMMUNICATION LINK |
WO2006095076A1 (en) * | 2005-03-11 | 2006-09-14 | France Telecom | Method of establishing a secure communication link |
EP1708458A1 (en) * | 2005-03-31 | 2006-10-04 | Sagem Communication S.A. | Method and device for assciating a communicating device to a gateway |
FR2884093A1 (en) * | 2005-03-31 | 2006-10-06 | Sagem | METHOD AND DEVICE FOR ASSOCIATING A COMMUNICATION DEVICE WITH A GATEWAY |
EP2811771A1 (en) * | 2005-04-26 | 2014-12-10 | Vodafone Group plc | Telecommunications networks |
CN100372440C (en) * | 2005-07-08 | 2008-02-27 | 清华大学 | Wireless local-network discovering method based on honeycomb network positioning |
CN100417296C (en) * | 2005-09-20 | 2008-09-03 | 华为技术有限公司 | Method for controlling terminal accessing to 3G network |
EP1770940A1 (en) * | 2005-09-30 | 2007-04-04 | Alcyone Holding S.A. | Method and apparatus for establishing a communication between a mobile device and a network |
US8953588B2 (en) | 2006-02-03 | 2015-02-10 | Broadcom Corporation | Mobile network with packet data network backhaul |
EP1980118A4 (en) * | 2006-02-03 | 2012-12-19 | Broadcom Corp | Mobile network with packet data network backhaul |
EP1988730A4 (en) * | 2006-02-22 | 2011-09-28 | Nec Corp | Radio access system and radio access method |
EP1988730A1 (en) * | 2006-02-22 | 2008-11-05 | NEC Corporation | Radio access system and radio access method |
WO2007114710A3 (en) * | 2006-04-04 | 2007-12-27 | Telenor Asa | A method and device for sim based authentification in ip networks |
WO2007114710A2 (en) * | 2006-04-04 | 2007-10-11 | Telenor Asa | A method and device for sim based authentification in ip networks |
US20090307358A1 (en) * | 2006-04-28 | 2009-12-10 | Gemalto Sa | Transmission of Data Between A Server and A Communicating Object |
WO2008019943A1 (en) * | 2006-08-17 | 2008-02-21 | Siemens Enterprise Communications Gmbh & Co. Kg | Method and arrangement for the creation of a wireless mesh network |
US8122249B2 (en) | 2006-08-17 | 2012-02-21 | Siemens Enterprise Communications Gmbh & Co. Kg | Method and arrangement for providing a wireless mesh network |
US8769611B2 (en) | 2007-05-31 | 2014-07-01 | Qualcomm Incorporated | Methods and apparatus for providing PMIP key hierarchy in wireless communication networks |
JP2009105739A (en) * | 2007-10-24 | 2009-05-14 | Nec Corp | Communication system, communicating method, certification information control server and small base station |
WO2009068740A1 (en) * | 2007-11-27 | 2009-06-04 | Teliasonera Ab | Network access authentication |
US9241264B2 (en) | 2007-11-27 | 2016-01-19 | Teliasonera Ab | Network access authentication for user equipment communicating in multiple networks |
CN102014384A (en) * | 2009-09-04 | 2011-04-13 | 黄金富 | Method for verifying WAPI (Wireless Authentication and Privacy Infrastructure) wireless network terminal identity by mobile phone network |
EP2372958A1 (en) * | 2010-03-30 | 2011-10-05 | Société Française du Radiotéléphone-SFR | Method for authenticating a terminal connecting with an internet server access |
FR2958428A1 (en) * | 2010-03-30 | 2011-10-07 | Radiotelephone Sfr | METHOD OF EXECUTING A FIRST SERVICE WHILE A SECOND SERVICE IS IN PROGRESS, USING A COMPUTER TERMINAL EQUIPPED WITH AN INTEGRATED CIRCUIT BOARD. |
CN101815365A (en) * | 2010-04-02 | 2010-08-25 | 北京傲天动联技术有限公司 | Discovery, correlation and configuration method of wireless access controller |
CN102572838A (en) * | 2012-02-15 | 2012-07-11 | 刘士顺 | Wireless point-to-point protocol over Ethernet (PPPOE) dialing system |
CN102572838B (en) * | 2012-02-15 | 2015-10-28 | 刘士顺 | A kind of wireless PPPOE dial system |
EP2866404A4 (en) * | 2012-09-27 | 2015-07-08 | Zte Corp | Mobile terminal with built-in pppoe dialing function and dialing method thereof |
EP3089495A4 (en) * | 2013-12-25 | 2017-08-30 | Sony Corporation | Terminal device and information processing device |
US11395143B2 (en) | 2017-04-18 | 2022-07-19 | Huawei Technologies Co., Ltd. | Network access method and apparatus and network device |
Also Published As
Publication number | Publication date |
---|---|
BRPI0215728B1 (en) | 2016-06-07 |
JP4194046B2 (en) | 2008-12-10 |
ATE380424T1 (en) | 2007-12-15 |
CN1666465A (en) | 2005-09-07 |
EP1502388B1 (en) | 2007-12-05 |
US7936710B2 (en) | 2011-05-03 |
CN100366007C (en) | 2008-01-30 |
DE60223951D1 (en) | 2008-01-17 |
BR0215728A (en) | 2005-02-22 |
EP1502388A1 (en) | 2005-02-02 |
JP2005524341A (en) | 2005-08-11 |
ES2295336T3 (en) | 2008-04-16 |
US20060052085A1 (en) | 2006-03-09 |
DE60223951T2 (en) | 2008-11-27 |
AU2002255000A1 (en) | 2003-11-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1502388B1 (en) | System, apparatus and method for SIM-based authentification and encryption in wireless local area network access | |
EP1770940B1 (en) | Method and apparatus for establishing a communication between a mobile device and a network | |
AU2005236981B2 (en) | Improved subscriber authentication for unlicensed mobile access signaling | |
Arbaugh et al. | Your 80211 wireless network has no clothes | |
JP3984993B2 (en) | Method and system for establishing a connection through an access network | |
EP2027666B1 (en) | Access to services in a telecommunications network | |
Koien et al. | Security aspects of 3G-WLAN interworking | |
JP3869392B2 (en) | User authentication method in public wireless LAN service system and recording medium storing program for causing computer to execute the method | |
US20080026724A1 (en) | Method for wireless local area network user set-up session connection and authentication, authorization and accounting server | |
WO2006005999A1 (en) | Enhanced use of a network access identifier in wlan | |
WO2006024969A1 (en) | Wireless local area network authentication method | |
WO2006013150A1 (en) | Sim-based authentication | |
US20040133806A1 (en) | Integration of a Wireless Local Area Network and a Packet Data Network | |
EP1624639B1 (en) | Sim-based authentication | |
RU2292648C2 (en) | System, device, and method designed for sim based authentication and for encryption with wireless local area network access | |
KR100527631B1 (en) | System and method for user authentication of ad-hoc node in ad-hoc network | |
Jiang et al. | WLAN-centric authentication in integrated GPRS-WLAN networks | |
GB2417856A (en) | Wireless LAN Cellular Gateways | |
El-Sadek et al. | Universal mobility with global identity (UMGI) architecture | |
Caballero et al. | Experimental Study of a Network Access Server for a public WLAN access network | |
Wang | Authentication for Inter-Domain Roaming in Wireless IP Networks | |
Kizza et al. | Security in Wireless Systems | |
Rannenberg | Network Security II | |
Dunmore et al. | of Deliverable: Framework for the Support of IPv6 Wireless LANs |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG US UZ VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2002724305 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 3191/DELNP/2004 Country of ref document: IN |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2004502552 Country of ref document: JP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 20028288793 Country of ref document: CN |
|
ENP | Entry into the national phase |
Ref document number: 2004135075 Country of ref document: RU Kind code of ref document: A |
|
WWP | Wipo information: published in national office |
Ref document number: 2002724305 Country of ref document: EP |
|
ENP | Entry into the national phase |
Ref document number: 2006052085 Country of ref document: US Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 10510498 Country of ref document: US |
|
WWP | Wipo information: published in national office |
Ref document number: 10510498 Country of ref document: US |
|
WWG | Wipo information: grant in national office |
Ref document number: 2002724305 Country of ref document: EP |