+

WO2002019593A3 - End-user authentication independent of network service provider - Google Patents

End-user authentication independent of network service provider Download PDF

Info

Publication number
WO2002019593A3
WO2002019593A3 PCT/SE2001/001814 SE0101814W WO0219593A3 WO 2002019593 A3 WO2002019593 A3 WO 2002019593A3 SE 0101814 W SE0101814 W SE 0101814W WO 0219593 A3 WO0219593 A3 WO 0219593A3
Authority
WO
WIPO (PCT)
Prior art keywords
token
transmitted
key
user
external application
Prior art date
Application number
PCT/SE2001/001814
Other languages
French (fr)
Other versions
WO2002019593A2 (en
Inventor
Jose-Luis Mariz-Rios
Jose-Luis Ruiz-Sanchez
Ulf Schuberth
Juergen Knorr
Original Assignee
Ericsson Telefon Ab L M
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ericsson Telefon Ab L M filed Critical Ericsson Telefon Ab L M
Priority to EP01961535A priority Critical patent/EP1314278A2/en
Priority to AU2001282795A priority patent/AU2001282795A1/en
Publication of WO2002019593A2 publication Critical patent/WO2002019593A2/en
Publication of WO2002019593A3 publication Critical patent/WO2002019593A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A system and method for verifying the identity of an end-user. The end-user requests to access an external application. The external application sends an authentication request to an authentication server, which generates a random token. The generated token is transmitted to the end-user. The end-user enters the generated token and a personal identification number into a cellular terminal connected to a GSM network. At least the token is encrypted using a secret key stored within the cellular terminal and transmitted through the GSM network to an authentication gateway. The token is decrypted by the authentication gateway using either the same secret key or a key matched to the secret key. The token is then transmitted to the authentication server where the received key is compared to the generated key. The results of the comparison are transmitted to the external application.
PCT/SE2001/001814 2000-08-30 2001-08-24 End-user authentication independent of network service provider WO2002019593A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP01961535A EP1314278A2 (en) 2000-08-30 2001-08-24 End-user authentication independent of network service provider
AU2001282795A AU2001282795A1 (en) 2000-08-30 2001-08-24 End-user authentication independent of network service provider

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US65136400A 2000-08-30 2000-08-30
US09/651,364 2000-08-30

Publications (2)

Publication Number Publication Date
WO2002019593A2 WO2002019593A2 (en) 2002-03-07
WO2002019593A3 true WO2002019593A3 (en) 2002-09-06

Family

ID=24612590

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SE2001/001814 WO2002019593A2 (en) 2000-08-30 2001-08-24 End-user authentication independent of network service provider

Country Status (3)

Country Link
EP (1) EP1314278A2 (en)
AU (1) AU2001282795A1 (en)
WO (1) WO2002019593A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103220257B (en) * 2012-01-19 2016-01-06 中国石油天然气集团公司 A kind of method of compunication, network host and system

Families Citing this family (45)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7444513B2 (en) * 2001-05-14 2008-10-28 Nokia Corporiation Authentication in data communication
FI20020733A0 (en) 2002-04-16 2002-04-16 Nokia Corp Method and system for verifying the user of a data transfer device
SE0202450D0 (en) * 2002-08-15 2002-08-15 Ericsson Telefon Ab L M Non-repudiation of digital content
US7970423B2 (en) * 2002-11-08 2011-06-28 Nokia Corporation Context linking scheme
GB2397731B (en) * 2003-01-22 2006-02-22 Ebizz Consulting Ltd Authentication system
CN1788470A (en) 2003-05-14 2006-06-14 皇家飞利浦电子股份有限公司 Methods and devices for counting user equipment units in a mobile radio telecommunication network
CN100461780C (en) * 2003-07-17 2009-02-11 华为技术有限公司 A safety authentication method based on media gateway control protocol
FI116654B (en) * 2003-10-23 2006-01-13 Siltanet Ltd User authentication procedure
EP1719316B1 (en) * 2003-12-29 2012-05-23 Telefonaktiebolaget LM Ericsson (publ) Means and method for single sign-on access to a service network through an access network
US7529267B2 (en) * 2004-03-19 2009-05-05 Fujitsu Limited Data transmissions in communication networks using multiple tokens
WO2006079145A1 (en) * 2004-10-20 2006-08-03 Salt Group Pty Ltd Authentication method
DE102005002521A1 (en) * 2005-01-19 2006-07-27 Giesecke & Devrient Gmbh Subscriber card for internet weblog services
DE102005017374A1 (en) * 2005-04-14 2006-10-19 Vodafone Holding Gmbh Method for confirming a service request
US20230196357A9 (en) 2005-10-07 2023-06-22 Multiple Shift Key, Inc. Secure authentication and transaction system and method
FR2900019B1 (en) * 2006-04-12 2008-10-31 Alcatel Sa AUTHENTICATION METHOD, TERMINAL AND OPERATOR THEREFOR
NZ547322A (en) * 2006-05-18 2008-03-28 Fronde Anywhere Ltd Authentication method for wireless transactions
WO2007143795A1 (en) 2006-06-16 2007-12-21 Fmt Worldwide Pty Ltd An authentication system and process
DE102006037167A1 (en) * 2006-08-09 2008-02-14 Deutsche Telekom Ag Method and system for carrying out a payment transaction with a means of payment
EP1919157A1 (en) * 2006-11-06 2008-05-07 Axalto SA Authentication based on a single message
US7942740B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Verifying a first device is in communications with a server by storing a value from the first device and accessing the value from a second device
US7942739B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Storing information from a verification device and accessing the information from a gaming device to verify that the gaming device is communicating with a server
US7942742B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Accessing identification information to verify a gaming device is in communications with a server
US10068421B2 (en) * 2006-11-16 2018-09-04 Cfph, Llc Using a first device to verify whether a second device is communicating with a server
JP5675106B2 (en) * 2006-11-15 2015-02-25 シーエフピーエイチ, エル.エル.シー. Apparatus and method for determining a gaming machine in communication with a game server
US7942738B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Verifying a gaming device is in communications with a gaming server
US8012015B2 (en) 2006-11-15 2011-09-06 Cfph, Llc Verifying whether a gaming device is communicating with a gaming server
US7942741B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Verifying whether a device is communicating with a server
FI121617B (en) * 2007-08-15 2011-01-31 Elisa Oyj A visiting user's access to a network
FR2926938B1 (en) * 2008-01-28 2010-03-19 Paycool Dev METHOD OF AUTHENTICATING AND SIGNING A USER TO AN APPLICATION SERVICE USING A MOBILE PHONE AS A SECOND FACTOR IN COMPLEMENT AND INDEPENDENTLY OF A FIRST FACTOR
US8837465B2 (en) 2008-04-02 2014-09-16 Twilio, Inc. System and method for processing telephony sessions
AU2009231676B2 (en) 2008-04-02 2013-10-03 Twilio Inc. System and method for processing telephony sessions
BRPI0802251A2 (en) 2008-07-07 2011-08-23 Tacito Pereira Nobre system, method and device for authentication in electronic relationships
AU2009295193A1 (en) * 2008-09-22 2010-03-25 Tefaye, Joseph Elie Mr Method and system for user authentication
FR2940580B1 (en) * 2008-12-23 2012-11-30 Solleu Yann Le METHOD AND SYSTEM FOR CONTROLLING ACCESS TO A SERVICE
EP2453379A1 (en) * 2010-11-15 2012-05-16 Deutsche Telekom AG Method, system, user equipment and program for authenticating a user
WO2012162843A1 (en) 2011-06-03 2012-12-06 Research In Motion Limted System and method for accessing private networks
WO2013044307A1 (en) * 2011-09-30 2013-04-04 Cocoon Data Holdings Limited A system and method for distributing secured data
FR2984555A1 (en) * 2011-12-19 2013-06-21 Sagemcom Documents Sas METHOD OF PAIRING AN ELECTRONIC APPARATUS AND A USER ACCOUNT WITHIN AN ONLINE SERVICE
US8737962B2 (en) 2012-07-24 2014-05-27 Twilio, Inc. Method and system for preventing illicit use of a telephony platform
US9124582B2 (en) * 2013-02-20 2015-09-01 Fmr Llc Mobile security fob
US9117229B2 (en) * 2013-06-03 2015-08-25 Tangome, Inc. Generating revenue by growing sales of third-party applications
EP4246892A3 (en) 2013-09-13 2023-11-08 Alcatel Lucent Method and system for controlling the exchange of privacy-sensitive information
US9226217B2 (en) 2014-04-17 2015-12-29 Twilio, Inc. System and method for enabling multi-modal communication
FR3028334A1 (en) * 2015-04-07 2016-05-13 Orange METHOD FOR THE STRONG AUTHENTICATION OF A USER OF A CONSUMER EQUIPMENT VIA AN AUTHENTICATION EQUIPMENT EQUIPPED WITH A SECURITY MODULE
EP3794790B1 (en) * 2018-05-18 2023-11-15 Telefonaktiebolaget LM Ericsson (publ) Application program access control

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5668876A (en) * 1994-06-24 1997-09-16 Telefonaktiebolaget Lm Ericsson User authentication method and apparatus
WO1999044114A1 (en) * 1998-02-25 1999-09-02 Telefonaktiebolaget Lm Ericsson Method, arrangement and apparatus for authentication through a communications network
US6061650A (en) * 1996-09-10 2000-05-09 Nortel Networks Corporation Method and apparatus for transparently providing mobile network functionality
US6078908A (en) * 1997-04-29 2000-06-20 Schmitz; Kim Method for authorizing in data transmission systems
WO2000044130A1 (en) * 1999-01-20 2000-07-27 Netcom Ab A method, system and arrangement for providing services on the internet
WO2002001516A2 (en) * 2000-06-26 2002-01-03 Intel Corporation Method and apparatus for using a cellular telephone as an authentification device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5668876A (en) * 1994-06-24 1997-09-16 Telefonaktiebolaget Lm Ericsson User authentication method and apparatus
US6061650A (en) * 1996-09-10 2000-05-09 Nortel Networks Corporation Method and apparatus for transparently providing mobile network functionality
US6078908A (en) * 1997-04-29 2000-06-20 Schmitz; Kim Method for authorizing in data transmission systems
WO1999044114A1 (en) * 1998-02-25 1999-09-02 Telefonaktiebolaget Lm Ericsson Method, arrangement and apparatus for authentication through a communications network
WO2000044130A1 (en) * 1999-01-20 2000-07-27 Netcom Ab A method, system and arrangement for providing services on the internet
WO2002001516A2 (en) * 2000-06-26 2002-01-03 Intel Corporation Method and apparatus for using a cellular telephone as an authentification device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103220257B (en) * 2012-01-19 2016-01-06 中国石油天然气集团公司 A kind of method of compunication, network host and system

Also Published As

Publication number Publication date
EP1314278A2 (en) 2003-05-28
AU2001282795A1 (en) 2002-03-13
WO2002019593A2 (en) 2002-03-07

Similar Documents

Publication Publication Date Title
WO2002019593A3 (en) End-user authentication independent of network service provider
FI115098B (en) Authentication in data communication
EP1873998B1 (en) Identifiers in a communication system
US8112065B2 (en) Mobile authentication through strengthened mutual authentication and handover security
RU2008118495A (en) METHOD AND DEVICE FOR ESTABLISHING A SAFE ASSOCIATION
KR20010112618A (en) An improved method for an authentication of a user subscription identity module
AU4267999A (en) Preventing unauthorized use of service
WO2004034214A3 (en) Shared network access using different access keys
CN102868665A (en) Method and device for data transmission
WO2002011358A3 (en) Method and apparatus for securely providing billable multicast data
US20120108203A1 (en) System and method for assuring identity on a mobile device
KR100920409B1 (en) Authentication of a wireless communication using expiration marker
JP4636423B2 (en) Authentication within the mobile network
Pagliusi A contemporary foreword on GSM security
US20050210247A1 (en) Method of virtual challenge response authentication
Bocan et al. Mitigating denial of service threats in GSM networks
KR100546778B1 (en) Wireless internet subscriber authentication method and device
CN111586686B (en) Method and system for network access authentication
ATE381192T1 (en) FORCED ENCRYPTION FOR WIRELESS LOCAL NETWORKS
CN101742507B (en) System and method for accessing Web application site for WAPI terminal
CA2379677A1 (en) System and method for local policy enforcement for internet service providers
EP3125595A1 (en) Method to provide identification in privacy mode
KR100968522B1 (en) Mobile authentication method with enhanced mutual authentication and handover security
He et al. A mechanism for personal control over mobile location privacy
KR100463751B1 (en) Method for generating packet-data in wireless-communication and method and apparatus for wireless-communication using that packet-data

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PH PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2001961535

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2001961535

Country of ref document: EP

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWW Wipo information: withdrawn in national office

Ref document number: 2001961535

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: JP

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载