WO2002019593A3 - End-user authentication independent of network service provider - Google Patents

End-user authentication independent of network service provider Download PDF

Info

Publication number
WO2002019593A3
WO2002019593A3 PCT/SE2001/001814 SE0101814W WO0219593A3 WO 2002019593 A3 WO2002019593 A3 WO 2002019593A3 SE 0101814 W SE0101814 W SE 0101814W WO 0219593 A3 WO0219593 A3 WO 0219593A3
Authority
WO
WIPO (PCT)
Prior art keywords
token
transmitted
key
user
external application
Prior art date
Application number
PCT/SE2001/001814
Other languages
French (fr)
Other versions
WO2002019593A2 (en
Inventor
Jose-Luis Mariz-Rios
Jose-Luis Ruiz-Sanchez
Ulf Schuberth
Juergen Knorr
Original Assignee
Ericsson Telefon Ab L M
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ericsson Telefon Ab L M filed Critical Ericsson Telefon Ab L M
Priority to EP01961535A priority Critical patent/EP1314278A2/en
Priority to AU2001282795A priority patent/AU2001282795A1/en
Publication of WO2002019593A2 publication Critical patent/WO2002019593A2/en
Publication of WO2002019593A3 publication Critical patent/WO2002019593A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys

Abstract

A system and method for verifying the identity of an end-user. The end-user requests to access an external application. The external application sends an authentication request to an authentication server, which generates a random token. The generated token is transmitted to the end-user. The end-user enters the generated token and a personal identification number into a cellular terminal connected to a GSM network. At least the token is encrypted using a secret key stored within the cellular terminal and transmitted through the GSM network to an authentication gateway. The token is decrypted by the authentication gateway using either the same secret key or a key matched to the secret key. The token is then transmitted to the authentication server where the received key is compared to the generated key. The results of the comparison are transmitted to the external application.
PCT/SE2001/001814 2000-08-30 2001-08-24 End-user authentication independent of network service provider WO2002019593A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP01961535A EP1314278A2 (en) 2000-08-30 2001-08-24 End-user authentication independent of network service provider
AU2001282795A AU2001282795A1 (en) 2000-08-30 2001-08-24 End-user authentication independent of network service provider

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US65136400A 2000-08-30 2000-08-30
US09/651,364 2000-08-30

Publications (2)

Publication Number Publication Date
WO2002019593A2 WO2002019593A2 (en) 2002-03-07
WO2002019593A3 true WO2002019593A3 (en) 2002-09-06

Family

ID=24612590

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SE2001/001814 WO2002019593A2 (en) 2000-08-30 2001-08-24 End-user authentication independent of network service provider

Country Status (3)

Country Link
EP (1) EP1314278A2 (en)
AU (1) AU2001282795A1 (en)
WO (1) WO2002019593A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103220257B (en) * 2012-01-19 2016-01-06 中国石油天然气集团公司 A kind of method of compunication, network host and system

Families Citing this family (44)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7444513B2 (en) * 2001-05-14 2008-10-28 Nokia Corporiation Authentication in data communication
FI20020733A0 (en) 2002-04-16 2002-04-16 Nokia Corp Method and system for verifying the user of a data transfer device
SE0202450D0 (en) * 2002-08-15 2002-08-15 Ericsson Telefon Ab L M Non-repudiation of digital content
US7970423B2 (en) 2002-11-08 2011-06-28 Nokia Corporation Context linking scheme
GB2397731B (en) * 2003-01-22 2006-02-22 Ebizz Consulting Ltd Authentication system
TWI367040B (en) 2003-05-14 2012-06-21 Koninkl Philips Electronics Nv Methods and devices for counting user equipment units in a mobile radio telecommunication network
CN100461780C (en) * 2003-07-17 2009-02-11 华为技术有限公司 A safety authentication method based on media gateway control protocol
FI116654B (en) * 2003-10-23 2006-01-13 Siltanet Ltd A method for user authentication
CN101032142B (en) * 2003-12-29 2011-05-18 艾利森电话股份有限公司 Means and methods for signal sign-on access to service network through access network
US7529267B2 (en) * 2004-03-19 2009-05-05 Fujitsu Limited Data transmissions in communication networks using multiple tokens
US8752125B2 (en) * 2004-10-20 2014-06-10 Salt Group Pty Ltd Authentication method
DE102005002521A1 (en) * 2005-01-19 2006-07-27 Giesecke & Devrient Gmbh Subscriber card for internet weblog services
DE102005017374A1 (en) * 2005-04-14 2006-10-19 Vodafone Holding Gmbh Method for confirming a service request
FR2900019B1 (en) * 2006-04-12 2008-10-31 Alcatel Sa AUTHENTICATION METHOD, TERMINAL AND OPERATOR THEREFOR
NZ547322A (en) * 2006-05-18 2008-03-28 Fronde Anywhere Ltd Authentication method for wireless transactions
WO2007143795A1 (en) 2006-06-16 2007-12-21 Fmt Worldwide Pty Ltd An authentication system and process
DE102006037167A1 (en) * 2006-08-09 2008-02-14 Deutsche Telekom Ag Method and system for carrying out a payment transaction with a means of payment
EP1919157A1 (en) * 2006-11-06 2008-05-07 Axalto SA Authentication based on a single message
US8012015B2 (en) 2006-11-15 2011-09-06 Cfph, Llc Verifying whether a gaming device is communicating with a gaming server
US7942742B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Accessing identification information to verify a gaming device is in communications with a server
US10068421B2 (en) * 2006-11-16 2018-09-04 Cfph, Llc Using a first device to verify whether a second device is communicating with a server
US7942740B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Verifying a first device is in communications with a server by storing a value from the first device and accessing the value from a second device
EP2086658A4 (en) * 2006-11-15 2011-01-05 Cfph Llc Systems and methods for determining that a gaming device is communicating with a gaming server
US7942741B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Verifying whether a device is communicating with a server
US7942738B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Verifying a gaming device is in communications with a gaming server
US7942739B2 (en) 2006-11-15 2011-05-17 Cfph, Llc Storing information from a verification device and accessing the information from a gaming device to verify that the gaming device is communicating with a server
FI121617B (en) * 2007-08-15 2011-01-31 Elisa Oyj Visiting user access to the network
FR2926938B1 (en) * 2008-01-28 2010-03-19 Paycool Dev METHOD OF AUTHENTICATING AND SIGNING A USER TO AN APPLICATION SERVICE USING A MOBILE PHONE AS A SECOND FACTOR IN COMPLEMENT AND INDEPENDENTLY OF A FIRST FACTOR
CA2720398C (en) 2008-04-02 2016-08-16 Twilio Inc. System and method for processing telephony sessions
US8837465B2 (en) 2008-04-02 2014-09-16 Twilio, Inc. System and method for processing telephony sessions
BRPI0802251A2 (en) 2008-07-07 2011-08-23 Tacito Pereira Nobre system, method and device for authentication in electronic relationships
AU2009295193A1 (en) * 2008-09-22 2010-03-25 Tefaye, Joseph Elie Mr Method and system for user authentication
FR2940580B1 (en) * 2008-12-23 2012-11-30 Solleu Yann Le METHOD AND SYSTEM FOR CONTROLLING ACCESS TO A SERVICE
EP2453379A1 (en) * 2010-11-15 2012-05-16 Deutsche Telekom AG Method, system, user equipment and program for authenticating a user
CA2836194C (en) 2011-06-03 2017-07-18 Blackberry Limited System and method for accessing private networks
WO2013044307A1 (en) * 2011-09-30 2013-04-04 Cocoon Data Holdings Limited A system and method for distributing secured data
FR2984555A1 (en) * 2011-12-19 2013-06-21 Sagemcom Documents Sas METHOD OF PAIRING AN ELECTRONIC APPARATUS AND A USER ACCOUNT WITHIN AN ONLINE SERVICE
US8737962B2 (en) 2012-07-24 2014-05-27 Twilio, Inc. Method and system for preventing illicit use of a telephony platform
US9124582B2 (en) 2013-02-20 2015-09-01 Fmr Llc Mobile security fob
US9123063B2 (en) * 2013-06-03 2015-09-01 Tangome, Inc. Authenticating a third-party application for enabling access to messaging functionalities
ES2947562T3 (en) * 2013-09-13 2023-08-11 Alcatel Lucent Method and system to control the exchange of privacy sensitive information
US9226217B2 (en) 2014-04-17 2015-12-29 Twilio, Inc. System and method for enabling multi-modal communication
FR3028334A1 (en) * 2015-04-07 2016-05-13 Orange METHOD FOR THE STRONG AUTHENTICATION OF A USER OF A CONSUMER EQUIPMENT VIA AN AUTHENTICATION EQUIPMENT EQUIPPED WITH A SECURITY MODULE
EP3794790B1 (en) 2018-05-18 2023-11-15 Telefonaktiebolaget LM Ericsson (publ) Application program access control

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5668876A (en) * 1994-06-24 1997-09-16 Telefonaktiebolaget Lm Ericsson User authentication method and apparatus
WO1999044114A1 (en) * 1998-02-25 1999-09-02 Telefonaktiebolaget Lm Ericsson Method, arrangement and apparatus for authentication through a communications network
US6061650A (en) * 1996-09-10 2000-05-09 Nortel Networks Corporation Method and apparatus for transparently providing mobile network functionality
US6078908A (en) * 1997-04-29 2000-06-20 Schmitz; Kim Method for authorizing in data transmission systems
WO2000044130A1 (en) * 1999-01-20 2000-07-27 Netcom Ab A method, system and arrangement for providing services on the internet
WO2002001516A2 (en) * 2000-06-26 2002-01-03 Intel Corporation Method and apparatus for using a cellular telephone as an authentification device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5668876A (en) * 1994-06-24 1997-09-16 Telefonaktiebolaget Lm Ericsson User authentication method and apparatus
US6061650A (en) * 1996-09-10 2000-05-09 Nortel Networks Corporation Method and apparatus for transparently providing mobile network functionality
US6078908A (en) * 1997-04-29 2000-06-20 Schmitz; Kim Method for authorizing in data transmission systems
WO1999044114A1 (en) * 1998-02-25 1999-09-02 Telefonaktiebolaget Lm Ericsson Method, arrangement and apparatus for authentication through a communications network
WO2000044130A1 (en) * 1999-01-20 2000-07-27 Netcom Ab A method, system and arrangement for providing services on the internet
WO2002001516A2 (en) * 2000-06-26 2002-01-03 Intel Corporation Method and apparatus for using a cellular telephone as an authentification device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103220257B (en) * 2012-01-19 2016-01-06 中国石油天然气集团公司 A kind of method of compunication, network host and system

Also Published As

Publication number Publication date
WO2002019593A2 (en) 2002-03-07
EP1314278A2 (en) 2003-05-28
AU2001282795A1 (en) 2002-03-13

Similar Documents

Publication Publication Date Title
WO2002019593A3 (en) End-user authentication independent of network service provider
US8112065B2 (en) Mobile authentication through strengthened mutual authentication and handover security
EP1873998B1 (en) Identifiers in a communication system
CN110995418B (en) Cloud storage authentication method and system, edge computing server and user router
RU2008118495A (en) METHOD AND DEVICE FOR ESTABLISHING A SAFE ASSOCIATION
KR20010112618A (en) An improved method for an authentication of a user subscription identity module
AU4267999A (en) Preventing unauthorized use of service
WO2002052784A1 (en) Authentication in data communication
WO2004034214A3 (en) Shared network access using different access keys
CN102868665A (en) Method and device for data transmission
WO2002011358A3 (en) Method and apparatus for securely providing billable multicast data
KR100920409B1 (en) Authentication of a wireless communication using expiration marker
JP4636423B2 (en) Authentication within the mobile network
WO2005088892A1 (en) A method of virtual challenge response authentication
CN103906052A (en) Mobile terminal authentication method, service access method and equipment
CN101483870A (en) Cross-platform mobile communication security system implementing method
Pagliusi A contemporary foreword on GSM security
KR100546778B1 (en) Method and apparatus for authentication in wireless internet system
ATE381192T1 (en) FORCED ENCRYPTION FOR WIRELESS LOCAL NETWORKS
KR20060094453A (en) Authentication method for pay-per-use service using eap and system thereof
EP3125595A1 (en) Method to provide identification in privacy mode
CN101742507B (en) System and method for accessing Web application site for WAPI terminal
KR100968522B1 (en) Mobile Authentication Method for Strengthening the Mutual Authentication and Handover Security
Cheng et al. Analysis and improvement of the Internet‐Draft IKEv3 protocol
KR100463751B1 (en) Method for generating packet-data in wireless-communication and method and apparatus for wireless-communication using that packet-data

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PH PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2001961535

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2001961535

Country of ref document: EP

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWW Wipo information: withdrawn in national office

Ref document number: 2001961535

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: JP