MOBILE POSITIONING USING ENCRYPTED ID IN DATA NETWORK
MESSAGES AND USING ALIASES IN CONNECTION WITH LOCATION
BASED SERVICE APPLICATIONS Technical scope
The present invention involves a process and a system for ensuring the integrity of position information regarding a mobile station in a communication network for mobile stations and in relation to a positioning service provider.
The invention addresses issues relating to privacy, authentication and security in connection with providing access to location information.
Prior art
A small number of systems for positioning are currently in operation. They are managed and used by telecom providers to offer services to their customers. A provider's customer requests a function, which is based on positioning of a telephone or telephones on the provider's network.
A subscription telephone is directly linked to a subscriber, and positioning a telephone is thereby a positioning of a physical person. The right to access this position information is critical, since the integrity of subscribers is directly connected to the possibility of controlling who can or may see their position.
Telecom providers cannot currently produce position information as part of the external service provider's positioning solutions and simultaneously guarantee the integrity of the subscriber, unless the subscriber himself requests the positioning from his telephone and has logged on to the provider's portal with user identity and password. Such solutions entail additional steps in executing a positioning service and reduce the security.
One part of the problem is that the mobile telephone is anonymous on the Internet, that is, there is no connection known to outsiders to the identity of the mobile telephone or subscriber, which is required in order to find the position of said mobile telephone.
Summary of the Invention
The present invention intends to solve problems involved in mobile positioning with regard to the personal integrity of a user of a mobile telephone that is connected to a communications network of same, and to position the mobile telephone without having knowledge as to its identity outside of the operator's telephone network. The user of the mobile telephone is also the user of a positioning service and a subscriber of the telecom provider.
In order to bring about said integrity, a process is specified for positioning of a mobile telephone in a communications network for mobile telephones and in relation to a positioning service provider. A first embodiment of the invention comprises the following steps: the positioning service provider's network computer authenticates the user by a log-in procedure; the user activates a positioning procedure by sending an http-request to the positioning service provider's network computer; the positioning service provider has an alias server which encrypts some of the user information with a code key that is only known to it, so as to obtain an alias, known as a service alias; said alias is used to request the position from a position proxy server; the position proxy server uses the service alias to lookup a second alias in a table, known as the operator alias; if the position proxy server finds said operator alias in the table, it uses it to select the operator and the following procedure is carried out: the position proxy server sends a request containing at least the operator alias to the selected operator's positioning platform in order to obtain the user's position; the operator's positioning platform receives said request; the positioning platform sends the operator alias to the alias server; the alias server decodes the received operator alias to obtain the subscriber's mobile telephone number and returns this to the positioning platform; the operator uses the mobile telephone number to obtain the position from the operator's positioning system;
the positioning platform returns the position to the position proxy server; the proxy server returns the position to the positioning service provider; the positioning service provider performs the application-related processing and returns the required information to the user.
A further embodiment of the invention handles the case when said step of the position proxy server using the service alias to lookup the operator's alias in a table is not successful. This means that the user has not initiated positioning services with his operator. To initiate these positioning services, the following procedure is used: if the position proxy server does not find said operator alias in the table, the position proxy server returns an error message to the positioning service provider, containing a link which can be used to initiate positioning services for the user; the positioning service provider generates a return page to the user, containing among other things said link and information so that the user can activate positioning services by activating said link; the user activates said link, which points to a resource at the position proxy server; the position proxy server registers the IP address assigned to the user.
The IP address says which WAP gateway the user is hooked up to. There is a high likelihood that the WAP gateway is situated in the same country as the user's operator; the positioning proxy server generates a page with operator links, based on said country, where the user himself can specify an operator; said operator links link to resources available from the selected operator; these operator links also contain a unique transaction number which is used to distinguish the sessions of the users; when the user specifies an operator by selecting one of said operator links, a network computer at the respective operator generates a page which is sent to the user; this page contains a form on which the subscriber indicates his mobile telephone number;
the user sends out the form to the operator's network computer; the operator's network computer receives the form and checks to make sure that the indicated mobile telephone number belongs to a subscriber in the operator's network; if the number does not belong to the operator, the user is directed back to the position proxy server to select a different operator; if the number belongs to the operator, the operator's network computer sends an SMS to the indicated number; said SMS contains an identity number and any necessary instructions on how to use it; the operator's network computer also sends a page to the user with instructions so that the user can receive an SMS with a number that needs to be indicated on the same page; the user receives said SMS and indicates said number on the page, and activates the link which sends the number; the operator's network computer receives said number; if the number matches, the operator's alias server encrypts said telephone number by means of an encryption key known only to the operator
' and the operator's network computer sends the so obtained operator alias together with said transaction number back to the position proxy server and directs the user back to the position proxy server, containing said transaction number; the proxy server receives said operator alias and transaction number and it stores said service alias together with said operator alias as one item in „ a database; positioning services at the current positioning service provider are now activated for the user who can begin to use position-related services from the positioning service provider.
In a further embodiment of the invention, the user activates the service via the network instead of the telephone. This embodiment functions in similar fashion, except that the IP address cannot be used to indicate which country the user's operator belongs to. In this case, the user also has to indicate the country before he indicates the operator.
In yet another embodiment of the invention, said step in which the position proxy server selects a country through the IP address has the further functionality of being able to directly select the correct operator. This is possible inasmuch as certain WAP gateways only allow subscribers from their own network to connect via them. If this is the case the step of operator selection by the user need not occur. The position proxy server keeps a list with WAP gateways that have the above characteristic.
In yet another embodiment of the invention, a process is given for the operator to deactivate the positioning services for a particular subscriber. This occurs in that the operator's network computer sends a message to the position proxy server containing the operator alias corresponding to said subscriber and information as to which services, or service providers, are to be deactivated. The position proxy server removes the corresponding items from the database. In yet another embodiment of the invention, said page, which contains a form on which the subscriber indicates his mobile telephone number is generated by the position proxy server instead of the operator's network computer. However, in this case as well, the user sends out the form to the operator's network computer. In yet another embodiment of the invention, said position proxy server is situated at the positioning service provider's premises. In this case, a service alias is not necessary.
In yet another embodiment of the invention, said telephone number is kept at the position proxy server, instead of the alias. In yet another embodiment of the invention, information deriving from the operator's alias is also kept at the positioning service provider.
Another embodiment of the invention comprises the following steps: a user connects via WAP to a positioning service provider's network computer; the user activates a positioning procedure by sending a request to the positioning service provider's network computer via the operator's WAP gateway; said request is translated into a http-request in the WAP gateway;
the WAP gateway notes that the request is a positioning request, since the contents of the http-request fulfill certain criteria, and then sends an inquiry as to which telephone number the subscriber has to the operator's dialup server; the WAP gateway encrypts the thus obtained telephone number together with the present time; the WAP gateway embeds the thus obtained encryption string into said http-request; the positioning service provider's network computer receives said http- request and uses the encryption string and the WAP gateway's source IP address to request the position from a position proxy server; the position proxy server selects an operator by means of the WAP gateway's source IP address, and requests the position from the operator's positioning platform; the operator's positioning platform decodes the encryption string to obtain the telephone number and time; the operator's positioning platform checks to make sure the obtained time is current, and in this way gets a validation that said request has recently been made by the subscriber; given a successful validation, the operator's positioning platform positions the subscriber and returns the position to the position proxy server; the proxy server forwards the position to the positioning service provider's network computer; the positioning service provider's network computer generates a current page and returns this to the use
A further embodiment of the invention handles the situation where SMS is used, and it comprises the following steps: a user sends an SMS to a particular number, which corresponds to a positioning service at the positioning service provider; the operator's SMSC notes that the message is intended for a positioning service and encrypts the subscriber's telephone number along with the current time; the thus obtained encryption string is embedded in the message;
the message is sent by the protocol used by the SMSC to a position proxy server; the position proxy server receives the message, unpacks the protocol used and requests the position from the operator's positioning platform by means of the encryption string; the operator's positioning platform decodes the encryption string to obtain the telephone number and time; the operator's positioning platform checks to make sure the obtained time is current, and in this way gets a validation that said request has recently been made by the subscriber; given a successful validation, the operator's positioning platform positions the subscriber and returns this to the position proxy server; the position proxy server uses the thus obtained position to request information from the positioning service provider's network computer; based on the position, the positioning service provider's network computer generates a reply containing relevant information for the service; the position proxy server uses the thus obtained information to generate a reply which is sent to the subscriber via said SMSC, using the protocol employed by the SMSC. C In a further embodiment of the invention, the user's identity is encrypted by means of a proxy instead of the WAP gateway. This embodiment comprises the following steps: a user connects via WAP to a positioning service provider's network computer; the user activates a positioning procedure by sending a request intended for the positioning service provider's network computer via the operator's WAP gateway; the positioning service provider's network computer has a special IP address which is used for all its positioning-related services; in the WAP gateway's routing table there is an item for the IP address which states that packets intended for the positioning service provider's network computer should first be sent to an http-proxy with a given, different, IP address; said request is translated into an http-request in the WAP gateway;
the WAP gateway notes, by means of header information, that the request is a positioning request and it then sends an inquiry as to which telephone number the subscriber has to the operator's call server; the WAP gateway inserts the thus obtained telephone number in said http-request and sends the http-request on to said http-proxy; said http-proxy receives and terminates the http-request; said http-proxy makes sure there is correct information in the header information field on the TCP and IP level. In this way, the WAP gateway acts as if it has an http-session directly with the positioning service provider's network computer, while in reality it is said http-proxy, which handles all its http-requests; said http-proxy detects that the http-request is positioning-related, since the http-request's contents fulfill certain criteria, and it extracts the telephone number; if this step is unsuccessful, the http-request is sent on to the final destination; if this step is successful, said http-proxy encrypts the thus obtained telephone number along with the present time; said http-proxy embeds the thus obtained encryption string in a new http-request for the positioning service provider's network computer; the positioning service provider's network computer receives the http- request and uses the encryption string and the http-proxy's source IP address to request the position from a position proxy server; the position proxy server selects an operator based on the http-proxy's source IP address and requests the position from the operator's positioning platform; the operator's positioning platform decodes the encryption string to obtain the telephone number and time; the operator's positioning platform checks to make sure the obtained time is current, and in this way gets a validation that said request was recently made by the subscriber; given a successful validation, the operator's positioning platform positions the subscriber and returns this to the position proxy server;
the proxy server forwards the position on to the positioning service provider's network computer; the positioning service provider's network computer generates a current page and returns this to the user. In yet another embodiment of the invention, the position proxy server handles operators that do not have automatic positioning or connection to the position proxy server by instead directing the user to resources at the position proxy server, which help the user to indicate his position manually. This manual position entry can occur, for example, by giving one's address. In a further embodiment of the invention, the SMS situation is handled in which the encryption is done by means of a proxy instead of at the SMSC. This embodiment comprises the following steps: a user sends an SMS to a particular number, corresponding to a positioning service at the positioning service provider; at the SMSC, there is data present which indicates that all SMS messages to the number which corresponds to particular positioning services will be sent to a proxy, with a given IP address; said proxy receives the message from the SMSC and terminates the protocol used outwardly by the SMSC; between the proxy and the position proxy server, a protocol is used which may possibly be a different protocol than that used by the SMSC; said proxy extracts the subscriber's telephone number from the received message and converts it, with the current time, into an encryption string; this encryption string is embedded in a request and said proxy sends this message to the position proxy server; the position proxy server receives the message, unpacks the protocol used, and requests the position from the operator's positioning platform by means of the encryption string; the operator's positioning platform decodes the encryption string to obtain the telephone number and time; the operator's positioning platform checks to make sure that the received time is current, and in this way gets a validation that said request has recently been made by the subscriber;
given a successful validation, the operator's positioning platform positions the subscriber and returns this to the position proxy server; the position proxy server uses the thus obtained position to request information from the positioning service provider's network computer; based on the position, the positioning service provider's network computer generates a reply containing information relevant to the service; the position proxy server uses the thus obtained information to generate a reply which is sent to the subscriber via said SMSC, using the protocol employed for SMSC. In a further embodiment of the invention, the situation is handled in which the method is used for authentication of purposes other than positioning. This embodiment is similar to the above-described methods; except that an activity other than positioning is carried out.
In another embodiment of the invention, the situation is handled where the position proxy server is situated at the positioning service provider.
In another embodiment of the invention, the situation is handled where information other than the time is encrypted together with the telephone number.
In another embodiment of the invention, the situation is handled where extra information is embedded in the request to the positioning service provider so as to uniquely distinguish the user. This information, for example, may consist of an encrypted telephone number.
Brief Description of the Drawings Further, the text of the description refers consecutively to the attached figures for a better understanding of the present invention and its embodiments or exemplifications, where:
Fig. 1 illustrates one embodiment of a system for ensuring the integrity of position information in accordance with the present invention; Fig 2 illustrates another embodiment of a system for ensuring the integrity of position information in accordance with the present invention;
Fig 3 illustrates one embodiment of a system for ensuring the integrity of position information in connection with WAP services in accordance with the present invention; and
Fig. 4 illustrates another embodiment of a system for ensuring the integrity of position information in connection with WAP services in accordance with the present invention; and
Detailed Description of The Invention
Figure 1 illustrates a system of integrity positioning of mobile telephones. The user 120 connects via his mobile telephone 115 via the telecom provider's telephone network 130 and Internet 140 to a positioning service provider's network computer 102. The user 120 activates a positioning service by sending a request to the positioning service provider's network computer 102. The positioning service provider's network computer 102 sends the user's identity to an alias server 101 via a request 110. The alias server 101 encrypts the user's identity with an encryption key and sends the resulting service alias back (111) to the positioning service provider's network computer 102. The positioning service provider's network computer 102 sends a request 112 to a position proxy server 202, containing at least the service alias and information about the current positioning service. The proxy server uses the received service alias to obtain a previously saved, corresponding operator alias from a look-up in a database 201. The position proxy server 202 uses the obtained operator alias to request the position from the operator 300. The operator's positioning platform 302 receives said request. The operator's positioning platform 302 sends the operator alias to an alias server 301. The alias server 301 decodes the operator alias to obtain the user's telephone number. The alias server 301 sends back the telephone number to the positioning platform 302. The operator's positioning platform 302 uses the so obtained telephone number to request the position from the operator's positioning system 400. The so obtained position is sent back to the position proxy server 202, which in turn sends the position back to the positioning service provider's network computer 102. The positioning service provider's network computer 102 generates a page with position-related content, which is sent to the user 120.
Figure 2 illustrates a system for integrity positioning of mobile telephones. In particular, figure 2 illustrates the procedure when the user 120 has not previously used the positioning services of the current positioning
service provider 100. The user 120 connects through the telecom provider's telephone network 130 and Internet 140 to a positioning service provider's network computer 102. The. user 120 activates a positioning service by sending a request to the positioning service provider's network computer 102 which sends the user's identity to an alias server 101 via a request 110. The alias server 101 encrypts the user's identity with an encryption key and sends back (111) the resulting service alias to the positioning service provider's network computer 102. The positioning service provider's network computer 102 sends an http-request 112 to a position proxy server 202, containing at least the service alias and information about the current positioning service.
The proxy server 202 uses the received service alias to try to obtain a corresponding operator alias from a look-up in a database 201. If this database look-up is unsuccessful, it means that the user has not initiated positioning services from the current positioning service provider. If such is the case, the procedure described hereafter is carried out. The proxy server 202 replies to said request from the positioning service provider's network computer 102. The reply contains information to the effect that the positioning service must be initiated for the current user, along with sufficient information about how this initialization can be done. Normally, this information consists of a link, which the user can activate to carry out said initialization. The positioning service provider's network computer 102 generates a reply to the user's telephone 115, containing a link that points to a resource 203 at the position proxy server. As an alternative, the user 120 is automatically directed on to the same resource 203. The user 120 activates said link, the position proxy server generates the network page corresponding to the resource 203 which corresponds to said link and the network page is returned to the user's telephone 115. Said network page 203 contains a choice of operator. The user activates the link corresponding to the same operator. This link points to a resource situated at the corresponding operator's network computer 303. This resource consists of a page where the user 120 has to enter his telephone number. When the user 120 has provided his telephone number and returns it to the operator's network computer 303, the operator first checks whether the telephone number belongs to the operator by a look-up in the database 306. If the telephone number does not belong to the operator
300, the user can either enter his telephone number again or the user is also directed back to the network page 203. If the telephone number belongs to the operator, the operator sends an SMS via the SMS center 304, containing an identity code to said telephone number. The operator also sends a network page to the user. When the user 120 has received the SMS message, he enters the identity code on the network page that was returned when he sent the telephone number. The user sends back the identity code to the operator's network computer 303. The operator's network computer receives the identity code and checks its authenticity. If the identity code matches, the user's subscriber number is established. In such case, the operator's network computer sends the subscriber number to an alias server 301. The alias server 301 encrypts the subscriber number, making use of an encryption key known only to the operator 300, and returns the so obtained operator alias to the operator's network computer 303. The operator's network computer 303 sends a message 317 to the position proxy server 202 about the established operator alias. The operator's network computer also directs the user to a previously determined return address. The position proxy server 202 saves said operator alias together with said service alias in the database 201. In the above procedure, the subscriber's identity never leaves the telecom provider's network. Consequently, the personal integrity of the user is not compromised.
Figure 3 illustrates a system for integrity positioning of mobile telephones via WAP services. The user connects through his mobile telephone 1101 via the telecom provider's telephone network 1120 and the
Internet 1130 to a positioning service provider's network computer 1132. The user 1101 activates a positioning service by sending a request to the positioning service provider's network computer 1132. The positioning service provider's network computer 1132 has a special IP address that is used for all its positioning-related services. The WAP gateway's 1104 routing table contains an item for the IP address, indicating that packets intended for the positioning service provider's network computer 1132 should first be sent to an http-proxy 1105 with a particular, different, IP address. Said request is converted in the WAP gateway 1104 into an http-request. The WAP gateway 1104 notices by means of header information in said http-request that the request is a positioning request and it then sends an inquiry as to which
telephone number the subscriber has to the operator's call server. The WAP gateway 1104 inserts the thus obtained telephone number into said http- request and sends the http-request on to said http-proxy 1105. Said http- proxy 1105 receives and terminates the http-request. Said http-proxy 1105 makes sure that correct information is found in the header information field on the TCP and IP level. In this way, the WAP gateway acts as if it has an http- session directly with the positioning service provider's network computer 1132, while in reality it is said http-proxy 1105, which handles all its http- requests. Said http-proxy 1105 detects that the http-request is positioning- related and extracts the telephone number. If this step fails, the http-request is sent on to the final destination via the router 1106. If this step is successful, said http-proxy 1105 encrypts the thus obtained telephone number together with the current time. Said http-proxy embeds the thus obtained encryption string in the http-request to the positioning service provider's network computer 1132. The positioning service provider's network computer 1132 receives the http-request and uses the encryption string and the http-proxy's source IP address to request the position from a position proxy server 1131. The position proxy server 1131 selects an operator based on the http-proxy 's source IP address and requests the position from the operator's positioning platform. The operator's positioning platform 1107 decodes the encryption string to obtain the telephone number and time. The operator's positioning platform 1107 checks to make sure the obtained time is current, and in this way it gets a validation that said request has recently been made by the subscriber. Given a successful validation, the operator's positioning platform positions the subscriber and returns this to the position proxy server 1131. The position proxy server 1131 forwards the position to the positioning service provider's network computer 1132. The positioning service provider's network computer 1132 generates a current page and returns this to the user 1101.
Figure 4 illustrates a system for integrity positioning of mobile telephones via SMS services. The user 1201 sends an SMS to a particular number, which corresponds to a positioning service at the positioning service provider 1232. The SMSC 1204 has data which states that all SMS messages to the number corresponding to this positioning service are intended for an SMS-proxy 1205, located within the operator's firewalls. Said SMS-proxy
1205 receives the message from SMSC1204 and terminates the protocol used outwardly by the SMSC. Between the SMS-proxy 1205 and the position proxy server 1231 , a protocol is used which can be a protocol different from that used by the SMSC 1204. Said SMS-proxy 1205 extracts the subscriber's telephone number from the received message and converts it along with the current time into an encryption string. This encryption string is inserted into a request and said SMS-proxy sends this message to the position proxy server 1231.
The position proxy server 1231 receives the message, unpacks the protocol used, and requests the position from the operator's positioning platform by means of the encryption string. The operator's positioning platform 1207 decodes the encryption string to obtain the telephone number and time. The operator's positioning platform 1207 checks to make sure the received time is current, and in this way gets a validation that said request has recently been made by the subscriber 1201. Given a successful validation, the operator's positioning platform 1207 positions the subscriber and returns this to the position proxy server 1231. The position proxy server 1231 uses the thus obtained position to request information from the positioning service provider's network computer 1232. Based on the position, the positioning service provider's network computer 1232 generates a reply containing information relevant to the service. The position proxy server 1231 uses the thus obtained information to generate a reply, which is sent to the subscriber via said SMS-proxy 1205 and the SMSC 1204.
In the above procedure, the subscriber's identity never leaves the telecom provider's network. Consequently, the personal integrity of the user is not compromised.
The present invention has been described here with examples and embodiments, but it is the attached claims that define additional embodiments for a specialist in the technical field.