Prioritized network access for wireless access networks

Information

Patent Application
20070143613

References
Source

Publication Number
20070143613
Date Filed
November 02, 2006
18 years ago
Date Published
June 21, 2007
17 years ago

Inventors
Original Assignees
- Nokia Corporation

CPC
- H04W4/22 - Mobile application service emergency connection handling or mobile application services handling urgent or hazardous situations
- H04W76/007 - for emergency connection handling
US Classifications
- 713 - Electrical computers and digital processing systems: support
International Classifications
- H04L9/00

Information

Abstract

The present invention relates to a method, terminal device, network element, authentication server, and computer-readable medium for controlling prioritized access to a wireless access network. An identifier portion in an authentication response is set to a service-specific unique default identifier portion, dedicated to a predetermined prioritized call, at a terminal device, when the predetermined prioritized call is activated. The authentication response is forwarded to a predetermined default authentication server where a predetermined default service-specific authentication method is initiated for authorizing the terminal device to access the predetermined prioritized service. Thereby, emergency calls or services are made by terminal devices without SIM or USIM, and no new authentication functionality related to prioritized calls is required due to the transparent character of the service-specific unique default identifier portion.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

Further embodiments, details, advantages and modifications of the present invention will become apparent from the following detailed description of the preferred embodiments which is to be taken in conjunction with the accompanying drawings, in which:

FIG. 1 illustrates a schematic diagram of a network architecture, in accordance with an embodiment of the present invention;

FIG. 2 illustrates a schematic signaling and processing diagram of an access control operation, in accordance with an embodiment of the present invention; and

FIG. 3 illustrates schematic block diagrams of a terminal device and network devices, in accordance with an embodiment of the present invention.

Claims

1. A method of controlling prioritized access to a wireless access network, the method comprising: setting an identifier portion of an authentication response to a service-specific unique default identifier portion, wherein the service-specific unique default identifier portion defines an activation of a call for a predetermined prioritized service at a terminal device;receiving the authentication response at the wireless access network;detecting the default identifier portion at the wireless access network;forwarding the authentication response to a predetermined default authentication server in response to the detection of the default identifier portion at the wireless access network; andinitiating at the default authentication server a default service-specific authentication method for authorizing the terminal device to access the predetermined prioritized service.
2. A method according to claim 1, further comprising: configuring the unique default identifier portion as a realm part or a portion of a realm part of a network access identifier.
3. A method according to claim 1, further comprising: using the prioritized access when a subscriber identity module is not provided in the terminal device.
4. A method according to claim 1, wherein the predetermined prioritized service comprises an emergency service or an emergency call.
5. A method according to claim 1, further comprising: excluding authentication by providing a null method as the default service-specific authentication method.
6. A method according to claim 1, further comprising: performing a one-way authentication in which the authentication server is authenticated by the terminal device using the default service-specific authentication method to perform.
7. A method according to claim 6, further comprising: authenticating the authentication server with a server certificate using the default service-specific authentication.
8. A method according to claim 1, further comprising: performing a one-round request/response exchange using the default service-specific authentication method.
9. A method according to claim 1, further comprising: configuring the default service-specific authentication method to perform one of using a fixed key known at least to a plurality of clients as an exported session key and deriving the exported session key from at least one known fixed key.
10. A method according to claim 1, further comprising: transmitting an exported session key or information required in derivation of the exported session key in the default service-specific authentication method from the authentication server to the terminal device or vice versa.
11. A method according to claim 1, further comprising: configuring the default service-specific authentication method to use a tunnel method.
12. A method according to claim 11, further comprising: configuring an inner method encapsulated in the tunnel method as a null method.
13. A method according to claim 11, further comprising: configuring an inner method encapsulated in the tunnel method as a generic method using a token card with known username and password.
14. A method according to claim 1, further comprising: transmitting policy information from the authentication server to an access gateway of the wireless access network, the policy information defining at least one allowable service.
15. A method according to claim 14, wherein the at least one allowable service comprises an emergency call or an emergency service.
16. A terminal device for providing prioritized access to a wireless access network, the terminal device comprising: setting means for setting an identifier portion of an authentication response to a service-specific unique default identifier portion, wherein the service-specific unique default identifier portion defines an activation for a predetermined prioritized service.
17. A terminal device according to claim 16, wherein the service-specific unique default identifier portion is a realm part of a network access identifier.
18. A terminal device according to claim 16, wherein the predetermined prioritized service is an emergency call.
19. A terminal device according to claim 16, wherein the setting means are configured to operate in an absence of a subscriber identity module.
20. A network element of a wireless access network for controlling prioritized access to the wireless access network, the network element comprising: detecting means for detecting a predetermined unique default identifier portion in a received authentication response; andforwarding means for transmitting the received authentication response to a predetermined default authentication server in response to the detection of the unique default identifier portion by the detecting means.
21. A network element according to claim 20, wherein the unique default identifier portion is a realm part of a network access identifier.
22. A network element according to claim 20, wherein the network element is an access point of a wireless local area network.
23. An authentication server for controlling prioritized access to a wireless access network, the authentication server comprising: means for detecting a predetermined unique default identifier portion in a forwarded authentication response received from the wireless access network; andinitiating means for initiating a predetermined authentication method dedicated to the unique default identifier portion in response to the detection of the unique default identifier portion by the detecting means.
24. A authentication server according to claim 23, wherein the predetermined unique default identifier portion is a realm part of a network access identifier.
25. A authentication server according to claim 23, wherein the initiating means are configured to initiate as the predetermined authentication method a null method which excludes authentication.
26. A authentication server according to claim 23, wherein the initiating means are configured to initiate as the predetermined authentication method an authentication method arranged to authenticate the authentication server with a server certificate.
27. A authentication server according to claim 23, wherein the initiating means are configured to initiate a tunnel method as the predetermined authentication method.
28. A authentication server according to claim 23, wherein said authentication server is configured to transmit policy information to an access gateway of said wireless access network, said policy information defining at least one allowable service.
29. A computer program embodied on a computer readable medium, the computer program being configured to perform a control of prioritized access to a wireless access network, the computer program configured to perform: setting an identifier portion of an authentication response to a service-specific unique default identifier portion, wherein the service-specific unique default identifier portion defines an activation of a call for a predetermined prioritized service at a terminal device.
30. A computer program embodied on a computer readable medium, the computer program being configured to perform a control of prioritized access to a wireless access network, the computer program configured to perform: receiving an authentication response at the wireless access network;detecting a default identifier portion of the authentication response at the wireless access network; andforwarding the authentication response to a predetermined default authentication server in response to the detection of the default identifier portion at the wireless access network.
31. A smart card comprising a computer program, the computer program being configured to perform a control of prioritized access to a wireless access network, the computer program configured to perform: setting an identifier portion of an authentication response to a service-specific unique default identifier portion, wherein the service-specific unique default identifier portion defines an activation of a call for a predetermined prioritized service at a terminal device.
32. A system for controlling prioritized access to a wireless access network, the system comprising: a network element of a wireless access network comprising detecting means for detecting a predetermined unique default identifier portion in a received authentication response, andforwarding means for transmitting the received authentication response to a predetermined default authentication server in response to the detection of the unique default identifier portion by the detecting means; andan authentication server comprising means for detecting a predetermined unique default identifier portion in a forwarded authentication response received from the wireless access network, andinitiating means for initiating a predetermined authentication method dedicated to the unique default identifier portion in response to the detection of the unique default identifier portion by the detecting means.

Provisional Applications (1)

	Number	Date	Country
	60752039	Dec 2005	US

Prioritized network access for wireless access networks

Information

Publication Number

Date Filed

Date Published

Inventors

Original Assignees

CPC

US Classifications

International Classifications

Abstract

Description

Claims

Provisional Applications (1)