System and method for access authentication in a mobile wireless network

Description

TECHNICAL FIELD OF THE INVENTION

This invention relates in general to mobile communications, and more particularly to a system and method for access authentication in a mobile wireless network.

BACKGROUND OF THE INVENTION

The phenomenal growth of information technology and the Internet, and the general population's desire for timely information services, create a need for a high performance wireless Internet technology.

Current CDMA2000 data networks, though, rely on the Point-to-Point Protocol (PPP) to establish wireless networking sessions. Such a reliance on PPP results in a significant performance bottleneck. PPP signaling is not optimized for a wireless environment, particularly for handoff scenarios. PPP authentication and call setup time may be in the order of several seconds, which is unacceptable for most real-time telephony applications. Moreover, a single PPP session requires substantial memory resources, and the PPP state machine is quite processing and memory intensive.

Accordingly, there is a need for improved systems and methods for access authentication in a mobile wireless network that reduce call setup times.

SUMMARY OF THE INVENTION

In accordance with the present invention, the disadvantages and problems associated with authentication and call setup in a mobile wireless network have been substantially reduced or eliminated. In particular, the present invention improves the speed of authentication and call setup by reducing or eliminating the PPP setup latency associated with current systems, and avoids unnecessary signaling exchanged between certain components in a mobile wireless network.

In accordance with one embodiment of the present invention, a method is provided for authenticating access in a mobile wireless network. In such an embodiment, the method comprises exchanging an extensible authentication protocol (EAP) packet with an access terminal over a high rate packet data radio link and a signaling interface through a radio access network, encapsulating the EAP packet in an authentication authorization and accounting (AAA) packet, and sending the AAA packet to an authentication server for authentication.

In accordance with another embodiment of the present invention, a gateway system is provided for facilitating authenticating access in a mobile wireless network. In such an embodiment, the gateway system comprises a radio access network interface, an authenticator, and an IP network interface. The radio access network is for exchanging an extensible authentication protocol (EAP) packet with an access terminal over a high rate packet data radio link and a signaling interface through a radio access network. The authenticator is for encapsulating the EAP packet in an authentication authorization and accounting (AAA) packet, and the IP network interface is for sending the AAA packet to an authentication server.

Important technical advantages of certain embodiments of the present invention include fast handoff between neighboring radio network controllers and IP gateways.

Other important technical advantages of certain embodiments of the present invention may include low-latency inter-technology handoff, such as between CDMA and WLAN networks. Moreover, certain embodiments may simplify the generation and distribution of keys used for network authentication, and may eliminate one or more interfaces between network components.

Other technical advantages of the present invention may be readily apparent to one skilled in the art from the following figures, descriptions, and claims. Moreover, while specific advantages have been enumerated above, various embodiments may include all, some, or none of the enumerated advantages.

BRIEF DESCRIPTION OF THE DRAWINGS

For a more complete understanding of the present invention and its advantages, reference is now made to the following description, taken in conjunction with the accompanying drawings, in which:

FIG. 1 is a simplified component diagram of an example mobile wireless communication system for exchanging data in accordance with certain teachings of the present invention;

FIG. 2 is a sequence diagram that illustrates the various layers involved in the protocol operation for access authentication in certain embodiments of the present invention;

FIG. 3 is a simplified diagram that illustrates an AAA protocol stack for exchanging EAP messages in certain embodiments of the present invention; and

FIG. 4 is a sequence diagram that illustrates HRPD authentication according to one embodiment of the present invention using EAP and the AKA protocol.

DETAILED DESCRIPTION OF THE INVENTION

FIG. 1 is a simplified component diagram of an example mobile wireless communication system 10 for exchanging data in accordance with certain teachings of the present invention. As FIG. 1 illustrates, one embodiment of the present invention comprises a High Rate Packet Data (HRPD) network that uses an authentication mechanism based on the Extensible Authentication Protocol (EAP). Such an embodiment may implement a three-way handshake between an access terminal (AT) 12, an IP gateway (IPGW) 14 (via a radio network controller (RNC) in a radio access network (RAN) 16), and an authentication server 18.

According to certain teachings of the present invention, EAP messages are carried over the air between AT 12 and RAN 16 using the HRPD over-the-air signaling protocol. EAP messages are transmitted over CDMA between AT 12 and RAN 16. AT 12 may act as an EAP peer, while RAN 16 may act as an EAP relay agent that forwards EAP messages to IPGW 14 via a signaling interface. One aspect of the present invention comprises an EAP-based authenticator that resides within IPGW 14. From IPGW 14, EAP messages may be carried over an Access Authentication & Accounting (AAA) protocol (such as RADIUS or DIAMETER) to authentication server 18, possibly through one or more AAA proxy servers (not pictured). According to certain teachings of the present invention, authentication server 18 may be an AAA server or a proprietary security manager, and provides the functions of an EAP server. In FIG. 1, authentication server 18 is depicted as a proprietary security manager in a home network (“H-SM”).

EAP may be used for both device and service authentication. Accordingly, EAP may be used back-to-back, once for accessing RAN 16 (i.e. device authentication) and once for establishing an IP connection with IP network 20 (i.e. service authentication). As FIG. 1 illustrates, both authentication sequences may terminate in the same authentication server in a home network. Such double EAP authentication may be necessary before AT 12 is authorized to access IP services. Depending on the deployment scenario and the operator's authentication policy, it may be possible for AT 12 to perform a single EAP authentication, such as when AT 12 is authenticated either during device authentication or service authentication (but not both).

According to certain teachings of the present invention, the protocol used between AT 12 (an EAP peer) and IPGW 14 (an EAP authenticator) is based on EAP. EAP messages are encapsulated in HRPD packets for transport between AT 12 and RAN 16.

EAP over HRPD may be used to authenticate devices using the Enhanced Multi-Flow Packet Application in conjunction with HRPD Rev. A. According to teachings of the present invention, an EAP authenticator may be located in an IPGW and, accordingly, an HRPD RAN may relay EAP messages over an A11 interface to the EAP authenticator. An AAA client in the IPGW may then encapsulate the EAP messages in ARA packets and forward them to an EAP server in a home network for authentication. The protocol used between IPGW 14 and authentication server 18 may be based on DIAMETER (with support for EAP). If mobility service and access service are provided by the same operator, then only one EAP authentication may be required.

Alternatively, a RAN may use an A12 interface to carry device authentication within the Access Service Provider's network. Device authentication then may be terminated in an EAP server. In such a configuration, the EAP authenticator may be in the RAN and there may be no need to use the EAP relay function. Note, though, that if access service and mobility service are provided by the same operator, then there may be no need to use A12 for device authentication.

FIG. 2 is a sequence diagram that illustrates the various layers involved in the protocol operation for access authentication in certain embodiments of the present invention. More particularly, FIG. 2 illustrates layers involved in an EAP exchange between several EAP-based entities, including an EAP peer, an EAP relay, an EAP authenticator, and an EAP server. According to certain teachings of the present invention, an EAP peer may be implemented in an access terminal, an EAP relay may be implemented in an RNC, an EAP authenticator may be implemented in an IPGW, and an EAP server may be implemented in an authentication server (such as an AAA server or H-SM). FIG. 2 also depicts an authentication server located in a visited network (V-SM), which may or may not participate in an EAP exchange. As FIG. 2 demonstrates, EAP methods generally are encapsulated in EAP packets for transit between access terminal 12 (the EAP peer) and authentication server 18 (the EAP server). For transit between access terminal 12 and RAN 16, the EAP packets are further encapsulated in lower layer protocols (e.g. HRPD/CDMA). Upon reaching RAN 16, EAP packets are removed from the lower level packets used for transit between access terminal 12 and RAN 16, and are re-packaged in lower level protocols appropriate for transit between RAN 16 and IPGW 14. IPGW 14, in turn, removes the EAP packets from these lower level protocol packets and re-packages them for transit to authentication server 18. In certain embodiments, IPGW 14 packages these EAP packets in AAA packets and then encapsulates the AAA packets in TCP/IP packets (as shown in FIG. 2), which may be appropriate for DIAMETER-based authentication. Alternatively, IPGW 14 may encapsulate the AAA packets in other lower layer packets, such as UDP, which may be appropriate for RADIUS-based authentication.

FIG. 3 is a simplified diagram that illustrates an AAA protocol stack for exchanging EAP messages in certain embodiments of the present invention. FIG. 3 illustrates a variety of network interfaces that may exist between a RAN and an authentication server. As in FIG. 2, FIG. 3 demonstrates how EAP packets are encapsulated in various lower-level protocol packets for transport various network components of communication system 10. For instance, in RAN 16, EAP packets are encapsulated in signaling protocol packets (e.g. A11 packets) and other lower layer packets for transport to IPGW 16. IPGW 16 receives the lower layer packets and extracts the EAP packets. IPGW 16 then re-packages the EAP packets in authentication protocol packets (e.g. AAA packets) and other lower layer packets for transport through IP network 20. These packets may pass through several optional, intermediary components, but ultimately reach authentication server 18. Authentication server 18 then extracts the EAP packets from the lower layer packets, as depicted in FIG. 3.

In certain embodiments of the present invention, device authentication in communication system 10 may require an exchange of EAP messages between AT 12 and IPGW 14. In one embodiment, the EAP messages are carried in Mobile IP Vendor-Specific Extensions (VSEs) over an A11 interface, using existing messages. New VSEs may be defined and used for transporting EAP data over the A11 interface. EAP data may include EAP messages, as well as keys derived from the EAP exchange that are intended for RAN 16. EAP messages sent over an A11 interface also may need to be secured, particularly if mobility services and access services are operated by different entities.

EAP authentication may produce a Master Session Key (MSK) that is derived by the AT and authentication server. In accordance with certain teachings of the present invention, the authentication server transmits the key securely to the EAP authenticator residing in the IPGW. The authenticator may then use this key to derive other keys for traffic protection and other purposes. In certain embodiments, key material may be derived for the RAN and installed for on-the-air protection. An AT may use a similar key derivation to derive keys to match the keys derived by the network. Key derivation generally is the same if double or single authentication is used. Mobility keys may be derived from an Extended MSK by the EAP server residing in the authentication server. The server may use a root key to generate all other keys. Such keys may be bootstrapped during authentication and cached in the IPGW. EAP keys are generated both in the AT and in the EAP server.

FIG. 4 is a sequence diagram that illustrates HRPD authentication according to one embodiment of the present invention using EAP and the Authentication & Key Agreement (AKA) protocol. According to teachings of the present invention, IPGW 14 and access terminal 12 exchange EAP packets over a high rate packet data (HRPD) radio link and a signaling interface through RAN 16. IPGW 14 then encapsulates the EAP packets in an authentication protocol packet (e.g. an AAA packet) and sends the AAA packet to authentication server 18 for further processing. Authentication server 18, in turn, may authenticate access based on the EAP packets. In the embodiment depicted in FIG. 4, for instance, authentication server 18 may run an AKA algorithm to generate certain authentication challenges and responses, which are returned to access terminal 12 through IPGW 14 and RAN 16. Access terminal 12 then may verify the challenges and responses and generate its own authentication challenge and response, which is sent back to authentication server 18. As part of this exchange, authentication server 18 and access terminal 12 may mutually derive a session key. Authentication server 18 may then send this session key to IPGW 14 for use in establishing link layer security with access terminal 12.

AKA is based on challenge-response mechanisms and symmetric cryptography. Compared to legacy authentication methods, AKA generally provides stronger security with longer key lengths and the authentication of both client and server.

Although the present invention has been described with several embodiments, a myriad of changes, variations, alterations, transformations, and modifications may be suggested to one skilled in the art, and it is intended that the present invention encompass such changes, variations, alterations, transformations, and modifications as fall within the scope of the appended claims.

For instance, example embodiments of the present invention have been described above in which EAP is used to provide a flexible authentication mechanism, but other protocols may be used instead of or in addition to EAP. In particular, any authentication protocol that supports multiple authentication mechanisms and dynamic negotiation of authentication mechanisms may be suitable for implementing the principles of the present invention. Moreover, the authentication mechanisms described herein are intended to be illustrative and not exclusive. Other authentication mechanisms, including other shared secret protocols and certificate-based mechanisms such as Transport Layer Security, may be used without departing from the spirit of the present invention.

Claims

1. A method for authenticating access in a mobile wireless network, the method comprising: receiving an extensible authentication protocol (EAP) packet from an access terminal over a high rate packet data radio link and an A11 signaling interface at an IP gateway through a radio access network, the A11 signaling interface having vendor-specific extensions for carrying the EAP packet;encapsulating the EAP packet in an authentication authorization and accounting (AAA) packet, the encapsulating done by the IP gateway; andsending the AAA packet from the IP gateway to an authentication server, the authentication server configured to authenticate both the access terminal and a service of the access terminal based on the EAP protocol.
2. The method of claim 1, wherein the signaling interface is an A11 signaling interface having vendor-specific extensions for carrying the EAP packet.
3. The method of claim 1, further comprising authenticating access based on the EAP packet, and exchanging additional EAP packets with the access terminal over the high rate packet data radio link and the signaling interface to establish a session key.
4. The method of claim 1, further comprising authenticating access based on the EAP packet, and exchanging additional EAP packets with the access terminal over the high rate packet data radio link and the signaling interface to establish a session key, wherein the signaling interface is an A11 signaling interface having vendor-specific extensions for carrying the EAP packet.
5. The method of claim 1, further comprising authenticating access based on the EAP packet and using a challenge-response protocol, and exchanging additional EAP packets with the access terminal over the high rate packet data radio link and the signaling interface to establish a session key.
6. The method of claim 1, further comprising authenticating access based on the EAP packet and using a challenge-response protocol with shared keys, and exchanging additional EAP packets with the access terminal over the high rate packet data radio link and the signaling interface to establish a session key.
7. The method of claim 1, further comprising authenticating access based on the EAP packet and using a certificate-based protocol, and exchanging additional EAP packets with the access terminal over the high rate packet data radio link and the signaling interface to establish a session key.
8. A gateway system for facilitating authenticating access in a mobile wireless network, the gateway system comprising: an IP gateway for receiving an extensible authentication protocol (EAP) packet from an access terminal, the EAP packet received through a radio access network over a high rate packet data radio link and an A11 signaling interface having vendor-specific extensions for carrying the EAP packet;an authenticator of the IP gateway for encapsulating the EAP packet in an authentication authorization and accounting (AAA) packet; andan IP network interface for sending the AAA packet from the IP gateway to an authentication server, the authentication server configured to authenticate both the access terminal and a service of the access terminal based on the EAP protocol.
9. The gateway system of claim 8, wherein the signaling interface is an A11 signaling interface having vendor-specific extensions for carrying the EAP packet.
10. The gateway system of claim 8, wherein the IP network interface is further operable to receive a session key from the authentication server, and wherein the radio access network interface is further operable to send an authentication success signal to the access terminal over the high rate packet data radio link and the signaling interface.
11. The gateway system of claim 8, wherein the signaling interface is an A11 signaling interface having vendor-specific extensions for carrying the EAP packet.
12. A system for authenticating access in a mobile wireless network, the system comprising: a radio network controller;an authentication server; andan IP gateway coupled to the radio network controller and the authentication server;wherein the IP gateway is operable to exchange an extensible authentication protocol (EAP) packet with an access terminal through the radio network controller over a high rate packet data radio link and an A11 signaling interface having vendor-specific extensions for carrying the EAP packet, encapsulate the EAP packet in an authentication authorization and accounting (AAA) packet, and send the AAA packet to the authentication server, the authentication server configured to authenticate both the access terminal and a service of the access terminal based on the EAP protocol.
13. The system of claim 12, wherein the signaling interface is an A11 signaling interface having vendor-specific extensions for carrying the EAP packet.
14. The system of claim 12, wherein the authentication server is operable to authenticate access based on the EAP packet, and to exchange additional EAP packets with the access terminal through the IP gateway and the radio network controller over the high rate packet data radio link and the signaling interface to establish a session key.
15. The system of claim 12, wherein the authentication server is operable to authenticate access based on the EAP packet, and to exchange additional EAP packets with the access terminal through the IP gateway and the radio network controller over the high rate packet data radio link and the signaling interface to establish a session key; wherein the signaling interface is an A11 signaling interface having vendor-specific extensions for carrying the EAP packets.
16. The system of claim 12, wherein the authentication server is operable to authenticate access based on the EAP packet and using a challenge-response protocol, and to exchange additional EAP packets with the access terminal through the IP gateway and the radio network controller over the high rate packet data radio link and the signaling interface to establish a session key.
17. The system of claim 12, wherein the authentication server is operable to authenticate access based on the EAP packet and using a challenge-response protocol with shared keys, and to exchange additional EAP packets with the access terminal through the IP gateway and the radio network controller over the high rate packet data radio link and the signaling interface to establish a session key.
18. The system of claim 12, wherein the authentication server is operable to authenticate access based on the EAP packet and using a certificate-based protocol, and to exchange additional EAP packets with the access terminal through the IP gateway and the radio network controller over the high rate packet data radio link and the signaling interface to establish a session key.
19. The system of claim 12, wherein the authentication server is operable to authenticate access based on the EAP packet and using a challenge-response protocol, and to exchange additional EAP packets with the access terminal through the IP gateway and the radio network controller over the high rate packet data radio link and the signaling interface to establish a session key; wherein the additional EAP packets are encapsulated in AAA packets for transmission between the IP gateway and the authentication server; and wherein the signaling interface is an A11 signaling interface having vendor-specific extensions for carrying the EAP packets.
20. A system for authenticating access in a mobile wireless network, the system comprising: means for receiving an extensible authentication protocol (EAP) packet at an IP gateway from an access terminal; andmeans for sending the LAP packet from an IP gateway to an authentication server in an authentication authorization and accounting (AAA) packet, the authentication server configured to authenticate both the access terminal and a service of the access terminal based on the EAP protocol.
21. The system of claim 20, further comprising means for authenticating the EAP packet, and means for establishing a session key with the access terminal if authentication is successful.

CROSS-REFERENCE TO RELATED APPLICATION

This Application claims priority under 35 U.S.C. §119 of provisional application No. 60/780,176 filed Mar. 6, 2006, entitled VERIZON WIRELESS MULTI-MEDIA PLUS (MMD+) PROGRAM SYSTEM ARCHITECTURE DOCUMENT.

US Referenced Citations (181)

Number	Name	Date	Kind
5602907	Hata et al.	Feb 1997	A
5822411	Swale et al.	Oct 1998	A
5828737	Sawyer	Oct 1998	A
5905736	Ronen et al.	May 1999	A
5909238	Nagashima et al.	Jun 1999	A
5946670	Motohashi et al.	Aug 1999	A
5956391	Melen et al.	Sep 1999	A
5970477	Roden	Oct 1999	A
5987498	Athing et al.	Nov 1999	A
6016509	Dedrick	Jan 2000	A
6035281	Crosskey et al.	Mar 2000	A
6047051	Ginzboorg et al.	Apr 2000	A
6070192	Holt et al.	May 2000	A
6075854	Copley et al.	Jun 2000	A
6131024	Boltz	Oct 2000	A
6137791	Frid et al.	Oct 2000	A
6141684	McDonald et al.	Oct 2000	A
6175879	Shah et al.	Jan 2001	B1
6208977	Hernandez et al.	Mar 2001	B1
6282573	Darago et al.	Aug 2001	B1
6295447	Reichelt et al.	Sep 2001	B1
6330562	Boden et al.	Dec 2001	B1
6332163	Bowman-Amauh	Dec 2001	B1
6339832	Bowman-Amauh	Jan 2002	B1
6434568	Bowman-Amauh	Aug 2002	B1
6434628	Bowman-Amauh	Aug 2002	B1
6438594	Bowman-Amauh	Aug 2002	B1
6442748	Bowman-Amauh	Aug 2002	B1
6466964	Leung et al.	Oct 2002	B1
6477580	Bowman-Amauh	Nov 2002	B1
6477665	Bowman-Amauh	Nov 2002	B1
6480485	Kari et al.	Nov 2002	B1
6490451	Denman et al.	Dec 2002	B1
6493547	Raith	Dec 2002	B1
6496850	Bowman-Amauh	Dec 2002	B1
6502213	Bowman-Amauh	Dec 2002	B1
6510513	Danieli	Jan 2003	B1
6529909	Bowman-Amauh	Mar 2003	B1
6529948	Bowman-Amauh	Mar 2003	B1
6539396	Bowman-Amauh	Mar 2003	B1
6549949	Bowman-Amauh	Apr 2003	B1
6550057	Bowman-Amauh	Apr 2003	B1
6571282	Bowman-Amauh	May 2003	B1
6578068	Bowman-Amauh	Jun 2003	B1
6601192	Bowman-Amauh	Jul 2003	B1
6601234	Bowman-Amauh	Jul 2003	B1
6606660	Bowman-Amauh	Aug 2003	B1
6611821	Stahl et al.	Aug 2003	B2
6615199	Bowman-Amauh	Sep 2003	B1
6615253	Bowman-Amauh	Sep 2003	B1
6615263	Dulai et al.	Sep 2003	B2
6621820	Williams et al.	Sep 2003	B1
6636242	Bowman-Amauh	Oct 2003	B2
6640238	Bowman-Amauh	Oct 2003	B1
6640244	Bowman-Amauh	Oct 2003	B1
6647262	Demetrescu et al.	Nov 2003	B1
6665537	Lioy	Dec 2003	B1
6665718	Chuah et al.	Dec 2003	B1
6671675	Iwamura	Dec 2003	B2
6684243	Euget et al.	Jan 2004	B1
6684256	Warrier et al.	Jan 2004	B1
6708225	Cho et al.	Mar 2004	B1
6714515	Marchand	Mar 2004	B1
6715145	Bowman-Amauh	Mar 2004	B1
6728266	Sabry et al.	Apr 2004	B1
6728365	Li et al.	Apr 2004	B1
6728884	Lim	Apr 2004	B1
6742015	Bowman-Amauh	May 2004	B1
6742036	Das et al.	May 2004	B1
6757371	Kim et al.	Jun 2004	B2
6760444	Leung	Jul 2004	B1
6768726	Dorenbosch et al.	Jul 2004	B2
6769000	Akhtar et al.	Jul 2004	B1
6771623	Ton	Aug 2004	B2
6785256	O'Neill	Aug 2004	B2
6804518	Core et al.	Oct 2004	B2
6826173	Kung et al.	Nov 2004	B1
6829709	Acharya et al.	Dec 2004	B1
6834341	Bahl et al.	Dec 2004	B1
6839338	Amara et al.	Jan 2005	B1
6842906	Bowman-Amuah	Jan 2005	B1
6856676	Pirot et al.	Feb 2005	B1
6889321	Kung et al.	May 2005	B1
6907501	Tariq et al.	Jun 2005	B2
6910074	Amin et al.	Jun 2005	B1
6915345	Tummala et al.	Jul 2005	B1
6917605	Kakemizu et al.	Jul 2005	B2
6920503	Nanji et al.	Jul 2005	B1
6922404	Narayanan et al.	Jul 2005	B1
6925160	Stevens et al.	Aug 2005	B1
6947401	El-Malki et al.	Sep 2005	B2
6961774	Shannon et al.	Nov 2005	B1
6967941	Roy	Nov 2005	B2
6978128	Raman et al.	Dec 2005	B1
6980802	Jung	Dec 2005	B2
6980962	Arganbright et al.	Dec 2005	B1
6981047	Hanson et al.	Dec 2005	B2
6982967	Leung	Jan 2006	B1
6990337	O'Neill et al.	Jan 2006	B2
6993333	Laroia et al.	Jan 2006	B2
7003294	Singhai et al.	Feb 2006	B2
7020697	Goodman et al.	Mar 2006	B1
7024687	Chaudhuri et al.	Apr 2006	B2
7028311	Roach et al.	Apr 2006	B2
7039027	Bridgelall	May 2006	B2
7054268	Paranteinen et al.	May 2006	B1
7079499	Akhtar et al.	Jul 2006	B1
7082301	Jagadeesan et al.	Jul 2006	B2
7103359	Heinonen et al.	Sep 2006	B1
7127234	Ishii	Oct 2006	B2
7130286	Koodli et al.	Oct 2006	B2
7133386	Holur et al.	Nov 2006	B2
7151758	Kumaki et al.	Dec 2006	B2
7154868	Sharma et al.	Dec 2006	B1
7161914	Shoaib et al.	Jan 2007	B2
7171555	Salowey et al.	Jan 2007	B1
7184418	Baba et al.	Feb 2007	B1
7187931	Trossen	Mar 2007	B2
7190793	Hsu	Mar 2007	B2
7197763	Hsu	Mar 2007	B2
7212821	Laroia et	May 2007	B2
7230951	Mizell, et al.	Jun 2007	B2
7233583	Asthana et al.	Jun 2007	B2
7251733	Haverinen et al.	Jul 2007	B2
7263371	Das et al.	Aug 2007	B2
7269727	Mukherjee et al.	Sep 2007	B1
7272122	Trossen et al.	Sep 2007	B2
7272123	Wall	Sep 2007	B2
7275156	Balfanz et al.	Sep 2007	B2
7389106	Dawson et al.	Jun 2008	B2
20010023428	Miyazaki et al.	Sep 2001	A1
20020021681	Madour	Feb 2002	A1
20020023174	Garrett et al.	Feb 2002	A1
20020036982	Chen	Mar 2002	A1
20020059114	Cockrill et al.	May 2002	A1
20020091802	Paul et al.	Jul 2002	A1
20020138601	Piponius et al.	Sep 2002	A1
20020151312	Bos et al.	Oct 2002	A1
20030021252	Harper et al.	Jan 2003	A1
20030039237	Forslow	Feb 2003	A1
20030154400	Pirttimaa et al.	Aug 2003	A1
20030187817	Agrawal et al.	Oct 2003	A1
20030217165	Buch et al.	Nov 2003	A1
20040114553	Jiang et al.	Jun 2004	A1
20040162876	Kohavi	Aug 2004	A1
20040162892	Hsu	Aug 2004	A1
20040196821	Haddad et al.	Oct 2004	A1
20040210524	Benenati et al.	Oct 2004	A1
20040214576	Myers et al.	Oct 2004	A1
20040259562	Madour	Dec 2004	A1
20050002407	Shaheen et al.	Jan 2005	A1
20050025132	Harper et al.	Feb 2005	A1
20050130659	Grech et al.	Jun 2005	A1
20050149651	Doak et al.	Jul 2005	A1
20050176428	Gabor et al.	Aug 2005	A1
20050195766	Nasieiski et al.	Sep 2005	A1
20050201324	Zheng	Sep 2005	A1
20050213606	Huang et al.	Sep 2005	A1
20050220039	Hoshino et al.	Oct 2005	A1
20050278420	Hartikainen et al.	Dec 2005	A1
20050286709	Horton et al.	Dec 2005	A1
20060014547	Walter	Jan 2006	A1
20060018272	Mutikainen et al.	Jan 2006	A1
20060077924	Rune	Apr 2006	A1
20060116113	Gass	Jun 2006	A1
20060126630	Shirazipour et al.	Jun 2006	A1
20060171310	Ahluwalia et al.	Aug 2006	A1
20060251038	Tamura et al.	Nov 2006	A1
20060253703	Eronen et al.	Nov 2006	A1
20060264207	Tamura et al.	Nov 2006	A1
20060268819	Chen et al.	Nov 2006	A1
20070008882	Oran	Jan 2007	A1
20070036312	Cai et al.	Feb 2007	A1
20070086582	Tai et al.	Apr 2007	A1
20070094712	Gibbs et al.	Apr 2007	A1
20070101122	Guo	May 2007	A1
20070121615	Weill et al.	May 2007	A1
20070121642	Battin et al.	May 2007	A1
20070153720	Baglin et al.	Jul 2007	A1
20070254661	Chowdhury	Nov 2007	A1
20070291756	Akhtar et al.	Dec 2007	A1

Foreign Referenced Citations (3)

Number	Date	Country
WO 9826381	Dec 1997	WO
WO 9931610	Dec 1998	WO
WO 2005107297	Nov 2005	WO

Related Publications (1)

	Number	Date	Country
	20070217610 A1	Sep 2007	US

Provisional Applications (1)

	Number	Date	Country
	60780176	Mar 2006	US

System and method for access authentication in a mobile wireless network

Information

Patent Number

Date Filed

Date Issued

Inventors

Original Assignees

Examiners

Agents

CPC

US Classifications

Field of Search

US

International Classifications

Term Extension