The invention concerns authentication to be performed in a telecommunications network, especially in an IP network. To allow a simple and smooth authentication of users of IP networks in a geographically large area, the IP network's terminal (TE1) uses a subscriber identity module (SIM) as used in a separate mobile communications system (MN), whereby a response may be determined from the challenge given to the identity module as input. The IP network also includes a special security server (SS), to which a message about a new user is transmitted when a subscriber attaches to the IP network. The subscriber's authentication information containing at least a challenge and a response is fetched from the said mobile communications system to the IP network and authentication is carried out based on the authentication information obtained from the mobile communications system by transmitting the said challenge through the IP network to the terminal, by generating a response from the challenge in the terminal's identity module and by comparing the response with the response received from the mobile communications system. Such a database (DB) may also be used in the system, wherein subscriber-specific authentication information is stored in advance, whereby the information in question need not be fetched from the mobile communications system when a subscriber attaches to the network.
A system and method for communication service portability include the ability to receive, at an access point, a registration request for a user of an endpoint and to generate, based on the received registration request, a registration request for a wireless network authorization module, the generated registration request containing information from a user information module. The system and method also include the ability to receive a response to the generated registration request, to determine whether the generated registration request has been accepted, and to generate a response to the received registration request based on the status of the received response.
A system and method for facilitating communications in a network includes receiving a message from a mobile unit having a contact address. A proxy establishes a contact alias associated with the mobile unit and the contact address. The proxy intercepts and identifies at least one signaling message that includes the contact alias. The proxy compresses the at least one signaling message that includes the contact alias. The compressed at least one signaling message is routed to the mobile unit with the contact address.
A communication processing system which allows a secure communication with a mobile terminal via a network. The communication processing system includes a server which provides a common key used to encrypt and decrypt data transmitted between communication terminals, and provides information about locations of communication terminals on the network. The server generates a session key and provides it to communication terminals. The server has a database in which location information of mobile terminals is stored. If the server receives, from a calling terminal, data designating a destination terminal, the server searches the database using an IP address of the destination terminal as a search key to acquire the latest location information of the destination terminal, and the server transmits encrypted data including a session key and address data of the destination terminal to the calling terminal.
Systems and methods employing authenticated connections to a central server to establish and authenticate a peer-to-peer connection between peer devices. The invention circumvents the potential vulnerability of clear-text transmission of secrets through a series of encrypted data transfers. A secret key is encrypted and then transmitted from one peer device to another using authenticated connections to the server. The secret key is then used to transmit encrypted data over a peer connection between the peer devices for the purpose of authenticating the peer devices on each end of the connection.
A method for restricting the use of a mobile terminal including generating a coded value corresponding to a user authentication card, and determining whether or not the mobile terminal is available for use based on the generated coded value. Further, determining whether or not the mobile terminal is available for use includes checking whether or not the generated coded value is on a registration coded value list, and checking whether or not the generated coded value is on a prohibition coded value list if the generated coded value is not on the registration coded value list. The method also includes storing the generated coded value in a temporary coded value list and setting the mobile terminal in a first lock mode when the generated coded value is not on the registration or prohibition coded value lists, transmitting a lost terminal message to a loss management server, determining, by the loss management server, if the mobile terminal has been reported lost, and setting the mobile terminal in a second lock mode if the mobile terminal has been reported lost.
