US20090025070A1 - System and method to enable subscriber self-activation of wireless data terminals - Google Patents
System and method to enable subscriber self-activation of wireless data terminals Download PDFInfo
- Publication number
- US20090025070A1 US20090025070A1 US12/178,551 US17855108A US2009025070A1 US 20090025070 A1 US20090025070 A1 US 20090025070A1 US 17855108 A US17855108 A US 17855108A US 2009025070 A1 US2009025070 A1 US 2009025070A1
- Authority
- US
- United States
- Prior art keywords
- network
- wireless device
- wireless
- ism
- msid
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/043—Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
- H04W12/0431—Key distribution or pre-distribution; Key agreement
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2103—Challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M1/00—Substation equipment, e.g. for use by subscribers
- H04M1/66—Substation equipment, e.g. for use by subscribers with means for preventing unauthorised or fraudulent calling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
- H04W12/72—Subscriber identity
Definitions
- This invention relates to telecommunications. More particularly, the invention relates to a method and apparatus for secure, immediate, wireless access in a telecommunications network.
- wireless applications are expanding to include a wide variety of high-volume, intermittent wire-less use scenarios such as wireless modems, telemetry transmitters, emergency-only devices and wireless handset rentals for business and vacation travelers. While the overall revenue potential for serving this market is enormous, many of these applications could cost more to provision than the carriers would realize in profits. This is true because wireless carriers commonly come from a landline background, and use the call center-based methodology for service provisioning that is traditional for that market.
- the call center-based provisioning process requires the customer to use a landline telephone to access an agent in the carrier's call center.
- the agent collects information such as the customer's location, credit information, equipment description, and services requested. This information is entered manually into a proprietary system, which relays it to the many internal systems required to provision the wireless network for device activation.
- the agent may also provide verbal device provisioning instructions to the user, who then activates the device manually.
- Some of the information provided to the agent during the provisioning process requires basic data entry on the part of the operator. Other elements require action by the agent, such as checking credit history and ensuring that the device the customer wants to activate is certified and has been purchased through appropriate channels.
- the preferred embodiment of the invention comprises a wireless device and messaging system that provides Secure Immediate Wireless Access (SIWA) to wireless device onto existing wireless networks, such as GSM, CDMA, TDMA, and analog (AMPS).
- SIWA Secure Immediate Wireless Access
- AMPS analog
- the SIWA protocol uses existing wireless network messaging to exchange information between wireless devices and a network server, referred to herein as an Intelligent Service Manager (ISM).
- ISM Intelligent Service Manager
- the ISM acts as a gateway between wireless devices and wireless service providers, and provides the wireless devices with an immediate limited or unlimited access to the wireless network.
- the ISM can also deny access to the wireless network from unauthorized wireless devices.
- FIGS. 1A and 1B is a flow diagram of a bootstrap process for CDMA/TDMA/analog systems using an SSD update procedure with global challenge according to the invention
- FIGS. 2A and 2B is a flow diagram of a bootstrap process for CDMA/TDMA/analog systems using an SSD update procedure with unique challenge according to the invention
- FIGS. 3A and 3B is a flow diagram of a bootstrap process for CDMA/TDMA/analog systems using a data transport bearer according to the invention
- FIGS. 4A and 4B is a flow diagram of a bootstrap process for GSM systems using a data transport bearer according to the invention
- FIGS. 5A and 5B is a flow diagram of a bootstrap process for GSM systems using a data transport bearer and session purchase according to the invention.
- FIGS. 6A and 6B is a flow diagram of a bootstrap process for CDMA systems using a data transport bearer and session purchase according to the invention.
- the preferred embodiment of the invention comprises a wireless telephone and messaging system that provides Secure Immediate Wireless Access (SIWA) to wireless telephones onto existing wireless networks, such as GSM, CDMA, TDMA, and analog (AMPS).
- SIWA Secure Immediate Wireless Access
- the SIWA protocol uses existing wireless network messaging to exchange information between wireless devices (MS) and a network server, referred to herein as an Intelligent Service Manager (ISM).
- MS wireless devices
- ISM Intelligent Service Manager
- the ISM acts as a gateway between wireless devices and wireless service providers, and provides the wireless devices with an immediate limited or unlimited access to the wireless network.
- the ISM can also deny access to the wireless network from unauthorized wireless devices.
- wireless service providers Another benefit to wireless service providers is the market opportunity increases the user base by offering wireless communications for new purposes (e.g. telemetry, telematics) as well as new distribution channels (e.g. convenience stores).
- new purposes e.g. telemetry, telematics
- new distribution channels e.g. convenience stores
- a benefit to wireless users is the easy access to services offered by wireless service provider with no preliminary obligations and instant gratification. Furthermore, wireless devices that are configured to work with multiple service providers allow the user to selectively choose between them.
- the ISM is a trusted gatekeeper that allows them to provide services with an automated subscriber management and network resource assignment.
- the herein disclosed SIWA does not require the implementation of extensions to existing wireless network protocols, nor does it require changes to existing wireless network elements, such as BTS, BSC, MSC, VLR, HLR and/or AC.
- the invention makes an efficient use of Mobile Station ID (MSID, also known as IMSI in GSM, MIN in TDMA and Analog, and MIN or IMSI in CDMA) by allocating them on a session basis where session can be dynamically defined, e.g. time or capacity limits.
- Business model logic can also include additional information needed to manage sessions. Such information might include rules on account/session expiration, phone number recycling, phone number multiplexing requirements, and interaction with other network-based applications.
- a conventional prepaid subscription can be defined as a session that starts when a user purchase its initial airtime and end after no airtime is being purchased for a pre-determined time.
- a telemetry wireless device (a transmitter) example might define a session that start every time the device registers on the network and end when its transmitted message is sent to destination.
- MSDN also known as MSISDN in GSM or MDN in CDMA/TDMA/Analog
- the wireless device is identified in the figures by the designation MS
- the network elements are identified in the figures by the designation BS/MSC/VLR
- the intelligent service manager is identified in the figures by the designation ISM.
- This layer concerns Wireless Sessions, which provide a limited or unlimited proof to use a particular service. Such limit could be, for example, time based, usage based, content based, or single use.
- the Wireless Session is comprised of a ⁇ SiwaID, SiwaKey> pair, which uniquely identifies the Wireless Session and proves it is authentic, genuine, and valid. Note that the SiwaID is unique among Wireless Sessions and includes the services with which it is associated.
- the process of acquiring a Wireless Session is referred to herein as a bootstrap process.
- the abstraction layer primarily concerns the following Wireless Session Operations:
- SessionPromote an operation invoked by ISM to provide the user with an option to purchase a session for a service.
- SessionPurchase an operation invoked by user/device to purchase a session for a service.
- SessionGranted an operation invoked by ISM to provide the user with the ⁇ SiwaID, SiwaKey> of a valid session.
- SessionDenied an operation invoked by ISM to provide the user with the reason of the purchase failure.
- SessionChallenge an operation invoked by ISM to ask for the authenticity of a session.
- SessionProof an operation invoked by user/device to provide the ISM with a proof of the session authenticity.
- SessionApproved an operation invoked by ISM to approve the user/device use the session.
- SessionExpired an operation invoked by ISM to deny a session due to service expiration.
- SessionDepleted an operation invoked by ISM to deny session due to service to depletion.
- SessionFraudulent an operation invoked by ISM to deny session due to lack of authenticity.
- SessionProvideInfo an operation invoked by user/device to provide session information such as expiration or usage.
- Sessioninfo an operation invoked by ISM to provide the user/device with session information, which could be unsolicited as well.
- This layer concerns the actual mapping of the logical operations described into the existing wireless network.
- the MS checks for the Wireless Session status. If a non-active Wireless Session status is detected, the MS then changes its state to “Bootstrap Process Initiated”. The MS selects a bootstrap network identity and remains in the bootstrap state until a SessionGranted is received.
- the SessionGranted provides the mobile network identity, that is the assigned Mobile Station ID or MSID. It could also include a new SiwaKey or a derived key, such as an A-Key (e.g. in CDMA/TDMA/Analog).
- the SessionGranted returns the bootstrap network identity back to the MS for a limited use, such as one time use or limited time use. This would enable occasional and bursty-data transmitters use the bootstrap network identifier for the duration of the data transmission, therefore conserve network identifiers.
- the newly assigned network identity is programmed into the MS and the MS is required to re-initiate its network access using its new identity.
- the ISM can decide to invalidate the provided Wireless Session as a result of an expiration or usage depletion.
- the MS preferably always checks the Wireless Session status before re-initiating its network access.
- the MS selects an MSID for use during the bootstrap process.
- This MSID is allocated from a plurality of bootstrap MSIDs known to the network. Different bootstrap MSID selection algorithm could apply using different allocation schemes, for example using carrier or national or global specific pools, location sensitive pools, etc.
- an MSID collision between two bootstrapping devices either one of the colliding devices can be rejected from the network, i.e. an authentication failure. Once detected, the MS is required to initiate a new bootstrap process.
- the MS once powered on and after scanning the available networks, interacts with the user to select the desired service provider.
- the MS selects a bootstrap MSID known by the selected network.
- the bootstrap process can include a session purchase phase, where the user is acknowledged with a session promotion that could be purchased from the MS itself after certain user information is collected.
- the ISM sends a SessionPromote message to the MS.
- the MS returns a SessionPurchase message with the user information included, and a SessionGranted acknowledges the purchase in case of a successful purchase or a SessionDenied indicates a failure.
- the purchase phase can use any circuit and non-circuit data transport layer and data transport bearer (e.g. SMS, USSD, GPRS, UMTS, CDMA, CDMA EV-DO, cdmaOne and cdma2000) for message exchange between ISM and the MS. It can also be encapsulated in higher Likewise; in case the session was pre-purchased the bootstrap process can include a NULL session purchase phase, in which no SessionPromote or SessionPurchase messages are exchanged.
- NULL session purchase phase in
- FIGS. 1A and 1B are a flow diagram of a bootstrap process for CDMA/TDMA/analog systems using an SSD update procedure and global challenge according to the invention.
- the bootstrap process begins by generating a general bootstrap MSID, which allows the wireless device MS to access the network.
- the wireless device includes a proof of the SiwaID signed by SiwaKey and the global challenge when registering onto the network.
- the BS/MSC/VLR forward an authentication request to the Intelligent Service Manager ISM.
- the ISM responds by initiating an SSD Update process via the network to the wireless device in which the device and ISM exchange additional access information.
- a unique challenge is used to verify that both sides of the communication, i.e.
- the wireless device and the ISM are in sync such that session keys between the pair can be derived.
- a profile is then downloaded to BS/MSC/VLR the network to complete the bootstrap registration process.
- the wireless device re-initiates a registration process using its new assigned network ID.
- FIGS. 2A and 2B are a flow diagram of a bootstrap process for CDMA/TDMA/analog systems using an SSD update procedure with unique challenge according to the invention.
- the bootstrap process begins by generating a general bootstrap MSID, which allows the wireless device MS to access the network.
- the BS/MSC/VLR retrieve unique challenge parameters from ISM and explicitly challenge the wireless device that respond with a proof of the SiwaID signed by SiwaKey.
- the BS/MSC/VLR forward an authentication response to the ISM.
- the ISM responds by initiating an SSD Update process via the network to the wireless device in which the device and ISM exchange additional access information.
- An additional unique challenge is used to verify that both sides of the communication, i.e.
- the wireless device and the ISM are in sync such that session keys between the pair can be derived.
- a profile is then downloaded to BS/MSC/VLR the network to complete the bootstrap registration process.
- the wireless device re-initiates a registration process using its new assigned network ID.
- FIGS. 3A and 3B are a flow diagram of a bootstrap process for CDMA/TDMA/analog systems using a data transport bearer according to the invention.
- the bootstrap process proceeds as with the discussion in connection with FIG. 1 above.
- the initial identification of the MS can be the electronic serial number ESN signed by handset's manufacturer key.
- the ISM downloads a profile to the network that enables the transport layer as a service. Thereafter a data connection is established, if required. The data connection could be triggered either by ISM or by the MS. Alternatively, ISM can initiate additional SSD Update process as in FIG. 1 above where the RANDSSD contains a specific command instructing the MS to initiate a data connection to purchase a session.
- ISM and wireless device mutually authenticate each other and ISM assigns new network ID.
- An additional signature exchange is used to verify that both sides of the communication, i.e. the wireless device and the ISM are in sync such that session keys between the pair can be derived.
- the wireless device re-initiates a registration process using its new assigned network ID.
- FIGS. 4A and 4B are a flow diagram of a bootstrap process for GSM systems using a data transport bearer according to the invention.
- the data transport layer can be SMS, GPRS, EDGE, UMTS, or a data call using a circuit switch.
- the data connection may be set-up by the network, or by the wireless device. In the case of SMS, there is no need for a set-up.
- the system can add a message signature for message integrity.
- the authentication encryption may include standard cryptographic techniques such as x.509, anonymous RSA, Diffie-Hellman (WTLS) or IKE. Message sequence numbers may also be used to avoid message duplications.
- FIGS. 5A and 5B are a flow diagram of a bootstrap process for GSM systems using a data transport bearer and session purchase according to the invention.
- the session purchase phase may include a promotion of several sessions each offers different service and payment methods where the purchase command preferable includes the chosen service and payment.
- FIGS. 6A and 6B are a flow diagram of a bootstrap process for CDMA/TDMA/analog systems using a data transport bearer and session purchase according to the invention.
- the initial authentication at the first network access could authenticate the ESN and a manufacturer key thereby certifying the device.
- FIGS. 1-6 are now discussed in greater detail with regard to the actual exchange of information between the wireless device MS, the network, BS/MS/VLR, and the intelligent service manager ISM.
- B-ESN GenerateBootstrapESN(SiwaID) 10 .
- RANDBS BuildMSCommand (ESN, SiwaKey) and send it to the network using BS-CHALLENGE [B-MSID, B-ESN, RANDBS] 19 message which is forwarded as BSCHALL [B-MISD, B-ESN, RANDBS] 20 to the ISM.
- the VLR then forward the registration request using REGNOT [B-MSID, B-ESN] 32 to ISM who download the service profile to VLR with a regnot [B-MSID, B-ESN, profile] 33 which is then forwarded as REGISTRATION ACCEPT [B-MSID, B-ESN] 34 to the MS.
- the MS saves the appropriate information Save MSID, Akey, SSDA and SSDB 35 and is then deregister itself from the network using POWER-OFF-REGISTRATION [B-MSID, B-ESN] 36 .
- the ISM cancels the registration with REGCANC [B-MSID, B-ESN] 37 and receives acknowledgement from the network with regcanc [B-MSID, B-ESN] 38 so other MSs may use B-MSID.
- B-ESN GenerateBootstrapESN(SiwaID) 50 . It, initiates a REGISTRATION REQUEST [B-MSID, B-ESN] 52 to BS/MSC/VLR.
- the BS/MSC/VLR send an AUTHREQ [B-MSID, B-ESN] 53 to ISM in order to authenticate the MS.
- ISM then, sends authreq [B-MSID, B-ESN, RANDU] 55 to BS/MSC/VLR.
- BS/MSC/VLR send UNIQUE CHALLENGE [B-MSID, B-ESN, RANDU] 56 to the MS.
- RANDBS BuildMSCommand (ESN, SiwaKey) 63 and send it to the network using BS-CHALLENGE [B-MSID, B-ESN, RANDBS] 64 , which is forwarded as BSCHALL [B-MISD, B-ESN, RANDBS] 65 to the ISM.
- the VLR then forward the registration request REGNOT [B-MSID, B-ESN] 77 to ISM who download the service profile to VLR with a regnot [B-MSID, B-ESN, profile] 78 , which is then forwarded as REGISTRATION ACCEPT [B-MSID, B-ESN] 79 to the MS.
- the MS saves the appropriate information Save MSID, Akey, SSDA and SSDB 80 and is then deregister itself from the network using POWER-OFF-REGISTRATION [B-MSID, B-ESN] 81 .
- the ISM cancels the registration with REGCANC [B-MSID, B-ESN] 82 and receives acknowledgement from the network with regcanc [B-MSID, B-ESN] 83 so other MSs may use B-MSID.
- the MS then sends REGISTRATION REQUEST [MSID, ESN] 84 to the network at this point registration continues as a regular registration.
- an optional data connection establishment phase 100 may be executed.
- the MS may generate a network challenge to authenticate ISM.
- MSID MIN or IMSI
- MDN MDN
- the MS is then deregisters from the network using POWER-OFF-REGISTRATION [B-MIN, B-ESN] 110 .
- the ISM cancels the registration with REGCANC [B-MSID, B-ESN] 111 and receives acknowledgement from the network with regcanc [B-MSID, B-ESN] 112 so other MSs may use B-MSID.
- the VLR sends AuthenticateReq [B-IMSI, RAND] 125 to the MS.
- An UpdateLocationReq [B-IMSI] 129 is sent to the ISM by VLR.
- ISM allocates a temporary phone number T-MSISDN 130 and responds by downloading the subscriber's bootstrap profile to VLR using InsertSubscriberDataReq [B-IMSI, T-MSISDN] 131 .
- VLR responds with InsertSubscriberDataRes [B-IMSI, T-MSISDN] 132 .
- ISM sends UpdateLocationRes [B-IMSI] 133 to confirm the registration, which is forwarded to MS by the network using LocationUpdateRes [TMSI, SUCCESS] 134 .
- an optional data connection establishment phase 135 either network originated or MS originated, may be executed. For SMS such a connection establishment is not required.
- the MS may generate a network challenge to authenticate ISM. The MS may choose to encrypt the message sent to ISM with ISM PUBLICKEY.
- Ki GenerateSessionKey(IMSI, IMEI, MSISDN, RAND, SiwaID SiwaKey) 143 .
- the MS is then deregisters from the network using IMSI DETACH [B-IMSI] 145 , which is acknowledged by VLR using IMSI Detach Res [B-IMSI] 146 .
- the ISM cancels the VLR bootstrap registration with CancelLocationReq [B-IMSI] 147 and receives acknowledgement from the network with CancelLocationRes[B-IMSI] 148 so other MSs may use B-IMSI.
- the MS initiate a registration with its new IMSI using LocationUpdatereq [IMSI] 149 to the network at this point registration continues as a regular registration 150 .
- the VLR sends AuthenticateReq [B-IMSI, RAND] 165 to the MS.
- An UpdateLocationReq [B-IMSI] 169 is sent to the ISM by VLR.
- ISM allocates a temporary phone number T-MSISDN 170 and responds by downloading the subscriber's bootstrap profile to VLR using InsertSubscriberDataReq [B-IMSI, T-MSISDN] 171 .
- VLR responds with InsertSubscriberDataRes [B-IMSI, T-MSISDN] 172 .
- ISM sends UpdateLocationRes [B-IMSI] 173 to confirm the registration, which is forwarded to MS by the network using LocationUpdateRes [TMSI, SUCCESS] 174 .
- an optional data connection establishment phase 175 either network originated or MS originated, may be executed. For SMS such a connection establishment is not required.
- MS may optionally check the ServerCertificate, select a purchase session encryption key PURCHASE 177 , this could be pre-assigned or using known PKI technique. The MS may choose to encrypt the message sent to ISM with ISM PUBLICKEY.
- ISM and MS start message exchange to promote a session purchase and to collect user's selection and billing information and commit an online purchase transaction.
- Such a transaction can include credit authorization that may be required for postpaid subscribers.
- ISM allocates new SiwaID and generates an associated SiwaKey 181 . It then allocates new MSID (i.e. IMSI) and MSISDN 181 .
- ISM may return B-IMSI back to MS as the allocated IMSI.
- the MS saves newly assigned SiwaID, SiwaKey, IMSI and MSISDN.
- Ki GenerateSessionKey(IMSI, IMEI, MSISDN, RAND, SiwaID SiwaKey) 185 .
- the MS is then deregisters from the network using IMSI DETACH [B-IMSI] 187 , which is acknowledged by VLR using IMSI Detach Res [B-IMSI] 188 .
- the ISM cancels the VLR bootstrap registration with CancelLocationReq [B-IMSI] 189 and receives acknowledgement from the network with CancelLocationRes [B-IMSI] 190 so other MSs may use B-IMSI.
- the MS initiate a registration with its new IMSI using LocationUpdateReq [IMSI] 191 to the network at this point registration continues as a regular registration 192 .
- BS/MSC/VLR respond with REGNOT [B-MSID, B-ESN] 207 to the ISM.
- ISM downloads the MS profile information with regnot [B-MSID, B-ESN, profile] 208 and REGISTRATION ACCEPT [B-MSID, B-ESN] 209 is forwarded to the MS.
- an optional data connection establishment phase 210 either network originated or MS originated, may be executed. For SMS such a connection establishment is not required.
- MS may optionally check the ServerCertificate, select a purchase session encryption key PURCHASE 212 , this could be pre-assigned or using known PKI technique. The MS may choose to encrypt the message sent to ISM with ISM PUBLICKEY.
- ISM and MS start message exchange to promote a session purchase and to collect user's selection and billing information and commit an online purchase transaction.
- Such a transaction can include credit authorization that may be required for postpaid subscribers.
- ISM allocates new SiwaID and generates an associated SiwaKey 216 . It then allocates new MSID (i.e. MIN or IMSI) and MDN 216 .
- the MS saves newly assigned SiwaID, SiwaKey, MSID and MDN.
- the MS is then deregisters from the network using POWER-OFF-REGISTRATION [B-MIN, B-ESN] 222 .
- the ISM cancels the registration with REGCANC [B-MSID, B-ESN] 223 and receives acknowledgement from the network with regcanc [B-MSID, B-ESN] 224 so other MSs may use B-MSID.
Abstract
A wireless telephone and messaging system provides Secure Immediate Wireless Access (SIWA) to wireless telephones onto existing wireless networks, such as GSM, CDMA, TDMA, and analog (AMPS). The SIWA protocol uses existing wireless network messaging to exchange information between wireless devices and a network server, referred to herein as an Intelligent service manger (ISM). The ISM acts as a gateway between wireless devices and wireless service provider, and provides the wireless devices with an immediate limited or unlimited access to the wireless network. The ISM can also deny access to the wireless network from unauthorized wireless devices.
Description
- This application is a divisional of U.S. patent application Ser. No. 10/136,712, filed Apr. 30, 2002, which claims benefit of U.S. Provisional Patent application No. 60/361,816, filed Mar. 4, 2002.
- 1. Technical Field
- This invention relates to telecommunications. More particularly, the invention relates to a method and apparatus for secure, immediate, wireless access in a telecommunications network.
- 2. Description of the Prior Art
- Many useful voice and data wireless applications are not cost-effective for carriers to support because the cost of provisioning the network and devices can be greater than the revenue generated from the service. Implementing instant wireless activation and provisioning eliminates the needed for call center agents to provide basic device provisioning and activation services, increasing provisioning speed and accuracy. In addition, the technology infrastructure used for instant activation and provisioning inherently supports Wireless Sessions in which network resources are used only on demand.
- This allows carriers to support more customers with the same network resources. The cost-savings resulting from instant wireless activation, provisioning and Wireless Sessions can enable carriers to increase operating margins across al markets, and profitably serve lower ARPU and intermittent-use applications such as prepaid wireless phones. This capability is critical to overall carrier competitive success because of the fast market growth and high overall revenue potential for these applications.
- In today's markets, wireless operators are facing three key issues: falling ARPU, the need to reduce acquisition costs and the need to reduce the cost of operating and maintaining customers. Operators are spending millions of dollars in device activation and provisioning costs today, a cost believed to be constant and unchangeable.
- Furthermore, the potential of wireless applications is expanding to include a wide variety of high-volume, intermittent wire-less use scenarios such as wireless modems, telemetry transmitters, emergency-only devices and wireless handset rentals for business and vacation travelers. While the overall revenue potential for serving this market is enormous, many of these applications could cost more to provision than the carriers would realize in profits. This is true because wireless carriers commonly come from a landline background, and use the call center-based methodology for service provisioning that is traditional for that market.
- The call center-based provisioning process requires the customer to use a landline telephone to access an agent in the carrier's call center. The agent collects information such as the customer's location, credit information, equipment description, and services requested. This information is entered manually into a proprietary system, which relays it to the many internal systems required to provision the wireless network for device activation. The agent may also provide verbal device provisioning instructions to the user, who then activates the device manually.
- Some of the information provided to the agent during the provisioning process, such as the customer's address, requires basic data entry on the part of the operator. Other elements require action by the agent, such as checking credit history and ensuring that the device the customer wants to activate is certified and has been purchased through appropriate channels.
- When customers sign up for extended service contracts with a set monthly fee, the call center-based approach to provisioning, while expensive, is financially viable. Today, a new class of wireless users is emerging that does not ensure fixed monthly revenue. These users want to take advantage of applications in which wireless use may be pre-paid, infrequent, for emergency only, or machine-to-machine.
- While the overall revenue potential for serving this emerging high volume, intermittent-use market is enormous, many of these applications cost more to provision than the carriers would realize in profits under the traditional call center-based provisioning scenario. Even though network costs per user are reduced as more customers are added to the network, there is no corresponding economy of scale on the provisioning side. For these users, the traditional approach to provisioning is not necessarily financially viable for carriers.
- The preferred embodiment of the invention comprises a wireless device and messaging system that provides Secure Immediate Wireless Access (SIWA) to wireless device onto existing wireless networks, such as GSM, CDMA, TDMA, and analog (AMPS). The SIWA protocol uses existing wireless network messaging to exchange information between wireless devices and a network server, referred to herein as an Intelligent Service Manager (ISM). The ISM acts as a gateway between wireless devices and wireless service providers, and provides the wireless devices with an immediate limited or unlimited access to the wireless network. The ISM can also deny access to the wireless network from unauthorized wireless devices.
-
FIGS. 1A and 1B is a flow diagram of a bootstrap process for CDMA/TDMA/analog systems using an SSD update procedure with global challenge according to the invention; -
FIGS. 2A and 2B is a flow diagram of a bootstrap process for CDMA/TDMA/analog systems using an SSD update procedure with unique challenge according to the invention; -
FIGS. 3A and 3B is a flow diagram of a bootstrap process for CDMA/TDMA/analog systems using a data transport bearer according to the invention; -
FIGS. 4A and 4B is a flow diagram of a bootstrap process for GSM systems using a data transport bearer according to the invention; -
FIGS. 5A and 5B is a flow diagram of a bootstrap process for GSM systems using a data transport bearer and session purchase according to the invention; and -
FIGS. 6A and 6B is a flow diagram of a bootstrap process for CDMA systems using a data transport bearer and session purchase according to the invention. - The preferred embodiment of the invention comprises a wireless telephone and messaging system that provides Secure Immediate Wireless Access (SIWA) to wireless telephones onto existing wireless networks, such as GSM, CDMA, TDMA, and analog (AMPS). The SIWA protocol uses existing wireless network messaging to exchange information between wireless devices (MS) and a network server, referred to herein as an Intelligent Service Manager (ISM). The ISM acts as a gateway between wireless devices and wireless service providers, and provides the wireless devices with an immediate limited or unlimited access to the wireless network. The ISM can also deny access to the wireless network from unauthorized wireless devices.
- One benefit to wireless service providers is lower operational costs increasing marginal returns associated with subscriber acquisition.
- Another benefit to wireless service providers is the market opportunity increases the user base by offering wireless communications for new purposes (e.g. telemetry, telematics) as well as new distribution channels (e.g. convenience stores).
- A benefit to wireless users is the easy access to services offered by wireless service provider with no preliminary obligations and instant gratification. Furthermore, wireless devices that are configured to work with multiple service providers allow the user to selectively choose between them.
- To service providers, the ISM is a trusted gatekeeper that allows them to provide services with an automated subscriber management and network resource assignment.
- In comparison to existing over-the-air activation solutions, the herein disclosed SIWA does not require the implementation of extensions to existing wireless network protocols, nor does it require changes to existing wireless network elements, such as BTS, BSC, MSC, VLR, HLR and/or AC. The invention makes an efficient use of Mobile Station ID (MSID, also known as IMSI in GSM, MIN in TDMA and Analog, and MIN or IMSI in CDMA) by allocating them on a session basis where session can be dynamically defined, e.g. time or capacity limits. Business model logic can also include additional information needed to manage sessions. Such information might include rules on account/session expiration, phone number recycling, phone number multiplexing requirements, and interaction with other network-based applications. For example, a conventional prepaid subscription can be defined as a session that starts when a user purchase its initial airtime and end after no airtime is being purchased for a pre-determined time. A telemetry wireless device (a transmitter) example might define a session that start every time the device registers on the network and end when its transmitted message is sent to destination.
- An important benefit of the invention is the efficient assignment of MSDN (also known as MSISDN in GSM or MDN in CDMA/TDMA/Analog) on a per need basis.
- For purposes of the discussion herein, the wireless device is identified in the figures by the designation MS, the network elements are identified in the figures by the designation BS/MSC/VLR, and the intelligent service manager is identified in the figures by the designation ISM.
- The presently preferred embodiment of SIWA is composed of two major layers:
- This layer concerns Wireless Sessions, which provide a limited or unlimited proof to use a particular service. Such limit could be, for example, time based, usage based, content based, or single use. The Wireless Session is comprised of a <SiwaID, SiwaKey> pair, which uniquely identifies the Wireless Session and proves it is authentic, genuine, and valid. Note that the SiwaID is unique among Wireless Sessions and includes the services with which it is associated. The process of acquiring a Wireless Session is referred to herein as a bootstrap process.
- In connection with the preferred embodiment of the invention, the abstraction layer primarily concerns the following Wireless Session Operations:
- SessionPromote—an operation invoked by ISM to provide the user with an option to purchase a session for a service.
- SessionPurchase—an operation invoked by user/device to purchase a session for a service.
- SessionGranted—an operation invoked by ISM to provide the user with the <SiwaID, SiwaKey> of a valid session.
SessionDenied—an operation invoked by ISM to provide the user with the reason of the purchase failure. - SessionChallenge—an operation invoked by ISM to ask for the authenticity of a session.
SessionProof—an operation invoked by user/device to provide the ISM with a proof of the session authenticity.
SessionApproved—an operation invoked by ISM to approve the user/device use the session.
SessionExpired—an operation invoked by ISM to deny a session due to service expiration.
SessionDepleted—an operation invoked by ISM to deny session due to service to depletion.
SessionFraudulent—an operation invoked by ISM to deny session due to lack of authenticity. - SessionProvideInfo—an operation invoked by user/device to provide session information such as expiration or usage.
Sessioninfo—an operation invoked by ISM to provide the user/device with session information, which could be unsolicited as well. - This layer concerns the actual mapping of the logical operations described into the existing wireless network.
- The following is a discussion of a typical bootstrap process according to the invention:
- Once the device has been powered on and before the first network access attempt, either registration or call origination, the MS checks for the Wireless Session status. If a non-active Wireless Session status is detected, the MS then changes its state to “Bootstrap Process Initiated”. The MS selects a bootstrap network identity and remains in the bootstrap state until a SessionGranted is received. The SessionGranted provides the mobile network identity, that is the assigned Mobile Station ID or MSID. It could also include a new SiwaKey or a derived key, such as an A-Key (e.g. in CDMA/TDMA/Analog). As an enhancement, the SessionGranted returns the bootstrap network identity back to the MS for a limited use, such as one time use or limited time use. This would enable occasional and bursty-data transmitters use the bootstrap network identifier for the duration of the data transmission, therefore conserve network identifiers.
- Once provided by the ISM, the newly assigned network identity is programmed into the MS and the MS is required to re-initiate its network access using its new identity. In addition, the ISM can decide to invalidate the provided Wireless Session as a result of an expiration or usage depletion. The MS preferably always checks the Wireless Session status before re-initiating its network access.
- The MS selects an MSID for use during the bootstrap process. This MSID is allocated from a plurality of bootstrap MSIDs known to the network. Different bootstrap MSID selection algorithm could apply using different allocation schemes, for example using carrier or national or global specific pools, location sensitive pools, etc. In the case of an MSID collision between two bootstrapping devices, either one of the colliding devices can be rejected from the network, i.e. an authentication failure. Once detected, the MS is required to initiate a new bootstrap process.
- Optionally, the MS, once powered on and after scanning the available networks, interacts with the user to select the desired service provider. The MS then selects a bootstrap MSID known by the selected network.
- Optionally, the bootstrap process can include a session purchase phase, where the user is acknowledged with a session promotion that could be purchased from the MS itself after certain user information is collected. In this case, the ISM sends a SessionPromote message to the MS. The MS returns a SessionPurchase message with the user information included, and a SessionGranted acknowledges the purchase in case of a successful purchase or a SessionDenied indicates a failure. The purchase phase can use any circuit and non-circuit data transport layer and data transport bearer (e.g. SMS, USSD, GPRS, UMTS, CDMA, CDMA EV-DO, cdmaOne and cdma2000) for message exchange between ISM and the MS. It can also be encapsulated in higher Likewise; in case the session was pre-purchased the bootstrap process can include a NULL session purchase phase, in which no SessionPromote or SessionPurchase messages are exchanged.
-
FIGS. 1A and 1B are a flow diagram of a bootstrap process for CDMA/TDMA/analog systems using an SSD update procedure and global challenge according to the invention. With regard toFIG. 1 , the bootstrap process begins by generating a general bootstrap MSID, which allows the wireless device MS to access the network. The wireless device includes a proof of the SiwaID signed by SiwaKey and the global challenge when registering onto the network. The BS/MSC/VLR forward an authentication request to the Intelligent Service Manager ISM. The ISM responds by initiating an SSD Update process via the network to the wireless device in which the device and ISM exchange additional access information. A unique challenge is used to verify that both sides of the communication, i.e. the wireless device and the ISM are in sync such that session keys between the pair can be derived. A profile is then downloaded to BS/MSC/VLR the network to complete the bootstrap registration process. At this point, the wireless device re-initiates a registration process using its new assigned network ID. -
FIGS. 2A and 2B are a flow diagram of a bootstrap process for CDMA/TDMA/analog systems using an SSD update procedure with unique challenge according to the invention. With regard toFIG. 2 , the bootstrap process begins by generating a general bootstrap MSID, which allows the wireless device MS to access the network. The BS/MSC/VLR retrieve unique challenge parameters from ISM and explicitly challenge the wireless device that respond with a proof of the SiwaID signed by SiwaKey. The BS/MSC/VLR forward an authentication response to the ISM. The ISM responds by initiating an SSD Update process via the network to the wireless device in which the device and ISM exchange additional access information. An additional unique challenge is used to verify that both sides of the communication, i.e. the wireless device and the ISM are in sync such that session keys between the pair can be derived. A profile is then downloaded to BS/MSC/VLR the network to complete the bootstrap registration process. At this point, the wireless device re-initiates a registration process using its new assigned network ID. -
FIGS. 3A and 3B are a flow diagram of a bootstrap process for CDMA/TDMA/analog systems using a data transport bearer according to the invention. InFIG. 3 , the bootstrap process proceeds as with the discussion in connection withFIG. 1 above. However, in this case, the initial identification of the MS can be the electronic serial number ESN signed by handset's manufacturer key. The ISM downloads a profile to the network that enables the transport layer as a service. Thereafter a data connection is established, if required. The data connection could be triggered either by ISM or by the MS. Alternatively, ISM can initiate additional SSD Update process as inFIG. 1 above where the RANDSSD contains a specific command instructing the MS to initiate a data connection to purchase a session. ISM and wireless device mutually authenticate each other and ISM assigns new network ID. An additional signature exchange is used to verify that both sides of the communication, i.e. the wireless device and the ISM are in sync such that session keys between the pair can be derived. At this point, the wireless device re-initiates a registration process using its new assigned network ID. -
FIGS. 4A and 4B are a flow diagram of a bootstrap process for GSM systems using a data transport bearer according to the invention. InFIG. 4 , the data transport layer can be SMS, GPRS, EDGE, UMTS, or a data call using a circuit switch. The data connection may be set-up by the network, or by the wireless device. In the case of SMS, there is no need for a set-up. Further, the system can add a message signature for message integrity. The authentication encryption may include standard cryptographic techniques such as x.509, anonymous RSA, Diffie-Hellman (WTLS) or IKE. Message sequence numbers may also be used to avoid message duplications. -
FIGS. 5A and 5B are a flow diagram of a bootstrap process for GSM systems using a data transport bearer and session purchase according to the invention. In connection withFIG. 5 , it should be noted that the session purchase phase may include a promotion of several sessions each offers different service and payment methods where the purchase command preferable includes the chosen service and payment. -
FIGS. 6A and 6B are a flow diagram of a bootstrap process for CDMA/TDMA/analog systems using a data transport bearer and session purchase according to the invention. In connection withFIG. 6 , it should be noted the initial authentication at the first network access could authenticate the ESN and a manufacturer key thereby certifying the device. -
FIGS. 1-6 are now discussed in greater detail with regard to the actual exchange of information between the wireless device MS, the network, BS/MS/VLR, and the intelligent service manager ISM. - In
FIG. 1 , the MS generate a B-MSID=GenerateBootstrapMSID B-ESN=GenerateBootstrapESN(SiwaID) 10. The BS/MSC/VLR, initiate a global challenge with an OMT [AUTH=1, RAND] 11. The MS generates a AUTHR=Sign−1 (B-MSID, SiwaID, RAND, SiwaKey) 12 and sends a REGISTRATION REQUEST [B-MSID, B-ESN, AUTHR] 13 which is forwarded via the network to the ISM using AUTHREQ [B-MSID, B-ESN, RAND, AUTHR] 13. The ISM extracts SiwaID from the B-ESN using SiwaID=ExtractSiwaID(B-ESN) 15, it then checks SiwaID in its database and verifies AUTHR=Sign−1 (B-MSID, SiwaID, RAND, SiwaKey) 15. ISM then, allocates new MSID (MIN or IMSI) 15 and embed it in RANDSSD=BuildNetCommand (MSID, SiwaKey) 15. ISM generates RANDU and computes AUTHU=Sign−3 (MSID, ESN, RAND, RANDU, SiwaKey) 15 and sends an authreq [B-MSID, B-ESN, RANDSSD, RANDU, AUTHU] 16 via the network, which is forwarded as UPDATE-SSD [B-MSID, B-ESN, RANDSSD] 17 to the wireless device. The MS extracts the new MSID from RANDSSD using MSID=ExtractNetCommand (RANDSSD, SiwaKey) 18. It will then embed the real ESN into RANDBS using RANDBS=BuildMSCommand (ESN, SiwaKey) and send it to the network using BS-CHALLENGE [B-MSID, B-ESN, RANDBS] 19 message which is forwarded as BSCHALL [B-MISD, B-ESN, RANDBS] 20 to the ISM. ISM extract the ESN using ESN=ExtractMSCommand (RANDBS, SiwaKey) 21, generate a signature AUTHBS=Sign−2 (MSID, ESN, RAND, SiwaKey) 21 is and a respond with bschall [B-MSID, B-ESN, AUTHBS] 22, which is forwarded by the network to the MS as BS-CHALLENGE-RES [B-MSID, B-ESN, AUTHBS] 23. The MS generate a similar signature AUTHBS=Sign−2 (MSID, ESN, RAND, SiwaKey) 24 and check both AUTHBS match. It then, sends an UPDATE-SSD-RES [B-MSID, B-ESN, success] 25 to the network, which then issues a unique challenge using UNIQUE-CHALLENGE-ORDER [B-MSID, B-ESN, RANDU] 26 to the MS. The MS derives new a session keys using [AKey, SSDA, SSDB]=GenerateSessionKey (MS ID, ESN, RAND, RANDU, SiwaID, SiwaKey) 27, a signature AUTHU using AUTHU=Sign−3 (MSID, ESN, RAND, RANDU, SiwaKey) 27 and sends UNIQUE-CHALLENGE-ORDER-RES [B-MSID, B-ESN, AUTHU] 28 to the network which then matched by the network and an authentication report ASREPORT [B-MSID, B-ESN, “SSD Update Successful”, “Unique Challenge Successful”] 29 is sent to the ISM. ISM then, derive session keys using [A Key, SSDA, SSDB]=GenerateSessionKey (MSID, ESN, RAND, RANDU, SiwaID, SiwaKey) 30 and respond with asreport [B-MSID, B-ESN, success] 10 to the network. The VLR then forward the registration request using REGNOT [B-MSID, B-ESN] 32 to ISM who download the service profile to VLR with a regnot [B-MSID, B-ESN, profile] 33 which is then forwarded as REGISTRATION ACCEPT [B-MSID, B-ESN] 34 to the MS. The MS saves the appropriate information Save MSID, Akey, SSDA and SSDB 35 and is then deregister itself from the network using POWER-OFF-REGISTRATION [B-MSID, B-ESN] 36. The ISM cancels the registration with REGCANC [B-MSID, B-ESN] 37 and receives acknowledgement from the network with regcanc [B-MSID, B-ESN] 38 so other MSs may use B-MSID. The BS/MSC/VLR, initiate a global challenge with an OMT [AUTH=1, RAND] 39 to the MS which computes the authorization, in this case using a CAVE algorithm Compute AUTHR using AUTHR=CAVE (MSID, ESN, SSDA, SSDB) 40 and sends a REGISTRATION REQUEST [MSID, ESN, RANDC, AUTHR] 41 to the network at this point registration continues as aregular registration 42. - In
FIG. 2 , the MS generate a B-MSID=GenerateBootstrapMSID B-ESN=GenerateBootstrapESN(SiwaID) 50. It, initiates a REGISTRATION REQUEST [B-MSID, B-ESN] 52 to BS/MSC/VLR. The BS/MSC/VLR send an AUTHREQ [B-MSID, B-ESN] 53 to ISM in order to authenticate the MS. The ISM extracts SiwaID from the B-ESN using SiwaID=ExtractSiwaID(B-ESN) 54, it then checks SiwaID in its database and generate an RANDU 54 to challenge the MS. ISM then, sends authreq [B-MSID, B-ESN, RANDU] 55 to BS/MSC/VLR. BS/MSC/VLR send UNIQUE CHALLENGE [B-MSID, B-ESN, RANDU] 56 to the MS. The MS generates an AUTHU=Sign−1 (B-MSID, SiwaID, RANDU, SiwaKey) 57 and sends a UNIQUE CHALLENGE RESPONSE [B-MSID, B-ESN, AUTHU] 58 which is forwarded via the network to the ISM using ASREPORT [B-MSID, B-ESN, RANDU, AUTHU] 59. ISM verifies AUTHU-Sign−1 (B-MSID, SiwaID, RANDU, SiwaKey) 60 matches the one received from the MS. It then, allocates new MSID (MIN or IMSI) 60 and embed it in RANDSSD=BuildNetCommand (MSID, SiwaKey) 60. ISM generates RANDU2 and computes AUTHU2=Sign−3 (MSID, ESN, RANDU, RANDU2, SiwaKey) 60. It sends an asreport [B-MSID, B-ESN, RANDSSD, RANDU2, AUTHU2] 61 via the network, which is forwarded as UPDATE-SSD [B-MSID, B-ESN, RANDSSD] 62 to the MS. The MS extracts the new MSID from RANDSSD using MSID=ExtractNetCommand (RANDSSD, SiwaKey) 63. It will then embed the real ESN into RANDBS using RANDBS=BuildMSCommand (ESN, SiwaKey) 63 and send it to the network using BS-CHALLENGE [B-MSID, B-ESN, RANDBS] 64, which is forwarded as BSCHALL [B-MISD, B-ESN, RANDBS] 65 to the ISM. ISM extract the ESN using ESN=ExtractMSCommand (RANDBS, SiwaKey) 66, generate a signature AUTHBS=Sign−2 (MSID, ESN, RAND, SiwaKey) 66 and respond with bschall [B-MSID, B-ESN, AUTHBS] 67, which is forwarded by the network to the MS as BS-CHALLENGE-RES [B-MSID, B-ESN, AUTHBS] 68. The MS generate a similar signature AUTHBS=Sign−2 (MSID, ESN, RANDU, SiwaKey) 69 and check both AUTHBS match. It then, sends an UPDATE-SSD-RES [B-MSID, B-ESN, success] 70 to the network. The BS/MSC/VLR issues a unique challenge using UNIQUE-CHALLENGE-ORDER [B-MSID, B-ESN, RANDU2] 71 to the MS. The MS derives new a session keys using [AKey, SSDA, SSDB]=GenerateSessionKey (MSID, ESN, RANDU, RANDU2, SiwaID, SiwaKey) 72, a signature AUTHU2 using AUTHU2=Sign−3 (MSID, ESN, RANDU, RANDU2, SiwaKey) 72 and issues a unique challenge response using UNIQUE-CHALLENGE-ORDER-RES [B-MSID, B-ESN, AUTHU2] 73 to the network which then matched by the network and an authentication report ASREPORT [B-MSID, B-ESN, “SSD Update Successful”, “Unique Challenge Successful”] 74 is sent to the ISM. ISM then, derive session keys using [A Key, SSDA, SSDB]=GenerateSessionKey (MSID, ESN, RANDU, RANDU2, SiwaID, SiwaKey) 75 and respond with asreport [B-MSID, B-ESN, success] 76 to the network. The VLR then forward the registration request REGNOT [B-MSID, B-ESN] 77 to ISM who download the service profile to VLR with a regnot [B-MSID, B-ESN, profile] 78, which is then forwarded as REGISTRATION ACCEPT [B-MSID, B-ESN] 79 to the MS. The MS saves the appropriate information Save MSID, Akey, SSDA and SSDB 80 and is then deregister itself from the network using POWER-OFF-REGISTRATION [B-MSID, B-ESN] 81. The ISM cancels the registration with REGCANC [B-MSID, B-ESN] 82 and receives acknowledgement from the network with regcanc [B-MSID, B-ESN] 83 so other MSs may use B-MSID. The MS then sends REGISTRATION REQUEST [MSID, ESN] 84 to the network at this point registration continues as a regular registration. - In
FIG. 3 , bootstrap information is generated at the MS using B-MSID=GenerateBootstrapMSID B-ESN=GenerateBootstrapESN (SiwaID) 90 and the network responds OMT [AUTH=1, RAND] 91. The MS computes AUTHR=Sign−1 (B-MSID, SiwaID, RAND, SiwaKey) 92 and sends a REGISTRATION REQUEST [B-MSID, B-ESN, RANDC, AUTHR] 93 which is forwarded by the network to the ISM with AUTHREQ [B-MSID, B-ESN, RAND, AUTHR] 94. The ISM extracts SiwaID using SiwaID=ExtractSiwaID(B-ESN) 95 and check SiwaID in its database. It computes and checks AUTHR=Sign−1 (B-MSID, SiwaID, RAND, SiwaKey) 95 and sends authreq [B-MSID, B-ESN, success] 96 to BS/MSC/VLR. BS/MSC/VLR then, respond with REGNOT [B-MSID, B-ESN] 97 to the ISM. ISM downloads the MS profile information with regnot [B-MSID, B-ESN, profile] 98 and REGISTRATION ACCEPT [B-MSID, B-ESN] 99 is forwarded to the MS. At this point, an optional dataconnection establishment phase 100, either network originated or MS originated, may be executed. For SMS such a connection establishment is not required. ISM sends a message to MS including its own address, an authentication challenge and optionally include a PUBLIC KEY for encryption and ServerCertificate for ISM authentication using [addr=ADDR, ch=CHALLENGEMS+[encrypt=PUBLICKEY|ServerCertificate]] 101. MS may optionally check the ServerCertificate, compute a response using RESPONSEMS=Sign−2 (SiwaID, CHALLENGEMS, SiwaKey) 102. Optionally, the MS may generate a network challenge to authenticate ISM. The MS may choose to encrypt the message sent to ISM with ISM PUBLICKEY. It then, sends the message using [encrypt(siwaid=SiwaID, res=RESPONSEMS, me=ESN, ch=CHALLENGENET, PUBLICKEY)] 103. The ISM verifies SiwaID, verifies ESN and checks RESPONSEMS using RESPONSEMS=Sign−2 (SiwaID, CHALLENGEMS, SiwaKey) 104. It generates a network signature RESPONSENET using RESPONSENET=Sign−3 (SiwaID, CHALLENGENET, SiwaKey) 104. It then allocates new, MSID (MIN or IMSI) andMDN 104. It generates aRAND 104 used to derive session keys and sends a message to MS using [encrypt(msid=MSID, number=MDN, rand=RAND, res=RESPONSENET, SiwaKey)] 105. The MS verifies RESPONSENET=Sign−2 (SiwaID, CHALLENGENET, SiwaKey) 106, saves MSID and MDN and derives session keys using [A Key, SSDA, SSDB]=GenerateSessionKey (MSID, ESN, MDN, RAND, SiwaID SiwaKey) 106. It computes a SIGNATURE=Sign−4 (MSID, ESN, RAND, SiwaKey) 106 and sends a message to ISM [encrypt(siwaid=SiwaID, sign=SIGNATURE, SiwaKey)] 107. The ISM checks SIGNATURE=Sign−4 (MSID, ESN, RAND, SiwaKey) 108 and derive session keys [Akey, SSDA, SSDB]=GenerateSessionKey (MSID, ESN, MDN, RAND, SiwaID, SiwaKey) 108. At this time, if a data connection has been previously established it may be torn down 109. The MS is then deregisters from the network using POWER-OFF-REGISTRATION [B-MIN, B-ESN] 110. The ISM cancels the registration with REGCANC [B-MSID, B-ESN] 111 and receives acknowledgement from the network with regcanc [B-MSID, B-ESN] 112 so other MSs may use B-MSID. The BS/MSC/VLR, initiate a global challenge with an OMT [AUTH=1, RAND] 113 to the MS which computes the authorization, in this case using a CAVE algorithm to compute AUTHR using AUTHR=CAVE (MSID, ESN, SSDA, SSDB) 114 and sends a REGISTRATION REQUEST [MSID, ESN, RANDC, AUTHR] 115 to the network at this point registration continues as aregular registration 116. - In
FIG. 4 , a Bootstrap Process is commenced by MS generating B-IMSI=GenerateBootstrapMSID(SiwaID) 120 and sending LocationUpdateReq [B-IMSI] 121 which is forwarded by the network to the ISM as SendAuthInfoReq [B-IMSI] 122. ISM generate RAND, compute a bootstrap signature using SRES=Sign−1 (B-IMSI, RAND, BootstrapKey) 123, generate a bootstrap ciphering key using Kc=GenerateCipheringKey(B-IMSI, RAND, BootstrapKey) 123 and sends this information using SendAuthInfRes [B-IMSI, RAND, Kc, SRES] 124 to VLR. The VLR sends AuthenticateReq [B-IMSI, RAND] 125 to the MS. The MS generates an authentication signature using SRES=Sign−1 (B-IMSI, RAND, BootstrapKey) 126, generate bootstrap ciphering key using Kc=GenerateCipheringKey(B-IMSI, RAND, BootstrapKey) 126 and sends authentication result using AuthenticateRes [B-IMSI, SRES] 127 which is then matched by the VLR to SRES provided byISM 128. An UpdateLocationReq [B-IMSI] 129 is sent to the ISM by VLR. ISM allocates a temporary phone number T-MSISDN 130 and responds by downloading the subscriber's bootstrap profile to VLR using InsertSubscriberDataReq [B-IMSI, T-MSISDN] 131. VLR responds with InsertSubscriberDataRes [B-IMSI, T-MSISDN] 132. ISM sends UpdateLocationRes [B-IMSI] 133 to confirm the registration, which is forwarded to MS by the network using LocationUpdateRes [TMSI, SUCCESS] 134. At this point, an optional dataconnection establishment phase 135, either network originated or MS originated, may be executed. For SMS such a connection establishment is not required. ISM sends a message to MS including its own address, an authentication challenge and optionally include a PUBLIC KEY for encryption and ServerCertificate for ISM authentication using [addr=ADDR, ch=CHALLENGEMS+[encrypt=PUBLICKEY|ServerCertificate]] 136. MS may optionally check the ServerCertificate, compute a response using RESPONSEMS=Sign−2 (SiwaID, CHALLENGEMS, SiwaKey) 137. Optionally, the MS may generate a network challenge to authenticate ISM. The MS may choose to encrypt the message sent to ISM with ISM PUBLICKEY. It then, sends the message using [encrypt(siwaid=SiwaID, res=RESPONSEMS, me=IMEI, ch=CHALLENGENET, PUBLICKEY)] 138. The ISM verifies SiwaID, verifies IMEI and checks MS signature using RESPONSEMS=Sign−2 (SiwaID, CHALLENGEMS, SiwaKey) 139. It generate a network signature using RESPONSENET=Sign−3 (SiwaID, CHALLENGENET, SiwaKey) 139. It then allocates new MSID (i.e. IMSI) andMSISDN 139. In cases where B-IMSI is an already pre-assigned unique identifier ISM may return B-IMSI back to MS as the allocated IMSI. It generates aRAND 139 used to derive session keys and sends a message to MS using [encrypt(msid=MSID, number=MSISDN, rand=RAND, res=RESPONSENET, SiwaKey)] 140. The MS verifies RESPONSENET=Sign−2 (SiwaID, CHALLENGENET, SiwaKey) 141, saves IMSI and MSISDN. MS may optionally generate session key using Ki=GenerateSessionKey(IMSI, IMEI, MSISDN, RAND, SiwaID SiwaKey) 141. This key derivation could be avoided in cases where such a key is pre-assigned. It computes a SIGNATURE=Sign−4 (IMSI, IMEI, RAND, SiwaKey) 141 and sends a message to ISM [encrypt(siwaid=SiwaID, sign=SIGNATURE, SiwaKey)] 142. The ISM checks SIGNATURE=Sign−4 (IMSI, IMEI, RAND, SiwaKey) 143 and optionally generate session key using Ki=GenerateSessionKey(IMSI, IMEI, MSISDN, RAND, SiwaID SiwaKey) 143. At this point, if a data connection has been previously established it may be torn down 144. The MS is then deregisters from the network using IMSI DETACH [B-IMSI] 145, which is acknowledged by VLR using IMSI Detach Res [B-IMSI] 146. The ISM cancels the VLR bootstrap registration with CancelLocationReq [B-IMSI] 147 and receives acknowledgement from the network with CancelLocationRes[B-IMSI] 148 so other MSs may use B-IMSI. The MS initiate a registration with its new IMSI using LocationUpdatereq [IMSI] 149 to the network at this point registration continues as aregular registration 150. - In
FIG. 5 , a Bootstrap Process is commenced by MS generating B-IMSI=GenerateBootstrapMSID(NULL) 160 and sending LocationUpdateReq [B-IMSI] 161 which is forwarded by the network to the ISM as SendAuthInfoReq [B-IMSI] 162. ISM generate RAND, compute a bootstrap signature using SRES=Sign-1 (B-IMSI, RAND, BootstrapKey) 163, generate a bootstrap ciphering key using Kc=GenerateCipheringKey(B-IMSI, RAND, BootstrapKey) 163 and sends this information using SendAuthinfRes [B-IMSI, RAND, Kc, SRES] 164 to VLR. The VLR sends AuthenticateReq [B-IMSI, RAND] 165 to the MS. The MS generates an authentication signature using SRES=Sign-1 (B-IMSI, RAND, BootstrapKey) 166, generate bootstrap ciphering key using Kc=GenerateCipheringKey(B-IMSI, RAND, BootstrapKey) 166 and sends authentication result using AuthenticateRes [B-IMSI, SRES] 167 which is then matched by the VLR to SRES provided byISM 168. An UpdateLocationReq [B-IMSI] 169 is sent to the ISM by VLR. ISM allocates a temporary phone number T-MSISDN 170 and responds by downloading the subscriber's bootstrap profile to VLR using InsertSubscriberDataReq [B-IMSI, T-MSISDN] 171. VLR responds with InsertSubscriberDataRes [B-IMSI, T-MSISDN] 172. ISM sends UpdateLocationRes [B-IMSI] 173 to confirm the registration, which is forwarded to MS by the network using LocationUpdateRes [TMSI, SUCCESS] 174. At this point, an optional dataconnection establishment phase 175, either network originated or MS originated, may be executed. For SMS such a connection establishment is not required. ISM sends a message to MS including its own address, an authentication challenge and optionally include a PUBLIC KEY for encryption and ServerCertificate for ISM authentication using [addr=ADDR, ch=CHALLENGEMS+[encrypt=PUBLICKEY|ServerCertificate]] 176. MS may optionally check the ServerCertificate, select a purchase session encryptionkey PURCHASE 177, this could be pre-assigned or using known PKI technique. The MS may choose to encrypt the message sent to ISM with ISM PUBLICKEY. It then, sends the message using [encrypt(siwaid=NULL, res=NULL, me=IMEI, encrypt=PURCHASEKEY, PUBLICKEY)] 178. AtSession Purchase Phase 180, ISM and MS start message exchange to promote a session purchase and to collect user's selection and billing information and commit an online purchase transaction. Such a transaction can include credit authorization that may be required for postpaid subscribers. Once purchase transaction has been authorized ISM allocates new SiwaID and generates an associatedSiwaKey 181. It then allocates new MSID (i.e. IMSI) andMSISDN 181. In cases where B-IMSI is an already pre-assigned unique identifier ISM may return B-IMSI back to MS as the allocated IMSI. ISM generates aRAND 181 used to derive session keys and sends a message to MS using [encrypt(siwaID=SiwaID, siwakey=SiwaKey, msid=IMSI, number=MSISDN, rand=RAND, PURCHASEKEY)] 182. The MS saves newly assigned SiwaID, SiwaKey, IMSI and MSISDN. MS may optionally generate session key using Ki=GenerateSessionKey(IMSI, IMEI, MSISDN, RAND, SiwaID SiwaKey) 183. This key derivation could be avoided in cases where such a key is pre-assigned. It computes a SIGNATURE=Sign−2 (IMSI, IMEI, RAND, SiwaKey) 183 and sends a message to ISM [encrypt(siwaid=SiwaID, sign=SIGNATURE, SiwaKey)] 184. The ISM checks SIGNATURE=Sign−2 (IMSI, IMEI, RAND, SiwaKey) 185 and optionally generate session key using Ki=GenerateSessionKey(IMSI, IMEI, MSISDN, RAND, SiwaID SiwaKey) 185. At this point, if a data connection has been previously established it may be torn down 186. The MS is then deregisters from the network using IMSI DETACH [B-IMSI] 187, which is acknowledged by VLR using IMSI Detach Res [B-IMSI] 188. The ISM cancels the VLR bootstrap registration with CancelLocationReq [B-IMSI] 189 and receives acknowledgement from the network with CancelLocationRes [B-IMSI] 190 so other MSs may use B-IMSI. The MS initiate a registration with its new IMSI using LocationUpdateReq [IMSI] 191 to the network at this point registration continues as aregular registration 192. - In
FIG. 6 , bootstrap information is generated at the MS using B-MSID=GenerateBootstrapMSID B-ESN=GenerateBootstrapESN (NULL) 200 and the network responds OMT [AUTH=1, RAND] 201. The MS computes AUTHR=Sign−1 (B-MSID, NULL, RAND, NULL) 202 and sends a REGISTRATION REQUEST [B-MSID, B-ESN, RANDC, AUTHR] 203 which is forwarded by the network to the ISM with AUTHREQ [B-MSID, B-ESN, RAND, AUTHR] 204. ISM optionally compute and check AUTHR=Sign−1 (B-MSID, NULL, RAND, NULL) 205 and sends authreq [B-MSID, B-ESN, success] 206 to BS/MSC/VLR. BS/MSC/VLR then, respond with REGNOT [B-MSID, B-ESN] 207 to the ISM. ISM downloads the MS profile information with regnot [B-MSID, B-ESN, profile] 208 and REGISTRATION ACCEPT [B-MSID, B-ESN] 209 is forwarded to the MS. At this point, an optional dataconnection establishment phase 210, either network originated or MS originated, may be executed. For SMS such a connection establishment is not required. ISM sends a message to MS including its own address, an authentication challenge and optionally include a PUBLIC KEY for encryption and ServerCertificate for ISM authentication using [add r=ADDR, ch=CHALLENG EMS+[encrypt=PUBLICKEY|ServerCertificate]] 211. MS may optionally check the ServerCertificate, select a purchase session encryptionkey PURCHASE 212, this could be pre-assigned or using known PKI technique. The MS may choose to encrypt the message sent to ISM with ISM PUBLICKEY. It then, sends the message using [encrypt(siwaid=NULL, res=NULL, me-ESN, encrypt=PURCHASEKEY, PUBLICKEY)] 213. AtSession Purchase Phase 215, ISM and MS start message exchange to promote a session purchase and to collect user's selection and billing information and commit an online purchase transaction. Such a transaction can include credit authorization that may be required for postpaid subscribers. Once purchase transaction has been authorized ISM allocates new SiwaID and generates an associatedSiwaKey 216. It then allocates new MSID (i.e. MIN or IMSI) andMDN 216. ISM generates aRAND 216 used to derive session keys and sends a message to MS using [encrypt(siwaID=SiwaID, siwakey=SiwaKey, msid=MSID, number=MDN, rand=RAND, PURCHASEKEY)] 217. The MS saves newly assigned SiwaID, SiwaKey, MSID and MDN. MS may derives session keys using [Akey, SSDA, SSDB]=GenerateSessionKey (MSID, ESN, MDN, RAND, SiwaID, SiwaKey) 218. It computes a SIGNATURE=Sign−2 (MSID, ESN, RAND, SiwaKey) 218 and sends a message to ISM [encrypt(siwaid=SiwaID, sign=SIGNATURE, SiwaKey)] 219. The ISM checks SIGNATURE=Sign−2 (MSID, ESN, RAND, SiwaKey) 220 and derive session keys using [Akey, SSDA, SSDB]=GenerateSessionKey (MSID, ESN, MDN, RAND, SiwaID, SiwaKey). At this point, if a data connection has been previously established it may be torn down 221. The MS is then deregisters from the network using POWER-OFF-REGISTRATION [B-MIN, B-ESN] 222. The ISM cancels the registration with REGCANC [B-MSID, B-ESN] 223 and receives acknowledgement from the network with regcanc [B-MSID, B-ESN] 224 so other MSs may use B-MSID. The BS/MSC/VLR, initiate a global challenge with an OMT [AUTH=1, RAND] 225 to the MS which computes the authorization, in this case using a CAVE algorithm to compute AUTHR using AUTHR=CAVE (MSID, ESN, SSDA, SSDB) 226 and sends a REGISTRATION REQUEST [MSID, ESN, RANDC, AUTHR] 227 to the network at this point registration continues as aregular registration 228. - Although the invention is described herein with reference to the preferred embodiment, one skilled in the art will readily appreciate that other applications may be substituted for those set forth herein without departing from the spirit and scope of the present invention. Accordingly, the invention should only be limited by the Claims included below.
Claims (18)
1. A method for generating temporary network credentials for a wireless device, the wireless device operable to send and receive data over a wireless network, the wireless network operable to transmit messages between the wireless device and a management server, the method comprising the steps of:
reading a device identity of the wireless device;
creating a temporary network credentials on the wireless device;
establishing a data session between the wireless device and the management server; and
storing permanent network credentials on the wireless device.
2. The method of claim 1 , where the step of creating temporary network credentials on the wireless device comprises:
calculating the temporary network credentials as a function of the device identity.
3. The method of claim 1 , further comprising the step of:
programming the network to allow connections by devices with valid temporary credentials.
4. The method of claim 3 , further comprising the step of:
redirecting a connection from a wireless device with temporary credentials to a management server.
5. The method of claim 1 , further comprising the step of:
Sending permanent credentials from the management server to the wireless device which indicates a subscription level of the wireless device.
6. The method of claim 1 , further comprising the step of:
Accepting user input on the wireless device.
7. The method of claim 6 , where the step of reading the device identity occurs after user input is accepted on the wireless device.
8. The method of claim 6 , where the user input is a button on the wireless device.
9. The method of claim 1 , further comprising the step of:
determining whether a stored credentials on the wireless device is well formed.
10. The method of claim 9 , further comprising the step of:
determining whether the device has previously been activated from the stored credentials.
11. The method of claim 1 , further comprising the step of:
Storing a function capable of generating a range of valid temporary credentials on the network.
12. The method of claim 11 , where the function capable of generating a range of valid temporary credentials is obtained from wireless devices that may be activated on the network.
13. A system for subscribing a wireless device on a network comprising
a processor operable to execute computer program instructions,
an adapter operable for communicating with a network,
an interface capable of accepting user input,
software operational on the wireless device for performing the steps of:
reading a device identity of the wireless device;
creating a temporary network credentials on the wireless device;
establishing a data session between the wireless device and the management server; and
storing permanent network credentials on the wireless device.
14. The system of claim 13 , where the step of creating temporary network credentials on the wireless device comprises:
calculating the temporary network credentials as a function of the device identity.
15. The system of claim 13 , further comprising the step of:
programming the network to allow connections by devices with valid temporary credentials.
16. The method of claim 13 , further comprising the step of:
sending permanent credentials from the management server to the wireless device which indicate a subscription level of the wireless device.
17. The method of claim 13 , further comprising the step of:
accepting user input on the wireless device.
18. The method of claim 13 , further comprising the step of:
Determining whether a stored credentials on the wireless device is well formed.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/178,551 US20090025070A1 (en) | 2002-03-04 | 2008-07-23 | System and method to enable subscriber self-activation of wireless data terminals |
US12/506,663 US20100009659A1 (en) | 2002-03-04 | 2009-07-21 | System and Method to Enable Subscriber Self-Activation of Wireless Data Terminals |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US36181602P | 2002-03-04 | 2002-03-04 | |
US10/136,712 US7197301B2 (en) | 2002-03-04 | 2002-04-30 | Method and apparatus for secure immediate wireless access in a telecommunications network |
US11/100,791 US7565142B2 (en) | 2002-03-04 | 2005-04-06 | Method and apparatus for secure immediate wireless access in a telecommunications network |
US12/178,551 US20090025070A1 (en) | 2002-03-04 | 2008-07-23 | System and method to enable subscriber self-activation of wireless data terminals |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/100,791 Division US7565142B2 (en) | 2002-03-04 | 2005-04-06 | Method and apparatus for secure immediate wireless access in a telecommunications network |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/506,663 Division US20100009659A1 (en) | 2002-03-04 | 2009-07-21 | System and Method to Enable Subscriber Self-Activation of Wireless Data Terminals |
Publications (1)
Publication Number | Publication Date |
---|---|
US20090025070A1 true US20090025070A1 (en) | 2009-01-22 |
Family
ID=27807336
Family Applications (6)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/136,712 Expired - Fee Related US7197301B2 (en) | 2002-03-04 | 2002-04-30 | Method and apparatus for secure immediate wireless access in a telecommunications network |
US11/100,791 Expired - Fee Related US7565142B2 (en) | 2002-03-04 | 2005-04-06 | Method and apparatus for secure immediate wireless access in a telecommunications network |
US11/849,839 Expired - Fee Related US7904072B2 (en) | 2002-03-04 | 2007-09-04 | Method and apparatus for secure immediate wireless access in a telecommunications network |
US12/178,551 Abandoned US20090025070A1 (en) | 2002-03-04 | 2008-07-23 | System and method to enable subscriber self-activation of wireless data terminals |
US12/429,621 Abandoned US20100173609A1 (en) | 2002-03-04 | 2009-04-24 | Method and Apparatus for Secure Immediate Wireless Access in a Telecommunications Network |
US12/506,663 Abandoned US20100009659A1 (en) | 2002-03-04 | 2009-07-21 | System and Method to Enable Subscriber Self-Activation of Wireless Data Terminals |
Family Applications Before (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/136,712 Expired - Fee Related US7197301B2 (en) | 2002-03-04 | 2002-04-30 | Method and apparatus for secure immediate wireless access in a telecommunications network |
US11/100,791 Expired - Fee Related US7565142B2 (en) | 2002-03-04 | 2005-04-06 | Method and apparatus for secure immediate wireless access in a telecommunications network |
US11/849,839 Expired - Fee Related US7904072B2 (en) | 2002-03-04 | 2007-09-04 | Method and apparatus for secure immediate wireless access in a telecommunications network |
Family Applications After (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/429,621 Abandoned US20100173609A1 (en) | 2002-03-04 | 2009-04-24 | Method and Apparatus for Secure Immediate Wireless Access in a Telecommunications Network |
US12/506,663 Abandoned US20100009659A1 (en) | 2002-03-04 | 2009-07-21 | System and Method to Enable Subscriber Self-Activation of Wireless Data Terminals |
Country Status (1)
Country | Link |
---|---|
US (6) | US7197301B2 (en) |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080064367A1 (en) * | 2006-09-13 | 2008-03-13 | Mformation Technologies Inc. | System and method to enable subscriber self-activation of wireless data terminals |
US20090149175A1 (en) * | 2007-12-06 | 2009-06-11 | Evolving Systems, Inc. | Wireless device activation |
US20090282256A1 (en) * | 2008-05-12 | 2009-11-12 | Sony Ericsson Mobile Communications Ab | Secure push messages |
US20100273462A1 (en) * | 2009-04-24 | 2010-10-28 | Evolving Systems, Inc. | Occasional access to a wireless network |
US20130094651A1 (en) * | 2007-06-15 | 2013-04-18 | Pouya Taaghol | Field programming of a mobile station with subscriber identification and related information |
US8463258B2 (en) | 2007-12-06 | 2013-06-11 | Evolving Systems, Inc. | Extended wireless device activation |
US8509767B2 (en) | 2007-12-06 | 2013-08-13 | Evolving Systems, Inc. | Controlled access to a wireless network |
US8929863B2 (en) | 2012-10-01 | 2015-01-06 | Evolving Systems, Inc. | Methods and systems for temporarily permitting a wireless device to access a wireless network |
US20150033312A1 (en) * | 2013-07-25 | 2015-01-29 | Convida Wireless, Llc | End-To-End M2M Service Layer Sessions |
US9491563B1 (en) | 2015-10-16 | 2016-11-08 | Evolving Systems, Inc. | Pre-provisioning mobile application acquisition and utilization |
US9559864B1 (en) | 2009-11-16 | 2017-01-31 | Sprint Spectrum L.P. | Method and system for managing wireless devices using short-range wireless communication |
US11251955B2 (en) * | 2017-09-07 | 2022-02-15 | Arris Enterprises Llc | System and method for simplified wifi set up of client devices |
Families Citing this family (77)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6591098B1 (en) * | 2000-11-07 | 2003-07-08 | At&T Wireless Services, Inc. | System and method for using a temporary electronic serial number for over-the-air activation of a mobile device |
US7197301B2 (en) * | 2002-03-04 | 2007-03-27 | Telespree Communications | Method and apparatus for secure immediate wireless access in a telecommunications network |
US8046581B2 (en) | 2002-03-04 | 2011-10-25 | Telespree Communications | Method and apparatus for secure immediate wireless access in a telecommunications network |
US7574599B1 (en) * | 2002-10-11 | 2009-08-11 | Verizon Laboratories Inc. | Robust authentication and key agreement protocol for next-generation wireless networks |
CN1748402A (en) * | 2003-02-04 | 2006-03-15 | 信任资讯有限公司 | Mobile telephony application platform |
US20100017627A1 (en) | 2003-02-07 | 2010-01-21 | Broadon Communications Corp. | Ensuring authenticity in a closed content distribution system |
US8131649B2 (en) | 2003-02-07 | 2012-03-06 | Igware, Inc. | Static-or-dynamic and limited-or-unlimited content rights |
US7779482B1 (en) * | 2003-02-07 | 2010-08-17 | iGware Inc | Delivery of license information using a short messaging system protocol in a closed content distribution system |
ITRM20030100A1 (en) * | 2003-03-06 | 2004-09-07 | Telecom Italia Mobile Spa | TECHNIQUE OF MULTIPLE ACCESS TO THE NETWORK BY USER TERMINAL INTERCONNECTED TO A LAN AND RELATED REFERENCE ARCHITECTURE. |
US7493105B2 (en) * | 2003-03-18 | 2009-02-17 | Simplexity, Llc | Certification and activation of used phones on a wireless carrier network |
CN1315268C (en) * | 2003-11-07 | 2007-05-09 | 华为技术有限公司 | Method for authenticating users |
GB0326265D0 (en) * | 2003-11-11 | 2003-12-17 | Nokia Corp | Shared secret usage for bootstrapping |
US20050138355A1 (en) * | 2003-12-19 | 2005-06-23 | Lidong Chen | System, method and devices for authentication in a wireless local area network (WLAN) |
KR100664110B1 (en) * | 2004-02-04 | 2007-01-04 | 엘지전자 주식회사 | Usage restriction setting method for mobile communication device |
US20050235363A1 (en) * | 2004-04-06 | 2005-10-20 | Fortress Technologies, Inc. | Network, device, and/or user authentication in a secure communication network |
GB0409704D0 (en) * | 2004-04-30 | 2004-06-02 | Nokia Corp | A method for verifying a first identity and a second identity of an entity |
CN1299537C (en) * | 2004-06-28 | 2007-02-07 | 华为技术有限公司 | Method for realizing management of connecting visit network using general weight discrimination frame |
US8223935B2 (en) * | 2005-04-30 | 2012-07-17 | Oracle International Corporation | Revenue management systems and methods |
US8087069B2 (en) * | 2005-06-13 | 2011-12-27 | Nokia Corporation | Method, apparatus and computer program product providing bootstrapping mechanism selection in generic bootstrapping architecture (GBA) |
US8353011B2 (en) * | 2005-06-13 | 2013-01-08 | Nokia Corporation | Apparatus, method and computer program product providing mobile node identities in conjunction with authentication preferences in generic bootstrapping architecture (GBA) |
US7724717B2 (en) * | 2005-07-22 | 2010-05-25 | Sri International | Method and apparatus for wireless network security |
US8249028B2 (en) | 2005-07-22 | 2012-08-21 | Sri International | Method and apparatus for identifying wireless transmitters |
EP1783997A1 (en) * | 2005-11-07 | 2007-05-09 | Axalto S.A. | Remote activation of a user account in a telecommunication network |
WO2007063196A1 (en) * | 2005-12-02 | 2007-06-07 | Sebban Mickael | Method for accessing to internet from a mobile station via a wireless network from |
US20070135088A1 (en) * | 2005-12-08 | 2007-06-14 | Salvatore Alessandro | On demand/emergency telematics & communication system |
US7885858B2 (en) * | 2006-01-24 | 2011-02-08 | Dell Products L.P. | System and method for managing information handling system wireless network provisioning |
US7831237B2 (en) * | 2006-02-03 | 2010-11-09 | Broadcom Corporation | Authenticating mobile network provider equipment |
JP2009535735A (en) | 2006-05-02 | 2009-10-01 | ブロードオン コミュニケーションズ コーポレーション | Content management system and method |
US8347090B2 (en) * | 2006-10-16 | 2013-01-01 | Nokia Corporation | Encryption of identifiers in a communication system |
US7624276B2 (en) | 2006-10-16 | 2009-11-24 | Broadon Communications Corp. | Secure device authentication system and method |
US7613915B2 (en) | 2006-11-09 | 2009-11-03 | BroadOn Communications Corp | Method for programming on-chip non-volatile memory in a secure processor, and a device so programmed |
PL2122983T3 (en) * | 2007-02-06 | 2014-04-30 | Nokia Technologies Oy | Support of UICC-less calls |
US8000725B2 (en) * | 2007-03-30 | 2011-08-16 | Andrew, Llc | Method and apparatus for transparent invocation and transport of encrypted position location data |
US9462060B2 (en) * | 2007-04-23 | 2016-10-04 | Alcatel Lucent | System and method for sending notification message to a mobile station using session initiation protocol (SIP) |
EP2145421A1 (en) | 2007-05-15 | 2010-01-20 | Nokia Corporation | Methods, apparatuses, system and computer programs for key update |
US9633381B2 (en) * | 2008-01-09 | 2017-04-25 | T-Mobile Usa, Inc. | Mobile application monitoring system |
EP2241100B1 (en) * | 2008-01-09 | 2018-08-22 | T-Mobile USA, Inc. | Mobile application monitoring system |
KR100989082B1 (en) * | 2008-08-07 | 2010-10-25 | 한국전자통신연구원 | Method for exchanging information about security situation between mobile device and apparatus using the same |
US8457599B2 (en) * | 2008-11-14 | 2013-06-04 | Qualcomm Incorporated | Apparatus and method for establishing a data connection between a remote station and a wireless network |
US20100151866A1 (en) * | 2008-12-16 | 2010-06-17 | Verizon Corporate Services Group Inc. | Method and system for routing inter-carrier messaging application traffic via a carrier-assigned identifier |
US8505081B2 (en) * | 2010-01-29 | 2013-08-06 | Qualcomm Incorporated | Method and apparatus for identity reuse for communications devices |
US8429731B2 (en) * | 2010-03-29 | 2013-04-23 | Denso International America, Inc. | Authentication bypass method |
CN101835307B (en) * | 2010-04-28 | 2013-03-20 | 杭州意博高科电器有限公司 | Intelligent power supply control system of traffic LED light supplementing lamp |
US9325677B2 (en) | 2010-05-17 | 2016-04-26 | Blackberry Limited | Method of registering devices |
JP2012059326A (en) | 2010-09-10 | 2012-03-22 | Toshiba Corp | Semiconductor storage device |
US8422428B1 (en) | 2010-09-20 | 2013-04-16 | Sprint Communications Company L.P. | Device management for a wireless communication device having and invalid user identifier |
EP2530960A1 (en) * | 2011-06-01 | 2012-12-05 | Jose-Luis Martin Peinado | Remote provisioning of sim's/usim's cards at run-time by a mobile operator |
GB2491889A (en) | 2011-06-17 | 2012-12-19 | Sony Corp | Trial period cellular network connection with identity modules of multiple devices loaded with multiple identities from a shared pool |
KR101800659B1 (en) * | 2011-07-08 | 2017-11-23 | 삼성전자 주식회사 | Method and apparatus for setting terminal in mobile telecommunication system |
US20130185552A1 (en) * | 2012-01-13 | 2013-07-18 | Research In Motion Limited | Device Verification for Dynamic Re-Certificating |
US8627097B2 (en) | 2012-03-27 | 2014-01-07 | Igt | System and method enabling parallel processing of hash functions using authentication checkpoint hashes |
EP2725758A1 (en) * | 2012-10-29 | 2014-04-30 | Gemalto SA | Method for mutual authentication between a terminal and a remote server via a third-party portal |
KR20160009597A (en) | 2013-05-06 | 2016-01-26 | 콘비다 와이어리스, 엘엘씨 | Device triggering |
CN104168249A (en) * | 2013-05-16 | 2014-11-26 | 中国电信股份有限公司 | Method, apparatus and system for realizing data signature |
US9413749B2 (en) | 2013-08-20 | 2016-08-09 | Vascode Technologies Ltd. | System and method of authentication of a first party respective of a second party aided by a third party |
WO2015094114A1 (en) * | 2013-12-17 | 2015-06-25 | Agency For Science, Technololgy And Research | Entity authentication in network |
US10057240B2 (en) * | 2014-08-25 | 2018-08-21 | Sap Se | Single sign-on to web applications from mobile devices |
US9807607B2 (en) * | 2014-10-03 | 2017-10-31 | T-Mobile Usa, Inc. | Secure remote user device unlock |
US10769315B2 (en) | 2014-12-01 | 2020-09-08 | T-Mobile Usa, Inc. | Anti-theft recovery tool |
US9560214B1 (en) * | 2015-10-21 | 2017-01-31 | Verizon Patent And Licensing Inc. | Portable data for mobile devices |
US9967723B2 (en) * | 2016-06-16 | 2018-05-08 | T-Mobile Usa, Inc. | Roaming LTE emergency call with call back number retrieval |
US9838991B1 (en) | 2016-08-15 | 2017-12-05 | At&T Intellectual Property I, L.P. | Method and apparatus for managing mobile subscriber identification information according to registration requests |
US9967732B2 (en) | 2016-08-15 | 2018-05-08 | At&T Intellectual Property I, L.P. | Method and apparatus for managing mobile subscriber identification information according to registration errors |
US10015764B2 (en) | 2016-09-14 | 2018-07-03 | At&T Intellectual Property I, L.P. | Method and apparatus for assigning mobile subscriber identification information to multiple devices |
US9843922B1 (en) | 2016-09-14 | 2017-12-12 | At&T Intellectual Property I, L.P. | Method and apparatus for utilizing mobile subscriber identification information with multiple devices based on registration errors |
US9814010B1 (en) | 2016-09-14 | 2017-11-07 | At&T Intellectual Property I, L.P. | Method and apparatus for utilizing mobile subscriber identification information with multiple devices based on registration requests |
US9794905B1 (en) | 2016-09-14 | 2017-10-17 | At&T Mobility Ii Llc | Method and apparatus for assigning mobile subscriber identification information to multiple devices according to location |
US9924347B1 (en) | 2016-09-14 | 2018-03-20 | At&T Intellectual Property I, L.P. | Method and apparatus for reassigning mobile subscriber identification information |
US9906943B1 (en) | 2016-09-29 | 2018-02-27 | At&T Intellectual Property I, L.P. | Method and apparatus for provisioning mobile subscriber identification information to multiple devices and provisioning network elements |
US9918220B1 (en) | 2016-10-17 | 2018-03-13 | At&T Intellectual Property I, L.P. | Method and apparatus for managing and reusing mobile subscriber identification information to multiple devices |
US10070303B2 (en) | 2016-11-11 | 2018-09-04 | At&T Intellectual Property I, L.P. | Method and apparatus for provisioning of multiple devices with mobile subscriber identification information |
US10341842B2 (en) | 2016-12-01 | 2019-07-02 | At&T Intellectual Property I, L.P. | Method and apparatus for using temporary mobile subscriber identification information in a device to provide services for a limited time period |
US10070407B2 (en) * | 2016-12-01 | 2018-09-04 | At&T Intellectual Property I, L.P. | Method and apparatus for using active and inactive mobile subscriber identification information in a device to provide services for a limited time period |
US10136305B2 (en) | 2016-12-01 | 2018-11-20 | At&T Intellectual Property I, L.P. | Method and apparatus for using mobile subscriber identification information for multiple device profiles for a device |
US10231204B2 (en) | 2016-12-05 | 2019-03-12 | At&T Intellectual Property I, L.P. | Methods, systems, and devices for registering a communication device utilizing a virtual network |
CN106790548B (en) * | 2016-12-23 | 2018-08-10 | 百度在线网络技术(北京)有限公司 | The method and apparatus for determining the relationship between point of interest |
US10757676B1 (en) * | 2019-03-08 | 2020-08-25 | Tile, Inc. | Commissioning electronic devices for use in a tracking system |
Citations (96)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4756020A (en) * | 1985-08-30 | 1988-07-05 | American Telephone And Telegraph Company, At&T Bell Laboratories | Method and apparatus for disallowing the extension of a call through a network |
US4831647A (en) * | 1987-06-02 | 1989-05-16 | Motorola, Inc. | Radiotelephone credit card data communications |
US4845772A (en) * | 1988-06-13 | 1989-07-04 | Motorola, Inc. | Portable radiotelephone with control switch disabling |
US4845740A (en) * | 1985-08-12 | 1989-07-04 | Oki Electric Industry Co., Ltd. | Radiotelephone system adapted to read a credit card |
US4852149A (en) * | 1988-06-29 | 1989-07-25 | Dialogic Corporation | Automated call filter |
US4860341A (en) * | 1987-06-02 | 1989-08-22 | Motorola, Inc. | Radiotelephone credit card call approval synchronization |
US4897873A (en) * | 1988-11-04 | 1990-01-30 | Motorola, Inc. | Multipurpose hinge apparatus for foldable telephones |
US4945557A (en) * | 1987-06-08 | 1990-07-31 | Ricoh Company, Ltd. | Voice activated dialing apparatus |
US4951308A (en) * | 1988-12-29 | 1990-08-21 | Cellular Communications Corporation | Automated vending of cellular hand-held telephones and cellular telephone services |
US5042063A (en) * | 1987-09-11 | 1991-08-20 | Kabushiki Kaisha Toshiba | Telephone apparatus with voice activated dialing function |
US5046088A (en) * | 1989-10-31 | 1991-09-03 | Dialogic Corporation | Converter for in-band routing and/or origination information |
US5127040A (en) * | 1987-06-02 | 1992-06-30 | Motorola, Inc. | Radiotelephone telephone number down loading |
US5138650A (en) * | 1990-09-27 | 1992-08-11 | Motorola, Inc. | Cordless telephone with internal debit and credit memory |
US5144649A (en) * | 1990-10-24 | 1992-09-01 | Gte Mobile Communications Service Corporation | Cellular radiotelephone credit card paystation method |
US5185790A (en) * | 1991-03-28 | 1993-02-09 | Motorola, Inc. | Multiposition detenting hinge apparatus |
US5202912A (en) * | 1991-09-09 | 1993-04-13 | Motorola, Inc. | Method and apparatus for providing telepoint to telepoint calling between pager equipped handsets |
US5233642A (en) * | 1991-05-24 | 1993-08-03 | Omnitronix, Inc. | Cellular telephone usage monitoring system |
US5247700A (en) * | 1990-11-16 | 1993-09-21 | Universal Cellular, Inc. | Cellular telephone with pager |
US5291543A (en) * | 1990-12-05 | 1994-03-01 | Subscriber Computing, Inc. | Cellular telephone real time account administration system |
US5297189A (en) * | 1990-05-30 | 1994-03-22 | Alcatel N.V. | Wireless telephone service subscription data user access method |
US5301223A (en) * | 1990-05-22 | 1994-04-05 | Cellular Technical Services Company, Inc. | Cellular telephone system with remote programming, voice responsive registration and real time billing |
US5301234A (en) * | 1990-10-10 | 1994-04-05 | France Telecom | Radiotelephone installation for prepayment operation with security protection |
US5309501A (en) * | 1991-11-27 | 1994-05-03 | At&T Bell Laboratories | Arrangement for detecting fraudulently identified mobile stations in a cellular mobile telecommunications network |
US5321735A (en) * | 1992-06-29 | 1994-06-14 | Motorola, Inc. | Method and apparatus for selective real time authorization and billing of calls in a public telepoint system |
US5327144A (en) * | 1993-05-07 | 1994-07-05 | Associated Rt, Inc. | Cellular telephone location system |
US5341414A (en) * | 1992-02-05 | 1994-08-23 | Fred Popke | Calling number verification service |
US5386455A (en) * | 1994-01-04 | 1995-01-31 | Alliance Research Corporation | System and method for automatic activation of cellular telephones |
US5440621A (en) * | 1991-07-31 | 1995-08-08 | International Integrated Communications, Ltd. | Apparatus for prepayment of telecommunication connections in a telecommunication switching network without utilization of rate schedules and call cost computations |
US5452340A (en) * | 1993-04-01 | 1995-09-19 | Us West Advanced Technologies, Inc. | Method of voice activated telephone dialing |
US5499288A (en) * | 1990-05-15 | 1996-03-12 | Voice Control Systems, Inc. | Simultaneous voice recognition and verification to allow access to telephone network services |
US5509056A (en) * | 1994-06-06 | 1996-04-16 | Ericsson Ge Mobile Communications Inc. | Method and apparatus for executing automatic calling card access in cellular telephones |
US5517558A (en) * | 1990-05-15 | 1996-05-14 | Voice Control Systems, Inc. | Voice-controlled account access over a telephone network |
US5517559A (en) * | 1992-09-22 | 1996-05-14 | Fujitsu Limited | Apparatus for and method of verifying service user's information |
US5517555A (en) * | 1991-12-12 | 1996-05-14 | Cellular Technical Services Company, Inc. | Real time information system for cellular telephones |
US5592535A (en) * | 1993-04-16 | 1997-01-07 | Alcatel Sel Aktiengesellschaft | Mobile-radio network with debit accounts |
US5651056A (en) * | 1995-07-13 | 1997-07-22 | Eting; Leon | Apparatus and methods for conveying telephone numbers and other information via communication devices |
US5659597A (en) * | 1992-04-13 | 1997-08-19 | Voice Control Systems, Inc. | Speech recognition system for electronic switches in a non-wireline communications network |
US5706399A (en) * | 1994-03-18 | 1998-01-06 | Voice Control Systems, Inc. | Speech controlled vehicle alarm system |
US5719926A (en) * | 1994-06-10 | 1998-02-17 | Communications Product Development, Inc. | Prepaid long-distance telephone service system with flexible operating parameters |
US5722067A (en) * | 1994-12-23 | 1998-02-24 | Freedom Wireless, Inc. | Security cellular telecommunications system |
US5732346A (en) * | 1993-06-17 | 1998-03-24 | Research In Motion Limited | Translation and connection device for radio frequency point of sale transaction systems |
US5737707A (en) * | 1996-01-11 | 1998-04-07 | At&T Corp. | Pager-controlled wireless radiotelephone |
US5754645A (en) * | 1992-01-21 | 1998-05-19 | Motorola, Inc. | Electronic apparatus having keyless control |
US5761618A (en) * | 1994-12-22 | 1998-06-02 | Bell Atlantic Mobile Systems, Inc. | Updating technique for downloading new system identification (SID) list into a handset |
US5778313A (en) * | 1995-12-08 | 1998-07-07 | Cellexis International, Inc. | Pre-paid cellular telephone system |
US5790636A (en) * | 1989-05-31 | 1998-08-04 | Marshall; Marvin E. | Telephone travel card system under the control of its customers |
US5794195A (en) * | 1994-06-28 | 1998-08-11 | Alcatel N.V. | Start/end point detection for word recognition |
US5802470A (en) * | 1996-01-11 | 1998-09-01 | At&T Corp | Automated wireless-call completion using a paging network |
US5809124A (en) * | 1992-04-13 | 1998-09-15 | Automocrion Moncayo S.A.. | Coin charging system for mobile telephony |
US5812945A (en) * | 1995-12-22 | 1998-09-22 | Pitney Bowes Inc. | Metered payment cellular telephone communication system |
US5815807A (en) * | 1996-01-31 | 1998-09-29 | Motorola, Inc. | Disposable wireless communication device adapted to prevent fraud |
US5875394A (en) * | 1996-12-27 | 1999-02-23 | At & T Wireless Services Inc. | Method of mutual authentication for secure wireless service provision |
US5881134A (en) * | 1994-12-02 | 1999-03-09 | Voice Control Systems, Inc. | Intelligent call processing platform for home telephone system |
US5909485A (en) * | 1996-03-07 | 1999-06-01 | France Telecom | Method of prepaying for consumption of telephone calls |
US5915226A (en) * | 1996-04-19 | 1999-06-22 | Gemplus Card International | Prepaid smart card in a GSM based wireless telephone network and method for operating prepaid cards |
US5940775A (en) * | 1995-12-30 | 1999-08-17 | Samsung Electronics Co., Ltd. | Method of and apparatus for selectively generating incoming ring in digital cordless telephone |
US6029062A (en) * | 1997-02-04 | 2000-02-22 | National Telemanagement Corporation | Prepay telecommunications system with unregistered roaming call processing |
US6049710A (en) * | 1997-06-19 | 2000-04-11 | Kimberley Nanette Engen | Wireless prepaid telephone system with dispensable instruments |
US6058300A (en) * | 1997-02-04 | 2000-05-02 | National Telemanagement Corporation | Prepay telecommunications system |
US6065120A (en) * | 1997-12-09 | 2000-05-16 | Phone.Com, Inc. | Method and system for self-provisioning a rendezvous to ensure secure access to information in a database from multiple devices |
US6101378A (en) * | 1996-08-15 | 2000-08-08 | Japan Radio Co., Ltd. | Pre-paid cellular telephone system |
US6115601A (en) * | 1996-10-23 | 2000-09-05 | U.S. Philips Corporation | Payment scheme for a mobile communication service |
US6195546B1 (en) * | 1997-03-14 | 2001-02-27 | Nortel Networks Limited | Method and apparatus for network initiated parameter updating |
US6226364B1 (en) * | 1997-12-08 | 2001-05-01 | Bellsouth Intellectual Property Management Corporation | Method and system for providing prepaid and credit-limited telephone services |
US6275693B1 (en) * | 1999-11-22 | 2001-08-14 | Motorola, Inc. | Method and apparatus for performing bearer independent wireless application service provisioning |
US20020004935A1 (en) * | 2000-07-03 | 2002-01-10 | Huotari Allen Joseph | System for remote automated installation and configuration of digital subscriber line modems |
US6381454B1 (en) * | 1995-10-10 | 2002-04-30 | Qualcomm Incorporated | Method and system for over-the-air (OTA) service programming |
US6418310B1 (en) * | 1999-08-05 | 2002-07-09 | Ericsson Inc. | Wireless subscriber terminal using java control code |
US20020107729A1 (en) * | 2001-02-06 | 2002-08-08 | Catalina Marketing International, Inc. | Method and system for timing promotions based on a prior receipt of promotions |
US6453162B1 (en) * | 1998-12-10 | 2002-09-17 | Nortel Networks Limited | Method and system for subscriber provisioning of wireless services |
US20030012434A1 (en) * | 2001-03-28 | 2003-01-16 | Masashi Kanai | Image processing device, image processing method, computer program and record medium |
US20030027581A1 (en) * | 2001-07-31 | 2003-02-06 | Nokia Corporation | System and method for automatic provisioning detection and notification |
US6529729B1 (en) * | 1998-02-23 | 2003-03-04 | Ulysses Holdings, Llc | Method and apparatus for over-the-air service provisioning of a mobile telephone |
US20030061503A1 (en) * | 2001-09-27 | 2003-03-27 | Eyal Katz | Authentication for remote connections |
US20030101246A1 (en) * | 2001-11-29 | 2003-05-29 | Nokia Corporation | System and method for identifying and accessing network services |
US6577857B1 (en) * | 1995-01-05 | 2003-06-10 | Emerald Isle, Llc | Portable communication unit with discrete allocable blocks of airtime |
US20030114149A1 (en) * | 1998-10-12 | 2003-06-19 | Erkko Lehtonen | Automatic configuration of services in a communication system |
US20030115261A1 (en) * | 2001-02-26 | 2003-06-19 | Jahangir Mohammed | Apparatus and method for integrating an unlicensed wireless communications system and a licensed wireless communications system |
US6591364B1 (en) * | 1998-08-28 | 2003-07-08 | Lucent Technologies Inc. | Method for establishing session key agreement |
US6690930B1 (en) * | 1998-05-26 | 2004-02-10 | T-Mobile Deutschland Gmbh | Process to control a subscriber identity module (SIM) in mobile phone system |
US6725056B1 (en) * | 2000-02-09 | 2004-04-20 | Samsung Electronics Co., Ltd. | System and method for secure over-the-air provisioning of a mobile station from a provisioning server via a traffic channel |
US20040110497A1 (en) * | 2001-04-12 | 2004-06-10 | Little Herbert A. | Advenced system and method for dynamically discovering, providioning and accessing host services on wireless data communication devices |
US6778525B1 (en) * | 2000-08-10 | 2004-08-17 | Verizon Communications Inc. | Automated service provisioning in combination of vertical services and digital subscriber line domains |
US6782422B1 (en) * | 2000-04-24 | 2004-08-24 | Microsoft Corporation | Systems and methods for resynchronization and notification in response to network media events |
US6871193B1 (en) * | 2000-11-29 | 2005-03-22 | Verizon Corporate Services Group | Method and system for partitioned service-enablement gateway with utility and consumer services |
US20050102529A1 (en) * | 2002-10-21 | 2005-05-12 | Buddhikot Milind M. | Mobility access gateway |
US20050108423A1 (en) * | 2003-11-06 | 2005-05-19 | Cisco Technology, Inc. | On demand session provisioning of IP flows |
US6912256B1 (en) * | 1998-02-06 | 2005-06-28 | Nec Corporation | Over-the-air re-programming method of radio transceivers |
US20050181793A1 (en) * | 2002-03-04 | 2005-08-18 | Eran Netanel | Method and apparatus for secure immediate wireless access in a telecommunications network |
US20060025132A1 (en) * | 2004-04-16 | 2006-02-02 | Jeyhan Karaoguz | Remote configuration and control of local devices via a broadband access gateway |
US20060116507A1 (en) * | 2004-11-30 | 2006-06-01 | Osteogenic devices | |
US20060114897A1 (en) * | 2001-03-16 | 2006-06-01 | Atul Suri | System and method for roaming connectivity |
US20060143438A1 (en) * | 2004-10-14 | 2006-06-29 | Novatel Wireless, Inc. | System and method for provisioning a wireless device to only be able to access network services within a specific location |
US20070060097A1 (en) * | 2005-08-02 | 2007-03-15 | Edge Stephen W | VOIP emergency call support |
US7194756B2 (en) * | 2003-06-20 | 2007-03-20 | N2 Broadband, Inc. | Systems and methods for provisioning a host device for enhanced services in a cable system |
US20070124488A1 (en) * | 2000-08-10 | 2007-05-31 | Verizon Communications Inc. | Vertical Services Integration Enabled Content Distribution Mechanism |
Family Cites Families (61)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4706275A (en) | 1985-11-13 | 1987-11-10 | Aerotel Ltd. | Telephone system |
FR2593656B1 (en) * | 1986-01-28 | 1994-04-29 | Parienti Raoul | COMPACT WIRELESS INDIVIDUAL COMMUNICATION METHOD OPERATING ON AN INFRARED DUPLEX NETWORK AND ITS IMPLEMENTING DEVICE. |
DE3620535A1 (en) * | 1986-06-19 | 1987-12-23 | Mannesmann Ag | ELECTRONIC CONTROL CIRCUIT, ESPECIALLY FOR A PRINTER |
US4776003A (en) * | 1986-10-01 | 1988-10-04 | Harris Arlene J | Cellular mobile radio credit card system |
US5274802A (en) | 1991-02-22 | 1993-12-28 | Gte Mobilnet Incorporated | Method for restoring lost databases by comparing existing database and generic database, and generating cellular switch commands to update the generic database |
SE9101105L (en) * | 1991-04-12 | 1992-08-03 | Comvik Gsm Ab | PHONE SYSTEM PROCEDURES |
US5359642A (en) * | 1991-10-30 | 1994-10-25 | International Integrated Communications, Inc. | Method and apparatus for prepayment of telecommunication connections by registered groups of subscribers in a telecommunication switching network |
US5454027A (en) | 1992-01-27 | 1995-09-26 | Hm Holding Corporation | Phantom mobile identification number method and apparatus |
US5353335A (en) * | 1992-08-03 | 1994-10-04 | At&T Bell Laboratories | Multilingual prepaid telephone system |
FR2696067B1 (en) | 1992-09-21 | 1994-11-25 | France Telecom | Telecommunication installation with secure download of prepayment means and corresponding download method. |
US5603081A (en) | 1993-11-01 | 1997-02-11 | Telefonaktiebolaget Lm Ericsson | Method for communicating in a wireless communication system |
US5359182A (en) * | 1992-10-06 | 1994-10-25 | Interdigital Technology Corporation | Wireless telephone debit card system and method |
US5469497A (en) | 1993-01-19 | 1995-11-21 | Teledebit | Networked interactive call management subsystems with prevention of simultaneous use of a single account number |
US5475791A (en) | 1993-08-13 | 1995-12-12 | Voice Control Systems, Inc. | Method for recognizing a spoken word in the presence of interfering speech |
US5574772A (en) | 1993-11-01 | 1996-11-12 | Scalisi; Joseph F. | Personal apparatus for receiving radiotelephone communications |
US5574771A (en) | 1994-08-15 | 1996-11-12 | Lucent Technologies Inc. | Integrated communication system |
US5826185A (en) * | 1994-11-16 | 1998-10-20 | Banana Cellular, Inc. | Cellular phone system wherein the air time use is predetermined |
GB2296160B (en) | 1994-12-12 | 1999-05-19 | Nokia Mobile Phones Ltd | Radio telephone |
US5854975A (en) | 1994-12-23 | 1998-12-29 | Freedom Wireless, Inc. | Prepaid security cellular telecommunications system |
US5845246A (en) | 1995-02-28 | 1998-12-01 | Voice Control Systems, Inc. | Method for reducing database requirements for speech recognition systems |
DE19528423C2 (en) | 1995-08-02 | 1998-07-16 | Siemens Ag | Telephony credit accounting procedures |
US5887253A (en) * | 1996-03-22 | 1999-03-23 | Bellsouth Corporation | Method for activating and servicing a cellular telephone |
US6014561A (en) * | 1996-05-06 | 2000-01-11 | Ericsson Inc. | Method and apparatus for over the air activation of a multiple mode/band radio telephone handset |
US5966654A (en) * | 1996-11-01 | 1999-10-12 | Ericsson Inc. | Recyclable cellular telephone and method and apparatus for supporting the use of a recyclable cellular telephone within a cellular telephone network acting as a theme park communicator/scheduler |
US5940755A (en) | 1996-12-31 | 1999-08-17 | Mci Communications Corporation | System and method for wireless network of unlicensed personal communications service areas with local switch interfaces and enhanced customer features |
US5963859A (en) * | 1997-07-18 | 1999-10-05 | Polaroid Corporation | Wireless communication device with replaceable battery and prepaid calling time |
US5965848A (en) * | 1997-07-22 | 1999-10-12 | Randice-Lisa Altschul | Disposable portable electronic devices and method of making |
US6131024A (en) * | 1997-10-09 | 2000-10-10 | Ericsson Inc. | System and method for setting subscriber-defined usage limits on a mobile terminal |
US6463276B1 (en) * | 1997-12-05 | 2002-10-08 | Telefonaktiebolaget L M Ericsson (Publ) | Mobile terminal having conditional blocking of outgoing call requests |
JP3132448B2 (en) * | 1997-12-19 | 2001-02-05 | 日本電気株式会社 | Training method and training circuit for adaptive equalizer tap coefficients |
US6167251A (en) | 1998-10-02 | 2000-12-26 | Telespree Communications | Keyless portable cellular phone system having remote voice recognition |
US6836651B2 (en) | 1999-06-21 | 2004-12-28 | Telespree Communications | Portable cellular phone system having remote voice recognition |
US6615059B1 (en) * | 1999-01-27 | 2003-09-02 | Telefonaktiebolaget Lm Ericsson (Publ) | Mobile terminal interface |
US7266371B1 (en) * | 2000-02-22 | 2007-09-04 | Cingular Wireless Ii, Llc | Activation and remote modification of wireless services in a packet network context |
US6466779B1 (en) | 2000-03-07 | 2002-10-15 | Samsung Electronics Co., Ltd. | System and method for secure provisioning of a mobile station from a provisioning server using IWF-based firewall |
US6671731B1 (en) * | 2000-06-21 | 2003-12-30 | Mediaone Group, Inc. | Generic proxy service for docsis-enabled set top devices |
US6829250B2 (en) | 2000-08-10 | 2004-12-07 | Verizon Communications Inc. | Automatic programming of customer premises equipment for vertical services integration |
EP1189473A3 (en) | 2000-09-15 | 2003-06-11 | Comverse Inc. | Prepaid mobile communcations services using signalling transfer point |
US6654600B1 (en) | 2000-09-15 | 2003-11-25 | Tracfone Wireless, Inc. | Method and apparatus for authorizing use of cellular telephone units |
US7406315B2 (en) * | 2001-03-20 | 2008-07-29 | Arraycomm Llc | Method and apparatus for resource management in a wireless data communication system |
US7433710B2 (en) | 2001-04-20 | 2008-10-07 | Lightsurf Technologies, Inc. | System and methodology for automated provisioning of new user accounts |
US20020160815A1 (en) | 2001-04-30 | 2002-10-31 | Milan Patel | Method and apparatus for adjusting a dialing sequence based on location |
US7444513B2 (en) | 2001-05-14 | 2008-10-28 | Nokia Corporiation | Authentication in data communication |
WO2002093811A2 (en) | 2001-05-16 | 2002-11-21 | Adjungo Networks Ltd. | Access to plmn networks for non-plmn devices |
US7340438B2 (en) * | 2001-05-21 | 2008-03-04 | Nokia Corporation | Method and apparatus for managing and enforcing user privacy |
US6628934B2 (en) * | 2001-07-12 | 2003-09-30 | Earthlink, Inc. | Systems and methods for automatically provisioning wireless services on a wireless device |
US7039403B2 (en) | 2001-10-26 | 2006-05-02 | Wong Gregory A | Method and apparatus to manage a resource |
JP2003320644A (en) * | 2002-04-30 | 2003-11-11 | Miyakoshi Printing Machinery Co Ltd | Forme dampening roller driving unit |
US7372826B2 (en) | 2002-08-01 | 2008-05-13 | Starent Networks, Corp. | Providing advanced communications features |
US20040133668A1 (en) | 2002-09-12 | 2004-07-08 | Broadcom Corporation | Seamlessly networked end user device |
US7471655B2 (en) | 2003-10-17 | 2008-12-30 | Kineto Wireless, Inc. | Channel activation messaging in an unlicensed mobile access telecommunications system |
US7565145B2 (en) | 2002-10-18 | 2009-07-21 | Kineto Wireless, Inc. | Handover messaging in an unlicensed mobile access telecommunications system |
AU2003293061A1 (en) | 2002-11-25 | 2004-06-18 | Telesector Resources Group, Inc. | Methods and systems for preemptive rejection of calls |
CA2507095C (en) | 2002-11-25 | 2012-05-01 | Telesector Resources Group, Inc. | Methods and systems for line management |
US7757261B2 (en) | 2003-06-20 | 2010-07-13 | N2 Broadband, Inc. | Systems and methods for providing flexible provisioning architectures for a host in a cable system |
US7305090B1 (en) | 2003-09-12 | 2007-12-04 | Sprint Spectrum L.P. | Method and system for use of common provisioning data to activate cellular wireless devices |
DE602005017973D1 (en) | 2004-04-16 | 2010-01-14 | Broadcom Corp | Registration of multimedia content of an access device via a broadband access gateway |
US8085808B2 (en) | 2005-05-12 | 2011-12-27 | Verizon Services Corp. | Automatic configuration of network devices for network services |
EP1783997A1 (en) * | 2005-11-07 | 2007-05-09 | Axalto S.A. | Remote activation of a user account in a telecommunication network |
EP1791315A1 (en) | 2005-11-23 | 2007-05-30 | Research In Motion Limited | System and method to provide mobile VPN connectivity |
US8145212B2 (en) * | 2007-12-06 | 2012-03-27 | Evolving Systems, Inc. | Wireless device activation |
-
2002
- 2002-04-30 US US10/136,712 patent/US7197301B2/en not_active Expired - Fee Related
-
2005
- 2005-04-06 US US11/100,791 patent/US7565142B2/en not_active Expired - Fee Related
-
2007
- 2007-09-04 US US11/849,839 patent/US7904072B2/en not_active Expired - Fee Related
-
2008
- 2008-07-23 US US12/178,551 patent/US20090025070A1/en not_active Abandoned
-
2009
- 2009-04-24 US US12/429,621 patent/US20100173609A1/en not_active Abandoned
- 2009-07-21 US US12/506,663 patent/US20100009659A1/en not_active Abandoned
Patent Citations (99)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4845740A (en) * | 1985-08-12 | 1989-07-04 | Oki Electric Industry Co., Ltd. | Radiotelephone system adapted to read a credit card |
US4756020A (en) * | 1985-08-30 | 1988-07-05 | American Telephone And Telegraph Company, At&T Bell Laboratories | Method and apparatus for disallowing the extension of a call through a network |
US4831647A (en) * | 1987-06-02 | 1989-05-16 | Motorola, Inc. | Radiotelephone credit card data communications |
US4860341A (en) * | 1987-06-02 | 1989-08-22 | Motorola, Inc. | Radiotelephone credit card call approval synchronization |
US5127040A (en) * | 1987-06-02 | 1992-06-30 | Motorola, Inc. | Radiotelephone telephone number down loading |
US4945557A (en) * | 1987-06-08 | 1990-07-31 | Ricoh Company, Ltd. | Voice activated dialing apparatus |
US5042063A (en) * | 1987-09-11 | 1991-08-20 | Kabushiki Kaisha Toshiba | Telephone apparatus with voice activated dialing function |
US4845772A (en) * | 1988-06-13 | 1989-07-04 | Motorola, Inc. | Portable radiotelephone with control switch disabling |
US4852149A (en) * | 1988-06-29 | 1989-07-25 | Dialogic Corporation | Automated call filter |
US4897873A (en) * | 1988-11-04 | 1990-01-30 | Motorola, Inc. | Multipurpose hinge apparatus for foldable telephones |
US4951308A (en) * | 1988-12-29 | 1990-08-21 | Cellular Communications Corporation | Automated vending of cellular hand-held telephones and cellular telephone services |
US5790636A (en) * | 1989-05-31 | 1998-08-04 | Marshall; Marvin E. | Telephone travel card system under the control of its customers |
US5046088A (en) * | 1989-10-31 | 1991-09-03 | Dialogic Corporation | Converter for in-band routing and/or origination information |
US5517558A (en) * | 1990-05-15 | 1996-05-14 | Voice Control Systems, Inc. | Voice-controlled account access over a telephone network |
US5499288A (en) * | 1990-05-15 | 1996-03-12 | Voice Control Systems, Inc. | Simultaneous voice recognition and verification to allow access to telephone network services |
US5301223A (en) * | 1990-05-22 | 1994-04-05 | Cellular Technical Services Company, Inc. | Cellular telephone system with remote programming, voice responsive registration and real time billing |
US5297189A (en) * | 1990-05-30 | 1994-03-22 | Alcatel N.V. | Wireless telephone service subscription data user access method |
US5138650A (en) * | 1990-09-27 | 1992-08-11 | Motorola, Inc. | Cordless telephone with internal debit and credit memory |
US5301234A (en) * | 1990-10-10 | 1994-04-05 | France Telecom | Radiotelephone installation for prepayment operation with security protection |
US5144649A (en) * | 1990-10-24 | 1992-09-01 | Gte Mobile Communications Service Corporation | Cellular radiotelephone credit card paystation method |
US5247700A (en) * | 1990-11-16 | 1993-09-21 | Universal Cellular, Inc. | Cellular telephone with pager |
US5291543A (en) * | 1990-12-05 | 1994-03-01 | Subscriber Computing, Inc. | Cellular telephone real time account administration system |
US5185790A (en) * | 1991-03-28 | 1993-02-09 | Motorola, Inc. | Multiposition detenting hinge apparatus |
US5233642A (en) * | 1991-05-24 | 1993-08-03 | Omnitronix, Inc. | Cellular telephone usage monitoring system |
US5440621A (en) * | 1991-07-31 | 1995-08-08 | International Integrated Communications, Ltd. | Apparatus for prepayment of telecommunication connections in a telecommunication switching network without utilization of rate schedules and call cost computations |
US5202912A (en) * | 1991-09-09 | 1993-04-13 | Motorola, Inc. | Method and apparatus for providing telepoint to telepoint calling between pager equipped handsets |
US5309501A (en) * | 1991-11-27 | 1994-05-03 | At&T Bell Laboratories | Arrangement for detecting fraudulently identified mobile stations in a cellular mobile telecommunications network |
US5517555A (en) * | 1991-12-12 | 1996-05-14 | Cellular Technical Services Company, Inc. | Real time information system for cellular telephones |
US5754645A (en) * | 1992-01-21 | 1998-05-19 | Motorola, Inc. | Electronic apparatus having keyless control |
US5341414A (en) * | 1992-02-05 | 1994-08-23 | Fred Popke | Calling number verification service |
US5809124A (en) * | 1992-04-13 | 1998-09-15 | Automocrion Moncayo S.A.. | Coin charging system for mobile telephony |
US5659597A (en) * | 1992-04-13 | 1997-08-19 | Voice Control Systems, Inc. | Speech recognition system for electronic switches in a non-wireline communications network |
US5321735A (en) * | 1992-06-29 | 1994-06-14 | Motorola, Inc. | Method and apparatus for selective real time authorization and billing of calls in a public telepoint system |
US5517559A (en) * | 1992-09-22 | 1996-05-14 | Fujitsu Limited | Apparatus for and method of verifying service user's information |
US5452340A (en) * | 1993-04-01 | 1995-09-19 | Us West Advanced Technologies, Inc. | Method of voice activated telephone dialing |
US5592535A (en) * | 1993-04-16 | 1997-01-07 | Alcatel Sel Aktiengesellschaft | Mobile-radio network with debit accounts |
US5327144A (en) * | 1993-05-07 | 1994-07-05 | Associated Rt, Inc. | Cellular telephone location system |
US5732346A (en) * | 1993-06-17 | 1998-03-24 | Research In Motion Limited | Translation and connection device for radio frequency point of sale transaction systems |
US5386455A (en) * | 1994-01-04 | 1995-01-31 | Alliance Research Corporation | System and method for automatic activation of cellular telephones |
US5706399A (en) * | 1994-03-18 | 1998-01-06 | Voice Control Systems, Inc. | Speech controlled vehicle alarm system |
US5509056A (en) * | 1994-06-06 | 1996-04-16 | Ericsson Ge Mobile Communications Inc. | Method and apparatus for executing automatic calling card access in cellular telephones |
US5719926A (en) * | 1994-06-10 | 1998-02-17 | Communications Product Development, Inc. | Prepaid long-distance telephone service system with flexible operating parameters |
US5794195A (en) * | 1994-06-28 | 1998-08-11 | Alcatel N.V. | Start/end point detection for word recognition |
US5881134A (en) * | 1994-12-02 | 1999-03-09 | Voice Control Systems, Inc. | Intelligent call processing platform for home telephone system |
US5761618A (en) * | 1994-12-22 | 1998-06-02 | Bell Atlantic Mobile Systems, Inc. | Updating technique for downloading new system identification (SID) list into a handset |
US5722067A (en) * | 1994-12-23 | 1998-02-24 | Freedom Wireless, Inc. | Security cellular telecommunications system |
US6577857B1 (en) * | 1995-01-05 | 2003-06-10 | Emerald Isle, Llc | Portable communication unit with discrete allocable blocks of airtime |
US5651056A (en) * | 1995-07-13 | 1997-07-22 | Eting; Leon | Apparatus and methods for conveying telephone numbers and other information via communication devices |
US6381454B1 (en) * | 1995-10-10 | 2002-04-30 | Qualcomm Incorporated | Method and system for over-the-air (OTA) service programming |
US5778313A (en) * | 1995-12-08 | 1998-07-07 | Cellexis International, Inc. | Pre-paid cellular telephone system |
US5812945A (en) * | 1995-12-22 | 1998-09-22 | Pitney Bowes Inc. | Metered payment cellular telephone communication system |
US5940775A (en) * | 1995-12-30 | 1999-08-17 | Samsung Electronics Co., Ltd. | Method of and apparatus for selectively generating incoming ring in digital cordless telephone |
US5737707A (en) * | 1996-01-11 | 1998-04-07 | At&T Corp. | Pager-controlled wireless radiotelephone |
US5802470A (en) * | 1996-01-11 | 1998-09-01 | At&T Corp | Automated wireless-call completion using a paging network |
US5815807A (en) * | 1996-01-31 | 1998-09-29 | Motorola, Inc. | Disposable wireless communication device adapted to prevent fraud |
US5909485A (en) * | 1996-03-07 | 1999-06-01 | France Telecom | Method of prepaying for consumption of telephone calls |
US5915226A (en) * | 1996-04-19 | 1999-06-22 | Gemplus Card International | Prepaid smart card in a GSM based wireless telephone network and method for operating prepaid cards |
US6101378A (en) * | 1996-08-15 | 2000-08-08 | Japan Radio Co., Ltd. | Pre-paid cellular telephone system |
US6115601A (en) * | 1996-10-23 | 2000-09-05 | U.S. Philips Corporation | Payment scheme for a mobile communication service |
US5875394A (en) * | 1996-12-27 | 1999-02-23 | At & T Wireless Services Inc. | Method of mutual authentication for secure wireless service provision |
US6058300A (en) * | 1997-02-04 | 2000-05-02 | National Telemanagement Corporation | Prepay telecommunications system |
US6029062A (en) * | 1997-02-04 | 2000-02-22 | National Telemanagement Corporation | Prepay telecommunications system with unregistered roaming call processing |
US6195546B1 (en) * | 1997-03-14 | 2001-02-27 | Nortel Networks Limited | Method and apparatus for network initiated parameter updating |
US6049710A (en) * | 1997-06-19 | 2000-04-11 | Kimberley Nanette Engen | Wireless prepaid telephone system with dispensable instruments |
US6226364B1 (en) * | 1997-12-08 | 2001-05-01 | Bellsouth Intellectual Property Management Corporation | Method and system for providing prepaid and credit-limited telephone services |
US6065120A (en) * | 1997-12-09 | 2000-05-16 | Phone.Com, Inc. | Method and system for self-provisioning a rendezvous to ensure secure access to information in a database from multiple devices |
US6912256B1 (en) * | 1998-02-06 | 2005-06-28 | Nec Corporation | Over-the-air re-programming method of radio transceivers |
US6529729B1 (en) * | 1998-02-23 | 2003-03-04 | Ulysses Holdings, Llc | Method and apparatus for over-the-air service provisioning of a mobile telephone |
US6690930B1 (en) * | 1998-05-26 | 2004-02-10 | T-Mobile Deutschland Gmbh | Process to control a subscriber identity module (SIM) in mobile phone system |
US6591364B1 (en) * | 1998-08-28 | 2003-07-08 | Lucent Technologies Inc. | Method for establishing session key agreement |
US20030114149A1 (en) * | 1998-10-12 | 2003-06-19 | Erkko Lehtonen | Automatic configuration of services in a communication system |
US6453162B1 (en) * | 1998-12-10 | 2002-09-17 | Nortel Networks Limited | Method and system for subscriber provisioning of wireless services |
US6418310B1 (en) * | 1999-08-05 | 2002-07-09 | Ericsson Inc. | Wireless subscriber terminal using java control code |
US6275693B1 (en) * | 1999-11-22 | 2001-08-14 | Motorola, Inc. | Method and apparatus for performing bearer independent wireless application service provisioning |
US6725056B1 (en) * | 2000-02-09 | 2004-04-20 | Samsung Electronics Co., Ltd. | System and method for secure over-the-air provisioning of a mobile station from a provisioning server via a traffic channel |
US6782422B1 (en) * | 2000-04-24 | 2004-08-24 | Microsoft Corporation | Systems and methods for resynchronization and notification in response to network media events |
US20020004935A1 (en) * | 2000-07-03 | 2002-01-10 | Huotari Allen Joseph | System for remote automated installation and configuration of digital subscriber line modems |
US20070124488A1 (en) * | 2000-08-10 | 2007-05-31 | Verizon Communications Inc. | Vertical Services Integration Enabled Content Distribution Mechanism |
US6778525B1 (en) * | 2000-08-10 | 2004-08-17 | Verizon Communications Inc. | Automated service provisioning in combination of vertical services and digital subscriber line domains |
US6871193B1 (en) * | 2000-11-29 | 2005-03-22 | Verizon Corporate Services Group | Method and system for partitioned service-enablement gateway with utility and consumer services |
US20020107729A1 (en) * | 2001-02-06 | 2002-08-08 | Catalina Marketing International, Inc. | Method and system for timing promotions based on a prior receipt of promotions |
US20030119490A1 (en) * | 2001-02-26 | 2003-06-26 | Jahangir Mohammed | Wireless communications handset for facilitating licensed and unlicensed wireless communications, and method of operation |
US20030115261A1 (en) * | 2001-02-26 | 2003-06-19 | Jahangir Mohammed | Apparatus and method for integrating an unlicensed wireless communications system and a licensed wireless communications system |
US20030119489A1 (en) * | 2001-02-26 | 2003-06-26 | Jahangir Mohammed | Unlicensed wireless communications base station to facilitate unlicensed and licensed wireless communications with a subscriber device, and method of operation |
US20060114897A1 (en) * | 2001-03-16 | 2006-06-01 | Atul Suri | System and method for roaming connectivity |
US20030012434A1 (en) * | 2001-03-28 | 2003-01-16 | Masashi Kanai | Image processing device, image processing method, computer program and record medium |
US20040110497A1 (en) * | 2001-04-12 | 2004-06-10 | Little Herbert A. | Advenced system and method for dynamically discovering, providioning and accessing host services on wireless data communication devices |
US20030027581A1 (en) * | 2001-07-31 | 2003-02-06 | Nokia Corporation | System and method for automatic provisioning detection and notification |
US20030061503A1 (en) * | 2001-09-27 | 2003-03-27 | Eyal Katz | Authentication for remote connections |
US20030101246A1 (en) * | 2001-11-29 | 2003-05-29 | Nokia Corporation | System and method for identifying and accessing network services |
US20050181793A1 (en) * | 2002-03-04 | 2005-08-18 | Eran Netanel | Method and apparatus for secure immediate wireless access in a telecommunications network |
US20050102529A1 (en) * | 2002-10-21 | 2005-05-12 | Buddhikot Milind M. | Mobility access gateway |
US7194756B2 (en) * | 2003-06-20 | 2007-03-20 | N2 Broadband, Inc. | Systems and methods for provisioning a host device for enhanced services in a cable system |
US20070074240A1 (en) * | 2003-06-20 | 2007-03-29 | Tandberg Television Inc. | Systems and methods for provisioning a host device for enhanced services in a cable system |
US20050108423A1 (en) * | 2003-11-06 | 2005-05-19 | Cisco Technology, Inc. | On demand session provisioning of IP flows |
US20060025132A1 (en) * | 2004-04-16 | 2006-02-02 | Jeyhan Karaoguz | Remote configuration and control of local devices via a broadband access gateway |
US20060143438A1 (en) * | 2004-10-14 | 2006-06-29 | Novatel Wireless, Inc. | System and method for provisioning a wireless device to only be able to access network services within a specific location |
US20060116507A1 (en) * | 2004-11-30 | 2006-06-01 | Osteogenic devices | |
US20070060097A1 (en) * | 2005-08-02 | 2007-03-15 | Edge Stephen W | VOIP emergency call support |
Cited By (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8559947B2 (en) * | 2006-09-13 | 2013-10-15 | Mformation Software Technologies Llc | System and method to enable subscriber self-activation of wireless data terminals |
US20080064367A1 (en) * | 2006-09-13 | 2008-03-13 | Mformation Technologies Inc. | System and method to enable subscriber self-activation of wireless data terminals |
US8914066B2 (en) * | 2007-06-15 | 2014-12-16 | Intel Corporation | Field programming of a mobile station with subscriber identification and related information |
US20130094651A1 (en) * | 2007-06-15 | 2013-04-18 | Pouya Taaghol | Field programming of a mobile station with subscriber identification and related information |
US9161296B2 (en) | 2007-12-06 | 2015-10-13 | Evolving Systems, Inc. | Controlled access to a wireless network |
US8145212B2 (en) | 2007-12-06 | 2012-03-27 | Evolving Systems, Inc. | Wireless device activation |
US8463258B2 (en) | 2007-12-06 | 2013-06-11 | Evolving Systems, Inc. | Extended wireless device activation |
US8509767B2 (en) | 2007-12-06 | 2013-08-13 | Evolving Systems, Inc. | Controlled access to a wireless network |
US20090149175A1 (en) * | 2007-12-06 | 2009-06-11 | Evolving Systems, Inc. | Wireless device activation |
US20090282256A1 (en) * | 2008-05-12 | 2009-11-12 | Sony Ericsson Mobile Communications Ab | Secure push messages |
US8559930B2 (en) | 2009-04-24 | 2013-10-15 | Evolving Systems, Inc. | Occasional access to a wireless network |
US20100273462A1 (en) * | 2009-04-24 | 2010-10-28 | Evolving Systems, Inc. | Occasional access to a wireless network |
US9559864B1 (en) | 2009-11-16 | 2017-01-31 | Sprint Spectrum L.P. | Method and system for managing wireless devices using short-range wireless communication |
US8929863B2 (en) | 2012-10-01 | 2015-01-06 | Evolving Systems, Inc. | Methods and systems for temporarily permitting a wireless device to access a wireless network |
US20150033312A1 (en) * | 2013-07-25 | 2015-01-29 | Convida Wireless, Llc | End-To-End M2M Service Layer Sessions |
US10200353B2 (en) * | 2013-07-25 | 2019-02-05 | Convida Wireless, Llc | End-to-end M2M service layer sessions |
US10530757B2 (en) | 2013-07-25 | 2020-01-07 | Convida Wireless, Llc | End-to-end M2M service layer sessions |
US11122027B2 (en) | 2013-07-25 | 2021-09-14 | Convida Wireless, Llc | End-to-end M2M service layer sessions |
US11765150B2 (en) | 2013-07-25 | 2023-09-19 | Convida Wireless, Llc | End-to-end M2M service layer sessions |
US9491563B1 (en) | 2015-10-16 | 2016-11-08 | Evolving Systems, Inc. | Pre-provisioning mobile application acquisition and utilization |
US11251955B2 (en) * | 2017-09-07 | 2022-02-15 | Arris Enterprises Llc | System and method for simplified wifi set up of client devices |
Also Published As
Publication number | Publication date |
---|---|
US20070300294A1 (en) | 2007-12-27 |
US20100173609A1 (en) | 2010-07-08 |
US20100009659A1 (en) | 2010-01-14 |
US20030166398A1 (en) | 2003-09-04 |
US20050181793A1 (en) | 2005-08-18 |
US7904072B2 (en) | 2011-03-08 |
US7197301B2 (en) | 2007-03-27 |
US7565142B2 (en) | 2009-07-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7904072B2 (en) | Method and apparatus for secure immediate wireless access in a telecommunications network | |
US8046581B2 (en) | Method and apparatus for secure immediate wireless access in a telecommunications network | |
US8413215B2 (en) | System and method for extending secure authentication using unique session keys derived from entropy | |
CN100417274C (en) | Certificate based authentication authorization accounting scheme for loose coupling interworking | |
US7505756B2 (en) | Dynamic online subscription for wireless wide-area networks | |
RU2404520C2 (en) | Method for provision of signature key for digital signature, verification or coding of data, and also mobile terminal | |
EP2297923B1 (en) | Authenticating a wireless device in a visited network | |
US20030079124A1 (en) | Secure method for getting on-line status, authentication, verification, authorization, communication and transaction services for web-enabled hardware and software, based on uniform telephone address | |
US20060141987A1 (en) | Identification of a terminal with a server | |
CN101163003A (en) | System and method for authenticating network for terminal when SIM card use UMTS terminal and UMTS system | |
CN1795656B (en) | Method of safety initialization users and data privacy | |
EP1680940A1 (en) | Method of user authentication | |
JP2007506373A (en) | Authentication of terminal device IP address | |
KR100395161B1 (en) | Authentication Center, Authentication Method using smart card on mobile communications and method of supporting global roaming service | |
US7200750B1 (en) | Method for distributing encryption keys for an overlay data network | |
TWI246300B (en) | Method and apparatus enabling reauthentication in a cellular communication system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: TELESPREE COMMUNICATIONS, CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:NETANEL, ERAN;LAVINE, JAMES F.;REEL/FRAME:021292/0553 Effective date: 20080723 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |