The invention relates, in general, to a method and system for validation and/or authentication of an identity, and, in particular, to a method and apparatus/system for authenticating subscribers in a communications network, such as a wireless, digital, cellular, and/or satellite communications system, using a central host processor. The central processor includes all the interfaces and functions to connect to the communications system, to decode signals and messages, to verify and to validate subscribers in the communications system, and to signal to entities in the system that subscribers are legitimate. This system provides a significant level of protection against fraud and abuse, particularly wireless fraud and abuse.
Cellular mobile telephony is one of the fastest growing segments in the worldwide telecommunications market. Between 1984 and 1992, for example, the number of mobile telephone subscribers in the United States grew from around 25,000 to over 10 million. In 1998, the number is estimated to be 58 million and is expected to rise to nearly 90 million by the year 2000.
In a typical cellular radio system, as shown in FIG. 1, a geographical area is divided into several radio coverage areas, called cells C1-C14. These cells are served by a series of radio stations, called base stations B1-B14. The base stations are connected to and controlled by a mobile switching center (MSC) MSC1, MSC2. The MSC is in turn connected to the land line (wireline) public switched telephone network (PSTN). The users in the cellular radio system, known as mobile subscribers, are provided with portable (hand-held), transportable or mobile (car-mounted) telephone units, which are collectively called mobile stations.
The mobile stations MS1-MS4, shown in FIG. 1, communicate with a mobile switching center MSC1 through respective nearby base stations B1, B5. The MSC switches calls between wireline or landline and mobile subscribers, controls signaling to the mobile stations, compiles billing information, and provides for the operations, maintenance, and testing of the system. The MSCs are also connected together through a signaling network to allow xe2x80x9croamingxe2x80x9d across large geographic areas.
In the United States, the Advanced Mobile Phone Service (AMPS) began in 1984. A serious problem which has plagued cellular communications systems is fraud. There have been numerous types of fraudulent use of cellular communications facilities, resulting in significant monetary losses for the operators of those AMPS wireless telephone systems. The fraudulent access has ranged from xe2x80x9croamerxe2x80x9d fraud to tumbling to cloning. The most common type of fraud is xe2x80x9ccloning.xe2x80x9d The Cellular Telecommunications Industry Association (CTIA) reports that losses resulting from cloning exceed $300 million per year in the United States.
Mobile stations or terminals, subject to cloning, typically are identified by a mobile identification number and an electronic serial number. Ordinarily, a mobile identification number (MIN), which is assigned to a subscriber""s mobile station or terminal when it is activated, is identical to the dialed directory number or mobile telephone number. An electronic serial number (ESN) is a 32-bit binary number that consists of three parts: the manufacturer code, a reserved area, and a manufacturer-assigned serial number. The ESN, which represents a terminal, is fixed and, supposedly, cannot be changed.
Cloning entails an interloper or xe2x80x9cfraudsterxe2x80x9d capturing the identity of a wireless telephone by using standard test equipment to capture the Electronic Serial Number (ESN) and Mobile identification Number (MIN) of the legitimate user. For example, a standard frequency scanner may be used to scan a common control channel for MIN-ESN combinations transmitted from a mobile station registering with a mobile switching center. The interloper reprograms a mobile station, such as, another mobile telephone, with the captured ESN and MIN. Impersonating the legitimate subscriber, the cloner may then place fraudulent calls, which are charged to the legitimate subscriber.
Such cloning occurs because the original AMPS network did not have the means to validate the wireless use. FIG. 1 illustrates the telephone systems without authentication. However, in 1991 the Telecommunications Industry Association (TIA) wireless/cellular standards (TR45.3) organization developed a scheme to authenticate subscribers.
Authentication was developed by the cellular industry to prevent cloning. Authentication is the process of validating a user""s identify by proving the existence of shared secret data (or a cryptographic key) in the mobile station of the user and the cellular network. Both the mobile station (MS) and the network possess the software protocol, cryptographic algorithms, and key to perform authentication. The general elements for one type of authentication, which is believed to be disclosed in U.S. Pat. No. 5,153,919 to James A. Reeds, III et al., which is incorporated herein by reference, are depicted in FIG. 2. Unfortunately, this standardized technique is not ubiquitous; MSCs and MSs do not all have software to support the validation.
The authentication mechanism developed by the standards committee for Telecommunications Industry Association (TIA) is shown in FIG. 3. CAVE is the xe2x80x9cCellular and Voice Encryptionxe2x80x9d cryptographic algorithm. Through the use of CAVE""s xe2x80x9cchallenge-responsexe2x80x9d authentication scheme, validation of subscriber identities can occur. The steps in the process shown in FIG. 4 are the following:
Step S10: The telephone, as it powers on, identifies itself to the network with the ESN and MIN.
Step S12: The network sends a random number challenge to the phone.
Step S14: The phone, using a CAVE cryptographic algorithm, encrypts or xe2x80x9chashsxe2x80x9d a number of inputs including the ESN, the MIN and a SSD key to produce an authentication response AUTHR. The SSD (Shared Secret Data) key is derived from the seed A-key.
Step S16: The telephone sends AUTHR to the network. Step S18: The network performs the same CAVE cryptographic computation.
Step S20: The network compares the two responses.
Step S22: If the responses (AUTHR) are equivalent, service is granted because the network operator can be quite confident that the subscriber is legitimate.
Step S24: If the responses (AUTHR) are not equivalent, service is denied because the network operator cannot be confident that the subscriber is legitimate.
The above authentication scheme has been very effective against fraud. However, three major events must occur before it is absolutely effective against technical fraud. These three events are the following. First, all phones must contain the cryptographic algorithm and protocol. Second, all switches must be upgraded or sold with the cryptographic algorithm. Third, all phones and switches must have the seed cryptographic key (A-key). The authentication scheme in the telephone system is illustrated in FIG. 5. The authentication may occur in a Mobile Switching Center MSC or in an off-board computer, namely, an authentication center AC.
The deployment of authentication began in 1995. Today approximately 10% of all MSCs have the capability to authenticate. CTIA reports approximately 58 million subscribers exist in North America. Yet, it is estimated that only 10 million of the telephones have the CAVE cryptographic capabilities, designed to the latest standards. Those switches (MSCs) that cannot authenticate are designed to the TIA IS-41 Revision A (Rev. A) standard. The IS-41 Revision C (Rev. C) MSCs can authenticate. It may be years before all MSCs and telephones are xe2x80x9cauthentication capablexe2x80x9d in the AMPS-based air-interface technologies: IS-54B, IS-136, IS-91, IS-95, etc. FIG. 6 summarizes the current authentication situation for mobile switching centers and telephones. Essentially, as time progresses more and more MSCs and telephones will likely have authentication features.
In Europe and other locations around the world, the standard Global System for Mobile (GSM) cellular telephoning has dominated. It is fully authentication-capable. The authentication scheme for GSM is very similar to the AMPS IS-41 cellular authentication scheme. In the GSM environment, there have been no reports of cloning or technical fraud. GSM is in the xe2x80x9cubiquitousxe2x80x9d authentication state; all MSCs and all phones therein authenticate. Note in GSM, the authentication occurs on a Subscriber Identity Module (SIM) smart card inserted in the telephone.
FIG. 7 illustrates the GSM authentication scheme. The mobile station is uniquely identified by a International Mobile Subscriber Identity (IMSI). This information, along with the individual subscriber authentication key Ki, constitutes sensitive identification credentials, analogous to the Electronic Serial Number (ESN) in systems such as AMPS.
When a mobile station MS attempts to access the system, the network issues it a 128-bit random number challenge RAND. The MS computes a 32-bit signed response SRES to RAND using a one-way hash function A3 under control of the subscriber authentication key Ki. The key Ki is shared only by the subscriber and an authentication center which serves the subscriber""s home network. That is, the authentication center includes all subscriber authentication keys Kis.
The value SRES computed by the MS is signaled to the network, where it is compared with a pre-computed value. If the two values of SRES agree, the mobile subscriber has been authenticated, and the call is allowed to proceed. If the values are different, then access is denied. Because GSM has effectively zero technical fraud, carriers in the UK, Europe and other locations have not suffered any losses.
With two major incompatible standards, GSM and IS-41, as well as several others, there is a desire to connect the systems to allow interoperability. This allows a subscriber to go from one system to the other and have xe2x80x9cone telephone number.xe2x80x9d Calls are automatically translated to the new system and protocol. Connectivity of the two systems is shown in FIG. 8. Note that the A3 authentication algorithm is a generic term used for the standard COMP128 cryptographic algorithm used in GSM systems. Between the two systems is the Interoperability Unit (IU) that provides protocol translation and facilitates calls between the two systems. A subscriber in GSM has a GSM xe2x80x9cair-interfacexe2x80x9d phone with a SIM. That subscriber in IS-41 must have a phone that works with IS-41 based air-interface protocols (i.e., IS-91. IS-136, IS-54B, IS-9S, EIA/TIA 553).
When a call is placed to a GSM phone, if the subscriber is in the IS-41 network, the call is delivered to the IS-41 phone through interworkings of the IU. The IU facilitates the translations on the two common channel signaling networks.
GSM networks have full authentication, whereas IS-41 networks, as stated earlier, will not reach ubiquitous authentication for several years. Thus, when a subscriber xe2x80x9croamsxe2x80x9d into an IS-41 network, he is unprotected against technical fraud or charging when operating with Rev. A switches because of a mismatch in fraud protection. This mismatch is summarized in the table below.
It is understood that the voice traffic is still controlled through the public switched telephone network.
Various attempts have been made to provide methods and/or systems for authenticating subscribers. Yet, such attempts fail to provide a system and/or a method of upgrading an existing non-authenticating communications network with state of the art authentication capabilities. Alternatively, the prior art attempts fail to provide a low-cost authenticating communications network relative to the GSM network, for example.
By way of example, U.S. Pat. No. 5,557,654 to Maenp{umlaut over (aa)}, incorporated herein by reference, discloses a telecommunications system and method for authenticating a subscriber to permit integration of a digital cordless telephone system as a subsystem of a GSM network. Cordless telephone systems and the GSM system have different authentication procedures, preventing cordless telephone subscriber identities from being used in the GSM network. Maenp{umlaut over (aa)} discloses a challenge-response scheme to solve the mismatched authentication procedures.
However, such a challenge-response scheme already exists in the realm of wireless communications systems, namely, IS-41 Rev. C, which, as explained above, has thus far failed to establish ubiquitous authentication. To this end, Maenp{umlaut over (aa)} suggests no way to adapt his system and method to address fraud prevention in an authenticating communications network, including a dynamic self-authentication sequence generated independently of elements responsive to the authenticating communications network. That is, Maenp{umlaut over (aa)} fails to even suggest generating such a sequence outside of a challenge-response environment, which requires a challenge to be sent from, for example, a switching center to a communications device.
U.S. Pat. No. 5,615,267 to Lin et al., incorporated herein by reference, discloses a method for adaptively switching between two PCS authentication schemes based on caller usage patterns. Lin et al. relies on a random number sent from a personal communication service provider for cryptographic computation thereof at the handset. Both authentication schemes, however, are challenge-response schemes. Thus, like Maenp{umlaut over (aa)}, Lin et al. do not suggest any way to adapt their method to address fraud prevention in an authenticating communications network including a dynamic self-authentication sequence generated independently of elements responsive to the authenticating communications network. That is, Lin et al. fails to even suggest generating such a sequence outside of a challenge-response environment, which requires a challenge to be sent from, for example, a switching center to a communications device.
U.S. Pat. No. 5,617,470 to DePasquale discloses an apparatus and method for preventing access to a telephone service by unauthorized users. In DePasquale, a telephone service receives a fixed code from a user and determines whether it matches a fixed code stored in the service""s memory. By definition, DePasquale""s fixed code cannot be a dynamic self-authentication sequence. Therefore, DePasquale cannot even suggest an authenticating communications network including a dynamic self-authentication sequence.
U.S. Pat. No. 5,636,271 to Paterno et al. discloses an autodialer card for tonal entry of PIN codes into a telephone. Paterno et al.""s card is pre-programmed with a fixed audible tone sequence. The autodialer card includes a keypad entry for inputting a security code to operate the card and by extension to prevent unauthorized use of the card. Paterno et al. make no mention of a card storing a dynamic tone sequence, for example, one that changes with time. Thus, not surprisingly, Paterno et al. make no mention, for example, of an authenticating communications network including their card having a dynamic tone sequence in the network.
U.S. Pat. No. 5,638,423 to Grube et al. discloses a communications apparatus, which prevents unauthorized use of a communications device. Grube et al. discloses a proximity user card, which, when within twenty feet of the communications device, communicates with the communications device over a RF path to notify the communications device of its proximity thereto.
Grube et al.""s background information discloses communication devices having an encryption key and an algorithm programmed into the radio portion of the communications device. However, nowhere is there any indication of the proximity user card including the encryption key and the algorithm to ensure authorized use of the communications device. To this end, Grube et al. fail to even suggest such a proximity user card, for example, storing a dynamic value, for example, one that changes with time, and generating the dynamic self-authentication value independently of elements responsive to the authenticating communications network.
U.S. Pat. No. 5,642,401 to Yahagi discloses a challenge-response authentication system. When a base station determines that authentication is required, an authentication calculation request is generated with respect to a mobile station with a random number generated as an authentication random number by the base station. An authentication calculation result as a response from the mobile station is received by the base station. Because Yahagi""s authentication random number is generated at the base station, Yahagi does not teach, for example, a dynamic self-authentication sequence generated independently of elements responsive to the authenticating communications network. Interestingly, Yahagi also fails to disclose identifying the mobile station, thereby preventing the communications network from registering the subscriber.
U.S. Pat. No. 5,668,875 to Brown et al. discloses a method and apparatus for authenticating a roaming subscriber. According to Brown et al., a subscriber receives a challenge that is in a format of a local authentication protocol, and determines whether the local authentication protocol is the subscriber""s home system authentication protocol. If not, the subscriber converts the challenge to a format compatible with its home system authentication protocol, and processes the converted challenge with the subscriber""s secret key and authentication algorithm into an authentication response. The authentication response is converted to be compatible with the local authentication protocol and transmitted to a local system communication unit. Fundamentally, Brown et al. is a challenge response scheme, which does not, for example, teach an authenticating communications network including a dynamic self-authentication sequence generated independently of elements responsive to the network. That is, Brown et al. fails to even suggest generating such a sequence outside of a challenge-response environment, which requires a challenge to be sent from, for example, a switching center to a communications device.
U.S. Pat. No. 7,754,952 to Hodges discloses a central authentication platform to which all calls placed from selected MINs are directed. The central authentication platform engages in challenge-response authentication with local processors that are interfaced to the wireless telephones from which non-fraudulent calls originate. Thus, Hodges cannot teach, for example, an authenticating communications network including a dynamic self-authentication sequence generated independently of elements responsive to the network. That is, Hodges fails to even suggest generating such a sequence outside of a challenge-response environment, which requires a challenge to be sent from, for example, a switching center to a communications device.
U.S. Pat. No. 5,794,139 to Mizikovsky et al. discloses an apparatus and method for automatically generating an authentication key in a mobile station. Mizikovsky et al.""s apparatus and method benefit installers of mobile stations and customer service representatives of cellular service provider by avoiding manual entry of the authentication key, which may be susceptible to entry error, inadvertent divulgence, and intentional divulgence. Mizikovsky et al. mentions use of a CAVE algorithm, which is used in challenge-response systems, such as IS-41 Rev. C. In any event, there is no teaching in the Mizikovsky et al. patent of an authenticating communications network including a dynamic self-authenticating sequence generated independently of elements responsive to the network.
In view of the existing communication networks and the shortcomings that we have observed in prior art authentication techniques, we have determined that it would be desirable to have a system and/or method of providing authentication capabilities to, for example, a currently non-authenticating communications network. We have also realized that it is desirable to address, from a fraud perspective, the mismatch between authenticating and non-authenticating wireless communications networks, or network elements, including, but not limited to, the mismatch between GSM and IS-41 networks.
We have further determined that it would be desirable to have a system and/or method of authenticating subscribers in non-authenticating wireless networks, thereby providing fraud protection with the potential to be roughly equivalent to, or superior to, that of GSM and CAVE-based IS-41 networks.
We have also determined that it would be desirable to provide a method and/or a system whereby a subscriber advantageously carries a cryptographic token, a dynamic PIN (personal identification number) generator, which is authenticated at a central host computer. This determination is based at least in part on our realization of the following problem discussed below.
We have recognized another problem with existing communication networks, namely, hijacking. A hijacking perpetrator xe2x80x9cstealsxe2x80x9d an established voice channel as follows. First, the hijacker scans airborne signals waiting for a legitimate subscriber to initiate or to receive a call, and to pass any authorization checks. Next, the hijacker overpowers the subscriber""s phone, and usurps control of (or xe2x80x9chijacksxe2x80x9d) the voice channel. The hijacker then calls a third party, the desired destination, and drops the original call leg.
In view of the hijacking problem, we have determined that it would also be desirable to have a system and/or method of authenticating a subscriber to a communications network and thwarting such a would-be hijacker.
It is therefore, a feature and advantage of the instant invention to address, from a fraud perspective, the mismatch between authenticating and non-authenticating wireless networks, or network elements, including but not limited to, the mismatch between GSM and IS-41 networks.
It is another feature and advantage of the present invention to authenticate subscribers in non-authenticating wireless networks, thereby providing fraud protection with the potential to be roughly equivalent to, or superior to, that of GSM and CAVE-based IS-41 networks.
It is also a feature and advantage of the instant invention to provide a method and/or a system whereby a subscriber carries a cryptographic token, such as a dynamic personal identification number (PIN) generator, which is authenticated at a central host computer. The user or subscriber may enter a PIN when placing a call and is either denied or allowed access. This token-based authentication may be performed on at least one call or registration when accessing mobile switching centers that do not support authentication. This invention further may also be used as a back up or secondary authentication mechanism. This invention supports the interworking of authenticating an non-authenticating networks or network elements and supports a constant blanket of cryptographic coverage for subscribers.
More specifically, the instant invention provides a system for validating an identity of a subscriber in a communications network. The system includes at least one communication server having a database mapping valid communications device identification numbers to respective cryptographic keys, an input including a device identification number, and an output including a valid cryptographic key mapped thereto, if the possible device identification number is included in the database.
The system also includes at least one authentication server including a first time-varying element for generating a time-varying value, and a processor. The time-varying element may be a clock, counter, and/or derivative thereof. The authentication server receives the valid cryptographic key from the communication server. The processor cryptographically processes the cryptographic key and the time-varying value to generate one or more acceptable, dynamic personal identification numbers. The processor compares for identity the acceptable generated personal identification number or numbers with a dynamic personal identification number to validate an identity of a subscriber. The dynamic personal identification number is generated independently of the communications server, the authentication server, and elements responsive to the communications network. Such elements may include, for example, a mobile switching center.
Advantageously, the system optionally also includes an interoperability unit translating communication signals between the communications network in which the subscriber is located and one or more other communications networks. The interoperability unit communicates with the communication server and/or the authentication server.
The system may also include one or more protocol analyzers connecting one or more communication networks to the interoperability unit. The protocol analyzer or analyzers convert a data format of received communications messages into a data format readable by the interoperability unit and queue the converted communications messages for the communications server.
The system may advantageously include one or more password generators cryptographically processing two or more inputs. The inputs include a second time-varying element and a cryptographic key also found in the above-mentioned database to generate an output including the dynamic personal identification number. As above, the time-varying element may include a clock, a counter, and/or a derivative thereof.
The system may further include one or more communications devices communicating with the communications network and with the communications server. Each such communications device includes one or more input elements for receiving the dynamic personal identification number from the password generator. The password generator may include a display for displaying the dynamic personal identification number, and the communication device may include a keypad.
The password generator may include a transmitter for transmitting one or more electromagnetic signals including the dynamic personal identification number to the communications device. The communications device may include a receiver for receiving the one or more electromagnetic signals including the dynamic personal identification number from the password generator. The transmitter may include a photo-emitter, and the receiver may include a photo-detector.
The password generator may include a tone encoder and/or a pulse encoder operatively connected to the transmitter. The communications device may include a tone decoder and/or a pulse decoder, respectively, operatively connected to the receiver.
In accordance with another embodiment of the present invention, a method of validating an identity of a subscriber in a communications network is provided. The method includes the following sequential, non-sequential, or independent steps. A dynamic personal identification number, generated independently of an authentication engine and elements responsive to the communications network, is transmitted from a communications device to the authentication engine remotely located thereto. One or more acceptable personal identification numbers are compared to the transmitted dynamic personal identification number for validating the identity of a subscriber at the authentication engine.
The method optionally further includes the following steps. The subscriber is provided with access to the communications network, if identity of the at least one acceptable personal identification number and the transmitted dynamic personal identification number exists. The subscriber is denied access to the communications network, if identity of the at least one acceptable personal identification number and the transmitted dynamic personal identification number does not exist.
The method may further include the following sequential, non-sequential, or independent steps. A device identification is transmitted from the communications device to the authentication engine prior to transmitting the dynamic personal identification number. The dynamic personal identification number is generated by using a password generator to process a time-varying input, a cryptographic key input, and a cryptographic algorithm. The password generator is operatively independent of the authentication engine and the elements responsive to the communications network. A cryptographic key corresponding to the transmitted device identification is determined from a database in the authentication engine mapping valid device identifications to respective cryptographic keys.
The determined cryptographic key and a time-varying value are cryptographically processed at the authentication engine to generate one or more acceptable personal identification numbers. The step of transmitting the dynamic personal identification number may include transmitting the dynamic personal identification number to the authentication engine via a mobile switching center in the communications network.
The authentication engine may include a communications server and an authentication server communicating therewith. The communications server, may include the mapping database, receive the device identification number, and perform the step of determining a cryptographic key corresponding to the received device identification number. The authentication server may perform the personal identification number comparing step.
Advantageously, the method may further include the following steps. Communication signals may be translated between the communications network in which the subscriber is located and at least one other communications network by using an interoperability unit. The interoperability unit may be communicating with the communication server and/or the authentication server.
The authentication engine may alternatively include a communications and authentication server, which in turn includes the mapping database. The communications and authentication server may receive the device identification number, perform the step of determining a cryptographic key corresponding to the received device identification number, and perform the personal identification number comparing step.
It is also a feature and advantage of the instant invention to provide a system and/or method of authenticating a subscriber to a communications network and thwarting a would-be hijacker, as defined above.
More specifically, the instant invention provides a system for validating an identity of a subscriber in a communications network. The system includes one or more communication servers, each including a database mapping valid communications device identification numbers to respective cryptographic keys. An input to the system includes a possible device identification number. An output may include a valid cryptographic key mapped thereto, if the possible device identification number is included in the database. The system includes one or more authentication servers, each including a first time-varying element for generating a time-varying value, and a processor. The time-varying element may include a clock, a counter, and/or a derivative thereof. The authentication server receives the valid cryptographic key from the communication server.
According to this embodiment, the processor cryptographically processes the cryptographic key and the time-varying value to generate one or more acceptable, dynamic personal identification numbers. The processor compares for identity the acceptable generated personal identification number or numbers with a dynamic personal identification number to validate an identity of a subscriber. The dynamic personal identification number is generated independently of the communications server, the authentication server, and elements responsive to the communications network.
The system also includes an interoperability unit translating communication signals between the communications network in which the subscriber is located and at least one communications network. The interoperability unit communicates with the communication server and/or the authentication server. The authentication engine obtains a profile of the subscriber upon validating the identity thereof. The authentication engine modifies the profile of the subscriber to restrict the subscriber to a number of authorized calls to a subscriber-desired telephone number and/or a subscriber-desired communications network address. For example, the number of authorized calls may be one, two, or more. The authentication engine transmits the modified profile to a mobile switching center serving the subscriber, thereby instructing the mobile switching center to enable subscriber access to the subscriber-desired telephone number or the subscriber-desired communications network address for the restricted number of authorized calls.
The system may further include one or more protocol analyzers connecting one or more of the communication networks to the interoperability unit. Each protocol analyzer converts a data format of received communications messages into a data format readable by the interoperability unit and queues the converted communications messages for the communications server.
The system may also include one or more password generators, which cryptographically processes two or more inputs. The inputs include a second time-varying element and at least one of the cryptographic keys to generate an output comprising a personal identification number.
The system may further include one or more communications devices, each communicating with the communications network and with the communications server. Each communications device includes one or more input elements for receiving the dynamic personal identification number from the password generator. The password generator may include a display for displaying the dynamic personal identification number.
The password generator may include a transmitter for transmitting one or more electromagnetic signals including the dynamic personal identification number to the communications device. The communications device includes a receiver for receiving the electromagnetic signal or signals including the dynamic personal identification number from the password generator. The transmitter may include an photo-emitter, and the receiver may include a photo-detector. In addition to, or alternatively, the password generator may include a tone encoder and/or a pulse encoder operatively connected to the transmitter. The communications device may include a tone decoder and/or a pulse decoder, respectively, operatively connected to the receiver.
In accordance with another embodiment of the present invention, a method of validating an identity of a subscriber in a communications network is provided. The method includes the following sequential, non-sequential, or independent steps. A dynamic personal identification number, generated independently of an authentication engine and elements responsive to the communications network, is transmitted from a communications device to the authentication engine remotely located thereto. One or more acceptable personal identification numbers are compared for identity or substantial coincidence to the transmitted dynamic personal identification number for validating the identity of a subscriber at the authentication engine. The subscriber is restricted to a number of authorized calls to a subscriber-desired telephone number and/or a subscriber-desired communications network address.
The method may further comprise the following steps. The subscriber is provided with access to the communications network, if identity of the at least one acceptable personal identification number and the transmitted dynamic personal identification number exists. The subscriber is denied access to the communications network, if identity or substantial coincidence of the at least one acceptable personal identification number and the transmitted dynamic personal identification number does not exist.
The method may also include the following sequential, non-sequential, or independent steps. A device identification is transmitted from the communications device to the authentication engine prior to the dynamic personal identification number transmitting step. The dynamic personal identification number is generated by using a password generator to process a time-varying input, a cryptographic key input, and a cryptographic algorithm. The password generator is independent of the authentication engine and the elements of the communications network. A cryptographic key corresponding to the transmitted device identification is determined from a database in the authentication engine, mapping valid device identifications to respective cryptographic keys. The determined cryptographic key and a time-varying value are cryptographically processed at the authentication engine to generate one or more acceptable personal identification numbers.
The authentication engine may include a communications server and an authentication server communicating therewith. The communications server may include a mapping database, receive the device identification number, and perform the step of determining a cryptographic key corresponding to the received device identification number. The authentication server performs the personal identification number comparing step.
Communication signals may optionally be translated between the communications network in which the subscriber is located and at least one other communications network by using an interoperability unit communicating with the communication server and/or the authentication server.
There has thus been outlined, rather broadly, the more important features of the invention in order that the detailed description thereof that follows may be better understood, and in order that the present contribution to the art may be better appreciated. There are, of course, additional features of the invention that will be described hereinafter and which will form the subject matter of the claims appended hereto.
In this respect, before explaining at least one embodiment of the invention in detail, it is to be understood that the invention is not limited in its application to the details of construction and to the arrangements of the components set forth in the following description or illustrated in the drawings. The invention is capable of other embodiments and of being practiced and carried out in various ways. Also, it is to be understood that the phraseology and terminology employed herein are for the purpose of description and should not be regarded as limiting.
As such, those skilled in the art will appreciate that the conception, upon which this disclosure is based, may readily be utilized as a basis for the designing of other structures, methods and systems for carrying out the several purposes of the present invention. It is important, therefore, that the claims be regarded as including such equivalent constructions insofar as they do not depart from the spirit and scope of the present invention.
Further, the purpose of the foregoing abstract is to enable the U.S. Patent and Trademark Office and the public generally, and especially the scientists, engineers and practitioners in the art who are not familiar with patent or legal terms or phraseology, to determine quickly from a cursory inspection the nature and essence of the technical disclosure of the application. The abstract is neither intended to define the invention of the application, which is measured by the claims, nor is it intended to be limiting as to the scope of the invention in any way.
These together with other objects of the invention, along with the various features of novelty which characterize the invention, are pointed out with particularity in the claims annexed to and forming a part of this disclosure. For a better understanding of the invention, its operating advantages and the specific objects attained by its uses, reference should be had to the accompanying drawings and descriptive matter in which there is illustrated preferred embodiments of the invention.