1. Field of the Invention
The present invention relates to a method and an apparatus for determining the validity of a mobile subscriber identifier of a mobile communication terminal. More particularly, the present invention relates to a method and an apparatus for determining the validity of a Temporary Mobile Subscriber Identity (TMSI) and a Packet Temporary Mobile Subscriber Identity (PTMSI) recorded in a Subscriber Identification Module (SIM) card.
2. Description of the Related Art
Generally, in a mobile communication network which uses a Global System for Mobile communication (GSM) and a Wideband Code Division Multiple Access (WCDMA) system, a terminal may receive service from the network after passing through an authentication procedure. For example, when power is turned on, a terminal using a GSM scheme transmits user authentication data stored in a SIM card to the network in order to perform the authentication procedure, and the network determines whether the terminal is eligible to receive service by checking the user authentication data transmitted from the terminal. Examples of the user authentication data stored in the SIM card include an International Mobile Subscriber Identity (IMSI), TMSI, and PTMSI. Here, the IMSI is a unique value corresponding to a subscriber that is assigned when a subscriber subscribes to a service. The IMSI does not change after being initially assigned, and includes a Mobile Country Code (MCC), a Mobile Network Code (MNC), and a mobile subscriber identifier number. The TMSI and the PTMSI are temporary values identifying the terminal, are arbitrarily changed by the network, and may be used instead of the IMSI for security purposes.
When a valid TMSI or PTMSI exists inside the SIM card, a conventional terminal attempts to obtain a service from a network by preferentially transmitting the TMSI or PTMSI, rather than the IMSI, to the network. However, when a service is provided by authenticating a terminal using only the TMSI or PTMSI of the terminal, even users who have no authority to use the service may still receive the service.
For example, to prevent some terminals from being used outside a specific network, a mobile service provider provides a network lock function of checking an MCC and an MNC from the IMSI recorded in the SIM card of the terminal, and, when an unauthorized MCC and MNC are received, preventing the terminal from performing a basic operation. However, in the conventional art, it has been reported that a terminal may pass through such a network lock by replacing the MCC and MNC by specific values, and then authenticate using a TMSI obtained from a different terminal during communication with the network, thereby obtaining a normal service for a relevant terminal.
Therefore, a technique of performing a network authentication procedure having higher security needs to be provided.