1. Technical Field of the Invention
This invention relates to telecommunication systems and, more particularly, to a system and method for reducing the network signaling load in a radio telecommunications network after a mobile subscriber has failed authentication pursuant to accessing a network while roaming in a visited service area.
2. Description of Related Art
Continuous improvement in subscriber services has been a much sought-after goal in the radio telecommunications industry since its beginnings. Generally, providing improved subscriber services is predicated upon efficient utilization of network resources associated with a radio telecommunications network. One of the key aspects in this regard is the availability of resources, for example, the bandwidth of communication links comprising the network, for legitimate users or subscribers. Another related aspect is the reduction or minimization of unwanted network traffic attributable to fraudulent users or to subscribers who fail certain security measures associated with the network.
In order to reduce fraud in radio telecommunications networks, existing networks include an authentication center (AC) which is normally co-located with a home location register (HLR). The AC is utilized to perform a verification of the identity of a mobile station each time the mobile station accesses the network. Each subscriber has an authentication key (A-key) stored in the AC and in the mobile station. For security reasons, the A-key is typically never sent out in it""s unencrypted (or xe2x80x9cplaintextxe2x80x9d) form to other nodes in the network. Instead, the AC constructs what is known as Shared Secret Data (SSD). SSD is authentication data which may be shared between the AC, the HLR, the mobile station, and the mobile switching center (MSC) serving the mobile station. The SSD is normally calculated utilizing a random number, the subscriber""s A-key, and other factors such as the mobile identification number (MIN) and electronic serial number (ESN) of the subscriber""s mobile station. Typically, the SSD may be sent from the AC to any MSC where the subscriber roams.
Each time a mobile station accesses the radio telecommunications network, the access is challenged by the network which determines whether the information stored in the mobile station matches the information stored in the network""s authentication center (AC). An example of such an authentication technique is what is known as a xe2x80x9cglobal challengexe2x80x9d (GC) on the common signaling channel (for example, a random access channel or a pilot channel) and utilizes the SSD, typically for an authentication and a voice privacy function.
One of the problems in conventional global challenge authentication systems is that a fraudulent user may gain access to the network by rapidly sending (that is, xe2x80x9chammeringxe2x80x9d) a large number of registration requests, system accesses or both, which, hereinafter may be referred to as xe2x80x9caccessesxe2x80x9d collectively. These accesses may include, for example, autonomous registration, power down registration, call origination, page response, or Short Message Service (SMS) page response, and the like. The serving MSC typically sends an Authentication Request message to the AC corresponding to each of these registration/system accesses if it does not have a Visitor Location Record (VLR) or the SSD of the accessing mobile station. In some instances, on the other hand, the serving MSC may have a VLR record where the SSD is already shared. Under such circumstances, the serving system typically sends an Authentication Failure Report message to the AC to report any failed accesses encountered pursuant to its authentication and/or validation procedures . Accordingly, it should be appreciated that in either scenario (that is, where the SSD is not shared and Authentication Request messages are rapidly sent, or where the SSD is already shared and Authentication Failure Report messages are rapidly sent), the HLR/AC and/or the MSC may become overloaded because of the rapid transmission of repeated messages and may enter a failed state which could allow access to the fraudulent user.
Yet another problem relating to the global challenge authentication system exists in conventional implementations. When a roaming subscriber fails authentication upon initial access to the network and yet continues to attempt to periodically register therewith or to send system accesses thereto, unnecessary and undesirable signaling load is caused by the control message flow between a home network and a visited network due to the periodic attempts. Clearly, such network signaling load negatively impacts the available bandwidth of the communication link therebetween.
Moreover, as can be easily realized, undesirable signaling load may also be encountered when a VLR record pertaining to a previously authenticated mobile station is xe2x80x9chijackedxe2x80x9d by a fraudulent user who uses a xe2x80x9cclonexe2x80x9d mobile station to gain access to the network but repeatedly fails authentication by the serving MSCNVLR which already has the SSD. The repeated Authentication Failure Report messages transmitted from the VLR to the HLR/AC because of the repeated failed attempts at access, therefore, also negatively impact the available network bandwidth.
Accordingly, based upon the foregoing discussion, it should be readily appreciated that in order to overcome the deficiencies, shortcomings and problems set forth above, it would be advantageous to have a method and system for reducing unnecessary and/or undesirable network signaling load that is generated when a failed user, fraudulent or otherwise, repeatedly attempts to access the network. The present invention provides such a method and system.
In one aspect, the present invention is directed to a radio telecommunications network system which includes a home network for controlling cellular communication of a subscriber over a home service area, the home network including a Home Location Register (HLR) and an authentication center (AC). A visited network of the radio telecommunications network system is included for controlling cellular transmission over a visited service area. The visited network (or the serving system) comprises a serving mobile switching center (MSC) and an associated Visitor Location Register (VLR). There are means in the network for sending a return message from the home network to the MSC upon determining, in the HLR/AC, that a threshold value associated with one or more network access attempts by the subscriber is reached or exceeded, when it is located in the visited service area as a roaming subscriber and repeatedly attempts to access the radio telecommunications network system. The return message includes an authentication code portion. In addition, there are means in the serving MSC for locally authenticating the roaming subscriber based upon the authentication code portion received from the home network, when the roaming subscriber attempts to re-access the radio telecommunications network system after it is initially denied access by the AC in the home network.
In another aspect, the present invention is directed to a method of reducing control message signaling load in a radio telecommunications network system. The network system is preferably of the type which includes a home network, comprising an HLR and an associated AC, and a visited network comprising a serving MSC and an associated VLR. When a visiting subscriber roams into a visited service area serviced by the visited network and periodically attempts to access the network, the method of the present invention forwards one or more corresponding authentication requests from the visited network to the home network. Upon detecting authentication failure, the home network determines if a threshold value associated with the periodic attempts to the network is triggered. Responsive to the determination step in the home network, a return message is sent from the home network to the serving MSC which includes an authentication code portion required for authenticating the visiting subscriber. Upon receiving the return message, the MSC performs local authentication of the visiting subscriber if it attempts to re-access the radio telecommunications network and suppresses the forwarding of corresponding additional authentication requests to the home network.
In a yet further aspect, the present invention relates to a method of authenticating a mobile station requesting access to a radio telecommunications network which includes a serving MSC serving the mobile station, a VLR associated with the serving MSC, an HLR which stores subscriber information and location information relating to the mobile station, and an AC associated with the HLR. The AC and the HLR preferably form a home network for the mobile station. After receiving one or more access attempts from the mobile station in the serving MSC, corresponding authentication requests are sent from the serving MSC to the AC via the VLR and the HLR. The home network determines, upon detecting that mobile station failed authentication after one or more attempts to access the network, if a threshold value associated with the access attempts is exceeded or reached. If so, a return message is sent from the home network to the serving MSC with an instruction to deny the mobile station access to the network. The return message preferably includes shared data for authenticating the mobile station. Whenever subsequent network access attempts are received from the mobile station, the serving MSC determines whether the mobile station passes local authentication. Also, instructions are suppressed in the serving MSC to send authentication failure reports to the AC if the mobile station fails subsequent local authentication. A subsequent authentication request is sent from the serving MSC to the AC once the mobile station passes validation pursuant to a subsequent local authentication. In response, the AC in the home network then authenticates the mobile station.
In a still further aspect, the present invention is directed to a method of authenticating a mobile station requesting access to a radio telecommunications network when a visited network already has a shared authentication code for the mobile station. The visited network preferably includes a serving or visited MSC serving the mobile station and a VLR associated with the serving MSC. A home network comprises an HLR which stores subscriber information and location information relating to the mobile station, and an AC associated with the HLR. When the serving MSC receives one or more attempts to access the radio telecommunications network by the mobile station, it verifies the mobile station""s attempts by issuing one or more locally requested validation/authentication procedures, corresponding to the mobile station""s attempts. In one exemplary embodiment, the local validation/authentication procedure comprises issuing a unique challenge order to the mobile station. When the VLR determines that the mobile station failed authentication, it sends one or more authentication failure reports to the AC, each corresponding to an authentication failure by the mobile station. If the home network subsequently determines that the authentication failure reports have exceeded a threshold value associated therewith, it sends a return message to the serving MSC with an instruction to locally authenticate the mobile station for subsequent accesses to the network. Also, the VLR is instructed to stop sending authentication failure reports to the AC if the mobile station fails local authentication for its subsequent accesses to the network.