This application claims the priorities of Korean Patent Application Nos. 2004-69248 and 2004-69249, filed on Aug. 31, 2004, No. 2004-70917, filed on Sep. 6, 2004, Nos. 2004-78446 and 2004-78448, filed on Oct. 1, 2004, in the Korean Intellectual Property Office, the disclosures of which are incorporated herein in their entireties by reference.
1. Field of the Invention
The present invention relates to a mobile communication technology and, more particularly, to a technology for preventing a legitimate mobile terminal's user from being damaged due to the fraudulent usage of a cloned mobile terminal.
2. Description of the Related Art
Recently, with the development of mobile communication technologies and the improvement of the performance and function of mobile communication system, mobile communication terminals have been able to receive wireless application protocol (WAP) or Web service over the Internet. That is, the mobile communication terminals can download, store and reproduce multimedia content, such as color pictures, animation, moving images, music, text, and games, as well as voice or text data. At present, mobile carriers offer multimedia content services by constructing communication modules to support communication protocols for Internet connections between mobile communication terminals and WAP or Web servers and networks to support high-speed and large-capacity packet switching systems.
FIG. 1 shows the configuration of a conventional call connection service system. A call connection service system 100 comprises an interim standard 95 (IS-95)/code division multiple access 2000 (CDMA2000) 1x wireless network 110 for processing voice and text messages, and a high data rate (HDR) wireless network 120 for processing high-volume data packets at a high data rate. A hybrid terminal 200 is a mobile communication terminal designed to allow a user to use voice and high-speed data communication services by combining IS-95 or CDMA2000 1x and CDMA2000 1xEV-DO (Evolution-Data Optimized).
The IS-95/1x wireless network 110 includes an IS-95/1x base transceiver station (BTS) 111 for transforming signal formats to be suitable for wireless and wireline links for a base station which establishes a radio path with the hybrid terminal 200 in an IS-95/1x manner; a base station controller (BSC) 112 for collecting and managing information on the operation of the BTS 111; a mobile switching center (MSC) 113, connected to the BSC 112 and a network such as public switched telephone network (PSTN) or Internet, for offering a circuit switching service to a mobile communication subscriber; an authentication center (AuC) 115 for storing a mobile identification number (MIN) and an electronic serial number (ESN) as subscriber authentication information, determining whether or not a corresponding terminal has been registered on the basis of the subscriber authentication information, and performing an authentication process of the corresponding terminal according to the determined result; and an interworking function (IWF) 116 for connecting the mobile communication network to the Internet.
The HDR wireless network 120 includes an HDR access point 121 serving as an access point for establishing a direct radio path with the hybrid terminal 200 to perform high-speed data communication and controlling operations of transmitting/receiving data to/from the hybrid terminal 200; a packet control function (PCF) 123 for exchanging data packet information between the HDR access point 121 and a packet data serving node (PDSN) 124; the PSDN 124, connected to the BSC 112 through the PCF unit 123, for controlling the overall high-speed data communication between the mobile communication network and the Internet; a home agent (HA) 125, connected to the PSDN 124, for performing mobile Internet Protocol (IP) authentication for a packet service; and a wireless data service authentication, authorization, and accounting (AAA) server 126 for verifying that a user is a valid subscriber, determining what services are available for the user, and tracking usage for billing.
A predefined authentication algorithm and a unique authentication value are given to the AuC 115 and a mobile communication terminal 200. The authentication value includes a random number (RAND) received from the MSC, an authentication key, a terminal ESN, a subscriber MIN, and shared secret data (SSD). The mobile communication terminal 200 generates authentication request data using the above-mentioned authentication value and authentication algorithm, and transmits the authentication request data and call history count data to the MSC 113.
The AuC 115 performs an authentication operation upon receiving the authentication request data, the call history count data, and RAND data from the MSC 113. In more detail, the AuC 115 enters an authentication key, a terminal ESN, a subscriber MIN, and SSD, which are stored therein, and RAND received from the MSC 113 into an authentication algorithm, generates authentication response data, and compares the authentication response data with the authentication request data received from the MSC 113. In addition, the AuC 115 compares call history count data of a corresponding terminal, which is stored therein, with call history count data received from the MSC 113. When the stored call history count data of the corresponding terminal is identical to the call history count data received from the MSC 113, the AuC 115 determines the corresponding terminal to be a legitimate mobile communication terminal and permits a voice call to be established. Otherwise, if the stored call history count data of the corresponding terminal is different from the call history count data received from the MSC 113, the AuC 115 determines the corresponding terminal to be a cloned terminal, transmits a lock order message indicating authentication failure to the corresponding terminal through the BTS and blocks a voice call connection of the corresponding terminal.
However, as mobile communication terminals have come into wide use, there is increasing the number of cloned terminals in which a legitimate terminal's authentication key, subscriber MIN, terminal ESN, and call history count data are cloned by a fraudulent user. Accordingly, a user using the legitimate terminal may be excessively charged for the fraudulent usage of the cloned terminal.
In addition, since the lock order message received over a wireless network is transmitted to both legitimate and cloned terminals, a call connection to the legitimate terminal, as well as the cloned terminal, currently conducting an authentication process with the wireless network or having already been authenticated is discontinued.
In order to solve the above-mentioned problems, a conventional system and terminal has been configured to update SSD. FIG. 2 is a flow chart showing a process of updating the SSD in a conventional call connection service system. Here, the wireless network includes a BTS, a BSC, an MSC, and an AuC.
The SSD update process is initiated by transmitting an SSD update message and a random number (RAND_SSD) from the wireless network to the terminal (step S301). The terminal initializes stored SSD, performs a primary authentication process using the initialized SSD, the RAND_SSD, an authentication key, a terminal ESN, a subscriber MIN, and an authentication algorithm, and generates new SSD (SSD_A_NEW) (step S401). The terminal generates a random number (RANDBS) using a random number generation function stored therein (step S402), and transmits the generated random number (RANDBS) to the wireless network (step S403). The terminal performs a secondary authentication process using the generated random number (RANDBS), SSD (SSD_A_NEW), an authentication key, a terminal ESN, a subscriber MIN, and an authentication algorithm, and generates new authentication information (step S404).
The wireless network transmits the SSD update message and the random number (RAND_SSD) to the terminal, initializes the stored SSD of a corresponding terminal, performs a primary authentication process using the initialized SSD, the transmitted random number (RAND_SSD), an authentication key, a terminal ESN, a subscriber MIN, and an authentication algorithm, and generates new SSD (SSD_A_NEW) (step S302). The wireless network performs a secondary authentication process using the random number (RANDBS), the SSD (SSD_A_NEW), the authentication key, the terminal ESN, the subscriber MIN, and the authentication algorithm, which are transmitted from the terminal, and generates new authentication information (step S303). In this case, since the wireless network and the terminal use the same authentication algorithm, the new SSD (SSD_A_NEW) and the authentication information generated in the wireless network are identical to those generated in the terminal. The wireless network transmits the generated authentication information to the terminal (step S304).
The terminal compares the authentication information received from the wireless network with the authentication information generated in step 404 (step 405). If the authentication information received from the wireless network is identical to the authentication information generated in step S404, the terminal transmits SSD update success information to the wireless network (step S406).
However, the conventional call connection service system has a disadvantage in that a fraudulent user using the cloned terminal, in which a legitimate terminal's authentication key, subscriber MIN, and terminal ESN are cloned, may acquire a new SSD by performing an SSD update process with the wireless network.
In the meantime, the conventional data call service system cannot detect whether or not the cloned terminal having the cloned subscriber MIN and terminal MSN attempts to make a wireless data call and thus unable to prevent the cloned terminal from making a wireless data call.