1. Field of the Invention
The present invention refers to digital message communications and, in particular, to a login of a mobile device with a base station according to a communication protocol.
2. Description of the Related Art
The login of a terminal plays a central role in all communication protocols in digital communication systems. The login occurs during a login operation defined by the communication protocol, which is performed rarely or once, namely when the terminal has to be used for the first time. After successful completion of the login operation, the terminal is logged in with the digital communication network and can then establish communication connections at will via the communication network. During the login operation, a clear identity for the digital communication system, e.g. a number or a network address, will be allocated to the terminal according to the communication protocol, based on which it can be identified or addressed in the future within the digital communication system.
In digital radio communication systems, in which the terminal, hereinafter referred to as mobile device, is connected to the communication system via the air interface through a base station, the control as to which mobile device is allowed to login is furthermore of central importance. Without control, any mobile device that supports the communication protocol of the digital radio communication system could also be logged-in without being authorized, and would thus have access to the communication system or could establish connections via the communication system. In order to minimize the risk of unauthorized logins, the mobile devices in corporate networks are usually not logged-in by the subscribers or users, but centrally by the system administration.
Known digital radio communication systems are e.g. GSM, UMTS, DECT, WLAN, and Bluetooth.
Subsequently, the login, and in particular the login operation, for a radio communication system is described, for example on the basis of the DECT (Digital Enhanced Cordless Telecommunication) standard. The DECT standard defines a radio-access technology, which can be used in private, corporate and public communication systems. The DECT standard supports a plurality of applications, ranging from speech and fax to data transmission. The ETSI DECT standard (ETS 300 175, part 1-7) describes the physical layer, which is also referred to as PHL, the medium access control layer, which is also referred to in short as MACL, the data link control layer, which is also referred to in short as DLCL, the network layer, which is also referred to in short as NL, as well as the login processes and security features of a communication system. Within the network layer, the Mobility Management (MM) unit is responsibly for the login, the authentication and the key allocation. A DECT communication system is comprised of at least one base station (Fixed Part: FP) and one or more mobile devices (Portable Part: PP). The DECT technology finds broad application especially in private and corporate communication systems.
In private DECT communication systems, 1 to 8 mobile devices can typically be logged-in and operated, wherein the mobile devices can communicate internally with each other and are connected to the public analog or ISDN network via the base station. In corporate DECT communication systems, a plurality of base stations are usually coupled to the private branch exchange, both internal and external communication connections with the public analog or ISDN network being possible via the mobile devices, like in the private DECT communication system.
In DECT communication systems, mobile devices and base stations are trained on each other, i.e., within the scope of a login operation (subscription), mobile device and base station exchange the identities and keys (“Access Rights Request Process”) over the air. They are stored in non-volatile databases. Base station and mobile device can then communicate with each other. The access rights request process will now be described in greater detail, after an overview of the general packet structure of the DECT standard.
FIG. 3 shows the components of a DECT packet essential for the understanding of the login operation. The DECT packet is comprised of an S field, which is used for synchronization of the communication connection between the base station and the mobile device, and a D field for useful data, wherein the DECT packet may have different lengths. The D field is divided, in turn, into an A field for controlling the communication between the base station and the mobile device and a B field, which generally contains the application data. The A field has, in turn, an A field header, A field information and an R CRC field for saving the control data. The A field has a field length of 64 bits, the bits being designated in an increasing order from a0 for the first bit to a63 for the last bit. The A field header contains the first eight bits from a0 to a7, the A field information contains the bits a8 to a47, and the R CRC field contains the bits a48 to a63.
The first three bits of the A field header form the TA field, which is also referred to as tail identifier and which indicates the type of the A field information (a8 . . . a47). There are five different logical channels, one of which respectively transmitting data in the A field. One of the logical channels is the channel QT, which is transmitted only by the base station and contains system information, such as on the equipment of the stationary station or on the current connection.
The bit Q1 (a3) and the bit Q2 (a7) serve for the quality control of the transmission. The BA field indicates the nature of the B field, e.g. protected or unprotected transmission of information.
Within the 40-bit A field information, which is also referred to as tail field, the transmission of internal MAC messages is also possible (note: as described above, there are several logical channels for the A-field).
The access rights request process permits the login of a mobile device with a base station through the air interface. To this end, the base station is placed, e.g. through pushing on a button or selecting from a menu, into readiness for the login operation. During the readiness for login, the base station signals to all mobile devices by means of a broadcast message that a login is possible at the base station.
FIG. 4 shows the structure of the A field without R CRC field and the specifics of the A field for signaling the readiness for the login operation of the base station. The readiness for the login operation of the base station is signalled via the logical channel QT, which is clearly defined by the tail identifier value “100” (a0 . . . a2). In a QT channel message, the bits a8 to a11 are defined as Q header, the Q header defines the type of the following A field bits a12 to a47. An Q header value QH=“0011” means that the so-called “fixed part capabilities” are sent, the value 1 for the bit a44 signaling the readiness for the login operation of the base station.
Next, the mobile device is also placed into readiness for the login operation. Thereupon, the mobile device analyzes the broadcast message of the base station for the bit a44, if it identifies the readiness for the login operation of the base station by the bit value 1 for the bit a44, the mobile device starts the further login operation with an access rights request message. The access rights request message contains the identity of the mobile device as well as, optionally, further information, which defines e.g. the type of the authentication and encryption of the communication connections. After receiving the access rights request message, the base station processes the information contained therein and answers to the mobile device with an access rights accept message if it supports the type of the authentication and encryption given by the mobile device. The access rights accept message of the base station contains the identity of the mobile device, the identity of the base station as well as the type of the authentication and encryption of the communication connection given by the mobile device. After receiving the access rights accept message the mobile device stores its own identity, the identity of the base station and the type of the authentication and encryption agreed upon with the base station as a data set for the login of the mobile device with this base station. Likewise, the base station stores the identity of the mobile device and the type of the authentication and encryption of the communication connection agreed upon with the mobile device as a data set.
Herewith, the future UAK (User Authentication Key) for the authentication of the mobile device is not yet defined with respect to the base station, but only the type of the authentication. For the first allocation of the UAK, which is afterwards used for the mutual authentication of the base station by the mobile device and the mobile device by the base station, the UAK is exchanged once through an over-the-air allocation process. This process is initiated by the base station in the form of a key allocate message to the mobile device, the message containing the type of the authentication and the authentication code, which is also referred to as AC. After reception of the key allocate message by the mobile device, the user of the mobile device is usually requested to enter the authentication code, like a PIN (Personal Identification Number) by means of the keyboard. The mobile device sends the authentication code entered by the user to the base station by means of an authenticate request message. In parallel thereto, the mobile device and the base station mutually authenticate each other based on the authentication code and calculate the UAK based on the DECT standard authenticate algorithm (DSSA) by means of a random number given by the mobile device and the authentication code. If the authentication code entered by the user matches the authentication code deposited at the base station, the UAK is considered as agreed upon between mobile device and base station and is used for mutual authentication in the future, e.g. when establishing a connection.
The UAK is stored, both by the mobile device and by the base station, along with the identity of the mobile device, the identity of the base station as well as the type of the authentication and encryption of the communication connection, the storing operation modifying the system configuration.
In summary, it can be said that the login operation must be started on both sides according to the access rights request process. The base station irradiates a certain signaling (bit a44 in a broadcast message). The mobile device thus identifies a base station ready for login and initiates the login operation.
The described login operation with the over-the-air allocation of the UAK is widespread, in particular in private DECT communication systems, since the login operation is easy to perform, while also providing a high degree of security, since the time window for the login operation is typically limited to 1 minute and the authentication code is known only to the user or owner.
On the other hand, for companies and in particular large companies, the login operation with over-the-air allocation of the UAK generally provides too little protection against abuse by employees or foreigners to the company. Therefore, the login operation in companies usually occurs centrally by the system administration and in particular by mobile devices with a DECT access module (DAM), which can be pre-configured, like a GSM SIM card, and be equipped with an appropriate UAK, so that an insecure input and an over-the-air allocation by an authentication code are omitted. This guarantees maximum security. The base stations for use by companies therefore generally do not provide e.g. any button for activating the readiness for the login operation of the base station.
A drawback of the solution for companies discussed above, either a central login or, in particular, a login through the DECT access module, is the lack of flexibility due to the central login. A central login by the system administration means that each mobile device can be logged-in only by a system administrator. However, when an employee of a company travels e.g. from a location A to a location B and would like to use his mobile device there, he must first go to the system administration, to this end eventually cross the entire company area, hope for a competent system administrator to be present and also to have time then to perform the login. Another possibility consists in that the employee carries with him two mobile devices, one for the location A and another one for the location B, which, in turn, means additional ballast for the employee and that there is the risk that he or she has the wrong mobile device with him or her. All mentioned solutions are impracticable and inefficient in the daily routine in a company.