1. Field of the Invention
The present invention relates generally to the field of communication systems and more particularly to the field of authentication of cellular telephone communication.
2. Description of Background Art
In recent years the use of cellular telephones and cellular communications systems has significantly increased. Many of the early communication systems were based upon analog technology, e.g., the advanced mobile phone system (AMPS). In recent years the protocols used by some of these analog systems have been modified to add features, e.g., call forwarding and authentication. FIG. 1 is an illustration of a conventional cellular communication network. The communication network includes a mobile station (MS) 102, e.g., a cellular telephone that is commercially available from Motorola Corporation. The MS 102 transmits an electromagnetic signal to and receives an electromagnetic signal from a base station (BS) 104 via the air. In FIG. 1, the BS 104 is communicating with a first system, e.g., an IS-41C/AMPS system. Typically, a BS 104 is a tower having an antenna and a transceiver.
The MS 102 communicates with a BS 104 whose physical location is near the MS 102. Currently, there are thousands of BS's 104 in the United States. Some of the functions performed by each BS 104B include converting the received electromagnetic signal into an electrical signal, assigning a voice channel to the MS 102, and paging an MS 102. The BS 104 transmits a signal representing a unique MS identifier to a mobile switching center (MSC) using a signaling protocol supported by the MSC. Frequently, in the AMPS system, each MSC/VLR 106A-B and its associated BS's 104A-B are provided by a single manufacturer, e.g., Motorola Corp. Accordingly, a proprietary interface protocol is frequently used to communicate between the BSs 104A-B and the MSC 106A-B. Frequently, the MSC includes a visitor location register (VLR) and together are illustrated in FIG. 1 as an MSC/VLR 106. Currently, there are hundreds of MSC/VLRs 106 in the United States.
The MSC/VLR 106A identifies the home system, e.g., system 2, of the MS 102 and transmits a signal through a signaling network 108, e.g., the signaling system 7 (SS7) which is a standard telecommunication signaling system, to the home system for the purpose of registering the MS 102 using a signaling protocol supported by the MSC/VLR 106A and the home system. Two such signaling protocols are the IS-41B and the IS-41C signaling protocol. The IS-41B signaling protocol is described in greater detail in the Telecommunications Industry Association/Electronic Industries Association (TIA/EIA), Interim Standard IS-41-B, Electronic Industries Association, December 1991 that is incorporated by reference herein in its entirety. The IS-41C signaling protocol is described in greater detail in the TIA/EIA, Interim Standard IS-41-C, Cellular Radio-Telecommunications Intersystem operations, February 1996 that is incorporated by reference herein in its entirety. The home system includes an MSC/VLR 106C and a home location register (HLR) 110B having a profile of the subscriber (registered user) of the MS 102. A subscriber profile includes a copy of the unique MS identifier and indications of the type of services available to the subscriber, e.g., call forwarding and multi-party calling. One purpose of registering the MS 102 with the home system is to enable the MSC/VLR 106A to charge the home system so that the home system can charge the owner of the MS 104 for the cost of the call on the cellular network. If the unique MS identifier matches a stored identifier in the home system, then the home system transmits a registration signal to the MSC/VLR 106A and the user of the MS 102 is then permitted to use the cellular network.
One problem with conventional mobile communication systems occurs when the first system illustrated in FIG. 1 supports a protocol, e.g., IS-41C, that is compatible with the protocol supported by the second system, e.g., IS-41B, but the first system offers more features to the user, e.g., authentication. In conventional systems, the MS 102 can not take advantage of the additional features offered by the first system when traveling through the area supported by the first system. For example, a significant problem with current cellular networks is fraud. Specifically, the signal between the MS 102 and the BS 104A can be intercepted by an unauthorized source. The unauthorized source can determine the unique MS identifier included in the intercepted signal and can then program a fraudulent MS to transmit the intercepted MS identifier. As a result, the unauthorized source utilizes the cellular network and the cost of this use is charged to the subscriber whose MS identifier was intercepted. Some estimates of the monetary losses from this type of fraud range from $2 million to $3 million per day, as of 1996. Fraud typically occurs more frequently in larger cities. Accordingly, many system providers in the larger cities have upgraded the signaling protocol in order to include an authentication feature. For example, the IS-41C signaling protocol supports authentication while the IS-41A and IS-41B signaling protocols do not support authentication. Conventional systems do not permit an MS 102 to utilize the authentication capabilities (or other additional features) of the IS-41C signaling protocol while traveling through an area supported by the first system if the home system does not support authentication (or other additional features), e.g., if the home system only supports the IS-41B signaling protocol.
The authentication standards developed by the TIA, for example the TSB51, are described in TIA/EIA, Telecommunications System Bulletin--TSB51, Cellular Radiotelecommunications: Authentication, Signaling Message Encryption and Voice Privacy, May 1993, that is incorporated by reference herein in its entirety, and the TIA IS-41-C. The TIA air interface standards are: IS-54-B that is described in TIA/EIA, Interim Standard IS-54-B, Cellular System Dual-Mode Mobile Station--Base Station Compatibility Standard, April 1992; IS-88, described in TIA/EIA, Interim Standard IS-88, Mobile Station--Land Station Compatibility Standard for Dual-Mode Narrowband Analog Cellular Technology, January, 1993; IS-91, described in TIA/EIA Interim Standard IS-91, Mobile Station--Base Station Compatibility Standard for 800 MHz Analog Cellular, October, 1994; IS-95-A, described in TIA/EIA, Interim Standard IS-95-A, Mobile Station--Base Station Compatibility Standard for Dual-Mode Wideband Spread Spectrum Cellular Systems, May, 1995; and IS-136, described in TIA/EIA, Interim Standard IS-136, 800 MHz TDMA Cellular--Radio Interface--Mobile Station--Base Station Compatibility, December, 1994, that are all incorporated by reference herein in their entirety. In addition, a more detailed description of the SS7 network is described in the American National Standards Institute, Inc. (ANSI), American National Standard for Telecommunications, Signaling System Number 7 (SS7)--General Information; Exchange Carriers Standards Association Committee T1; T1.111-1992 which is incorporated by reference herein in its entirety.
A second problem with conventional mobile communication systems when authentication capability is provided is that sensitive authentication information, e.g., the authentication key (A-key), is accessible by an authentication center (AC) system administrator or other network entity. It would be preferable to increase the security of the mobile communication system by limiting access to such sensitive authentication information only to the MS service provider such that the AC system administrator or other network entity, who may not be directly associated with the MS service provider, does not have access to the sensitive authentication information. However, in conventional mobile communication systems the AC requires access to the sensitive authentication information when performing MS authentication and, therefore, the sensitive authentication information can be available to non-MS service providers.
A third problem with conventional mobile communication systems is that if the sensitive authentication information, e.g., the A-key, is pre-programmed in the MS 102, it must be transmitted to the AC in the home system before activating the MS 102. This presents several security concerns. For example, if the A-key is pre-programmed into the MS 102, the value of the A-key must be sent to the home system before activating the MS 102. In conventional systems the value of the A-key is either transmitted electronically, e.g., via a data network, or is written and sent to the service provider. These techniques are not secure since they utilize a person at one or both ends that obtain access to the sensitive authentication information. For example, if an MS 102 is sold at a retail store, part of the MS activation process (when the service provider provides an authentication procedure) requires that the A-key be sent from the service provider to the retail store for programming into the MS 102. This can mean that the retail clerk obtains access to the sensitive authentication information. What is needed is a more secure technique for transmitting sensitive authentication information between the service provider and the MS 102.
Accordingly, what is needed is a system and method for (1) enabling sensitive authentication information to be under the control of the service provider and transmit only non-sensitive authentication information to the AC; (2) providing a secure technique for generating sensitive authentication information and for securely transmitting to and storing the information in the MS 102 and a storage device controlled by the service provider; and (3) enabling a mobile station to utilize features supported by the visited system, e.g., authentication, even if the MS home system does not support the feature.