Wireless communication systems provide for radio communication links to be arranged within the system between a plurality of user terminals. Such user terminals may be mobile and may be known as ‘mobile stations’ or ‘subscriber units.’ At least one other terminal, e.g. used in conjunction with subscriber units, may be a fixed terminal, e.g. a control terminal, base station, repeater, and/or access point. Such a system typically includes a system infrastructure which generally includes a network of various fixed terminals, which are in direct radio communication with the subscriber units. Each of the base stations operating in the system may have one or more transceivers which may, for example, serve subscriber units in a given local region or area, known as a ‘cell’ or ‘site’, by radio frequency (RF) communication. The subscriber units that are in direct communication with a particular fixed terminal are said to be served by the fixed terminal. In one example, all radio communications to and from each subscriber unit within the system are made via respective serving fixed terminals. Sites of neighboring fixed terminals in a wireless communication system may be offset from one another or may be non-overlapping or partially or fully overlapping. In another example in which subscriber units can operate in a direct mode (e.g., without having to pass through a repeater or base station), a fixed terminal such as a control terminal may provide for a mechanism to update the direct mode subscriber units with new program settings, channels, groups, etc.
Wireless communication systems may operate according to an industry standard protocol such as, for example, the Project 25 (P25) standard defined by the Association of Public Safety Communications Officials International (APCO), or other radio protocols, such as the TETRA standard defined by the European Telecommunication Standards Institute (ETSI), the Digital Private Mobile Radio (dPMR) standard also defined by the ETSI, or the Digital Mobile Radio (DMR) standard also defined by the ETSI. Communications in accordance with any one or more of these standards, or other standards, may take place over physical channels in accordance with one or more of a TDMA (time division multiple access), FDMA (frequency divisional multiple access), or CDMA (code division multiple access) protocol. Subscriber units in wireless communication systems such as those set forth above send user communicated speech and data, herein referred to collectively as ‘traffic information’, in accordance with the designated protocol.
Many so-called “public safety” wireless communication systems provide for group-based radio communications amongst a plurality of subscriber units such that one member of a designated group can transmit once and have that transmission received by all other members of the group substantially simultaneously. Groups are conventionally assigned based on function. For example, all members of a particular local police force may be assigned to a same group so that all members of the particular local police force can stay in contact with one another, while avoiding the random transmissions of radio users outside of the local police force.
Such wireless communication systems may provide methods that allow an administer to selectively restrict access of a subscriber unit to the system, preventing an unauthorized subscriber unit from accessing to and/or monitoring communications over the air that it does not have authorization to access or monitor. Prior methods have generally relied on authenticating the subscriber unit during its registration with the system. In such methods, a session key is derived during the registration process and the subscriber unit uses the session key to authenticate itself on the start of a call or communication session. A system that deploys authentication only during the registration process, however, does not completely prevent access to the system by an unauthorized subscriber unit. For example, the system may allow an unauthorized subscriber unit to access the system when the unauthorized subscriber unit uses the same ID as a subscriber unit already registered in the system (e.g., the unauthorized subscriber unit spoofs the already registered subscriber unit). Furthermore, a system that deploys authentication on the start of a call delays the start of the call because the authentication requires one or more exchanges of additional information before any call or communication session can be started. Another limitation of the use of pre-call authentication is that the authentication does not stop, or attempt to prevent, an unauthorized subscriber unit from listening to an established call.
Accordingly, a system and method is needed for digital two-way radio systems to restrict system access to its own subscriber units with minimum overhead, while preventing unauthorized subscriber units from listening to an established call, without the additional timing overhead of a registration/authentication process, and without allowing an unauthorized subscriber unit using a duplicate subscriber unit ID to use the system.
Skilled artisans will appreciate that elements in the figures are illustrated for simplicity and clarity and have not necessarily been drawn to scale. For example, the dimensions of some of the elements in the figures may be exaggerated relative to other elements to help to improve understanding of embodiments of the present disclosure.