The present invention relates generally to the management of authentication and encryption user information in digital user terminals and, more particularly, to methods and systems for providing real-time authentication and ciphering information and presenting it to a user.
Prior art analog wireless communication systems were provided with a means to authenticate a communication device on the wireless network. The main deficiency of the communication devices that use these wireless networks is the inability to communicate the results of the authentication procedures to a user. While many communication devices that use the wireless network are authenticated on the wireless network, the user can never realize this because that information is not conveyed in a user friendly, real-time manner. As a result, the authentication procedures occur within the communication device and are invisible to a user of the communication device. Therefore, the user of the communication device never knows when the communication device is authenticated on the wireless communication network.
Providing encrypted radio communication is somewhat difficult, but not impossible, on analog wireless communication systems. Because of the difficulty in implementing the ciphering technology in these types of communication devices the technology is not often used in many communication devices. In addition, many analog, and digital for that matter, wireless communication systems do not support ciphering technology associated with communicating using ciphering. However, with the introduction of digital wireless technology the use of encryption for providing secure radio communication is growing. Digital wireless networks are capable of performing ciphering routines much easier and faster with digital wireless communication.
Both authentication and ciphering are among the main advantages of wireless digital communication systems. These features will be among the most visible features marketed to the consuming public. This is done because these features are designed to provide end users of the communication devices with powerful tools to eliminate fraud and provide secure communications. Cellular phone fraud is a worldwide problem and the industry loses millions of dollars every year as a result of such fraud. The communication industry and the technological development being done are dedicated to increasing the user confidence in the security and confidentiality capabilities of a wireless digital network. Therefore, a need exists in the digital wireless communication market for communication devices that provide authentication and ciphering features and present the results of those features to the user in a user friendly manner.
The disclosed invention is related to radio resource and mobility management operations performed by a communication device that is connected to a digital wireless network. In particular, it is related to authentication, which is the mobility management procedure for subscription verification and confirmation. Unless a communication device is authenticated on a digital wireless network, the digital wireless network will not allow the communication device to conduct radio communication. Normally, authentication procedures are performed by sending a plurality of radio signals between the digital wireless network and the communication device. The invention also relates to ciphering which is a radio resource procedure that provides confidentiality for both the subscriber identity and for the data being sent and received over the digital wireless network. The invention provides a method and a communication device that maintains and indicates the real-time status of these operations and reports their outcome to the user of the communication device.
The authentication and ciphering procedures that are performed by the communication device are controlled by the digital wireless network. In general, any communication device must be able to respond to either an authentication or ciphering procedure utilizing the corresponding technical specifications of the digital wireless network. Both procedures are normally initiated by the network as a result of the communication device requesting a system access. In the most typical signaling cases, the communication device will request a system access, e.g., a call origination or a location update.
During operation when these transactions occur, the digital wireless network requires subscription verification, by passing data to be processed by the serial in-line module, commonly referred to as a SIM, in the communication device. The communication device will then send the results of the data that is processed in the SIM to the digital wireless network for validation. If the user is authenticated, the signaling between the communication device and the digital wireless network will proceed, normally in an encrypted mode. The digital wireless network and the communication device agree upon what encryption parameters to use and the digital wireless network is in control of turning ciphering on and off. Therefore, the communication device needs to be able to provide a user-friendly method of notifying a user of the communication device when it is authenticated, and ciphering information being sent over the digital wireless network.
The disclosed invention provides a real-time method of providing authentication and ciphering information to a user of a communication device. The disclosed method comprises the steps of providing a processing unit connected with a means for conducting radio communication over a digital wireless network; using a non-volatile memory, e.g., SIM connected with the processing unit for controlling authentication procedures and ciphering procedures during a system access; providing a memory module connected with the processing unit having a first memory location reserved for an authentication flag and a second memory location reserved for a ciphering flag; activating the authentication flag when the communication device is authenticated on the digital wireless network and the ciphering flag when the communication device is sending and receiving encrypted data over the digital wireless network; activating an authentication indicator when the authentication flag is activated by the processing unit; and activating a ciphering indicator when the ciphering flag is activated by the processing unit.
In the invention, the authentication indicator and the ciphering indicator may be selected from the group including a text message, an icon, a light, or an alphanumeric message generated by a display device. The authentication indicator and the ciphering indicator may also comprise an audio signal that is generated by an audio generation device that is connected with the processing unit. Generally, the authentication indicator and the ciphering indicator are configurable to reflect the status of the authentication flag or the ciphering flag immediately or at the user""s request. The authentication flag and the ciphering flag are configurable to reflect a single system access or a whole working session.
During operation of the communication device, the authentication flag is assigned an authentication failed flag by the processing unit when the digital wireless network rejects an authentication procedure performed by the communication device. The authentication failed flag is stored permanently in the memory module until the communication device is turned off or the SIM is replaced. The communication device assigns the authentication flag and authentication success flag when the digital wireless network accepts an authentication procedure performed by the communication device. Generally, the authentication success flag remains active during a system access unless an authentication procedure fails during the current system access. In addition, normally, the authentication success flag is not reset as long as the communication device is served by the same digital wireless network during a current working session.
In addition, the preferred method allows the users of the communication device to check whether the digital wireless network has authenticated the communication device during a current working session. The communication device is also provided with a means for allowing a user to disable the processing unit from the handling real-time authentication information procedures and from activating the authentication flag. Also, the communication device is provided with a means for allowing the user to disable the processing unit from handling real-time ciphering information procedures and from activating the ciphering flag during a system access.
The present invention also discloses a communication device for conducting radio communication over a digital wireless network. The communication device comprises a processing unit connected with a means for sending and receiving radio signals over a digital wireless network; a dedicated memory, e.g., a SIM connected with the processing unit, said SIM containing authentication data and ciphering data; a memory module connected with a processing unit; a first memory location reserved in the memory module for an authentication flag, the authentication flag being activated when the digital wireless network has authenticated the communication device after performing an authentication procedure; a second memory location reserved in the memory module for a ciphering flag, said ciphering flag being activated when the communication device is encrypting data being sent and received over the digital wireless network; an authentication indicator connected with the processing unit, said authentication indicator being activated by the processing unit when the authentication flag is activated during a system access; and a ciphering indicator connected with the processing unit, said ciphering indicator being activated by the processing unit when the ciphering flag is activated during a system access.
In preferred embodiments of the disclosed invention, the authentication indicator or the ciphering indicator may be selected from the group including an icon, an alphanumeric message, a light, or a text message generated by a display device. In addition, the authentication indicator or the ciphering indicator may be comprised of an audio signal generated by an audio generation device that is connected with the processing unit. Both the authentication indicator and the ciphering indicator are configurable to reflect the status of the authentication flag or the ciphering flag immediately or at a user""s request.
During operation of the communication device, the authentication flag is assigned an authentication failed flag by the processing unit when the digital wireless network rejects an authentication procedure from the communication device. The authentication failed flag is stored permanently in the memory module until the communication device is turned off or the SIM is replaced. In addition, the authentication flag is assigned an authentication success flag by the processing unit when the digital wireless network accepts an authentication procedure performed by the communication device. The authentication success flag remains active during a system access unless an authentication procedure fails during the current system access. In addition, the authentication success flag may remain active as long as the communication device is serviced by the digital wireless network during a current working session.
The communication device is also provided with a means for allowing a user to check whether the digital wireless network has authenticated the communication device during a current working session. As such, the communication device is also provided with a means for allowing the user to check whether the communication device is sending and receiving encrypted data over the digital wireless network. The communication device is also provided with a means for allowing a user to disable the processing unit from handling real-time authentication information and from activating the authentication flag. Likewise, the communication device is provided with a means for allowing a user to disable the processing unit from handling real-time ciphering information and from activating the ciphering flag during a system access.