Method and network element for providing secure access to a packet data network

network element technology, applied in the field of method and system for providing secure access to a packet data network, can solve the problems of fraudulent users, invisibility registration of impus, and inability to use ipi

Active Publication Date: 2009-08-11
NOKIA TECHNOLOGLES OY
View PDF4 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

The technical effect of this patented technology is that it allows for securing network access without having extra steps or servers. This makes it easier than traditional methods like giving them their own identifier (ID) on paper).

Problems solved by technology

The technical problem addressed in this patent text relates to improving the security of internet services called IMS Service Network Access Point (ISAP) in delivering communication sessions over a packet switched network (PS-CN) to clients connected through a serving call termination function (CSM)/session manager (SM) entity. Current approaches require the presence of both valid and invalid identifiers attached to the same ISP identifier, making it difficult to manage these identifications.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and network element for providing secure access to a packet data network
  • Method and network element for providing secure access to a packet data network
  • Method and network element for providing secure access to a packet data network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037]The preferred embodiment will now be described on the basis of an IMS architecture as shown in FIG. 1.

[0038]As already mentioned, a hole for an attacker is provided in the system according to the 3GPP specification TS 33.203. Even if security transmission protocols, such as IP security (IPSec) or a SIP-level security or protection function (SIPSec), are used to protect the SIP signaling between a UA and the P-CSCF 30, an attacker who is also a subscriber in the IMS has a chance to send a SIP request message using the right SA for him and with a public identity (IMPU) which is not allocated to him. This is called a fraudulent user attack, i.e. identity spoofing. According to the preferred embodiments, mechanisms are provided to check whether an IMS subscriber uses only those IMPUs as IP messages, which are allocated to him. In FIG. 1, the UE260 indicated with dotted lines is assumed to perform a fraudulent user attack, using an IMPU of the UE140.

[0039]FIG. 2 shows a message signal

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention relates to a method and network element for providing secure access to a packet data network, wherein a first source information is derived from a message received from a terminal device (40, 60), and is compared with a second source information derived from a packet data unit used for conveying said message, or derived from a security association set up between the terminal device and the data network. A protection processing for protecting the packet data network from a fraudulent user attack is then initiated based on the comparing result. Thereby, a simple and efficient protection mechanism can be provided without sending any additional information or providing any additional fields in the message.

Description

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Owner NOKIA TECHNOLOGLES OY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap