Field of the Invention

The invention relates to a method of user authentication for accessing a service provided over a cellular network, a user device for communication with a cellular network, an authentication device comprising an interface for providing a communications link with a user device and a network entity of a cellular network.

Background to the Invention

The Third Generation Partnership Project (3GPP) has been developing enhancements to cellular systems to allow their operation for public safety or emergency services (ES) communications. These are especially intended to work with the Long Term Evolution (LTE) architecture. The service may be overlaid on the cellular network's existing infrastructure, for example as a distinct packet-switched service using one or more specific applications operating on the user device. Other services of the cellular network may be provided to the user device at the same time as the ES service and potentially independently. Aims of this approach may include: reduced cost; improved functionality; and increased flexibility in comparison with existing public safety communication infrastructure, such as the Terrestrial Trunked Radio (TETRA) network.

Such systems are desirably secure and, to effect this, employ user-specific security keys and profiles as part of the communication between a user device and the network or between multiple user devices. Existing TETRA technology stores the security keys and profile within the user device. The TEA2 (security) algorithm utilised requires the user device to be brought into a secure

environment and loaded with the keys and the user's profile information. Thus, the device must be issued specifically to an individual user. One advantage in the use of a cellular network for providing such services is that devices may be interchangeable between users, which will be lost using this approach.

It is known to use enterprise computing principles to store the user profile on the network. Then when the user logs onto the device, the user settings may be transferred to it. This process is useful for "transient" data, such as role profile, control information or similar. However, it is undesirable to transfer security policy information and/or keys over the air (radio interface) as this may lead to security breaches through various enterprise IT attacks on the

infrastructure.

Another approach is to use Subscriber Identity Module (SIM) cards to store security policy information and/or keys for the ES service. A SIM card is at least partially embedded within the device, such that the user would need to change the SIM card whenever they wish to use a different device. For these applications, a user may change devices more often than that of conventional cellular network users. This may be partly because devices can become damaged or run out of power more often (especially where smart devices are utilised). Replacing the battery or switching the device and physically moving the SIM card may then be the only solutions to such problems, which may not be acceptable.

Secure authentication techniques have been considered for other applications, such as banking or transport systems. Some of these use short range communication technology, such as Near Field Communication (NFC). The user is provided with an NFC device that is separate to the User Equipment (UE) employed for accessing the cellular network. The NFC device can act as a processing engine and/or utilised as storage. This may allow the NFC device to store a security credential common to the cellular network and/or service provider, but unknown to the user or UE. Then, the NFC device processes a challenge from the service provider using the common security credential and a user-specific credential input by the user to the UE, such as a PIN, to provide an authentication code. The authentication code is sent back to the service provider, which verifies it. This type of approach is discussed in "Enhancing Authentication in eBanking with NFC-Enabled Mobile Phones", D A Ortiz- Yepes, M Baentsch, LAM Schoenmakers, et al, ERCIM News 76, 63-64, 2009, for example. In this document, the cellular network is not used for communicating with the service provider and the UE is simply used as an interface with the NFC device, but more recent implementations of this technique use the UE to communicate with the service provider over the cellular network. Such a system may significantly improve security of the authentication. Nevertheless,

authentication to provision a secure service over a cellular network remains a challenge. Summary of the Invention

Against this background, there is provided a method of user authentication for accessing a service provided over a cellular network in accordance with claim 1 . There is also provided a computer program in line with claim 16, a user device for communication with a cellular network as defined by claim 17 and an authentication device in accordance with claim 18. A system for user

authentication to access a service provided over a cellular network according to claim 19 is further provided.

This may add an additional layer of security to the existing security stack of the cellular network. The use of at least one unique identifier associated with the cellular network (such as an IMSI and/or IMEI) in setting the authentication code is particularly advantageous. A device-specific and/or subscriber-specific identifier allows the authentication of the user to be traced directly to an individual user device (such as a UE) and/or a specific subscriber and may provide a constantly changing encryption system. The use of an authentication device separate from the user device provides security, so that the authentication code may be generated on the basis of information unknown to the user device, together with the ability to interchange user devices, since a specific user device need not be required to access the service. In another sense, this may be seen as the combination of device-specific and/or subscriber-specific identifier with a service credential that is unknown to the user device to provide multi-factor authentication. In fact, this improvement in security may allow the security requirements inherent to the user device to be relaxed to the extent that, as far as at least security is concerned, the user device may essentially be a dumb terminal.

The authentication device communicates with the user device using a secondary communication link (preferably, separate from the link between the user device and the cellular network, such as a short-range communication link), so that the two devices require no fixed integration and allow the authentication device to be used in conjunction with a variety of user devices. Thus, the combination of the advantages provided by the user device and those provided by the authentication device results in improved security and flexibility in comparison with existing approaches. Following authentication, the user device may then be provisioned for access to the service.

The authentication code may allow access to the cellular network or at least a specific service provided by the cellular network. The authentication code may be a one-time access key. Public Key Infrastructure (PKI) in the cellular network may then determine what the authentication code allow the user device to access within a secure infrastructure. The authentication code that is generated by placing the authentication device with the user device to create an authentication session may give the user device access to the network for a specified amount of time, until the session expires. Then the data may be inaccessible until the user creates another authentication session with the authentication device.

A user profile may be stored with within the authentication device (such as an NFC card). If the user device is changed or lost, the profile information is therefore retained.

A specific lifetime can be applied to the access provided to the service.

Advantageously, this enables control of access lifetime on a per-device and/or per-subscriber basis. This may further increase security of the access in case of device loss or change, for instance.

Further preferred features of the invention are set out in the accompanying claims and will further become apparent from a consideration of the following specific description of a particularly preferred embodiment. Additional advantages will also be discussed below.

Brief Description of the Drawings

The invention may be put into practice in a number of ways, and a preferred embodiment will now be described by way of example only and with reference to the accompanying drawings, in which: Figure 1 illustrates a schematic diagram of a system in accordance with an embodiment of the invention; and

Figure 2 shows a schematic depiction of an operation of the system of Figure 1 .

Detailed Description of a Preferred Embodiment

Referring first to Figure 1 , there is illustrated a schematic diagram of a system in accordance with an embodiment of the invention. There is shown: a User Equipment (UE) 10; user input 20; a Near Field Communication (NFC) device 30, which may be considered an authentication device; and a cellular network 40. The UE 10 has a Subscriber Identity Module (SIM) part 1 1 , which may be a SIM card or SIM application embodied in a different form (for example, integrated with the UE 10). An application 15 operates on the UE 10 and is particularly used for interfacing with the cellular network 40, for providing a particular service. For example, this may be provided by a service provider that could be logically or physically separate from the cellular network operator. The service may be an ES service or another service desiring secure authentication of the user. In some examples, the service may include a communications service provided by the cellular network 40.

The authentication of the user operates in the following way. The user 20 loads the application 15 on the UE 10. In a first step 1 10, the application 15 requests a security credential, such as a PIN code, from the user 20. This is provided in second step 120. The user 20 brings the NFC device 30 into proximity with the UE 10 (which has an NFC reader), allowing communication between them and handshake occurs to set this up. In third step 130, the UE 10 provides security information to the NFC device 30. This is shown as a two-way interaction, but it may be one way only. The security information comprises a unique identifier for the UE 10 on the cellular network 40. In practice, this may be an identifier associated with the UE 10 itself, such as an International Mobile Station Equipment Identity (IMEI) and/or an identifier associated with the subscription (that is, SIM 1 1 ), such as an International Mobile Subscriber Identity (IMSI) or a Mobile Subscriber Integrated Services Digital Network-Number (MSISDN). Both the IMSI and MSI DSN could also be used. The security information also comprises the security credential from the user 20 (as discussed in steps 1 10 and 120).

The NFC device 30 checks the security credential against a predetermined value stored on its internal memory (not shown). If the security credential does not match the stored value, the NFC device 30 informs the UE 10 that the security credential is rejected and does nothing more. Otherwise, the NFC device 30 determines an authentication code based on the security information, in particular the identifier associated with the UE 10 or SIM 1 1 . The

authentication code can also be based on other parts of the security information, such as the security credential (such as the PIN code, for instance of 4, 6 or more digits) and/or information stored in the NFC device 30 that is unknown to the UE 10 (and SIM 1 1 and/or user 20), but known to the cellular network 40, such as an encrypted logon key. In this context, the cellular network can include the service provider (not shown), even though these may be logically or even physically separate.

The authentication code, which will be specific to the UE 10 and/or SIM 1 1 is then communicated to the application 15 at the UE 10 over the NFC link (for example, by the application 15 accessing it within the NFC device 30) and the application 15 communicates the authentication code to the cellular network 40, for authentication. All user-specific service information, such as information on talk groups, users, contacts is stored securely on the NFC device 30 and this may only be accessed if the correct security credential is provided by the user 20. The authentication code may be used to generate a one-time key that is used for the UE 10 and valid for a specific time period, such as 24 hours. This may stop lost devices requiring stunning to take them off the network, as the key will expire after an amount of time. The access key and/or the user data could then be provisioned to the UE 10. The access key is subsequently used by the UE 10 (and more specifically the application 15) to register or access a secure network, such as an emergency services network.

When logging on to the network from a second device, having already logged on from another device makes the previous key invalid. This means that a user should not be logged onto the service twice and is an additional advantage in generating the authentication code using a unique identifier associated with the user device. Steps taken at the network will be discussed below.

This embodiment therefore differs from existing security configurations for ES services, which are personal issue, so all programming information is stored on the device when the device is provisioned, including all security information. This approach does not require personal issue devices and indeed, a user may authenticate onto any device that supports the technology. Moreover, it may enable a two or three-factor authentication mechanism, where the authentication device 30 is presented to the UE 10, the authentication device 30 is accessed via a security credential, which then allows the UE 10 to read the personalisation information from the authentication device 30 and generate an authentication code (such as a security key). This allows access from this specified device to the network service for at least (or no more than) a defined period of time.

"Role-based" authentication may also be used, based on a user's authentication device 30, so that different service functionalities may be activated and/or disabled, based on the user's permissions. If a user changes role, their authentication device 30 may be "upgraded" to update their status. The authentication device 30 may be provided in the form of an ID, card allowing them to have one device that can access buildings, log onto infrastructure and access the secure communications network.

The embodiment shown in Figure 1 should be understood as an example, and the skilled person will appreciate that variations and modifications may be possible. Although the user device is shown as UE 10, it will be understood that any type of user communication device may be used and this need not be a UE as understood in the conventional sense of a cellular network (which would include a mobile telephone or other portable or fixed communications device, in any case). The SIM part 1 1 is equally optional. Similarly, the NFC device 30 may be replaced by any other type of authentication device that is separate from the user device, but which can communicate with the user device over a secondary communications link. The secondary communications link may be a fixed or (preferably) wireless link, which will be discussed further below. The order of steps may be varied in practice, for example the UE 10 may detect the NFC device 30 and load the application 15 in response. The security credential (in steps 1 10 and 120) can also be understood as optional and the passing of this to the NFC device 30, where it is checked, would then be omitted.

Optionally, network enablement may be employed. For example, the network may recognise that the MSISDN associated with the SIM 1 1 is attached to a virtual profile or number associated with the user 20 and then redirects the communication to the service provider, initiating authentication. The application 15 may continuously or periodically check if the NFC device 30 is in the proximity, if not then automatically disable the service. This check could be carried out only when the service is in active use, for example when a call or message is made or received. Other changes may be made.

This embodiment can be understood as a method of user authentication for accessing a service provided over a cellular network. It uses a user device for communication with the cellular network and that has at least one unique identifier associated with the cellular network. The method comprises

communicating security information from the user device to an authentication device separate from the user device over a secondary communications link, the security information being based on the at least one unique identifier of the user device associated with the cellular network; and communicating an authentication code for accessing the service over the cellular network from the separate authentication device to the user device over the secondary communications link, the authentication code being based on the security information.

As noted above, a cellular network in this context may include a service provider, that may be separate from and/or external to the cellular network. The secondary communications link is beneficially separate from the cellular link, especially in terms of the link interface or technology, and may use a fixed (wired) link or it may use wireless and/or a short range communication technology, such as one or more of: optical communication technology; NFC technology; wireless Local Area Network (LAN) technology; and Personal Area Network technology, including Bluetooth. The user device may configured for communication with a second (cellular) network, as well as the cellular network and secondary communication link.

Optionally, the method further comprises receiving a user-specific credential as an input to the user device from the user. The security information may be further based on the received user-specific credential. In other words, the user-specific credential (such as a PIN code) may then be passed to the authentication device. The user-specific credential may be unknown to the user device. The method preferably further comprises checking the user-specific credential against a predetermined value stored on the authentication device. The authentication code only being provided if the user-specific credential matches the predetermined value. Additionally or alternatively, the authentication code is further based on the received user-specific credential. This may increase security further.

In some embodiments, the authentication code is further based on a service credential stored on the authentication device and/or unknown to or not stored on the user device. Advantageously, the service credential is specific to the user and this may allow the cellular network or service provider to confirm the user.

The method preferably further comprises communicating the

authentication code to the cellular network from the user device. Then, the method may further comprise receiving access information (such as an access key) at the user device from the cellular network in response to communication of the authentication code. The access information may allow the user device to access the service. The access information optionally allows the user device to access the service for only predetermined time period, which may be a specific duration or a set or range of specific times.

The method may further comprise detecting the authentication device at the user device, preferably by communication between the authentication device and the user device over the secondary communications link. This may be carried out prior to the step of communicating security information (to confirm that the authentication device is present or even prompt the user device to request the security credential or send the security information). Additionally or alternatively, this may be carried out one time or a plurality of times when the user device is being provided the service by the cellular network. This may allow regular confirmation that the authentication device and user device are still in the possession of the user, so that loss of one or the other can be indicated. The regular confirmation may be achieved by detecting the authentication device at a plurality of times separated by regular or irregular intervals or prompted by an external event, such as an incoming or outgoing call or other type of

communication over the service. Optionally, the method may further comprise preventing the user device from accessing the service provided over the cellular network in response to the step of detecting the authentication device resulting in a failure. The user device can optionally still access other services over the cellular network. Alternatively, the user device may not access any service over the cellular network in such a case.

In embodiments, the method may further comprise transferring user- specific data between the user device and the authentication device. The user- specific data may relate to the service being provided over the cellular network (such as a user profile). The step of transferring user-specific data may be based on the step of checking the user-specific credential. In some embodiments, the user-specific data is downloaded from the authentication device to the user device. User-specific data may additionally or alternatively be transferred from the user device to the authentication device. For example, the application 15 may add, change or replace profile information in the NFC device 30, thereby reducing the amount of information coming over the network.

Although the examples given above mostly relate to accessing a service provided by a service provider that is logically separate from the cellular network

40, it may be possible for the service to be one that is provided by the cellular network 40 and not another service provider. For example, the authentication device 30 may store at least one user-specific credential for accessing a service provided by the cellular network 40. The user device (UE 10) may provide the authentication device 30 with an identifier specific to the cellular network, such as an IMEI and this may then be used together with the at least one user-specific credential stored on the authentication device 30. The authentication code may allow the UE 10 to interact with an "on air" profile management system, for example using Open Mobile Alliance (OMA) Device Management (DM) or a similar protocol. This interaction may allow the UE 10 to download a phone identity specific to the at least one user-specific credential encoded within the authentication code. The UE 10 and/or a subscription associated with it may therefore be provisioned for operation on the cellular network 40 accordingly. Effectively, the subscription identity is stored on the authentication device 30 in this case and the UE 10 need not have a SIM part 1 1 as a result. Additionally or alternatively, the authentication device 30 may store a SIM profile corresponding with the at least one user-specific credential. This may allow the UE 10 to download the SIM profile from the authentication device 30 (for example, to attach an IMSI and/or MSISDN associated with the authentication device 30 to the UE 10). In some embodiments, the UE 10 can download user-specific data for the UE 10 from a cloud service, via the cellular network 40. This may include UE-configuration data, contact information, stored data (such as message information) or other similar UE-specific data.

A computer program (such as application 15), configured when operated by a processor to carry out the method as described herein may also be provided. A user device for communication with a cellular network and having at least one unique identifier associated with the cellular network and/or an authentication device comprising an interface for providing a communications link with a user device, either or both of which may have features configured to implement the method described herein may also be provided. A system combining the user device and the authentication device configured for communication with one another is also conceived. A network entity of the cellular network, configured to receive and check the authentication code and further configured to communicate access information to the user device in response the authentication code being validated may also be included. The access information may allow the user device to access the service.

Referring next to Figure 2, there is shown a schematic depiction of an operation of the system of Figure 1 , especially with reference to the cellular network. Where the same features are shown as a previous drawing, identical reference numerals have been used. The user 20 provides the authentication device 30 (in the form of an NFC card) and a PIN code. The key stored on the authentication device 30 and PIN code are combined and hashed against both the IMEI and IMSI of the UE 10 to generate a user authentication key which is sent to the cellular network 40 in step 150. A PDP context is set up between the UE 10 and the cellular network 40 for communication of the user authentication key and this is verified by an authentication server 45 at the cellular network 40. This allows access to the secure services cloud 50, as shown. Lost devices can be immediately switched off by blocking the service key on the back end infrastructure, at the services cloud. The skilled person will understand that the cellular network architecture and mechanisms for transferring data and/or authenticating the user may vary, though.

From this aspect, there is therefore provided a method of user

authentication for accessing a service provided over a cellular network. The method comprises: receiving an authentication code for accessing the service at the cellular network from a user device, the user device having at least one unique identifier associated with the cellular network and the authentication code being based on the at least one unique identifier of the user device associated with the cellular network and a service credential that is unknown to the user device; and checking the received authentication code at the cellular network on the basis of the at least one unique identifier of the user device associated with the cellular network and a service credential that is unknown to the user device. Thus, the combination of a service credential that is unknown to the user device, which may a (user-specific) security credential and/or security data (such as a key) that may be stored on a separate authentication device.

The service credential is preferably specific to a user. Then, the method may further comprise receiving a user identification in association with the authentication code. The step of checking the received authentication code may be further based on the user identification. The authentication code is optionally further based on a user-specific credential that is provided to the user device.

Then, the step of checking the received authentication code at the cellular network may be further carried out on the basis of the user-specific credential. The method may further comprise communicating access information from the cellular network to the user device in response to the step of checking the received authentication code resulting in the authentication code being validated. The access information may allow the user device to access the service.

Advantageously, the method further comprises providing the user device with the service over the cellular network in response to the step of checking the received authentication code resulting in the authentication code being validated. The service may be a first service and the method may further comprise providing the user device with a second service over the cellular network irrespective of a result of the step of checking the authentication code. The second service may be distinct from the first service.

In some embodiments, the method further comprises identifying at the cellular network that the user device may access the service on the basis of the at least one unique identifier associated with the cellular network. Then, the method may further comprise communicating a request for an authentication code from the cellular network to the user device, in response to the step of identifying.

The authentication system may allow access to different applications on the basis of the provided key or keys. This can be understood more generally as permitting access to one or some of a plurality of applications or services dependent on an indication within the received authentication code.

Another functionality may allow new information to be sent to the NFC device 30 over the air through the UE 10 to deprecate key information, for instance. More generally, this can be seen as communicating user-specific information from the cellular network to the user device for transferring from the user device to an authentication device interfaced with the user device.

The approach shown may be adapted and/or varied to implement Over the air' UE and/or subscription provisioning as discussed above. This may allow interaction between the authentication server 45 and a provisioning server (not shown). In some embodiments, the authentication server 45 and the provisioning server may be combined. Optional features as disclosed herein with respect to any other aspect (for example the method carried out at the user device and/or authentication device discussed above) may be used together with this aspect. The embodiment shown in Figure 2 should also be understood as an example, and the skilled person will appreciate that variations and modifications may be possible.

A computer program, configured when operated by a processor to carry out the method as described herein may also be provided. There may also be provided a network entity of a cellular network, configured to operate in accordance with the method as described herein. Combinations of any specific features disclosed in respect of any aspect may be provided, even if that combination is not explicitly discussed.