Title of Invention	METHOD FOR OPTIMIZING TUNNEL AUTHENTICATION PROCEDURE OVER A 3G-WLAN INTERWORKING SYSTEM
Abstract	This invention relates in general to the field of 3G-WLAN interworking systems. Further, this invention relates to the tunnel authentication procedure in the 3G-WLAN interworking system. More specifically, this invention provides a method of deriving new keys for IKEv2 mutual authentication by using the keys derived during the previous authentication procedure for the subsequent tunnel establishment procedures.

Title of Invention

METHOD FOR OPTIMIZING TUNNEL AUTHENTICATION PROCEDURE OVER A 3G-WLAN INTERWORKING SYSTEM

Abstract

This invention relates in general to the field of 3G-WLAN interworking systems. Further, this invention relates to the tunnel authentication procedure in the 3G-WLAN interworking system. More specifically, this invention provides a method of deriving new keys for IKEv2 mutual authentication by using the keys derived during the previous authentication procedure for the subsequent tunnel establishment procedures.

Full Text	1 FIELD OF THE INVENTION This invention relates in general to the field of 3G-WLAN interworking systems. Further, this invention relates to the tunnel authentication procedure in the 3G-WLAIM interworking system. This invention provides a method of deriving new keys for IKEv2 mutual authentication by using the keys derived during the previous authentication procedure for the subsequent tunnel establishment procedures. This invention encompasses method for using the existing valid keys to derive new keys for subsequent tunnel establishment procedures over a 3G-WLAN interworking system. More particularly, this invention relates to a system and method for optimizing tunnel authentication procedure over a 3G-WLAN interworking system. DESCRIPTION OF RELATED ART The 3GPP (http://www.3gpp.org) specification TS33.234, which deals with the ongoing 3GPP work related to security of 3G-WLAN interworking, provides a system description for tunnel establishment mechanism between 3G- WLAN UE and Packet Data Gateway (PDG) over a 3G-WLAN interworking system, as depicted in Figure 1. Depending on internal configuration, the UE initiates W-APN resolution and tunnel establishment with a PDG in PLMN, as illustrated in Figure 2 wherein the: 1. UE performs a DNS query to resolve W-APN. The DNS response will contain one or more IP addresses of equivalent PDG's that support the requested W-APN in the PLMN according to standard DNS procedures. If the PLMN does not support the W-APN, then the DNS query returns a negative response. 2. UE selects a PDG from the list received in step 1, and the establishment of an end-to-end tunnel is performed between the UE and this PDG. The UE includes the W-APN and the user identity in the initial tunnel establishment request. The PDG contacts the AAA server for authentication the UE and authorization of the requested service. After the successful authentication, the AAA server passes the key materials to the PDG to establish the security associations with the UE. The PDG and WAG exchange information (via the AAA Server and Proxy) in order to establish a filtering policy to allow the forwarding of tunneled packets to the PDG. LIMITATIONS Tunnel establishment procedures are provided in the current 3GPP system, as in TS 33.234 and other related specifications. Currently IKEv2 is used to dynamically establish IPsec SAs between the UE and the PDG. IKEv2 mandates mutual authentication between the peers. For IKEv2 mutual authentication in 3G-WLAN interworking scenario, the PDG uses public key certificate to authenticate to the UE, while UE uses EAP-AKA to authenticate to the PDG. As a result, the procedure need minimum of 6 messages between UE and PDG and 4 additional messages between PDG to 3GPP AAA server exchanged to perform IKE_AUTH within IKEv2. The number of message exchanges combining with public key cryptographic computation imposes heavy burdens on both devices and network traffic for subsequent tunnel establishment. SUMMARY OF THE INVENTION The primary object of this invention is therefore to optimize the subsequent tunnel authentication procedure in a 3G WLAN interworking environment. It is another object of the invention to provide the mechanism to derive new keys for IKEv2 mutual authentication with out performing complete authentication procedure but by using the keys derived during the previous authentication procedure for the subsequent tunnel establishment procedures. It is another object of the invention to provide intimation to the AAA server to derive the new key for IKEv2 mutual authentication without performing the EAP authentication procedure and by using the keys derived during the previous authentication procedure for the new tunnel establishment procedure. The present invention relates to a mechanism to derive the new key called Tunnel Session Key (TSK) for IKEv2 mutual authentication, by using EMSK derived during the previous authentication procedure and other parameters. identity, it checks whether the identity is from an l-WLAN subscriber, if so then AAA server may send a notification request. The Notification request is to know whether 3GPP IP Access is performed consecutively. This Notify request payload is included in the EAP Request ANY Identity message. 6. The WLAN AN relays the EAP Request ANY Identity message. 7. The UE receives the EAP Request ANY Identity message. 8. Then the UE includes the Notify response intimating whether the 3GPP IP Access is performed consecutively in the EAP Response ANY Identity message. 9. Then the AAA server starts the EAP-SIM/EAP-AKA procedure and authenticates the UE 10. After authenticating the UE, the AAA server derives the TSK key and stores it. The UE initiate the tunnel establishment procedure. 11. The UE and the PDG negotiate IKE_SA in steps 11 and 12. ■4 The invention also incorporates the mechanism by which the UE intimate the AAA server to derive the new key for IKEv2 mutual authentication by using the Extended Master Session Key (EMSK) derived during the previous authentication procedure for the subsequent tunnel establishment procedures. The system for present invention comprises of a WLAN-3G capable UE, WLAN network interconnected to a 3GPP delivery network consisting of AAA-Server, WAG and PDG and intermediate IP nodes. The present invention comprises of methods which would solve the problems associated with current art, as mentioned below. 1. To generate New Key "Tunnel session Key (TSK)" for IKEv2 mutual authentication, when the UE request for different "WLAN 3GPP IP access" consecutively or when the UE request for "WLAN 3GPP IP access" after the "WLAN Direct IP Access" authentication consecutively. 2. To intimate the AAA server to generate the TSK for the IKEv2 mutual authentication during the tunnel establishment procedure. This procedure can be considered for two cases. 2.1. Intimating the AAA server to derive the TSK during subsequent tunnels i.e., When "WLAN Direct IP Access" and "WLAN 3GPP IP access" are requested independently. In this case TSK is not generated during the "WLAN Direct IP Access" authentication procedure. 2.2. Intimation of the "WLAN 3GPP IP Access" during the "WLAN Direct IP Access" authentication to the AAA server, to derive TSK immediately. Accordingly, the present invention comprises a system and method for optimizing the Tunnel establishment procedure in 3G-WLAN Interworking System. Accordingly, the present invention further comprises a method to derive keys for IKEv2 mutual authentication during the WLAN 3GPP IP Access by using EMSK, derived during previous authentication procedure. Accordingly, the present invention further comprises a method to intimate the AAA server by the PDG, to derive and pass the TSK during the tunnel establishment procedure or alternatively to intimate the AAA server by the PDG, to derive and store the TSK during the WLAN Direct IP access authentication procedure. Accordingly, the present invention further comprises a method to intimate the PDG by the UE, to use the TSK during the tunnel establishment procedure. The other objects, features and advantages of the present invention will be apparent from the accompanying drawings and the brief description as follows. Accordingly, this invention explains a method for optimizing tunnel authentication procedure over a 3G-WLAN interworking system comprising the steps of: (a) deriving new keys for IKEv2 mutual authentication with out performing complete authentication procedure or fast re-authentication procedure but by using the keys derived during the previous authentication procedure for the subsequent tunnel establishment procedures; (b) providing intimation to the AAA server to derive the new key for IKEv2 mutual authentication without performing the EAP authentication procedure and by using the keys derived during the previous authentication procedure for the new tunnel establishment procedure; (c) deriving the new key called Tunnel Session Key (TSK) for IKEv2 mutual authentication, by using EMSK derived during the previous authentication procedure and other parameters; and (d) UE intimating the AAA server to derive the new key for IKEv2 mutual authentication by using the Extended Master Session Key (EMSK) derived during the previous authentication procedure for the subsequent tunnel establishment procedures. Accordingly, this invention further explains a system for optimizing tunnel authentication procedure over a 3G-WLAN interworking system comprising: (a) means for deriving new keys for IKEv2 mutual authentication with out performing complete authentication procedure or alternatively using TSK , but by using the keys derived during the previous authentication procedure for the subsequent tunnel establishment procedures; (b) means for providing intimation to the AAA server to derive the new key for IKEv2 mutual authentication without performing the EAP authentication procedure or fast re-authentication procedure and by using the keys derived during the previous authentication procedure for the new tunnel establishment procedure; (c) means for deriving the new key called Tunnel Session Key (TSK) for IKEv2 mutual authentication, by using EMSK derived during the previous authentication procedure and other parameters; and (d) UE intimating the AAA server to derive the new key for IKEv2 mutual authentication by using the Extended Master Session Key (EMSK) derived during the previous authentication procedure for the subsequent tunnel establishment procedures. These and other objects, features and advantages of the present invention will become more apparent from the ensuing detailed description of the invention taken in conjunction with the accompanying drawings. BRIEF DESCRIPTION OF THE ACCOMPANYING DRAWINGS Figure 1 illustrates the different network elements of a WLAN-3G interworking system, involved in establishing an End-To-End tunnel between UE and PDG. Figure 2 illustrates the sequence diagram, from the related art as described in 3GPP TS 23.234, for UE initiated Tunnel Establishment towards PDG, forming an End-To-End tunnel. Figure 3 illustrates the procedure of using TSK with the messages exchange between the UE and the AAA server via the PDG during the tunnel establishment procedure. Figure 4 illustrates the message exchange between the UE and the AAA server when access the "WLAN 3GPP IP Access" services after the "WLAN Direct IP Access" authentication. DETAILED DESCRIPTION OF THE INVENTION The preferred embodiments of the present invention will now be explained with reference to the accompanying drawings. It should be understood however that the disclosed embodiments are merely exemplary of the invention, which may be embodied in various forms. The following description and drawings are not to be construed as limiting the invention and numerous specific details are described to provide a thorough understanding of the present invention, as the basis for the claims and as a basis for teaching one skilled in the art how to make and/or use the invention. However in certain instances, well-known or conventional details are not described in order not to unnecessarily obscure the present invention in detail. The present invention provides a method for providing the optimized IKEv2 mutual authentication keys generation for tunnel establishment over a 3G WLAN interworking system. Also, the present invention provides a method by which the UE intimate the AAA server to derive the TSK for IKEv2 mutual authentication by using the EMSK derived during the previous authentication procedure, for the tunnel establishment request. The invention incorporates a mechanism to deriving the TSK by using the EMSK derived during the previous authentication procedure for the subsequent tunnel establishments over a 3G-WLAN interworking system. 1. The system in the present invention comprises of a 3G-WLAN UE establishing multiple end to end tunnels towards the PDG over the 3GPP specified interface. During the tunnel establishment procedure, AAA will generate new keys without performing the full authentication procedure or fast authentication procedure, provided if the UE is already authenticated and the derived keys are valid. The parameters used in generating the TSK are: TSK = prf{EMSK, W-APN, Length of the Key} or alternatively TSK = prf{EMSK, "W-APN", Identity, Length of the Key)} 2. When a 3G-WLAN UE request for tunnel establishment towards the PDG, it may intimate the AAA server to use TSK, this scenario can be considered in two cases: 2.1. Intimating the AAA server to derive and use the TSK during subsequent tunnel establishment requests. This can be achieved by as shown in Figure 3: 1. In step 1 and 2 the UE and the PDG negotiate IKE_SA. 3. The UE may directly derive TSK and use it to calculate the AUTH. The UE includes the AUTH payload within the IKE_AUTH request message and send it to the PDG. 4. When PDG receives the IKE_AUTH request message from the UE with AUTH payload, the PDG will request the AAA server through Access Request message to derive the TSK, if the UE is pre-authenticated. 5. When the AAA server receives the PDG request, then the AAA server derives the TSK, if the UE is pre-authenticated. 6. AAA server passes the TSK to the PDG through Access Accept message. 7. The PDG using the TSK, verify the AUTH Payload send by the UE and . calculates the AUTH payload using certificate or alternatively using TSK. Then the PDG send the IKE_AUTH response message including the AUTH payload to the UE. When the UE receives the IKE__AUTH response message, it verifies the AUTH payload send by the PDG using PDG's certificate or alternatively using TSK and establishes the IPsec SA. 8. Alternatively to steps 3, the UE may intimate the PDG to use TSK by including the Notify payload of IKEv2 or Vendor ID payload of IKEv2 with the AUTH payload in the IKE_AUTH request message. AUTH payload is calculated using the derived TSK as described in step 3. 9. Alternatively to step 4, the PDG may include new Diameter/Radius AVP or the Vendor ID AVP of Diameter/Radius to intimate the AAA server to derive the TSK using the previous authentication keys. Remaining steps 10, 11 and 12 are similar to the steps 5, 6 and 7 as explained above respectively. Even if UE is directly accessing "WLAN 3GPP IP Access", the AAA Server can realize to derive and use the TSK. 2.2. Intimation of the PS access during the "WLAN Direct IP Access" authentication (WLAN access authentication) to the AAA server, to derive TSK immediately. This can be achieved by as shown in Figure 4: 1. A connection is established between the UE and the WLAN AN. 2. WLAN AN sends an EAP Request Identity message to the UE. 3. The UE sends EAP Response message and optionally may piggy-back the option of using PS service into the identity response after a null character. Alternatively to piggy-back the option, the UE may use the "expanded payload" (i.e., vendor ID) of EAP, to intimate that the 3GPP IP Access is performed consecutively. 4. The response is relayed by the WLAN to the AAA server. 5. After receiving the EAP Request Identity, AAA server send EAP Request ANY Identity message to the UE. Alternatively to the step 3 options of piggy-back of PS service information or inclusion of expanded payload, When the AAA server receives the identity, it checks whether the identity is from an l-WLAN subscriber, if so then AAA server may send a notification request. The Notification request is to know whether 3GPP IP Access is performed consecutively. This Notify request payload is included in the EAP Request ANY Identity message. 6. The WLAN AN relays the EAP Request ANY Identity message. 7. The UE receives the EAP Request ANY Identity message. 8. Then the UE includes the Notify response intimating whether the 3GPP IP Access is performed consecutively in the EAP Response ANY Identity message. 9. Then the AAA server starts the EAP-SIM/EAP-AKA procedure and authenticates the UE 10. After authenticating the UE, the AAA server derives the TSK key and stores it. The UE initiate the tunnel establishment procedure. 11. The UE and the PDG negotiate IKE_SA in steps 11 and 12. 13. The UE directly derive TSK and use it to calculate the AUTH and include in the IKE_AUTH request message. 14. When PDG receives the IKE_AUTH request message from the UE with AUTH payload, the PDG will request the AAA server through Access Request message to derive the TSK, if the UE is pre-authenticated. 15. AAA server passes the TSK to the PDG through Access Accept message. 16. The PDG using the TSK, verify the AUTH Payload send by the UE and calculates the AUTH payload using certificate or alternatively using TSK and sends the IKE_AUTH response to the UE. The UE receives the IKE_AUTH response message and verifies the AUTH payload send by the PDG and then establishes the IPsec SA. 17. Alternatively to step 13, the UE may intimate the PDG to use TSK by including the Notify payload of IKEv2 or Vendor ID payload of IKEv2 with AUTH payload in the IKE_AUTH request message. AUTH payload is calculated using the derived TSK as described in step 3. 18. Alternatively to step 14, t he PDG may include new Diameter/Radius AVP or the Vendor ID AVP of Diameter/Radius to intimate the AAA server to derive the TSK using the previous authentication keys. Remain steps 19 and 20 are similar to the steps 15 and 16 respectively. It will also be obvious to those skilled in the art that other control methods and apparatuses can be derived from the combinations of the various methods and apparatuses of the present invention as taught by the description and the accompanying drawings and these shall also be considered within the scope of the present invention. Further, description of such combinations and variations is therefore omitted above. It should also be noted that the host for storing the applications include but not limited to a microchip, microprocessor, handheld communication device, computer, rendering device or a multi function device. Although the present invention has been fully described in connection with the preferred embodiments thereof with reference to the accompanying drawings, it is to be noted that various changes and modifications are possible and are apparent to those skilled in the art. Such changes and modifications are to be understood as included within the scope of the present invention as defined by the appended claims unless they depart therefrom. GLOSSARY OF TERMS AND DEFINITIONS THEREOF 3GPP: 3rd Generation Partnership Project AAA: Authentication, Authorization and Accounting AP: Wireless Local Area Network (WLAN) Access Point AP-id: Wireless Local Area Network (WLAN) Access Point Identity APN: Access Point Name CSCF: Call Session Control Function DNS: Domain Name Server EMSK: Extended Master Session Key GGSN: Gateway GPRS Support Node H-PLMN: Home Public Land Mobile Network (PLMN) HSS: Home Subscription Server IP-CAN: IP-Connectivity Access Network IPSec: IP Security Protocol PDG: Packet Data Gateway SDP: Session Description Protocol SGSN: Serving GPRS Support Node SPI: Security parameter Index TID: Tunnel ID TSK: Tunnel Session Key User terminal: the end user equipment e.g., the Mobile Station (MS) or User Equipment (UE). V-PLMN: Visited Public Land Mobile Network WAG: Wireless Access Gateway W-APN: WLAN APN WLAN UE: The WLAN UE is the UE (equipped with UICC card including (U)SIM) utilized by a 3GPP subscriber to access the WLAN interworking. WLAN UE's remote IP address: An address used in the data packet encapsulated by the WLAN UE-initiated tunnel. WE CLAIM 1. A method for optimizing tunnel authentication procedure over a 3G-WLAN interworking system comprising the steps of: (a) deriving new keys for IKEv2 mutual authentication with out performing complete authentication procedure but by using the keys derived during the previous authentication procedure for the subsequent tunnel establishment procedures; (b) providing intimation to the AAA server to derive the new key for IKEv2 mutual authentication without performing the EAP authentication procedure and by using the keys derived during the previous authentication procedure for the new tunnel establishment procedure; (c) deriving the new key called Tunnel Session Key (TSK) for IKEv2 mutual authentication, by using EMSK derived during the previous authentication procedure and other parameters; and (d) UE intimating the AAA server to derive the new key for IKEv2 mutual authentication by using the Extended Master Session Key (EMSK) derived during the previous authentication procedure for the subsequent tunnel establishment procedures. 2. A method as claimed in claim 1 wherein during the tunnel establishment procedure, AAA generates new keys without performing the full authentication procedure or fast authentication procedure, provided if the UE is already authenticated and the derived keys are valid, where the parameters used in generating the TSK are: TSK = prf{EMSK, W-APN, Length of the Key} or alternatively TSK = prf{EMSK, "W-APN", Identity, Length of the Key)} where prf is a Pseudo random generator agreed between the UE and the AAA server during the previous EAP-SIM or EAP-AKA authentication procedure; EMSK is Extended Master Session Key generated by the UE and AAA server during previous authentication procedure; W-APN is WLAN Access Point Name included in the tunnel request message; Identity is a User identity included in the tunnel request message; and Length of the Key is the Output length of the TSK key. 3. A method as claimed in claim 1 wherein when a 3G-WLAN UE request for tunnel establishment towards the PDG, it intimates the AAA server to use TSK, where the said scenario is considered in two cases when intimating the AAA server to derive and use the TSK during subsequent tunnel establishment requests and when intimation of the PS access during the "WLAN Direct IP Access" authentication (WLAN access authentication) to the AAA server, to derive TSK immediately. 4. A method as claimed in claim 1 wherein intimating the AAA server to derive and use the TSK during subsequent tunnel establishment requests involves UE and the PDG negotiating IKE_SA. 5. A method as claimed in claim 4 wherein UE directly derive TSK and use it to calculate the AUTH where the said UE includes the AUTH payload within the IKE_AUTH request message and send it to the PDG. 6. A method as claimed in claim 4 wherein when PDG receives the IKE_AUTH request message from the UE with AUTH payload, the PDG requests the AAA server through Access Request message to derive the TSK, if the UE is pre-authenticated. 7. A method as claimed in claim 4 wherein when the AAA server receives the PDG request, then the AAA server derives the TSK, if the UE is pre-authenticated. 8. A method as claimed in claim 4 wherein AAA server passes the TSK to the PDG through Access Accept message. 9. A method as claimed in claim 4 wherein the PDG using the TSK, verify the AUTH Payload send by the UE and calculates the AUTH payload using certificate or alternatively using TSK and the PDG sends the IKE_AUTH response message including the AUTH payload to the UE. 10. A method as claimed in claim 4 wherein when the UE receives the IKE_AUTH response message, it verifies the AUTH payload send by the PDG using PDG's certificate or alternatively using TSK and establishes the IPsec SA. 11. A method as claimed in claim 4 wherein the UE intimates the PDG to use TSK by including the Notify payload of IKEv2 or Vendor ID payload of IKEv2 with the AUTH payload in the IKE_AUTH request message. 12. A method as claimed in claim 4 wherein the PDG include new Diameter/Radius AVP or the Vendor ID AVP of Diameter/Radius to intimate the AAA server to derive the TSK using the previous authentication keys. 13. A method as claimed in claim 4 wherein even if UE is directly accessing "WLAN 3GPP IP Access", the AAA Server realize to derive and use the TSK. 14. A method as claimed in claim 1 wherein intimation of the PS access during the "WLAN Direct IP Access" authentication to the AAA server, to derive TSK immediately involves establishing connection between the UE and the WLAN AN. 15. A method as claimed in claim 14 wherein WLAN AN sends an EAP Request Identity message to the UE and UE sends EAP Response message and optionally may piggy-back the option of using PS service into the identity response after a null character. 16. A method as claimed in claim 14 wherein the UE use the "expanded payload" of EAP, to intimate that the 3GPP IP Access is performed consecutively. 17. A method as claimed in claim 14 wherein the response is relayed by the WLAN to the AAA server and after receiving the EAP Request Identity, AAA server send EAP Request ANY Identity message to the UE. 18. A method as claimed in claim 14 wherein, when the AAA server receives the identity, it checks whether the identity is from an l-WLAN subscriber, and if so then AAA server sends a notification request, where the Notification request is to know whether 3GPP IP Access is performed consecutively and the said Notify request payload is included in the EAP Request ANY Identity message. 19. A method as claimed in claim 14 wherein the WLAN AN relays the EAP Request ANY Identity message and the UE receives the EAP Request ANY Identity message. 20. A method as claimed in claim 14 wherein the UE includes the Notify response intimating whether the 3GPP IP Access is performed consecutively in the EAP Response ANY Identity message and the AAA server starts the EAP-SIM/EAP-AKA procedure and authenticates the UE. 21. A method as claimed in claim 14 wherein after authenticating the UE, the AAA server derives the TSK key and stores it and the UE initiate the tunnel establishment procedure. 22. A method as claimed in claim 14 wherein the UE and the PDG negotiate IKE_SA and the UE directly derive TSK and use it to calculate the AUTH and include in the IKE_AUTH request message. 23. A method as claimed in claim 14 wherein When PDG receives the IKE_AUTH request message from the UE with AUTH payload, the PDG request the AAA server through Access Request message to derive the TSK, if the UE is pre-authenticated. 24. A method as claimed in claim 14 wherein AAA server passes the TSK to the PDG through Access Accept message. 25. A method as claimed in claim 14 wherein the PDG using the TSK, verify the AUTH Payload send by the UE and calculates the AUTH payload using certificate or alternatively using TSK and sends the IKE_AUTH response to the UE where the UE receives the IKE_AUTH response message and verifies the AUTH payload send by the PDG and then establishes the IPsec SA. 26. A method as claimed in claim 14 wherein UE intimate the PDG to use TSK by including the Notify payload of IKEv2 or Vendor ID payload of IKEv2 with AUTH payload in the IKE_AUTH request message where AUTH payload is calculated using the derived TSK. 27. A method as claimed in claim 14 wherein the PDG include new Diameter/Radius AVP or the Vendor ID AVP of Diameter/Radius to intimate the AAA server to derive the TSK using the previous authentication keys. 28. A system for optimizing tunnel authentication procedure over a 3G-WLAN interworking system comprising: (a) means for deriving new keys for IKEv2 mutual authentication with out performing complete authentication procedure but by using the keys derived during the previous authentication procedure for the subsequent tunnel establishment procedures; (b) means for providing intimation to the AAA server to derive the new key for IKEv2 mutual authentication without performing the EAP authentication procedure and by using the keys derived during the previous authentication procedure for the new tunnel establishment procedure; (c) means for deriving the new key called Tunnel Session Key (TSK) for IKEv2 mutual authentication, by using EMSK derived during the previous authentication procedure and other parameters; and (d) UE intimating the AAA server to derive the new key for IKEv2 mutual authentication by using the Extended Master Session Key (EMSK) derived during the previous authentication procedure for the subsequent tunnel establishment procedures. 29. A method for optimizing tunnel authentication procedure over a 3G-WLAN interworking system substantially described particularly with reference to the accompanying drawings. 30. A system for optimizing tunnel authentication procedure over a 3G-WLAN interworking system substantially described particularly with reference to the accompanying drawings.

Full Text

1
FIELD OF THE INVENTION
This invention relates in general to the field of 3G-WLAN interworking systems. Further, this invention relates to the tunnel authentication procedure in the 3G-WLAIM interworking system. This invention provides a method of deriving new keys for IKEv2 mutual authentication by using the keys derived during the previous authentication procedure for the subsequent tunnel establishment procedures. This invention encompasses method for using the existing valid keys to derive new keys for subsequent tunnel establishment procedures over a 3G-WLAN interworking system. More particularly, this invention relates to a system and method for optimizing tunnel authentication procedure over a 3G-WLAN interworking system.
DESCRIPTION OF RELATED ART
The 3GPP (http://www.3gpp.org) specification TS33.234, which deals with the ongoing 3GPP work related to security of 3G-WLAN interworking, provides a system description for tunnel establishment mechanism between 3G- WLAN UE and Packet Data Gateway (PDG) over a 3G-WLAN interworking system, as depicted in Figure 1.
Depending on internal configuration, the UE initiates W-APN resolution and tunnel establishment with a PDG in PLMN, as illustrated in Figure 2 wherein the:
1. UE performs a DNS query to resolve W-APN. The DNS response will contain

one or more IP addresses of equivalent PDG's that support the requested W-APN in the PLMN according to standard DNS procedures. If the PLMN does not support the W-APN, then the DNS query returns a negative response. 2. UE selects a PDG from the list received in step 1, and the establishment of an end-to-end tunnel is performed between the UE and this PDG. The UE includes the W-APN and the user identity in the initial tunnel establishment request. The PDG contacts the AAA server for authentication the UE and authorization of the requested service. After the successful authentication, the AAA server passes the key materials to the PDG to establish the security associations with the UE. The PDG and WAG exchange information (via the AAA Server and Proxy) in order to establish a filtering policy to allow the forwarding of tunneled packets to the PDG.
LIMITATIONS
Tunnel establishment procedures are provided in the current 3GPP system, as in TS 33.234 and other related specifications. Currently IKEv2 is used to dynamically establish IPsec SAs between the UE and the PDG. IKEv2 mandates mutual authentication between the peers. For IKEv2 mutual authentication in 3G-WLAN interworking scenario, the PDG uses public key certificate to authenticate to the UE, while UE uses EAP-AKA to authenticate to the PDG. As a result, the procedure need minimum of 6 messages between UE and PDG and 4 additional messages between PDG to 3GPP AAA server exchanged to perform IKE_AUTH within IKEv2.

The number of message exchanges combining with public key cryptographic computation imposes heavy burdens on both devices and network traffic for subsequent tunnel establishment.
SUMMARY OF THE INVENTION
The primary object of this invention is therefore to optimize the subsequent tunnel authentication procedure in a 3G WLAN interworking environment.
It is another object of the invention to provide the mechanism to derive new keys for IKEv2 mutual authentication with out performing complete authentication procedure but by using the keys derived during the previous authentication procedure for the subsequent tunnel establishment procedures.
It is another object of the invention to provide intimation to the AAA server to derive the new key for IKEv2 mutual authentication without performing the EAP authentication procedure and by using the keys derived during the previous authentication procedure for the new tunnel establishment procedure.
The present invention relates to a mechanism to derive the new key called Tunnel Session Key (TSK) for IKEv2 mutual authentication, by using EMSK derived during the previous authentication procedure and other parameters.

identity, it checks whether the identity is from an l-WLAN subscriber, if so then AAA server may send a notification request. The Notification request is to know whether 3GPP IP Access is performed consecutively. This Notify request payload is included in the EAP Request ANY Identity message.
6. The WLAN AN relays the EAP Request ANY Identity message.
7. The UE receives the EAP Request ANY Identity message.
8. Then the UE includes the Notify response intimating whether the 3GPP IP Access is performed consecutively in the EAP Response ANY Identity message.
9. Then the AAA server starts the EAP-SIM/EAP-AKA procedure and authenticates the UE
10. After authenticating the UE, the AAA server derives the TSK key and stores it.
The UE initiate the tunnel establishment procedure.
11. The UE and the PDG negotiate IKE_SA in steps 11 and 12.

■4
The invention also incorporates the mechanism by which the UE intimate the AAA server to derive the new key for IKEv2 mutual authentication by using the Extended Master Session Key (EMSK) derived during the previous authentication procedure for the subsequent tunnel establishment procedures.
The system for present invention comprises of a WLAN-3G capable UE, WLAN network interconnected to a 3GPP delivery network consisting of AAA-Server, WAG and PDG and intermediate IP nodes.
The present invention comprises of methods which would solve the problems associated with current art, as mentioned below.
1. To generate New Key "Tunnel session Key (TSK)" for IKEv2 mutual authentication, when the UE request for different "WLAN 3GPP IP access" consecutively or when the UE request for "WLAN 3GPP IP access" after the "WLAN Direct IP Access" authentication consecutively.
2. To intimate the AAA server to generate the TSK for the IKEv2 mutual authentication during the tunnel establishment procedure. This procedure can be considered for two cases.
2.1. Intimating the AAA server to derive the TSK during subsequent tunnels i.e., When "WLAN Direct IP Access" and "WLAN 3GPP IP access" are requested independently. In this case TSK is not generated during the

"WLAN Direct IP Access" authentication procedure.
2.2. Intimation of the "WLAN 3GPP IP Access" during the "WLAN Direct IP Access" authentication to the AAA server, to derive TSK immediately.
Accordingly, the present invention comprises a system and method for optimizing the Tunnel establishment procedure in 3G-WLAN Interworking System.
Accordingly, the present invention further comprises a method to derive keys for IKEv2 mutual authentication during the WLAN 3GPP IP Access by using EMSK, derived during previous authentication procedure.
Accordingly, the present invention further comprises a method to intimate the AAA server by the PDG, to derive and pass the TSK during the tunnel establishment procedure or alternatively to intimate the AAA server by the PDG, to derive and store the TSK during the WLAN Direct IP access authentication procedure.
Accordingly, the present invention further comprises a method to intimate the PDG by the UE, to use the TSK during the tunnel establishment procedure.
The other objects, features and advantages of the present invention will be apparent from the accompanying drawings and the brief description as follows.

Accordingly, this invention explains a method for optimizing tunnel authentication procedure over a 3G-WLAN interworking system comprising the steps of:
(a) deriving new keys for IKEv2 mutual authentication with out performing complete authentication procedure or fast re-authentication procedure but by using the keys derived during the previous authentication procedure for the subsequent tunnel establishment procedures;
(b) providing intimation to the AAA server to derive the new key for IKEv2 mutual authentication without performing the EAP authentication procedure and by using the keys derived during the previous authentication procedure for the new tunnel establishment procedure;
(c) deriving the new key called Tunnel Session Key (TSK) for IKEv2 mutual authentication, by using EMSK derived during the previous authentication procedure and other parameters; and
(d) UE intimating the AAA server to derive the new key for IKEv2 mutual authentication by using the Extended Master Session Key (EMSK) derived during the previous authentication procedure for the subsequent tunnel establishment procedures.
Accordingly, this invention further explains a system for optimizing tunnel
authentication procedure over a 3G-WLAN interworking system comprising:
(a) means for deriving new keys for IKEv2 mutual authentication with out
performing complete authentication procedure or alternatively using TSK ,
but by using the keys derived during the previous authentication procedure
for the subsequent tunnel establishment procedures;

(b) means for providing intimation to the AAA server to derive the new key for IKEv2 mutual authentication without performing the EAP authentication procedure or fast re-authentication procedure and by using the keys derived during the previous authentication procedure for the new tunnel establishment procedure;
(c) means for deriving the new key called Tunnel Session Key (TSK) for IKEv2 mutual authentication, by using EMSK derived during the previous authentication procedure and other parameters; and
(d) UE intimating the AAA server to derive the new key for IKEv2 mutual authentication by using the Extended Master Session Key (EMSK) derived during the previous authentication procedure for the subsequent tunnel establishment procedures.
These and other objects, features and advantages of the present invention will become more apparent from the ensuing detailed description of the invention taken in conjunction with the accompanying drawings.
BRIEF DESCRIPTION OF THE ACCOMPANYING DRAWINGS
Figure 1 illustrates the different network elements of a WLAN-3G interworking system, involved in establishing an End-To-End tunnel between UE and PDG.
Figure 2 illustrates the sequence diagram, from the related art as described in 3GPP TS 23.234, for UE initiated Tunnel Establishment towards PDG, forming an

End-To-End tunnel.
Figure 3 illustrates the procedure of using TSK with the messages exchange between the UE and the AAA server via the PDG during the tunnel establishment procedure.
Figure 4 illustrates the message exchange between the UE and the AAA server when access the "WLAN 3GPP IP Access" services after the "WLAN Direct IP Access" authentication.
DETAILED DESCRIPTION OF THE INVENTION
The preferred embodiments of the present invention will now be explained with reference to the accompanying drawings. It should be understood however that the disclosed embodiments are merely exemplary of the invention, which may be embodied in various forms. The following description and drawings are not to be construed as limiting the invention and numerous specific details are described to provide a thorough understanding of the present invention, as the basis for the claims and as a basis for teaching one skilled in the art how to make and/or use the invention. However in certain instances, well-known or conventional details are not described in order not to unnecessarily obscure the present invention in detail.
The present invention provides a method for providing the optimized IKEv2 mutual authentication keys generation for tunnel establishment over a 3G WLAN

interworking system.
Also, the present invention provides a method by which the UE intimate the AAA server to derive the TSK for IKEv2 mutual authentication by using the EMSK derived during the previous authentication procedure, for the tunnel establishment request.
The invention incorporates a mechanism to deriving the TSK by using the EMSK derived during the previous authentication procedure for the subsequent tunnel establishments over a 3G-WLAN interworking system.
1. The system in the present invention comprises of a 3G-WLAN UE establishing multiple end to end tunnels towards the PDG over the 3GPP specified interface. During the tunnel establishment procedure, AAA will generate new keys without performing the full authentication procedure or fast authentication procedure, provided if the UE is already authenticated and the derived keys are valid. The parameters used in generating the TSK are:
TSK = prf{EMSK, W-APN, Length of the Key}
or alternatively TSK = prf{EMSK, "W-APN", Identity, Length of the Key)}

2. When a 3G-WLAN UE request for tunnel establishment towards the PDG, it may intimate the AAA server to use TSK, this scenario can be considered in two cases:
2.1. Intimating the AAA server to derive and use the TSK during subsequent tunnel establishment requests. This can be achieved by as shown in Figure 3:
1. In step 1 and 2 the UE and the PDG negotiate IKE_SA.
3. The UE may directly derive TSK and use it to calculate the AUTH. The
UE includes the AUTH payload within the IKE_AUTH request message
and send it to the PDG.
4. When PDG receives the IKE_AUTH request message from the UE with

AUTH payload, the PDG will request the AAA server through Access Request message to derive the TSK, if the UE is pre-authenticated.
5. When the AAA server receives the PDG request, then the AAA server derives the TSK, if the UE is pre-authenticated.
6. AAA server passes the TSK to the PDG through Access Accept message.
7. The PDG using the TSK, verify the AUTH Payload send by the UE and
. calculates the AUTH payload using certificate or alternatively using TSK.
Then the PDG send the IKE_AUTH response message including the AUTH payload to the UE.
When the UE receives the IKE__AUTH response message, it verifies the AUTH payload send by the PDG using PDG's certificate or alternatively using TSK and establishes the IPsec SA.
8. Alternatively to steps 3, the UE may intimate the PDG to use TSK by including the Notify payload of IKEv2 or Vendor ID payload of IKEv2 with the AUTH payload in the IKE_AUTH request message. AUTH payload is calculated using the derived TSK as described in step 3.
9. Alternatively to step 4, the PDG may include new Diameter/Radius AVP

or the Vendor ID AVP of Diameter/Radius to intimate the AAA server to derive the TSK using the previous authentication keys.
Remaining steps 10, 11 and 12 are similar to the steps 5, 6 and 7 as explained above respectively. Even if UE is directly accessing "WLAN 3GPP IP Access", the AAA Server can realize to derive and use the TSK.
2.2. Intimation of the PS access during the "WLAN Direct IP Access" authentication (WLAN access authentication) to the AAA server, to derive TSK immediately. This can be achieved by as shown in Figure 4:
1. A connection is established between the UE and the WLAN AN.
2. WLAN AN sends an EAP Request Identity message to the UE.
3. The UE sends EAP Response message and optionally may piggy-back the option of using PS service into the identity response after a null character. Alternatively to piggy-back the option, the UE may use the "expanded payload" (i.e., vendor ID) of EAP, to intimate that the 3GPP IP Access is performed consecutively.
4. The response is relayed by the WLAN to the AAA server.
5. After receiving the EAP Request Identity, AAA server send EAP Request

ANY Identity message to the UE.
Alternatively to the step 3 options of piggy-back of PS service information or inclusion of expanded payload, When the AAA server receives the identity, it checks whether the identity is from an l-WLAN subscriber, if so then AAA server may send a notification request. The Notification request is to know whether 3GPP IP Access is performed consecutively. This Notify request payload is included in the EAP Request ANY Identity message.
6. The WLAN AN relays the EAP Request ANY Identity message.
7. The UE receives the EAP Request ANY Identity message.
8. Then the UE includes the Notify response intimating whether the 3GPP IP Access is performed consecutively in the EAP Response ANY Identity message.
9. Then the AAA server starts the EAP-SIM/EAP-AKA procedure and authenticates the UE
10. After authenticating the UE, the AAA server derives the TSK key and stores it.

The UE initiate the tunnel establishment procedure.
11. The UE and the PDG negotiate IKE_SA in steps 11 and 12.
13. The UE directly derive TSK and use it to calculate the AUTH and include in the IKE_AUTH request message.
14. When PDG receives the IKE_AUTH request message from the UE with AUTH payload, the PDG will request the AAA server through Access Request message to derive the TSK, if the UE is pre-authenticated.
15. AAA server passes the TSK to the PDG through Access Accept message.
16. The PDG using the TSK, verify the AUTH Payload send by the UE and calculates the AUTH payload using certificate or alternatively using TSK and sends the IKE_AUTH response to the UE. The UE receives the IKE_AUTH response message and verifies the AUTH payload send by the PDG and then establishes the IPsec SA.
17. Alternatively to step 13, the UE may intimate the PDG to use TSK by including the Notify payload of IKEv2 or Vendor ID payload of IKEv2 with AUTH payload in the IKE_AUTH request message. AUTH payload is calculated using the derived TSK as described in step 3.

18. Alternatively to step 14, t he PDG may include new Diameter/Radius AVP or the Vendor ID AVP of Diameter/Radius to intimate the AAA server to derive the TSK using the previous authentication keys.
Remain steps 19 and 20 are similar to the steps 15 and 16 respectively.
It will also be obvious to those skilled in the art that other control methods and apparatuses can be derived from the combinations of the various methods and apparatuses of the present invention as taught by the description and the accompanying drawings and these shall also be considered within the scope of the present invention. Further, description of such combinations and variations is therefore omitted above. It should also be noted that the host for storing the applications include but not limited to a microchip, microprocessor, handheld communication device, computer, rendering device or a multi function device.
Although the present invention has been fully described in connection with the preferred embodiments thereof with reference to the accompanying drawings, it is to be noted that various changes and modifications are possible and are apparent to those skilled in the art. Such changes and modifications are to be understood as included within the scope of the present invention as defined by the appended claims unless they depart therefrom.

GLOSSARY OF TERMS AND DEFINITIONS THEREOF
3GPP: 3rd Generation Partnership Project
AAA: Authentication, Authorization and Accounting
AP: Wireless Local Area Network (WLAN) Access Point
AP-id: Wireless Local Area Network (WLAN) Access Point Identity
APN: Access Point Name
CSCF: Call Session Control Function
DNS: Domain Name Server
EMSK: Extended Master Session Key
GGSN: Gateway GPRS Support Node
H-PLMN: Home Public Land Mobile Network (PLMN)
HSS: Home Subscription Server
IP-CAN: IP-Connectivity Access Network
IPSec: IP Security Protocol
PDG: Packet Data Gateway
SDP: Session Description Protocol
SGSN: Serving GPRS Support Node
SPI: Security parameter Index
TID: Tunnel ID
TSK: Tunnel Session Key
User terminal: the end user equipment e.g., the Mobile Station (MS) or User
Equipment (UE).
V-PLMN: Visited Public Land Mobile Network

WAG: Wireless Access Gateway
W-APN: WLAN APN
WLAN UE: The WLAN UE is the UE (equipped with UICC card including (U)SIM)
utilized by a 3GPP subscriber to access the WLAN interworking.
WLAN UE's remote IP address: An address used in the data packet encapsulated
by the WLAN UE-initiated tunnel.

WE CLAIM
1. A method for optimizing tunnel authentication procedure over a 3G-WLAN
interworking system comprising the steps of:
(a) deriving new keys for IKEv2 mutual authentication with out performing complete authentication procedure but by using the keys derived during the previous authentication procedure for the subsequent tunnel establishment procedures;
(b) providing intimation to the AAA server to derive the new key for IKEv2 mutual authentication without performing the EAP authentication procedure and by using the keys derived during the previous authentication procedure for the new tunnel establishment procedure;
(c) deriving the new key called Tunnel Session Key (TSK) for IKEv2 mutual authentication, by using EMSK derived during the previous authentication procedure and other parameters; and
(d) UE intimating the AAA server to derive the new key for IKEv2 mutual authentication by using the Extended Master Session Key (EMSK) derived during the previous authentication procedure for the subsequent tunnel establishment procedures.
2. A method as claimed in claim 1 wherein during the tunnel establishment
procedure, AAA generates new keys without performing the full authentication
procedure or fast authentication procedure, provided if the UE is already
authenticated and the derived keys are valid, where the parameters used in

generating the TSK are:
TSK = prf{EMSK, W-APN, Length of the Key}
or alternatively TSK = prf{EMSK, "W-APN", Identity, Length of the Key)} where
prf is a Pseudo random generator agreed between the UE and the AAA server during the previous EAP-SIM or EAP-AKA authentication procedure;
EMSK is Extended Master Session Key generated by the UE and AAA server during previous authentication procedure;
W-APN is WLAN Access Point Name included in the tunnel request message;
Identity is a User identity included in the tunnel request message; and
Length of the Key is the Output length of the TSK key.
3. A method as claimed in claim 1 wherein when a 3G-WLAN UE request for tunnel establishment towards the PDG, it intimates the AAA server to use TSK, where the said scenario is considered in two cases when intimating the AAA server to derive and use the TSK during subsequent tunnel establishment requests and when intimation of the PS access during the "WLAN Direct IP Access" authentication (WLAN access authentication) to the AAA server, to derive TSK immediately.

4. A method as claimed in claim 1 wherein intimating the AAA server to derive and use the TSK during subsequent tunnel establishment requests involves UE and the PDG negotiating IKE_SA.
5. A method as claimed in claim 4 wherein UE directly derive TSK and use it to calculate the AUTH where the said UE includes the AUTH payload within the IKE_AUTH request message and send it to the PDG.
6. A method as claimed in claim 4 wherein when PDG receives the IKE_AUTH request message from the UE with AUTH payload, the PDG requests the AAA server through Access Request message to derive the TSK, if the UE is pre-authenticated.
7. A method as claimed in claim 4 wherein when the AAA server receives the PDG request, then the AAA server derives the TSK, if the UE is pre-authenticated.
8. A method as claimed in claim 4 wherein AAA server passes the TSK to the PDG through Access Accept message.
9. A method as claimed in claim 4 wherein the PDG using the TSK, verify the AUTH Payload send by the UE and calculates the AUTH payload using certificate or alternatively using TSK and the PDG sends the IKE_AUTH response message including the AUTH payload to the UE.

10. A method as claimed in claim 4 wherein when the UE receives the IKE_AUTH response message, it verifies the AUTH payload send by the PDG using PDG's certificate or alternatively using TSK and establishes the IPsec SA.
11. A method as claimed in claim 4 wherein the UE intimates the PDG to use TSK by including the Notify payload of IKEv2 or Vendor ID payload of IKEv2 with the AUTH payload in the IKE_AUTH request message.
12. A method as claimed in claim 4 wherein the PDG include new Diameter/Radius AVP or the Vendor ID AVP of Diameter/Radius to intimate the AAA server to derive the TSK using the previous authentication keys.
13. A method as claimed in claim 4 wherein even if UE is directly accessing "WLAN 3GPP IP Access", the AAA Server realize to derive and use the TSK.
14. A method as claimed in claim 1 wherein intimation of the PS access during the "WLAN Direct IP Access" authentication to the AAA server, to derive TSK immediately involves establishing connection between the UE and the WLAN AN.
15. A method as claimed in claim 14 wherein WLAN AN sends an EAP Request Identity message to the UE and UE sends EAP Response message and optionally may piggy-back the option of using PS service into the identity

response after a null character.
16. A method as claimed in claim 14 wherein the UE use the "expanded payload" of EAP, to intimate that the 3GPP IP Access is performed consecutively.
17. A method as claimed in claim 14 wherein the response is relayed by the WLAN to the AAA server and after receiving the EAP Request Identity, AAA server send EAP Request ANY Identity message to the UE.
18. A method as claimed in claim 14 wherein, when the AAA server receives the identity, it checks whether the identity is from an l-WLAN subscriber, and if so then AAA server sends a notification request, where the Notification request is to know whether 3GPP IP Access is performed consecutively and the said Notify request payload is included in the EAP Request ANY Identity message.
19. A method as claimed in claim 14 wherein the WLAN AN relays the EAP Request ANY Identity message and the UE receives the EAP Request ANY Identity message.
20. A method as claimed in claim 14 wherein the UE includes the Notify response intimating whether the 3GPP IP Access is performed consecutively in the EAP Response ANY Identity message and the AAA server starts the EAP-SIM/EAP-AKA procedure and authenticates the UE.

21. A method as claimed in claim 14 wherein after authenticating the UE, the AAA server derives the TSK key and stores it and the UE initiate the tunnel establishment procedure.
22. A method as claimed in claim 14 wherein the UE and the PDG negotiate IKE_SA and the UE directly derive TSK and use it to calculate the AUTH and include in the IKE_AUTH request message.
23. A method as claimed in claim 14 wherein When PDG receives the IKE_AUTH request message from the UE with AUTH payload, the PDG request the AAA server through Access Request message to derive the TSK, if the UE is pre-authenticated.
24. A method as claimed in claim 14 wherein AAA server passes the TSK to the PDG through Access Accept message.
25. A method as claimed in claim 14 wherein the PDG using the TSK, verify the AUTH Payload send by the UE and calculates the AUTH payload using certificate or alternatively using TSK and sends the IKE_AUTH response to the UE where the UE receives the IKE_AUTH response message and verifies the AUTH payload send by the PDG and then establishes the IPsec SA.
26. A method as claimed in claim 14 wherein UE intimate the PDG to use TSK by including the Notify payload of IKEv2 or Vendor ID payload of IKEv2 with AUTH

payload in the IKE_AUTH request message where AUTH payload is calculated using the derived TSK.
27. A method as claimed in claim 14 wherein the PDG include new Diameter/Radius AVP or the Vendor ID AVP of Diameter/Radius to intimate the AAA server to derive the TSK using the previous authentication keys.
28. A system for optimizing tunnel authentication procedure over a 3G-WLAN interworking system comprising:

(a) means for deriving new keys for IKEv2 mutual authentication with out performing complete authentication procedure but by using the keys derived during the previous authentication procedure for the subsequent tunnel establishment procedures;
(b) means for providing intimation to the AAA server to derive the new key for IKEv2 mutual authentication without performing the EAP authentication procedure and by using the keys derived during the previous authentication procedure for the new tunnel establishment procedure;
(c) means for deriving the new key called Tunnel Session Key (TSK) for IKEv2 mutual authentication, by using EMSK derived during the previous authentication procedure and other parameters; and
(d) UE intimating the AAA server to derive the new key for IKEv2 mutual authentication by using the Extended Master Session Key (EMSK) derived during the previous authentication procedure for the subsequent tunnel establishment procedures.

29. A method for optimizing tunnel authentication procedure over a 3G-WLAN
interworking system substantially described particularly with reference to the
accompanying drawings.
30. A system for optimizing tunnel authentication procedure over a 3G-WLAN
interworking system substantially described particularly with reference to the
accompanying drawings.

Documents:

0735-che-2005-abstract.pdf

0735-che-2005-claims.pdf

0735-che-2005-correspondnece-others.pdf

0735-che-2005-description(complete).pdf

0735-che-2005-description(provisional).pdf

0735-che-2005-drawings.pdf

0735-che-2005-form 1.pdf

0735-che-2005-form 26.pdf

0735-che-2005-form 5.pdf

0735-che-2005-form13.pdf

735-CHE-2005 AMENDED PAGES OF SPECIFICATION 28-02-2013.pdf

735-CHE-2005 AMENDED CLAIMS 28-02-2013.pdf

735-CHE-2005 EXAMINATION REPORT REPLY RECEIVED 28-02-2013.pdf

735-CHE-2005 FORM-1 28-02-2013.pdf

735-CHE-2005 FORM-13 19-06-2006.pdf

735-CHE-2005 FORM-13 28-02-2013.pdf

735-CHE-2005 FORM-3 28-02-2013.pdf

735-CHE-2005 FORM-5 28-02-2013.pdf

735-CHE-2005 OTHER PATENT DOCUMENT 28-02-2013.pdf

735-CHE-2005 OTHER PATENT DOCUMENT 1 28-02-2013.pdf

735-CHE-2005 POWER OF ATTORNEY 28-02-2013.pdf

« Previous Patent

Next Patent »

Patent Number

256174

Indian Patent Application Number

735/CHE/2005

PG Journal Number

20/2013

Publication Date

17-May-2013

Grant Date

10-May-2013

Date of Filing

16-Jun-2005

Name of Patentee

SAMSUNG INDIA SOFTWARE OPERATIONS PRIVATE LIMITED

Applicant Address

BAGMANE LAKEVIEW,BLOCK B NO.66/1 BAGMANE TECH PARK,C.V.RAMAN NAGAR,BYRASANDRA BANGALORE 560 093

Inventors:

#	Inventor's Name	Inventor's Address
1	R. RAJAVELSAMY	ELECTRONICS CO. LTD., INDIA SOFTWARE OPERATIONS (SISO),J.P.TECHNO PARK,3/1, MILLERS ROAD, BANGLORE 560 052
2	EUNHUI BAE	EMPLOYED AT SAMSUNG ELECTRONICS CO. LTD., INDIA SOFTWARE OPERATIONS (SISO), HAVING ITS OFFICE AT J.P.TECHNO PARK,3/1, MILLERS ROAD, BANGLORE 560 052, KARNATAKA,INDIA

PCT International Classification Number

H04J003/00

PCT International Application Number

N/A

PCT International Filing date

PCT Conventions:

#	PCT Application Number	Date of Convention	Priority Country
1			NA