Wireless network authentication control

US 10,516,998 B2
Filed: 03/15/2017
Issued: 12/24/2019
Est. Priority Date: 01/19/2017
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

binding a predetermined access control role for Internet of Things (IoT) devices to a Service Set Identification (SSID) for a Access Point (AP) in a wireless network;

upon a condition causing a plurality of devices to attempt to associate with the AP, assigning, with the AP, a first value for an Authentication Control Threshold (ACT) field in a first advertisement packet to allow the IoT devices having the predetermined access control role to immediately attempt to associate with the AP, the first value being a maximum value for the ACT field;

transmitting, with the AP, the first advertisement packet including the first value for the ACT field for association of IoT devices having the predetermined access control role;

receiving authentication requests from one or more IoT devices in response to the first advertisement packet and associating the one or more IoT devices with the AP;

assigning, with the AP, a second value between a minimum value and a maximum value to an ACT field in a second advertisement packet for one or more devices having an access control role other than the predetermined access control role for IoT devices;

transmitting, with the AP, the second advertisement packet including the second value for the ACT field for one or more devices having an access control role other than the predetermined access control role allowing one or more devices having an access control role other than the predetermined access control role to attempt association with the AP within a random time in a given time window; and

receiving authentication requests from one or more devices in response to the second advertisement packet and associating the one or more devices with the AP.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In some examples, a method includes assigning, with an Access Point (AP) in a wireless network, a value for an Authentication Control Threshold (ACT) field in an advertisement packet that allows devices having a predetermined access control role to immediately attempt to associate with the AP. The method can further include transmitting, with the AP, the advertisement packet including the value for the ACT field for devices having the predetermined access control role.

Citations

13 Claims

1. A method comprising:
- binding a predetermined access control role for Internet of Things (IoT) devices to a Service Set Identification (SSID) for a Access Point (AP) in a wireless network;
  
  upon a condition causing a plurality of devices to attempt to associate with the AP, assigning, with the AP, a first value for an Authentication Control Threshold (ACT) field in a first advertisement packet to allow the IoT devices having the predetermined access control role to immediately attempt to associate with the AP, the first value being a maximum value for the ACT field;
  
  transmitting, with the AP, the first advertisement packet including the first value for the ACT field for association of IoT devices having the predetermined access control role;
  
  receiving authentication requests from one or more IoT devices in response to the first advertisement packet and associating the one or more IoT devices with the AP;
  
  assigning, with the AP, a second value between a minimum value and a maximum value to an ACT field in a second advertisement packet for one or more devices having an access control role other than the predetermined access control role for IoT devices;
  
  transmitting, with the AP, the second advertisement packet including the second value for the ACT field for one or more devices having an access control role other than the predetermined access control role allowing one or more devices having an access control role other than the predetermined access control role to attempt association with the AP within a random time in a given time window; and
  
  receiving authentication requests from one or more devices in response to the second advertisement packet and associating the one or more devices with the AP.
- View Dependent Claims (2, 3, 4, 5, 9, 10, 11)
- - 2. The method of claim 1, wherein the maximum value is 1022.
  - 3. The method of claim 1, wherein the access control role is a Role-Based Access Control (RBAC) role for IoT devices.
  - 4. The method of claim 1, wherein the access control role is a role based on attributes of IoT devices in an Attribute-Based Access Control (ABAC) model.
  - 5. The method of claim 1, wherein assigning a value for the ACT field allows IoT devices having the predetermined access control role to immediately attempt to associate with the AP without the use of an additional Information Element (IE).
  - 9. The method of claim 1, wherein the SSID is an Extended SSID (ESSID).
  - 10. The method of claim 1, wherein a plurality of SSIDs are associated with the AP, and the SSID to which the predetermined access control role is bound comprises only a first SSID of the plurality of SSIDs.
  - 11. The method of claim 1, wherein the condition causing the plurality of devices to attempt to associate with the AP is a power outage event.

6. A non-transitory machine readable storage medium having stored thereon machine readable instructions to cause a computer processor to:
- bind a predetermined access control role for Internet of Things (IOT) devices to a Service Set Identification (SSID) associated with an Access Point (AP) in a Wireless Local Area Network (WLAN); and
  
  upon a condition causing a plurality of devices to attempt to associate with the AP, assign, with the AP, a first value for an Authentication Control Threshold (ACT) field of a first advertisement packet for the AP in the WLAN to allow the IoT devices to immediately attempt to associate with the AP, the first value being a maximum value for the ACT field;
  
  transmit, with the AP, the first advertisement packet including the first value for the ACT field for association of IoT devices having the predetermined access control role;
  
  receive authentication requests from one or more IoT devices in response to the first advertisement packet and associate the one or more IoT devices with the AP;
  
  assign, with the AP, a second value between a minimum value and a maximum value to an ACT field in a second advertisement packet for one or more devices having an access control role other than the predetermined access control role for IoT devices;
  
  transmit, with the AP, the second advertisement packet including the second value for the ACT field for one or more devices having an access control role other than the predetermined access control role allowing one or more devices having an access control role other than the predetermined access control role to attempt association with the AP within a random time in a given time window; and
  
  receive authentication requests from one or more devices in response to the second advertisement packet and associate the one or more devices with the AP.
- View Dependent Claims (12)
- - 12. The medium of claim 6, wherein the condition causing the plurality of devices to attempt to associate with the AP is a power outage event.

7. An Access Point (AP) in a wireless network, the AP comprising:
- a processing resource; and
  
  a memory resource storing machine readable instructions to cause the processing resource to;
  
  bind a predetermined Internet of Things (IoT) Role-Based Access Control (RBAC) role for IoT devices to Service Set Identification (SSID) for a Access Point (AP) in a Wireless Local Area Network (WLAN);
  
  upon a condition causing a plurality of devices to attempt to associate with the AP, set, with the AP, a first values for an Authentication Control Threshold (ACT) field of a first beacon packet to allow the IoT devices having the predetermined IoT RBAC role to immediately attempt to associate with the AP, the first value being a maximum value for the ACT field;
  
  transmit, with the AP, the first beacon packet including the first value for the ACT field for association of IoT devices having the predetermined IoT RBAC role;
  
  receive authentication requests from one or more IoT devices in response to the first beacon packet and associate the one or more IoT devices with the AP;
  
  set an ACT value of a subsequent second beacon packet to a value other than the maximum value for one or more devices that do not have the predetermined IOT RBAC role to delay attempted association of those devices with the AP;
  
  transmit, with the AP, the second beacon packet including the second value for the ACT field for one or more devices that do not have the predetermined IOT RBAC role to attempt association with the AP within a random time in a given time window; and
  
  receive authentication requests from one or more devices in response to the second beacon packet and associate the one or more devices with the AP.
- View Dependent Claims (8, 13)
- - 8. The AP of claim 7, wherein a device having the predetermined IOT RBAC role is compliant with the Institute of Electrical and Electronics Engineers (IEEE) 802.11ah wireless networking protocol.
  - 13. The AP of claim 7, wherein the condition causing the plurality of devices to attempt to associate with the AP is a power outage event.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Inventors
Ismail, Akram Sheriff
Primary Examiner(s)
Wang, Harris C

Application Number

US15/459,818
Publication Number

US 20180206116A1
Time in Patent Office

1,014 Days
Field of Search
US Class Current
CPC Class Codes

H04L 47/808   User-type aware

H04L 47/824   Applicable to portable or m...

H04W 12/08   Access security

H04W 48/12   using downlink control channel

H04W 84/12   WLAN [Wireless Local Area N...

Wireless network authentication control

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Wireless network authentication control

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links