Forced encryption for wireless local area networks

US 20040181663A1
Filed: 10/07/2003
Published: 09/16/2004
Est. Priority Date: 03/13/2003
Status: Abandoned Application

First Claim

Patent Images

1. A method of enforcing encryption on a public wireless local area network, the public wireless local area network comprising:

at least one access point for the wireless connection of corresponding user terminals;

an authentication, authorization and accounting system; and

at least one access control point for controlling access to the network, for initiating an authentication, authorization and accounting procedure for an accessing terminal, and for providing an Internet access gateway functionality;

the method comprising;

authenticating a user terminal to the authentication, authorization and accounting system upon arrival in a service area of the public wireless local area network;

requesting access to the Internet by the user terminal; and

enforcing applications corresponding to the Internet access request of the user terminal to switch their traffic to an encrypting security service port.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of enforcing encryption on a public wireless local area network having at least one access point for the wireless connection of user terminals, an authentication, authorization and accounting system, and at least one access control point for controlling access to the network, for initiating an authentication, authorization and accounting procedure for an accessing terminal, and for providing an Internet access gateway functionality. The method includes authenticating a user terminal to the authentication, authorization and accounting system, requesting access to the Internet by the user terminal, and enforcing applications corresponding to the Internet access request of the user terminal to switch their traffic to an encrypting security service port.

Citations

12 Claims

1. A method of enforcing encryption on a public wireless local area network, the public wireless local area network comprising:
- at least one access point for the wireless connection of corresponding user terminals;
  
  an authentication, authorization and accounting system; and
  
  at least one access control point for controlling access to the network, for initiating an authentication, authorization and accounting procedure for an accessing terminal, and for providing an Internet access gateway functionality;
  
  the method comprising;
  
  authenticating a user terminal to the authentication, authorization and accounting system upon arrival in a service area of the public wireless local area network;
  
  requesting access to the Internet by the user terminal; and
  
  enforcing applications corresponding to the Internet access request of the user terminal to switch their traffic to an encrypting security service port.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method according to claim 1, wherein the encrypting security service is the secure sockets layer or the transport layer security.
  - 3. The method according to claim 1, wherein the enforcement is performed by a responsible access control point.
  - 4. The method according to claim 1, wherein the enforcement is performed by a responsible wireless local area network gateway.
  - 5. The method according to claim 1, further comprising:
    - retrieving information by the access control point from RADIUS messages which user terminals do not use a 802.11i encryption; and
      
      directing the traffic encryption enforcement only to the such identified user terminals.
  - 6. The method according to claim 1, wherein the enforced applications are selected from a group comprising the hypertext transfer protocol for browsing the Internet, the Internet message access protocol 4, the post office protocol 3, and the simple mail transfer protocol.

7. A system for enforcing encryption on a public wireless local area network, comprising at least one user terminal, and a public wireless local area network, which comprises:
- at least one access point for the wireless connection of a user terminal;
  
  an authentication, authorization and accounting sub-system; and
  
  at least one access control point for controlling access to the network, for initiating an authentication, authorization and accounting procedure for a user terminal at the authentication, authorization and accounting sub-system upon its arrival in a service area of the public wireless local area network, for providing an Internet access gateway functionality, and for enforcing applications corresponding to an Internet access request of the user terminal to switch their traffic to an encrypting security service port.
- View Dependent Claims (8, 9)
- - 8. The system according to claim 7, wherein the encrypting security service is the secure sockets layer or the transport layer security.
  - 9. The system according to claim 7, wherein the access control point retrieves information from RADIUS messages which user terminals do not use a 802.11i encryption and directs the traffic encryption enforcement only to the such identified user terminals.

10. An access control point network element for enforcing encryption on a public wireless local area network, comprising:
- means for controlling access to the network;
  
  means for initiating an authentication, authorization and accounting procedure for a user terminal at an authentication, authorization and accounting sub-system of the public wireless local area network upon arrival of the user terminal in a service area of the public wireless local area network;
  
  means for providing an Internet access gateway functionality; and
  
  means for enforcing applications corresponding to an Internet access request of the user terminal to switch their traffic to an encrypting security service port.
- View Dependent Claims (11, 12)
- - 11. The network element according to claim 10, wherein the encrypting security service is the secure sockets layer or the transport layer security.
  - 12. The network element according to claim 10, further comprising:
    - means for retrieving information from RADIUS messages which user terminals do not use a 802.11i encryption; and
      
      means for directing the traffic encryption enforcement only to the such identified user terminals.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Corporation
Original Assignee
Nokia Corporation
Inventors
Korpiharju, Jari, Pienimaki, Sami, Lyback, Niklas

Application Number

US10/679,486
Publication Number

US 20040181663A1
Time in Patent Office

Days
Field of Search
US Class Current

713/155
CPC Class Codes

H04L 12/2856   Access arrangements, e.g. I...

H04L 63/0428   wherein the data content is...

H04L 63/0807   using tickets, e.g. Kerbero...

H04W 12/03   Protecting confidentiality,...

H04W 12/06   Authentication

H04W 84/12   WLAN [Wireless Local Area N...

Forced encryption for wireless local area networks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Forced encryption for wireless local area networks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links