Managed roaming for WLANS
First Claim
1. A system for securely accessing a wireless network, comprising:
- a wireless mobile device configured to use wireless network protocols conforming to one or more of the IEEE 802.11 family of specifications; and
a program executing on the wireless mobile device, the program being configured to cause the mobile device to use an association control list to control communication with access points;
the association control list comprising a plurality of BSSIDs;
the program being further configured to update the association control list by communicating with a server.
28 Assignments
0 Petitions
Accused Products
Abstract
The present invention allows any number of mobile units to roam between a large numbers of sub-networks, each with a large number of access points (tens of thousands or more total access points), with minimal direct administration effort. A hierarchy of management servers may be used across the multiple sub-networks, which can be under the control of multiple entities. The invention provides the capability for the mobile units to authenticate the access points associated with, to ensure they are both authorized and managed. Peer-to-peer and ad hoc associations between mobile units are managed as well. The invention may enforce a number of association policies such as, for example, forcing the mobile unit to only associate with access points or mobile units on a previously set mandatory association list, providing the mobile unit with a list of preferred access points to associate with, but allowing association with other access points, or providing the mobile unit with a excluded association list of access points or mobile units it is not to associate with.
-
Citations
75 Claims
-
1. A system for securely accessing a wireless network, comprising:
-
a wireless mobile device configured to use wireless network protocols conforming to one or more of the IEEE 802.11 family of specifications; and
a program executing on the wireless mobile device, the program being configured to cause the mobile device to use an association control list to control communication with access points;
the association control list comprising a plurality of BSSIDs;
the program being further configured to update the association control list by communicating with a server. - View Dependent Claims (2)
-
-
3. A system for securely accessing a wireless network, comprising:
-
a wireless mobile device; and
a program executing on the wireless mobile device, the program being configured to cause the mobile device to use an association control list to control communication with an access point, the association control list comprising digital data representing information concerning at least one access point and whether the wireless mobile unit should communicate with the at least one access point. - View Dependent Claims (4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 50, 51)
-
-
29. A system for securely accessing a wireless network, comprising:
-
a wireless mobile device comprising a processor and memory; and
a program executing on the wireless mobile device, the program being configured to cause the wireless mobile device to associate with an access point and to send a request to a server for confirmation that the access point is authorized, the access point comprising a wireless device for communicating with wireless devices and a wired network interface for communicating via a wired network. - View Dependent Claims (30, 31, 32, 33, 34, 35, 36)
-
- 37. A system for securely accessing a wireless network, comprising a server configured to receive a request to authenticate an access point from a wireless mobile device, the server being further configured to determine whether the wireless mobile device is associated with the access point and whether the access point is authorized, and to provide a response to the wireless mobile device indicating whether the mobile device is authorized to continue association with the access point.
-
40. A wireless communication security system, comprising:
-
a first wireless mobile device; and
a program executing on the first wireless mobile device, the program configured to cause the first wireless mobile device to use an association control list to control communication with other wireless mobile devices;
the association control list comprising a plurality of identifiers, each identifier uniquely identifying a wireless mobile device. - View Dependent Claims (41, 42, 43, 44, 45, 46, 47, 48)
-
-
49. A system for securely accessing a wireless network, comprising:
-
a wireless mobile device; and
a program executing on the wireless mobile device, the program being configured to cause the mobile device to use an association control list to control communication with access points and to update the association control list by communicating with a server.
-
- 52. A system for securely accessing a wireless network, comprising a server system comprising at least one server computer and at least one software program executing on the at least one server computer, the at least one server computer being operatively connected to a communications network, the system being configured to receive at least one access point identifier from a wireless mobile unit, the system being further configured to transmit to the wireless mobile unit information concerning at least one access point and whether the mobile unit should communicate with the at least one access point.
- 63. A system for securely accessing a wireless network, comprising an access point comprising a wireless device for communicating with wireless devices and a wired network interface for communicating via a wired network, the access point configured to wirelessly transmit an association control list, the association control list comprising digital data representing information concerning at least one access point and whether at least one wireless mobile unit should communicate with the at least one access point.
-
74. A system for securely accessing a wireless network, comprising:
-
a wireless mobile unit comprising a processor and memory; and
a program executing on the wireless unit, the program configured to cause the wireless mobile unit to transmit to a server system a data structure comprising identifiers of access points within range of the wireless mobile units;
the program further configured to receive from the server system information concerning at least one access point and whether the mobile unit should communicate with the at least one access point.
-
-
75. A system for securely accessing a wireless network, comprising:
-
a wireless mobile unit comprising a processor and memory; and
a program executing on the wireless unit, the program configured to cause the wireless mobile unit to receive an association control list from an access point, the association control list comprising digital data representing information concerning at least one access point and whether the wireless mobile unit should communicate with the at least one access point.
-
Specification