Technique for secure wireless LAN access

US 20040214570A1
Filed: 04/28/2003
Published: 10/28/2004
Est. Priority Date: 04/28/2003
Status: Active Grant

First Claim

Patent Images

1. A method for enabling a mobile communications device to securely access a wireless Local Area Network (LAN), comprising the steps of:

receiving in the wireless LAN a request for access from the mobile communications device;

authenticating the mobile communications device;

establishing for the mobile communications device an encryption key;

notifying the mobile communications device to invoke a user-executable program, which upon execution, configures the device with the encryption key so that communications traffic originated by the mobile communications device becomes encrypted with the encryption key.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An access arrangement (11) provides secure access by at least one mobile communications device (12₁-12₃) by first authenticating the device itself, and thereafter authenticating the traffic therefrom. To authenticate the traffic from the mobile communications device, an authentication server (24) associated with the access arrangement (11) establishes a Wired Equivalent Privacy (WEP) encryption key for both the access arrangement and the mobile communications device. The authentication server provides the WEP encryption key to the device in connection with a command to cause the device to execute a resident ActiveX control to encrypt traffic with the WEP encryption key. Utilizing the Active X control within the mobile communications device to encrypt traffic with the WEP encryption key provides a simple, easy-to-implement method to achieve secure access.

Citations

18 Claims

1. A method for enabling a mobile communications device to securely access a wireless Local Area Network (LAN), comprising the steps of:
- receiving in the wireless LAN a request for access from the mobile communications device;
  
  authenticating the mobile communications device;
  
  establishing for the mobile communications device an encryption key;
  
  notifying the mobile communications device to invoke a user-executable program, which upon execution, configures the device with the encryption key so that communications traffic originated by the mobile communications device becomes encrypted with the encryption key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method according to claim 1 wherein the notifying step comprises the steps of:
    - sending a command to the mobile communications devices that includes the encryption key, the command causing the mobile communications device to execute an ActiveX control that sets the encryption key within the device.
  - 3. The method according to claim 1 wherein the establishing step comprises the step of establishing a Wired Equivalent Privacy encryption key.
  - 4. The method according to claim 2 further comprising the step of directing the mobile communications device to acquire a plug-in to enable the device to dynamically set the session key when the device inherently lacks ActiveX control capability.
  - 5. The method according to claim 2 wherein the notifying step further comprises the step of parameterizing the ActiveX control.
  - 6. The method according to claim 5 wherein the step of parameterizing the ActiveX control comprises the step of using a Wired Equivalent Privacy encryption key as a parameter for the ActiveX control.
  - 7. The method according to claim 6 further comprising the steps of signing the ActiveX control and signing the Wired Equivalent Privacy encryption key to indicate which server invoked the ActiveX control and originated the Wired Equivalent encryption key.
  - 8. The method according to claim 7 wherein the step of signing the Wired Equivalent Privacy encryption key comprises the step of embedding within the key a time stamp containing a local time kept by the mobile communications device.

9. A method for enabling a mobile communications device to securely access a wireless LAN, comprising the steps of:
- receiving in the wireless LAN a request for access from a mobile communications device;
  
  authenticating the mobile communications device upon the receipt therefrom of user credentials;
  
  establishing for the mobile communications device a Wired Equivalent Privacy encryption key;
  
  sending a command together with Wired Equivalent Privacy encryption key to the mobile communications device, the command causing the device to invoke an ActiveX control to configure the device with the Wired Equivalent Privacy encryption key so that communications traffic originated by the mobile communications device becomes encrypted.
- View Dependent Claims (10, 11)
- - 10. The method according to claim 9 wherein the sending step comprises the step of parameterizing the ActiveX control with the Wired Equivalent Privacy encryption key.
  - 11. The method according to claim 10 further comprising the steps of signing the ActiveX control and signing the Wired Equivalent Privacy encryption key to indicate which server invoked the ActiveX control and originated the encryption key.

12. A wireless Local Area Network (LAN) for providing secure access to at least one mobile communications device, comprising:
- at least one access point for receiving an access request from a mobile communications device;
  
  an authenticating server for;
  
  (1) authenticating the mobile communications device, (2) establishing for the mobile communications device an encryption key, and (3) notifying the mobile communications device to invoke a user-executable program, which upon execution, configures the device with the encryption key so that communications traffic originated by the mobile communications device becomes encrypted with the encryption key; and
  
  a core network for linking the access point and the authenticating server.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The wireless LAN according to claim 12 wherein the authentication server notifies the mobile communication device by sending a command that includes the encryption key, the command causing the mobile communications device to execute an ActiveX control that sets the encryption key.
  - 14. The wireless LAN according to claim 12 wherein the encryption key comprises a Wired Equivalent Privacy key.
  - 15. The wireless LAN according to claim 12 wherein authentication server parameterizes the ActiveX control.
  - 16. The wireless LAN according to claim 15 wherein the authentication server parameterizes the ActiveX control using a Wired Equivalent Privacy encryption key as a parameter.
  - 17. The wireless LAN to claim 16 wherein the authentication server signs the ActiveX control and signs the Wired Equivalent Privacy encryption key.

18. In a wireless Local Area Network (LAN) for providing secure access to at least one mobile communications device, at least one access point for:
- (1) receiving an access request from a mobile communications device;
  
  (2) authenticating the mobile communications device, (3) establishing for the mobile communications device an encryption key, and (4) notifying the mobile communications device to invoke a user-executable program, which upon execution, configures the device with the encryption key so that communications traffic originated by the mobile communications device becomes encrypted with the encryption key

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Thomson Licensing (Vantiva SA)
Original Assignee
Thomson Licensing (Vantiva SA)
Inventors
Mathur, Saurabh, Ramaswamy, Kumar, Zhang, Junbiao

Granted Patent

US 7,142,851 B2
Time in Patent Office

Days
Field of Search
US Class Current

455/426.2
CPC Class Codes

H04L 63/168   above the transport layer

H04W 12/0431   Key distribution or pre-dis...

H04W 12/06   Authentication

H04W 74/00   Wireless channel access

H04W 84/12   WLAN [Wireless Local Area N...

Technique for secure wireless LAN access

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Technique for secure wireless LAN access

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links