Seamless public wireless local area network user authentication

US 20050243778A1
Filed: 05/13/2003
Published: 11/03/2005
Est. Priority Date: 05/13/2002
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating a mobile wireless communications device in a public wireless Local Area Network (LAN), comprising the steps of:

receiving a request for non-authentication information;

partially opening a controlled port through which the information request is directed to a first server that responds by providing a reply to the mobile wireless communications device;

receiving an access request;

authenticating the mobile wireless communications device; and

fully opening the controlled port to enable the exchange of traffic with the mobile wireless communications device through the controlled port.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A public wireless LAN permits receipt of non-authentication traffic, such as access information requests, from a mobile wireless communications device prior to device authentication by partially opening a controlled port within an access point. The wireless LAN re-directs such non-authentication traffic received at the AP from the mobile wireless communications to a local web server. The local web server provides reply to the mobile wireless communications device, enabling a determination by the device whether or not to request access. The device seeks access by way of an access request received at the AP. In response, the AP re-directs the access request through an uncontrolled port in the AP to an access server that authenticates device. Upon successful device authentication, the AP fully opens its controlled port to permit the exchange of traffic through that port with the mobile wireless communications device.

38 Citations

View as Search Results

14 Claims

1. A method for authenticating a mobile wireless communications device in a public wireless Local Area Network (LAN), comprising the steps of:
- receiving a request for non-authentication information;
  
  partially opening a controlled port through which the information request is directed to a first server that responds by providing a reply to the mobile wireless communications device;
  
  receiving an access request;
  
  authenticating the mobile wireless communications device; and
  
  fully opening the controlled port to enable the exchange of traffic with the mobile wireless communications device through the controlled port.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method according to claim 1 wherein the request for non-authentication information is directed to the first server irrespective of a destination specified in the request.
  - 3. The method according to claim 1 wherein the authenticating step comprises the steps of:
    - receiving an acceptance from the mobile wireless communications device responsive to the reply to the mobile wireless communications device;
      
      transmitting a user identification request to the mobile wireless communications device;
      
      receiving a user identification response from the mobile wireless communications device in reply to the user identification request; and
      
      re-directing the user identification response to an authentication server.
  - 4. The method according to claim 3 wherein the step of transmitting the protocol identification request comprises the step of transmitting an Extensible Authentication Protocol (EAP) request.
  - 5. The method according to claim 4 wherein the step of receiving the protocol identification response comprises the step of receiving an EAP identification response.

6. The method according to claim l further comprising the step of setting an authentication key following authentication.
- View Dependent Claims (7)
- - 7. The method according to claim 6 wherein the step of setting an authentication key comprises the step of setting a Wired Equivalent Privacy (WEP) encryption key.

8. A communications network for authenticating for authenticating a mobile wireless communications device, comprising:
- a first server for storing non-authentication information;
  
  a second server for authenticating the mobile wireless communications device;
  
  at least one access point having (a) controlled port via which the AP partially opens in response to a receipt of a request for non-authentication information from a mobile wireless communications device and for directing the information request to the first server which sends a reply for receipt by the mobile wireless communications device, and (b) an uncontrolled port through which the AP directs authentication traffic received from the mobile wireless communications device to the second server which exchanges authentication traffic with the mobile wireless communications device;
  
  a public wireless Local Area Network (LAN) coupled to the one AP and said first and second servers.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The system according to claim 8 wherein the AP utilizes a communication protocol in conformance with IEEE 802.1x.
  - 10. The system according to claim 8 wherein the information stored in the first server includes access costs.
  - 11. The system according to claim 8 wherein the second server authenticates the mobile wireless communications device in accordance with an Extensible Authentication Protocol (EAP).
  - 12. The system according to claim 8 wherein the authentication traffic received at the one AP includes an identification of the authentication server.

13. An access point comprising:
- (a) controlled port via which the partially opened in response to a receipt of a request for non-authentication information from a mobile wireless communications device and for directing the information request to a first server which sends a reply for receipt by the mobile wireless communications device, and (b) an uncontrolled port through which the AP directs authentication traffic received from the mobile wireless communications device to a second server, which exchanges authentication traffic with the mobile wireless communications device.
- View Dependent Claims (14)
- - 14. The system according to claim 13 wherein the AP utilizes a communication protocol in conformance with IEEE 802.1x.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
InterDigital Patent Holdings, Inc. (InterDigital, Inc.)
Original Assignee
Thomson Licensing (Vantiva SA)
Inventors
Ramaswamy, Kumar, Zhang, Junbiao, Wang, Charles Chuanming, Mody, Sachin Satish

Granted Patent

US 8,289,936 B2
Time in Patent Office

Days
Field of Search
US Class Current

370/338
CPC Class Codes

H04L 12/2856   Access arrangements, e.g. I...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/08   for authentication of entit...

H04L 63/104   Grouping of entities

H04L 63/162   at the data link layer

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 12/50   Secure pairing of devices

H04W 48/14   using user query or user de...

H04W 80/00   Wireless network protocols ...

H04W 84/12   WLAN [Wireless Local Area N...

Seamless public wireless local area network user authentication

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

38 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Seamless public wireless local area network user authentication

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

38 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links