Session key management for public wireless lan supporting multiple virtual operators
First Claim
1. A method for managing a session key used for enabling communications between a mobile terminal and an access point in a wireless local area network (“
- WLAN”
), comprising the steps of;
receiving a request for access to the WLAN from the mobile terminal;
determining a virtual operator associated with the access request;
establishing a first secure channel between the access point and the virtual operator;
requesting user authentication from the virtual operator via the first secure channel, wherein the virtual operator communicates with the mobile terminal via a second secure channel to authenticate the mobile terminal;
selecting a session key and sending the session key to the virtual operator via the first secure channel, wherein the virtual operator sends the session key to the mobile terminal via the second secure channel; and
communicating with the mobile terminal using the session key.
4 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for managing a session key for allowing a mobile terminal to access a wireless local area network (WLAN). The invention provides for establishing a first secure channel between an access point and a virtual operator, and suggesting a session key to the virtual operator from the access point. A second secure channel is established between the virtual operator and a user, and the session key is sent to the user via the second secure channel upon successful user authentication. The mobile terminal accesses the WLAN using the session key.
-
Citations
15 Claims
-
1. A method for managing a session key used for enabling communications between a mobile terminal and an access point in a wireless local area network (“
- WLAN”
), comprising the steps of;
receiving a request for access to the WLAN from the mobile terminal;
determining a virtual operator associated with the access request;
establishing a first secure channel between the access point and the virtual operator;
requesting user authentication from the virtual operator via the first secure channel, wherein the virtual operator communicates with the mobile terminal via a second secure channel to authenticate the mobile terminal;
selecting a session key and sending the session key to the virtual operator via the first secure channel, wherein the virtual operator sends the session key to the mobile terminal via the second secure channel; and
communicating with the mobile terminal using the session key. - View Dependent Claims (2, 3, 4, 5, 6, 7)
- WLAN”
-
8. An apparatus for managing a session key used for enabling communications between a mobile terminal and a wireless local area network (“
- WLAN”
), comprising;
means for receiving a request for access to the WLAN from the mobile terminal;
means for determining a virtual operator associated with the access request;
first means for communicating with the virtual operator via a first secure channel, the first communicating means requesting user authentication from the virtual operator via the first secure channel, wherein the virtual operator communicates with the mobile terminal via a second secure channel to authenticate the mobile terminal;
means, coupled to the first communicating means, for selecting a session key and sending the session key to the virtual operator via the first secure channel, wherein the virtual operator sends the session key to the mobile terminal via the second secure channel; and
second means for communicating with the mobile terminal using the session key. - View Dependent Claims (13, 14)
- WLAN”
- 9. The apparatus according to claim 9, wherein the first communicating means requests user authentication in parallel with selecting means selecting and sending the session key.
-
15. A method for controlling a mobile terminal in a wireless local area network (WLAN), comprising the steps of:
-
transmitting a request for access to the WLAN, the request including data identifying an associated virtual operator;
establishing a secure channel with the virtual operator for performing user authentication associated with the request for access;
receiving a session key via the secure channel upon successful user authentication wherein the virtual operator receives the session key from the WLAN through a second secure channel; and
establishing communications with the WLAN using the session key.
-
Specification