PROXY-ENCRYPTED AUTHENTICATION FOR TETHERED DEVICES

US 20080003981A1
Filed: 07/02/2007
Published: 01/03/2008
Est. Priority Date: 07/25/2003
Status: Active Grant

First Claim

Patent Images

1. A method for enforcing encrypted proxy authentication of terminal equipment coupled to a wireless unit, comprising:

intercepting in the wireless unit a link control protocol configuration request message directed to the terminal equipment;

determining if an authentication protocol indicated in the link control protocol configuration request message is unacceptable to the wireless unit;

generating in the wireless unit an appropriate response to the link control protocol configuration request message if the indicated authentication protocol is unacceptable to the wireless unit.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and apparatus are presented herein for allowing a wireless communication device to perform a proxy authentication on behalf of a tethered device and ensure the authentication is encrypted.

Citations

39 Claims

1. A method for enforcing encrypted proxy authentication of terminal equipment coupled to a wireless unit, comprising:
- intercepting in the wireless unit a link control protocol configuration request message directed to the terminal equipment;
  
  determining if an authentication protocol indicated in the link control protocol configuration request message is unacceptable to the wireless unit;
  
  generating in the wireless unit an appropriate response to the link control protocol configuration request message if the indicated authentication protocol is unacceptable to the wireless unit.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein determining if an authentication protocol indicated in the link control protocol configuration request message is unacceptable to the wireless unit comprises determining if the indicated authentication protocol is unencrypted authentication.
  - 3. The method of claim 1, wherein determining if an authentication protocol value is unacceptable to the wireless unit comprises comparing the authentication protocol value to a prioritized list of acceptable authentication protocols.
  - 4. The method of claim 1, further comprising:
    - maintaining a count of a number of responses generated in the wireless unit; and
      
      checking the count prior to generating each response in the wireless unit, wherein if the count exceeds a predetermined value, generating an appropriate response to the link control protocol configuration request message comprises generating a configuration rejection message rejecting authentication.
  - 5. The method of claim 1, further comprising:
    - maintaining a count of a number of responses generated in the wireless unit; and
      
      checking the count prior to generating each response in the wireless unit, wherein if the count exceeds a predetermined value, generating an appropriate response to the link control protocol configuration request message comprises generating a communication termination request message.
  - 6. The method of claim 1, wherein generating an appropriate response to the link control protocol configuration request message comprises generating a configuration not acceptable message indicating an acceptable authentication protocol.
  - 7. The method of claim 1, wherein generating an appropriate response to the link control protocol configuration request message comprises generating a configuration not acceptable message indicating a challenge/response authentication protocol.

8. An apparatus within a wireless unit for performing a proxy encrypted authentication of terminal equipment coupled to the wireless unit, comprising:
- at least one memory element; and
  
  at least one processing element configured to execute a set of instructions stored upon the at least one memory element, the set of instructions for;
  
  intercepting in the wireless unit a link control protocol configuration request message directed to the terminal equipment;
  
  determining if an authentication protocol indicated in the link control protocol configuration request message is unacceptable to the wireless unit;
  
  generating in the wireless unit an appropriate response to the link control protocol configuration request message if the indicated authentication protocol is unacceptable to the wireless unit.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The apparatus of claim 8, wherein the at least one processing element is further configured to execute instructions stored upon the at least one memory element for determining if the indicated authentication protocol is unencrypted authentication.
  - 10. The apparatus of claim 8, wherein the at least one processing element is further configured to execute instructions stored upon the at least one memory element for comparing the authentication protocol value to a prioritized list of acceptable authentication protocols.
  - 11. The apparatus of claim 8, wherein the at least one processing element is further configured to execute instructions stored upon the at least one memory element for:
    - maintaining a count of a number of responses generated in the wireless unit;
      
      checking the count prior to generating each response in the wireless unit; and
      
      if the count exceeds a predetermined value, generating a configuration rejection message rejecting authentication.
  - 12. The apparatus of claim 8, wherein the at least one processing element is further configured to execute instructions stored upon the at least one memory element for:
    - maintaining a count of a number of responses generated in the wireless unit;
      
      checking the count prior to generating each response in the wireless unit; and
      
      if the count exceeds a predetermined value, generating a communication termination request message.
  - 13. The apparatus of claim 8, wherein the at least one processing element is further configured to execute instructions stored upon the at least one memory element for generating a configuration not acceptable message indicating an acceptable authentication protocol as the appropriate response to the link control protocol configuration request message.
  - 14. The apparatus of claim 8, wherein the at least one processing element is further configured to execute instructions stored upon the at least one memory element for generating a configuration not acceptable message indicating a challenge/response authentication protocol as the appropriate response to the link control protocol configuration request message.

15. Apparatus for performing a proxy authentication of terminal equipment coupled to a wireless unit, comprising:
- means for intercepting in the wireless unit a link control protocol configuration request message directed to the terminal equipment;
  
  means for determining if an authentication protocol indicated in the link control protocol configuration request message is unacceptable to the wireless unit;
  
  means for generating in the wireless unit an appropriate response to the link control protocol configuration request message if the indicated authentication protocol is unacceptable to the wireless unit.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The apparatus of claim 15, wherein the means for determining if an authentication protocol indicated in the link control protocol configuration request message is unacceptable to the wireless unit comprises means for determining if the indicated authentication protocol is unencrypted authentication.
  - 17. The apparatus of claim 15, wherein the means for determining if an authentication protocol value is unacceptable to the wireless unit comprises means for comparing the authentication protocol value to a prioritized list of acceptable authentication protocols.
  - 18. The apparatus of claim 15, further comprising:
    - means for maintaining a count of a number of responses generated in the wireless unit; and
      
      means for checking the count prior to generating each response in the wireless unit, wherein if the count exceeds a predetermined value, the means for generating an appropriate response to the link control protocol configuration request message generates a configuration rejection message rejecting authentication.
  - 19. The apparatus of claim 15, further comprising:
    - means for maintaining a count of a number of responses generated in the wireless unit; and
      
      means for checking the count prior to generating each response in the wireless unit, wherein if the count exceeds a predetermined value, the means for generating an appropriate response to the link control protocol configuration request message generates a communication termination request message.
  - 20. The apparatus of claim 15, wherein the means for generating an appropriate response to the link control protocol configuration request message comprises means for generating a configuration not acceptable message indicating an acceptable authentication protocol.
  - 21. The apparatus of claim 15, wherein the means for generating an appropriate response to the link control protocol configuration request message comprises means for generating a configuration not acceptable message indicating a challenge/response authentication protocol.

22. A processor readable memory unit having stored thereon processor executable instructions configured to cause a processor to perform steps comprising:
- intercepting in the wireless unit a link control protocol configuration request message directed to the terminal equipment;
  
  determining if an authentication protocol indicated in the link control protocol configuration request message is unacceptable to the wireless unit;
  
  generating in the wireless unit an appropriate response to the link control protocol configuration request message if the indicated authentication protocol is unacceptable to the wireless unit.
- View Dependent Claims (23, 24, 25, 26, 27, 28)
- - 23. The processor readable memory of claim 22, wherein determining if an authentication protocol indicated in the link control protocol configuration request message is unacceptable to the wireless unit comprises determining if the indicated authentication protocol is unencrypted authentication.
  - 24. The processor readable memory of claim 22, wherein determining if an authentication protocol value is unacceptable to the wireless unit comprises comparing the authentication protocol value to a prioritized list of acceptable authentication protocols.
  - 25. The processor readable memory of claim 22, wherein the stored processor executable instructions are further configured to cause a processor to perform steps comprising:
    - maintaining a count of a number of responses generated in the wireless unit; and
      
      checking the count prior to generating each response in the wireless unit, wherein if the count exceeds a predetermined value, generating an appropriate response to the link control protocol configuration request message comprises generating a configuration rejection message rejecting authentication.
  - 26. The processor readable memory of claim 22, wherein the stored processor executable instructions are further configured to cause a processor to perform steps comprising:
    - maintaining a count of a number of responses generated in the wireless unit; and
      
      checking the count prior to generating each response in the wireless unit, wherein if the count exceeds a predetermined value, generating an appropriate response to the link control protocol configuration request message comprises generating a communication termination request message.
  - 27. The processor readable memory of claim 22, wherein generating an appropriate response to the link control protocol configuration request message comprises generating a configuration not acceptable message indicating an acceptable authentication protocol.
  - 28. The processor readable memory of claim 22, wherein generating an appropriate response to the link control protocol configuration request message comprises generating a configuration not acceptable message indicating a challenge/response authentication protocol.

29. A method for negotiating encrypted proxy authentication of terminal equipment coupled to a wireless unit, comprising:
- intercepting in the wireless unit a link control protocol message directed to the terminal equipment;
  
  determining if an authentication protocol value in the link control protocol message indicates an authentication protocol that is unacceptable to the wireless unit;
  
  generating in the wireless unit an appropriate response to the link control protocol message;
  
  forwarding a challenge message to the terminal equipment; and
  
  ignoring a challenge response received from the terminal equipment.
- View Dependent Claims (30, 31, 32, 33)
- - 30. The method of claim 29, wherein generating the appropriate response to the link control protocol message comprises generating a configuration not acceptable response message indicating an acceptable authentication protocol.
  - 31. The method of claim 29, wherein if the link control protocol message is a configuration request message and the authentication protocol value in the configuration request indicates authentication without encryption, generating the appropriate response to the link control protocol message comprises generating a configuration not acceptable response message indicating one of (a) an encrypted authentication protocol or (b) no authentication.
  - 32. The method of claim 30, further comprising:
    - maintaining a count of a number of configuration not acceptable response generated;
      
      checking the count prior to generating each configuration not acceptable response; and
      
      generating a configuration rejection message rejecting authentication in the event the count exceeds a predetermined value.
  - 33. The method of claim 30, further comprising:
    - maintaining a count of a number of configuration not acceptable response generated;
      
      checking the count prior to generating each configuration not acceptable response; and
      
      generating a communication termination request in the event the count exceeds a predetermined value.

34. A method for performing a proxy encrypted authentication of a device tethered to a wireless unit, comprising:
- intercepting a link control protocol configuration request directed to the tethered device;
  
  determining if an authentication protocol value in the configuration request is acceptable;
  
  generating an appropriate response to the link control protocol configuration request without forwarding the link control protocol configuration request to the tethered device;
  
  intercepting a challenge directed to the tethered device;
  
  generating an appropriate response to the challenge without waiting for input from the tethered device;
  
  forwarding the challenge to the tethered device; and
  
  ignoring a challenge response received from the tethered device.
- View Dependent Claims (35, 36, 37)
- - 35. The method of claim 34, wherein generating the appropriate response to the challenge comprises using password information associated with the wireless unit to generate the appropriate response rather than using password information associated with the tethered device.
  - 36. The method of claim 34, wherein the authentication is a challenge/response authentication procedure.
  - 37. The method of claim 36, wherein the challenge/response authentication procedure is the Challenge Handshake Authentication Protocol.

38. An apparatus within a wireless unit for performing a proxy encrypted authentication of a device tethered to the wireless unit, comprising:
- at least one memory element; and
  
  at least one processing element configured to execute a set of instructions stored upon the at least one memory element, the set of instructions for;
  
  intercepting a link control protocol configuration request directed to the tethered device;
  
  determining if an authentication protocol value in the configuration request is acceptable;
  
  generating an appropriate response to the link control protocol configuration request without forwarding the link control protocol configuration request to the tethered device;
  
  intercepting a challenge directed to the tethered device;
  
  generating an appropriate response to the challenge without waiting for input from the tethered device;
  
  forwarding the challenge to the tethered device; and
  
  ignoring a challenge response received from the tethered device.

39. Apparatus for performing a proxy authentication of a device tethered to a wireless unit, comprising:
- means for intercepting a link control protocol configuration request directed to the tethered device;
  
  means for determining if an authentication protocol value in the configuration request is acceptable;
  
  means for generating an appropriate response to the link control protocol configuration request without forwarding the link control protocol configuration request to the tethered device;
  
  means for intercepting a challenge directed to the tethered device;
  
  means for generating an appropriate response to the challenge without waiting for input from the tethered device;
  
  means for forwarding the challenge to the tethered device; and
  
  means for determining to ignore a challenge response received from the tethered device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Qualcomm, Inc.
Original Assignee
Qualcomm, Inc.
Inventors
SHARMA, Shshank, DYCK, Jeffrey, LIOY, Marcello

Granted Patent

US 7,877,081 B2
Time in Patent Office

Days
Field of Search
US Class Current

455/411
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/0884   by delegation of authentica...

H04L 63/162   at the data link layer

H04L 63/205   involving negotiation or de...

H04L 69/24   Negotiation of communicatio...

H04W 12/069   using certificates or pre-s...

H04W 88/04   adapted for relaying to or ...

PROXY-ENCRYPTED AUTHENTICATION FOR TETHERED DEVICES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

39 Claims

Specification

Solutions

Use Cases

Quick Links

PROXY-ENCRYPTED AUTHENTICATION FOR TETHERED DEVICES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

39 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links