Address spoofing prevention

US 20080107065A1
Filed: 11/08/2006
Published: 05/08/2008
Est. Priority Date: 11/08/2006
Status: Active Grant

First Claim

Patent Images

1. A method for securing a radio communication link establishment in a radio communication network comprising a local network and a secured network, at least a first terminal and a second terminal being part of the local network, at least the first terminal being capable of communicating with the secured network, the radio communication network implementing layered protocol functions, comprising at least Layers 1, 2 and 3, the terminals being identifiable by their Layer 2 and 3 addresses, the secured network comprising a database comprising address correspondence information between Layer 2 and 3 addresses of terminals, the method comprises the following steps in respect of the first terminal establishing a radio communication link with the second terminal:

the first terminal authenticating itself with the secured network;

the first terminal, by using the Layer 3 address of the second terminal, obtaining the corresponding Layer 2 address of the second terminal from the address correspondence information comprised in the database; and

establishing in the local network the radio communication link with the second terminal by using the Layer 2 address.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention relates to a method for securing a radio communication link establishment in a radio communication network comprising a local network and a secured network. The local network comprises at least a first terminal and a second terminal and at least the first terminal is capable of communicating with the secured network. The radio communication network implements layered protocol functions, comprising at least Layers 1, 2 and 3, the terminals being identifiable by their Layer 2 and 3 addresses. The secured network comprises a database comprising address correspondence information between Layer 2 and 3 addresses of terminals. In the method the first terminal authenticates itself with the secured network and then by using the Layer 3 address of the second terminal, obtaining the address correspondence information provided by the database and thereby determining the corresponding Layer 2 address of the second terminal. Then the first terminal establishes in the local network the radio communication link with the second terminal by using the Layer 2 address.

51 Citations

View as Search Results

10 Claims

1. A method for securing a radio communication link establishment in a radio communication network comprising a local network and a secured network, at least a first terminal and a second terminal being part of the local network, at least the first terminal being capable of communicating with the secured network, the radio communication network implementing layered protocol functions, comprising at least Layers 1, 2 and 3, the terminals being identifiable by their Layer 2 and 3 addresses, the secured network comprising a database comprising address correspondence information between Layer 2 and 3 addresses of terminals, the method comprises the following steps in respect of the first terminal establishing a radio communication link with the second terminal:
- the first terminal authenticating itself with the secured network;
  
  the first terminal, by using the Layer 3 address of the second terminal, obtaining the corresponding Layer 2 address of the second terminal from the address correspondence information comprised in the database; and
  
  establishing in the local network the radio communication link with the second terminal by using the Layer 2 address.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method according to claim 1, wherein the Layer 2 address is the medium access control address of the terminal and the Layer 3 address is the internet protocol address of the terminal.
  - 3. The method according to claim 1, wherein the first terminal establishing in the local network a direct mode radio communication session with the second terminal.
  - 4. The method according to claim 1, wherein the database sending the address correspondence information to the first terminal by using a multicast service.
  - 5. The method according to claim 4, wherein the multicast service is a Multimedia Broadcast Multicast Service.
  - 6. The method according to claim 1, wherein the radio communication network further comprises a dynamic host configuration protocol server and/or a domain name system server and the first terminal obtaining the Layer 2 and 3 addresses of the dynamic host configuration protocol server and/or the domain name system server from the address correspondence information comprised in the database.
  - 7. The method according to claim 6, wherein the dynamic host configuration server updating the address correspondence information of the database after having allocated a Layer 3 address to a terminal in the local network.
  - 8. The method according to claim 1, wherein the address correspondence information is transmitted to the first terminal over a secured radio link of the secured network.
  - 9. A computer program product comprising instructions for implementing the method steps according to claim 1 when loaded and run on computer means of the network.

10. A mobile station arranged for establishing a secure radio communication link in a radio communication network comprising a local network and a secured network, at least the mobile station and a terminal being part of the local network, at least the mobile station being capable of communicating with the secured network, the radio communication network implementing layered protocol functions, comprising at least Layers 1, 2 and 3, the mobile station and the terminals being identifiable by their Layer 2 and 3 addresses, the secured network comprising a database comprising address correspondence information between Layer 2 and 3 addresses of terminals, the mobile station comprises:
- means for authenticating itself with the secured network;
  
  means for, by using the Layer 3 address of the terminal, obtaining the corresponding Layer 2 address of the terminal from the address correspondence information comprised in the database; and
  
  means for establishing in the local network a radio communication link with the terminal by using the Layer 2 address.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Nortel Networks Limited (Nortel Networks Corporation)
Inventors
Lescuyer, Pierre, Lucidarme, Thierry

Granted Patent

US 8,363,594 B2
Time in Patent Office

Days
Field of Search
US Class Current

370/328
CPC Class Codes

H04L 63/1466   Active attacks involving in...

H04W 12/08   Access security

H04W 12/122   Counter-measures against at...

H04W 76/10   Connection setup

Address spoofing prevention

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

51 Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

Address spoofing prevention

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

51 Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links