METHOD AND SYSTEM FOR WIRELESS CONNECTING A MOBILE DEVICE TO A SERVICE PROVIDER THROUGH A HOSTING WIRELESS ACCESS NODE
First Claim
1. Method for commissioning a wireless connection with a related authentication to a remote relay node, whereto an electronic mobile device (1) is connected through at least one wireless communication module (11) to a hosting wireless access node (2) for transmitting/receiving data to/from a service provider (5) available on the Internet by means of a commissioned relay access node (4) selected by an authentication and commissioning manager (3), the method comprisingan association phase performed at OSI layer 2 initiated by the mobile device wireless communication module (11) to establish a connection with at least one wireless communication module (21) of the hosting wireless access node (2);
- an identification phase performed at OSI layer 2 initiated by an authentication module (24) of the hosting wireless access node (2) to retrieve from a client authentication module (12) of the mobile device (1) at least its authentication credentials provided by an authentication credentials module (13);
an access verification phase initiated by the hosting wireless access node authentication module (24) to retrieve from an authentication server (31) of the authentication and commissioning manager (3) the commissioned relay access node (4) to be used;
a commissioned relay access node selection phase initiated by the authentication server (31) to retrieve from a commissioned relay access node selector (32) of the authentication and commissioning manager (3) the commissioned relay access node (4) to be used;
a tunnel creation phase initiated by a tunnel/optimization module (22) of the hosting wireless access node (2) to establish a tunnel with a tunneling/optimization module (41) of the commissioned relay access node (4);
a transfer of the authentication state phase initiated by the hosting wireless access node authentication module (24) to transfer at least the mobile device authentication credentials to an authentication module (43) of the selected commissioned relay access node (4);
the transfer being encapsulated into the tunnel;
an authentication phase performed at OSI layer 2 initiated by the commissioned relay access node authentication module (43) to handshake with the mobile device client authentication module the authentication data used to establish a trusted connection between the commissioned relay access node (4) and the mobile device (1);
the handshaking, using OSI layer 2 data units, being encapsulated into the tunnel between the commissioned relay access node (4) and the hosting wireless access node (2);
a data transfer phase to transfer data between the mobile device (1) and the service provider (5);
the data exchanged by the mobile device 1, contained in OSI layer 2 data units and transmitted on the wireless connection with the hosting wireless access node 2, is encapsulated into the tunnel between the hosting wireless access node (2) and the commissioned relay access node (4);
the data is then extracted from the OSI layer 2 data units and finally forwarded by the commissioned relay access node (4) to the service provider (5);
the service provider (5) thereby is exchanging data with the commissioned relay access node (4) and not directly with the hosting wireless access node (2).
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for commissioning a wireless connection with a related authentication and the eventual encryption to a remote relay node, whereto an electronic mobile device is connected to a hosting wireless access node for transmitting/receiving data to/from a service provider available on the Internet by means of a commissioned relay access node selected by an authentication and commissioning manager. The data transfer between the mobile device and the service provider is encapsulated into the tunnel between the hosting wireless access node and the commissioned relay access node and is finally forwarded by the commissioned relay access node to the service provider. The service provider thereby is exchanging data with the commissioned relay access node and not directly with the hosting wireless access node.
49 Citations
28 Claims
-
1. Method for commissioning a wireless connection with a related authentication to a remote relay node, whereto an electronic mobile device (1) is connected through at least one wireless communication module (11) to a hosting wireless access node (2) for transmitting/receiving data to/from a service provider (5) available on the Internet by means of a commissioned relay access node (4) selected by an authentication and commissioning manager (3), the method comprising
an association phase performed at OSI layer 2 initiated by the mobile device wireless communication module (11) to establish a connection with at least one wireless communication module (21) of the hosting wireless access node (2); -
an identification phase performed at OSI layer 2 initiated by an authentication module (24) of the hosting wireless access node (2) to retrieve from a client authentication module (12) of the mobile device (1) at least its authentication credentials provided by an authentication credentials module (13); an access verification phase initiated by the hosting wireless access node authentication module (24) to retrieve from an authentication server (31) of the authentication and commissioning manager (3) the commissioned relay access node (4) to be used; a commissioned relay access node selection phase initiated by the authentication server (31) to retrieve from a commissioned relay access node selector (32) of the authentication and commissioning manager (3) the commissioned relay access node (4) to be used; a tunnel creation phase initiated by a tunnel/optimization module (22) of the hosting wireless access node (2) to establish a tunnel with a tunneling/optimization module (41) of the commissioned relay access node (4); a transfer of the authentication state phase initiated by the hosting wireless access node authentication module (24) to transfer at least the mobile device authentication credentials to an authentication module (43) of the selected commissioned relay access node (4);
the transfer being encapsulated into the tunnel;an authentication phase performed at OSI layer 2 initiated by the commissioned relay access node authentication module (43) to handshake with the mobile device client authentication module the authentication data used to establish a trusted connection between the commissioned relay access node (4) and the mobile device (1);
the handshaking, using OSI layer 2 data units, being encapsulated into the tunnel between the commissioned relay access node (4) and the hosting wireless access node (2);a data transfer phase to transfer data between the mobile device (1) and the service provider (5);
the data exchanged by the mobile device 1, contained in OSI layer 2 data units and transmitted on the wireless connection with the hosting wireless access node 2, is encapsulated into the tunnel between the hosting wireless access node (2) and the commissioned relay access node (4);
the data is then extracted from the OSI layer 2 data units and finally forwarded by the commissioned relay access node (4) to the service provider (5);
the service provider (5) thereby is exchanging data with the commissioned relay access node (4) and not directly with the hosting wireless access node (2). - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. System for commissioning a wireless connection with a related authentication to a remote relay node, whereto an electronic mobile device (1) is able to establish a connection with a hosting wireless access node (2) for transmitting/receiving data to/from a service provider (5) available on the Internet by means of a commissioned relay access node (4) selected by an authentication and commissioning manager (3), characterized in that
the electronic mobile device (1) comprises at least one wireless communication module (11) to establish a connection with the hosting wireless access node (2) and at least one client authentication module (12) providing means to authenticate the mobile device connection, by exchanging OSI layer 2 identification requests and responses with an authentication module (24) of the hosting wireless access node (2) and by exchanging OSI Layer 2 authentication requests and responses with an authentication module (43) of the commissioned relay access node (4), and at least one authentication credentials module (13) providing means to univocally identify the mobile device or its user; -
the hosting wireless access node (2) comprises at least one wireless communication module (21) providing means to manage at least one wireless connection and at least one WAN communication module (23) providing means to reach the Internet and at least one authentication module (24) providing means to retrieve at OSI layer 2 from the mobile device client authentication module (12) at least its authentication credentials and means to retrieve from the authentication and commissioning manager (3) the commissioned relay access node (4) to be used and means to transfer to the commissioned relay node (4) the retrieved mobile device authentication credentials;
furthermore the hosting wireless access node (2) comprises at least one tunneling/optimization module (22) providing means to manage and eventually optimize at least one tunnel connection with a commissioned relay access node (4) and means to encapsulate and send into this tunnel the mobile device authentication credentials and means to encapsulate/decapsulate the OSI Layer 2 authentication requests and responses exchanged between the mobile device (1) and the commissioned relay access node (4) and means to encapsulate the data, contained in OSI layer 2 data units and received on the wireless connection, sent from the mobile device (1) to the service provider (5) and finally means to decapsulate and forward to the mobile device (1) the data, included in OSI layer 2 data units received from the commissioned relay access node 4, sent from the service provider (5);the authentication and commissioning manager (3) comprises at least one commissioned relay access node selector (32) providing means to statically or dynamically map each mobile device authentication credentials to at least one access node authentication credentials and at least one authentication server (31) providing means to communicate to the hosting wireless access node authentication module (24) the access node to be used to manage the traffic generated by the mobile device (1); the commissioned relay access node (4) comprises at least one WAN communication module (42) providing means to reach the Internet and at least one authentication module (43) providing means to authenticate the connected mobile device (1), in order to obtain a trusted connection, by retrieving the mobile device authentication credentials from the hosting wireless access node authentication module (24) and by exchanging OSI layer 2 authentication requests and responses with the mobile device client authentication module (12);
furthermore the commissioned relay access node (4) comprises at least one tunneling/optimization module (41) providing means to manage and eventually optimize at least one tunnel connection with a hosting wireless access node (2) and means to decapsulate the mobile device authentication credentials received and make them available to the authentication module (43) and means to encapsulate/decapsulate the OSI layer 2 authentication requests and responses exchanged with the mobile device (1) and means to encapsulate the data from the service provider (5), after including it into OSI layer 2 data units, to the mobile device (1) and finally means to decapsulate and forward to the service provider (5) the data sent from the mobile device (1). - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
Specification