Securing Communications of a Wireless Access Point and a Mobile Device

US 20130103939A1
Filed: 10/21/2011
Published: 04/25/2013
Est. Priority Date: 10/21/2011
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving, from a mobile device coupled to a first network implemented by at least one wireless access point, a request to access a second network;

receiving, from the mobile device via an unsecured wireless communication from the mobile device to the at least one wireless access point, first encrypted data, via a hypertext transfer protocol secure (HTTPS), that includes an encryption key utilizable for secure wireless communications between the mobile device and the at least one wireless access point; and

providing the encryption key to the wireless access point to be used by the at least one wireless access point for the secure wireless communications between the mobile device and the at least one wireless access point.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one or more embodiments, a network provider can receive a request to access a public network via a wireless network implemented via one or more wireless access points. The network provider can receive, via an unsecured wireless communication from a mobile device utilizing the wireless network and via a hypertext transfer protocol secure (HTTPS), an encryption key usable to secure wireless communications from the mobile device utilizing the wireless network. The encryption key can be encrypted via a public encryption key, received from the network provider or previously stored by the mobile device, associated with the network provider. The network provider can decrypt the encryption key and can provide the encryption key to a wireless access point implementing the wireless network and communicating with the mobile device. The wireless access point and the mobile device can communicate in a secure fashion based on the encryption key.

84 Citations

View as Search Results

20 Claims

1. A method, comprising:
- receiving, from a mobile device coupled to a first network implemented by at least one wireless access point, a request to access a second network;
  
  receiving, from the mobile device via an unsecured wireless communication from the mobile device to the at least one wireless access point, first encrypted data, via a hypertext transfer protocol secure (HTTPS), that includes an encryption key utilizable for secure wireless communications between the mobile device and the at least one wireless access point; and
  
  providing the encryption key to the wireless access point to be used by the at least one wireless access point for the secure wireless communications between the mobile device and the at least one wireless access point.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the first encrypted data that includes the encryption key is encrypted via a private encryption key of a network provider.
  - 3. The method of claim 1, further comprising:
    - receiving second encrypted data from the mobile device that is encrypted via the encryption key;
      
      decrypting the second encrypted data via the encryption key to obtain second data; and
      
      permitting the second data to be provided to the second network.
  - 4. The method of claim 1, further comprising:
    - receiving identification information associated with a user account;
      
      determining that the identification information is authenticated; and
      
      permitting the mobile device to communicate with the second network;
      
      wherein providing the encryption key to the at least one wireless access point and permitting the mobile device to communicate with the second network are performed subsequent to determining that the identification information is authenticated.
  - 5. The method of claim 1,wherein the request includes the first encrypted data that includes the encryption key;
    - andwherein receiving the request to access the second network includes receiving the first encrypted data that includes the encryption key;
  - 6. The method of claim 1, further comprising:
    - decrypting the first encrypted data to obtain the encryption key.
  - 7. The method of claim 1, wherein the encryption key includes a Wi-Fi Protected Access key.
  - 8. The method of claim 1, further comprising:
    - providing a public encryption key, that is associated with a network provider, to the mobile device, wherein the mobile device is configured to store the public encryption key in a nonvolatile memory device.
  - 9. The method of claim 1, further comprising:
    - encrypting, utilizing a private encryption key of a network provider, a media access control (MAC) address of the mobile device to obtain an encrypted MAC address; and
      
      providing the encrypted MAC address to the mobile device, wherein the mobile device is configured to store encrypted MAC address the in a nonvolatile memory device.

10. A system, comprising:
- an access controller that receives, from a mobile device via an unsecured wireless communication from the mobile device to at least one wireless access point coupled to the access controller and via a hypertext transfer protocol secure (HTTPS), first encrypted data that includes an encryption key utilizable for secure wireless communications between the mobile device and the at least one wireless access point and that provides the encryption key to the at least one wireless access point.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 11. The system of claim 10, further comprising:
    - the at least one access point.
  - 12. The system of claim 11, wherein the at least one access point includes the access controller.
  - 13. The system of claim 10, wherein the access controller further receives identification information associated with a user account, determines that the identification information is authenticated, and permits the mobile device to communicate with a public wide area network.
  - 14. The system of claim 13, wherein when the access controller receives the identification information associated with the user account, the access controller receives encrypted identification data that includes the identification information associated with the user account that was encrypted via the encryption key.
  - 15. The system of claim 13, wherein the identification information associated with the user account includes encrypted data that includes a media access control (MAC) address of the mobile device that was encrypted via a private encryption key of a network provider.
  - 16. The system of claim 13, wherein when the access controller determines that the identification information is authenticated, the access controller determines that the identification information is authenticated without utilizing an extensible authentication protocol (EAP), without utilizing an Institute of Electrical and Electronics Engineers (IEEE) 802.1x, and without utilizing a Wi-Fi Protected Access.
  - 17. The system of claim 10,wherein the access controller includes a secure web server that provides a public encryption key to the mobile device;
    - wherein the first encrypted data is encrypted via the public encryption key; and
      
      wherein when the access controller receives the first encrypted data, the secure web server receives the first encrypted data and decrypts the first data, utilizing a private encryption key that is associated with the public encryption key, to obtain the encryption key.
  - 18. The system of claim 10, wherein the access controller further decrypts the first encrypted data to obtain the encryption key.
  - 19. The system of claim 10, wherein the encryption key includes a Wi-Fi Protected Access key.

20. A computer readable memory device comprising instructions, which when executed by a processor of an access controller, the access controller receives, from a mobile device via an unsecured wireless communication from the mobile device to at least one wireless access point coupled to the access controller and via a hypertext transfer protocol secure (HTTPS), first encrypted data that includes an encryption key utilizable for secure wireless communications between the mobile device and the at least one wireless access point and provides the encryption key to the at least one wireless access point.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Radpour, Assad

Granted Patent

US 9,565,558 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/152
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 63/166   at the transport layer

H04L 9/083   involving central third par...

H04L 9/321   involving a third party or ...

H04L 9/3271   using challenge-response

H04W 12/04   Key management, e.g. using ...

H04W 12/08   Access security

H04W 12/50   Secure pairing of devices

H04W 84/12   WLAN [Wireless Local Area N...

Securing Communications of a Wireless Access Point and a Mobile Device

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

84 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Securing Communications of a Wireless Access Point and a Mobile Device

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

84 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links