Providing secure network access for short-range wireless computing devices
First Claim
1. A method of enabling secure network access in a short-range wireless networking environment, comprising the steps of:
- providing one or more portable client devices, each of the client devices equipped with a short-range wireless communications capability for communicating in the short-range wireless networking environment;
receiving, by a network access point, a communication from a selected one of the client devices;
determining, by the network access point, that the selected client device does not have a valid session key for encryption;
obtaining, by the network access point, user credentials for a user of the selected client device;
authenticating, by the network access point, the user credentials by contacting an authentication server;
establishing the valid session key when the authenticating step completes successfully; and
using the established session key, by the selected client device and the network access point, to encrypt packets that are transmitted over a link between the selected client device and the network access point.
5 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides methods, systems, and computer program instructions for providing location-independent packet routing and secure access in a wireless networking environment (such as that encountered within a building), enabling client devices to travel seamlessly within the environment. Each client device uses a constant address. An address translation process that is transparent to the client and server is automatically performed as the device roams through the environment, enabling efficient client migration from one supporting access point to another. The secure access techniques provide user-centric authentication and allow policy-driven packet filtering, while taking advantage of encryption capabilities that are built in to the hardware at each endpoint.
88 Citations
15 Claims
-
1. A method of enabling secure network access in a short-range wireless networking environment, comprising the steps of:
-
providing one or more portable client devices, each of the client devices equipped with a short-range wireless communications capability for communicating in the short-range wireless networking environment;
receiving, by a network access point, a communication from a selected one of the client devices;
determining, by the network access point, that the selected client device does not have a valid session key for encryption;
obtaining, by the network access point, user credentials for a user of the selected client device;
authenticating, by the network access point, the user credentials by contacting an authentication server;
establishing the valid session key when the authenticating step completes successfully; and
using the established session key, by the selected client device and the network access point, to encrypt packets that are transmitted over a link between the selected client device and the network access point. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system for enabling secure network access in a short-range wireless networking environment, comprising:
-
one or more portable client devices, each of the client devices equipped with a short-range wireless communications capability for communicating in the short-range wireless networking environment;
means for receiving, by a network access point, a communication from a selected one of the client devices;
means for determining, by the network access point, that the selected client device does not have a valid session key for encryption;
means for obtaining, by the network access point, user credentials for a user of the selected client device;
means for authenticating, by the network access point, the user credentials by contacting an authentication server;
means for establishing the valid session key when the means for authenticating completes successfully; and
means for using the established session key, by the selected client device and the network access point, to encrypt packets that are transmitted over a link between the selected client device and the network access point. - View Dependent Claims (7, 8, 9, 10)
-
-
11. Computer program instructions embodied on one or more computer readable media, the computer program instructions adapted for enabling secure network access in a short-range wireless networking environment, comprising:
-
computer program instructions for accessing one or more portable client devices, each of the client devices equipped with a short-range wireless communications capability for communicating in the short-range wireless networking environment;
computer program instructions for receiving, by a network access point, a communication from a selected one of the client devices;
computer program instructions for determining, by the network access point, that the selected client device does not have a valid session key for encryption;
computer program instructions for obtaining, by the network access point, user credentials for a user of the selected client device;
computer program instructions for authenticating, by the network access point, the user credentials by contacting an authentication server;
computer program instructions for establishing the valid session key when the computer program instructions for authenticating complete successfully; and
computer program instructions for using the established session key, by the selected client device and the network access point, to encrypt packets that are transmitted over a link between the selected client device and the network access point. - View Dependent Claims (12, 13, 14, 15)
-
Specification