Method for grouping 802.11 stations into authorized service sets to differentiate network access and services
First Claim
1. An 802.11 network, comprising:
- a first basic service set comprising a first access point, and a second basic service sets, comprising a second access point;
wherein the fast access point comprises means for creating a service set at the first access point that defines a set of network access parameter values to differentiate network services having an associated service set identifier;
means for receiving a message from the wireless station to the first access point, the message comprising a service set identifier;
means verifying the first access point has a matching associated service set identifier for the service set identifier sent in the message;
means for associating the wireless station to a first VLAN based on the service set identifier; and
wherein the second access point comprises means for creating a second service set at the second access point that defines a second set of network access parameter values to differentiate network services having an associated service set identifier;
means for receiving a message from the wireless station to the second access point, the service set identifier used in the message to the first access point;
means verifying the second access point has a matching associated service set identifier for the service set identifier;
means for associating the wireless station to a second VLAN based on the service set identifier;
wherein the first VLAN is different than the second VLAN.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for associating a WSTA to a service set, wherein the service set is configurable at the AP. Each service set is an arbitrary grouping of one or more network service parameters, and is typically configured for either VLAN or proxy mobile IP host. When a wireless station desires to associate with an access point, the wireless station sends a message to the access point, the message containing a SSID. The access point then matches the SSID to a service set and associates the WSTA to either a home subnet or a VLAN based on the SSID. By locally configuring the service set, the default VLAN and home subnet for a WSTA may be different at each AP the WSTA encounters. A security server is configured with a list of allowed SSIDs for each wireless station to prevent unauthorized access to a VLAN or home subnet.
149 Citations
28 Claims
-
1. An 802.11 network, comprising:
-
a first basic service set comprising a first access point, and a second basic service sets, comprising a second access point;
wherein the fast access point comprises means for creating a service set at the first access point that defines a set of network access parameter values to differentiate network services having an associated service set identifier;
means for receiving a message from the wireless station to the first access point, the message comprising a service set identifier;
means verifying the first access point has a matching associated service set identifier for the service set identifier sent in the message;
means for associating the wireless station to a first VLAN based on the service set identifier; and
wherein the second access point comprises means for creating a second service set at the second access point that defines a second set of network access parameter values to differentiate network services having an associated service set identifier;
means for receiving a message from the wireless station to the second access point, the service set identifier used in the message to the first access point;
means verifying the second access point has a matching associated service set identifier for the service set identifier;
means for associating the wireless station to a second VLAN based on the service set identifier;
wherein the first VLAN is different than the second VLAN. - View Dependent Claims (23, 24, 25, 26, 27, 28)
-
-
2. A method wherein Wireless stations (WSTAs) are partitioned into Service Sets, each Service Set comprising a set of network access parameter values to differentiate network services and a Service Set Identifier, comprising the steps of:
-
configuring an AP with a list of at least one service set identifier that identifies the service set the AP will accept;
sending a message from the WSTA to its parent AP, the message comprising an active service set identifier for the WSTA, wherein the service set identifier is selected from the group consisting explicitly identifying a service set, and a wildcard so that the WSTA'"'"'s service set is selected by a network infrastructure;
verifying by the parent AP that the parent AP has a service set identifier that matches the service set identifier sent by the WSTA; and
authorizing the WSTA to use its service set identifier by a security server and a security protocol;
wherein service set parameters that determine the WSTA'"'"'s access to network services is at least one of the group consisting of VLAN and home subnet may be configured with different values for the same service set identifier in a different AP. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
Specification