Authentication method and apparatus for a wireless LAN system
First Claim
Patent Images
1. An authentication method for a wireless LAN (local area network) system, comprising:
- transmitting an authentication request from a STA (terminal station) to an AP (access point), wherein said authentication request comprises a request from said STA to connect with said LAN;
requesting authentication of said authentication request from said AP to an authentication server, by converting said authentication request to a protocol adaptable to said authentication server;
if no problem occurs at hardware or software of said authentication server, checking said authentication request at said authentication server based on a MAC (media access control) address of said STA;
executing encryption authentication at said AP with said STA based on a designated encryption algorithm; and
if no problem occurs at hardware or software of said authentication server, notifying an authentication completion from said authentication server to said AP, after said authentication server received a response of a completion of said encryption authentication from said AP,wherein said AP stores said MAC address said STA, andwherein, when a problem occurs in hardware or software of said authentication server said AP itself executes authentication of said STA based on said MAC address of said STA.
1 Assignment
0 Petitions
Accused Products
Abstract
An authentication method and apparatus at a wireless LAN (local area network) system based on the IEEE 802.11, in which many STAs (terminal stations) are connected to APs (access points), and which can keep the security in authentication, is provided. At the authentication method, an authentication request from one of the STAs composed of a data terminal and a wireless LAN card is transmitted to one of the APs. The AP transmits a MAC (media access control) address of the STA to an authentication server by converting the authentication request to a protocol adaptable to the authentication server. The authentication server checks the MAC address and transmits a challenge message to the AP 2. The AP 2 executes encryption authentication with the STA based on a WEP (wired equivalent privacy) algorithm stipulated in the IEEE 802.11.
-
Citations
10 Claims
-
1. An authentication method for a wireless LAN (local area network) system, comprising:
-
transmitting an authentication request from a STA (terminal station) to an AP (access point), wherein said authentication request comprises a request from said STA to connect with said LAN; requesting authentication of said authentication request from said AP to an authentication server, by converting said authentication request to a protocol adaptable to said authentication server; if no problem occurs at hardware or software of said authentication server, checking said authentication request at said authentication server based on a MAC (media access control) address of said STA; executing encryption authentication at said AP with said STA based on a designated encryption algorithm; and if no problem occurs at hardware or software of said authentication server, notifying an authentication completion from said authentication server to said AP, after said authentication server received a response of a completion of said encryption authentication from said AP, wherein said AP stores said MAC address said STA, and wherein, when a problem occurs in hardware or software of said authentication server said AP itself executes authentication of said STA based on said MAC address of said STA.
-
-
2. An authentication apparatus for a wireless LAN system comprising
plural STAs; - plural APs which connect to an authentication server and said plural STAs, and one of said plural APs receives an authentication request from one of said plural STAs and converts said authentication request from one of said plural STAs to a protocol adaptable to said authentication server, and authenticates said authentication request from one of said plural STAs based on a designated encryption algorithm; and
said authentication server which, if no problem occurs at hardware or software of said authentication server, checks said authentication request from one of said STAs based on a MAC address of one of said plural STAs receiving said converted authentication request, and notifies an authentication completion to said AP, after said authentication server received a response of a completion of encryption authentication from said AP; wherein said authentication request comprises a request from one of said plural STAs to connect with said LAN, wherein said AP stores a MAC address of said one of said STAs, and wherein in case that a problem occurs at hardware or software of said authentication server, said AP itself executes authentication of said one of said STAs based on said MAC address of said one of said STAs.
- plural APs which connect to an authentication server and said plural STAs, and one of said plural APs receives an authentication request from one of said plural STAs and converts said authentication request from one of said plural STAs to a protocol adaptable to said authentication server, and authenticates said authentication request from one of said plural STAs based on a designated encryption algorithm; and
-
3. An access point apparatus comprising:
-
a first authentication part which executes an encrypted authentication of a terminal; and a second authentication part which executes a MAC address authentication of said terminal, using information about a MAC address, which is possessed by an authentication server, wherein said access point stores a MAC address of said terminal, and wherein when a failure occurs at hardware or software of said authentication server, said access point apparatus itself executes authentication of said terminal based on a MAC address of said terminal.
-
-
4. An access point apparatus comprising:
-
an authentication part which executes an encrypted authentication of a terminal; a communication part which queries an authentication server about a MAC address of said terminal; a connection control part which allows said terminal to connect with a network when a MAC address of said authentication server coincides with that of said terminal, wherein said access point stores said MAC address of said terminal, and wherein when a failure occurs at hardware or software of said authentication server, said access point apparatus itself executes authentication of said terminal based on said MAC address of said terminal.
-
-
5. An access point apparatus comprising:
-
a first authentication part which performs an encrypted authentication of a terminal using a WEP algorithm; a second authentication part which performs a MAC address authentication of said terminal; and a storing part which stores a MAC address of said terminal, wherein when a connection request is issued from said terminal, said first authentication part and said second authentication part perform authentication, and said second authentication part also uses MAC address stored in an authentication server, and wherein, when a failure occurs at hardware or software of said authentication server, said access point apparatus itself executes authentication of said terminal based on said MAC address of said terminal.
-
-
6. An access point apparatus in a wireless LAW system comprising:
-
a first authentication part which executes at least one of an encrypted authentication and an open system authentication of a terminal; and a second authentication part which executes an authentication of said terminal using information of a MAC address of said terminal, wherein said second authentication part also uses MAC address stored in an authentication server, which manages MAC addresses of terminals placed in one wireless LAN system, in executing an authentication of said terminal, and wherein, when a failure occurs at hardware or software, of said authentication server, said access point apparatus itself executes authentication of said terminal based on said MAC address of said terminal.
-
-
7. A wireless LAN system comprising
a terminal an access point apparatus; - and
an authentication server, wherein said terminal comprises a communication part which wirelessly communicates with said authentication server, wherein said access point apparatus comprises a first authentication part which executes an encrypted authentication of said terminal and a second authentication part which executes a MAC address authentication of said terminal, wherein said authentication server comprises a storing part which stores a MAC address of said terminal and a responding part which responds to an inquiry of said access point apparatus about a MAC address, and wherein, when a failure occurs at hardware or software of said authentication server, said access point apparatus itself executes authentication of said terminal based on said MAC address of said terminal.
- and
-
8. A wireless LAN system comprising
a terminal; -
an access point apparatus; and an authentication server, wherein said terminal comprises a communication part which wirelessly communication with said access point apparatus, wherein said access point apparatus performs an encrypted authentication of said terminal and performs a MAC address authentication of said terminal, wherein said authentication server stores a MAC address of said terminal and supports the MAC address authentication with the stored MAC address, and wherein, when a failure occurs at hardware or software of said authentication server, said access point apparatus itself executes authentication of said terminal based on said MAC address of said terminal.
-
-
9. A wireless LAN system comprising:
-
a terminal; an access point apparatus; and an authentication server, wherein said terminal comprises a communication part which wirelessly communicates with said access point apparatus, wherein said access point apparatus comprises an authentication part which performs a MAC authentication of said terminal, wherein said authentication server, which is placed in one wireless LAN system, comprises a storing part which stores a MAC address of said terminal and a responding part which responds to an inquiry from said access point apparatus about MAC address, and wherein, when a failure occurs at hardware or software of said authentication server, said access point apparatus itself executes authentication of said terminal based oil said MAC address of said terminal.
-
-
10. A method for authenticating a terminal in a wireless LAN system comprising:
-
performing, by an access point apparatus, an encrypted authentication of a terminal when an authentication request is issued from said terminal; performing a MAC address authentication of said terminal with the MAC address information that an authentication server manages; storing a MAC address of said terminal in said access point apparatus; and when a failure occurs at hardware or software of said authentication server, executing authentication of said terminal based on said MAC address of said terminal by access point apparatus itself.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeNEC Corporation
-
Original AssigneeNEC Corporation
-
InventorsKokudo, Junichi
-
Primary Examiner(s)Nguyen, Hanh
-
Assistant Examiner(s)Levitan, Dmitry
-
Application NumberUS09/680,258Time in Patent Office2,035 DaysField of Search370/310, 370/338, 370/349, 370/389, 370/469, 370/475, 370/522, 379/91.01, 379/93.02, 379/93.03, 379/142.05, 379/142.06, 713/150, 713/151, 713/152, 713/153, 713/155, 713/158, 713/168, 380/247, 380/248, 380/249, 380/277, 380/278, 455/431.1, 455/411, 455/410, 455/432, 340/825.34US Class Current370/310CPC Class CodesH04L 2209/80 WirelessH04L 63/08 for authentication of entit...H04L 63/0876 based on the identity of th...H04L 9/3271 using challenge-responseH04W 12/037 of the control plane, e.g. ...H04W 12/06 AuthenticationH04W 12/50 Secure pairing of devicesH04W 74/00 Wireless channel accessH04W 8/26 Network addressing or numbe...H04W 84/12 WLAN [Wireless Local Area N...
