Facilitated security for handoff in wireless communications

US 7,486,952 B1
Filed: 02/09/2000
Issued: 02/03/2009
Est. Priority Date: 02/09/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A method for facilitating secure handoff in a network having at least first and second wireless base stations and at least one wireless mobile terminal, the method comprising the steps of:

receiving a request from said at least one wireless mobile terminal for a handoff from said first base station to said second base station; and

transferring security information that was originally supplied by a central security node and was not used by said first base station from said first base station to said second base station in response to said request;

wherein at least a portion of said security information is used to validate said at least one mobile wireless terminal to said second base station.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A first base station which initially receives a service request from a wireless terminal requests authentication information from a central security node and receives in response at least, one, but typically two or more, sets of security information. When it is time for a handoff from the first base station to a second base station, the first base station transmits to the second base station at least one of the sets of security information it received from the central security node. The second base station then uses the information it received from the first base station to authenticate the wireless terminal.

Citations

19 Claims

1. A method for facilitating secure handoff in a network having at least first and second wireless base stations and at least one wireless mobile terminal, the method comprising the steps of:
- receiving a request from said at least one wireless mobile terminal for a handoff from said first base station to said second base station; and
  
  transferring security information that was originally supplied by a central security node and was not used by said first base station from said first base station to said second base station in response to said request;
  
  wherein at least a portion of said security information is used to validate said at least one mobile wireless terminal to said second base station.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The invention as defined in claim 1 further wherein said security information includes a set including at least a random number, an authentication derivable by said wireless mobile terminal but not said first or second base stations, and a key.
  - 3. The invention as defined in claim 1 further wherein said security information transferred from said first base station to said second base station in response to said request is less than all of the security information received by said first base station.
  - 4. The invention as defined in claim 3 wherein all of the security information received by said first base station was received from a wireless mobile terminal validation system.
  - 5. The invention as defined in claim 3 wherein all of the security information received by said first base station was received from a third base station.
  - 6. The invention as defined in claim 1 wherein said transferring security information from said first base station to said second base station in response to said request is performed only when said first base station knows said second base station prior to said receiving step.
  - 7. The invention as defined in claim 1 further comprising the step of initiating an encrypted link between said second base station and said wireless terminal when said first base station and said wireless terminal were communicating using an encrypted link, said second base station using said security information transferred from said first base station to said second base station in initiating said encrypted link between said second base station and said wireless terminal.

8. A method for performing handoffs in a network for providing wireless communication service having at least first and second wireless base stations and a least one wireless terminal, the method comprising the steps of:
- transmitting a request, from said wireless terminal for a handoff between said first base station and said second base station;
  
  receiving a response to said request at said wireless terminal, when said second base station knows said first base station prior to receiving said request, said response indicating that said second base station can engage in expedited handoffs with said first base station; and
  
  connecting said wireless terminal for user traffic to said second base station;
  
  wherein said expedited handoff employs information about said wireless terminal transferred from said first base station to said second base station.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The invention as defined in claim 8 wherein said information is security information.
  - 10. The invention as defined in claim 8 wherein said information is security information received from a security center.
  - 11. The invention as defined in claim 8 wherein said information is security information received from a base station other than said first or second base stations.
  - 12. The invention as defined in claim 8 wherein said information is security information and includes at least one from the set consisting of:
    - (i) a password, (ii) a challenge-response pair, and (iii) a challenge-response cipher key tuple.
  - 13. The invention as defined in claim 8 wherein said information is security information that is received over a network for inter base station communication.
  - 14. The invention as defined in claim 8 wherein said connecting step further includes the step ofinitiating an encrypted link between said second base station and said wireless terminal when said first base station and said wireless terminal were communicating using an encrypted link prior to said handoff request, said second base station using security information transferred from said first base station to said second base station as part of said response in initiating said encrypted link between said second base station and said wireless terminal.

15. A method for performing handoffs in a network having at least first and second wireless base stations and a least one wireless terminal, the method comprising the steps of:
- transmitting a request, from said wireless terminal for a handoff between said first base station to said second base station;
  
  when said second base station does not know said first base station prior to receiving said request, receiving at said wireless terminal an indication that it must connect to said second base station without benefit of security information supplied from said first base station.
- View Dependent Claims (16, 17)
- - 16. The invention as defined in claim 15 wherein said security information is received from a security center.
  - 17. The invention as defined in claim 15 wherein said security information is received from a base station other than said first or second base stations.

18. A method for performing a handoff in a wireless network having at least first and second base stations and a least one wireless terminal, the method comprising the steps of:
- receiving a request, by said second base station, from said wireless terminal for a handoff between said first base station to said second base station;
  
  performing an expedited handoff using previously unused security information when second base station knows said first base station prior to receiving said request; and
  
  performing a nonexpedited handoff when second base station does not know said first base station prior to receiving said request.
- View Dependent Claims (19)
- - 19. The invention as defined in claim 18 wherein said step of performing an expedited handoff includes the step of transferring security information from said first base station to said second base station.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Alcatel-Lucent USA, Inc. (Nokia Corporation)
Original Assignee
Alcatel-Lucent USA, Inc. (Nokia Corporation)
Inventors
Davies, Stephen William, Vanderveen, Michaela C
Primary Examiner(s)
Cumming; William D

Application Number

US09/501,168
Time in Patent Office

3,282 Days
Field of Search

455/411, 455/435, 455/414.1, 455436-445, 455/410, 455/561.1, 455/435.1, 455/450, 455/337, 370329-334
US Class Current

455/436
CPC Class Codes

H04W 12/062   Pre-authentication

H04W 36/0038   of security context informa...

H04W 36/08   Reselecting an access point

Facilitated security for handoff in wireless communications

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Facilitated security for handoff in wireless communications

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links