Systems and methods for secure communication over a wireless network

US 7,574,737 B1
Filed: 05/31/2002
Issued: 08/11/2009
Est. Priority Date: 05/31/2002
Status: Expired due to Fees

- Alert
- Pin

Associated Case

Associated Defendants

First Claim

Patent Images

1. A method of secure communication between a wireless device and a target network, comprising:

receiving a communication addressed to a target network, the communication comprising a data payload and originating from a wireless device communicatively coupled with a trusted wireless network;

establishing a secure channel to the target network from a communication module positioned between the target network and the trusted wireless network, the secure channel not extending over the trusted wireless network; and

sending the communication to the target network over the secure channel.

View all claims

5 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

A method of secure communication between a wireless device and a target network is presented, comprising receiving a communication addressed to a target network, the communication comprising a data payload and originating from a wireless device on a trusted wireless network, establishing a secure channel with the target network and sending the communication to the target network over the secure channel. The method can further comprise negotiating secure channel parameters with the target network, encrypting the data payload, adding data integrity protection to the communication, encapsulating the communication according to a VPN protocol, authenticating the wireless device as an authorized user of the private network and granting access to a target network resource.

Citations

55 Claims

1. A method of secure communication between a wireless device and a target network, comprising:
- receiving a communication addressed to a target network, the communication comprising a data payload and originating from a wireless device communicatively coupled with a trusted wireless network;
  
  establishing a secure channel to the target network from a communication module positioned between the target network and the trusted wireless network, the secure channel not extending over the trusted wireless network; and
  
  sending the communication to the target network over the secure channel.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1, wherein establishing the secure channel further comprises establishing a virtual private network (VPN) tunnel.
  - 3. The method of claim 1, wherein establishing the secure channel further comprises establishing the secure channel over a public network.
  - 4. The method of claim 1, wherein establishing the secure channel further comprises negotiating a set of secure channel parameters with the target network.
  - 5. The method of claim 1, wherein establishing the secure channel further comprises encrypting the data payload.
  - 6. The method of claim 1, wherein establishing the secure channel further comprises adding data integrity protection to the communication.
  - 7. The method of claim 6, wherein adding data integrity protection comprises adding a digital signature to the communication.
  - 8. The method of claim 1, wherein establishing the secure channel further comprises encapsulating the communication.
  - 9. The method of claim 8, wherein encapsulating the communication comprises encapsulating the communication according to a VPN protocol.
  - 10. The method of claim 1, wherein establishing the secure channel further comprises authenticating the wireless device as an authorized user of the target network.
  - 11. The method of claim 1, wherein establishing the secure channel further comprises receiving access to a network resource coupled with the target network.
  - 12. The method of claim 1, further comprising:
    - receiving a communication addressed to the wireless device from the target network over the secure channel; and
      
      sending the communication to the wireless device over the trusted wireless network.
  - 13. The method of claim 12, wherein sending the communication to the wireless device further comprises:
    - decapsulating the communication; and
      
      decrypting the data payload.
  - 14. The method of claim 12, wherein sending the communication to the wireless device further comprises removing data integrity protection.
  - 15. The method of claim 14, wherein removing the data integrity protection further comprises removing a digital signature.
  - 16. The method of claim 12, wherein sending the communication to the wireless device further comprises formatting the communication for transmission over the trusted wireless network.

17. A system for secure communication between a wireless device and a target network, the system comprising:
- a channel manager configured to establish a secure channel with a target network; and
  
  an interface configured to receive a communication comprising a data payload from a wireless device over a trusted wireless network, and further configured to send the communication to the target network over the secure channel, the secure channel extending to the target network from a communication module positioned between the target network and the trusted wireless network,wherein the secure channel does not extend over the trusted wireless network.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
- - 18. The system of claim 17, wherein the secure channel is a virtual private network (VPN).
  - 19. The system of claim 17, wherein the secure channel spans a public network.
  - 20. The system of claim 17, wherein the interface is further configured to send a packetized communication to the target network.
  - 21. The system of claim 17, wherein the interface is further configured to send an encrypted communication to the target network.
  - 22. The system of claim 17, wherein the interface is further configured to send an encapsulated communication to the target network.
  - 23. The system of claim 17, wherein the interface is further configured to send a communication having data integrity protection to the target network.
  - 24. The system of claim 23, wherein the data integrity protection comprises a digital signature.
  - 25. The system of claim 17, wherein the interface is further configured to receive a communication addressed to the wireless device over the secure channel.
  - 26. The system of claim 17, wherein the interface is further configured to send a communication originating from the target network to the wireless device over the trusted wireless network.
  - 27. The system of claim 17, wherein the interface is further configured to send a decrypted communication to the wireless device.
  - 28. The system of claim 17, wherein the interface is further configured to send a decapsulated communication to the wireless device.
  - 29. The system of claim 17, wherein the channel manager is further configured to interface with at least one sub-module.
  - 30. The system of claim 17, further comprising an encapsulation sub-module configured to encapsulate and decapsulate a communication.
  - 31. The system of claim 17, further comprising an authentication sub-module configured to authenticate a source of the communication.
  - 32. The system of claim 17, further comprising a data security sub-module configured to add data security protection to a communication and remove data security protection from a communication.
  - 33. The system of claim 32, wherein the data security sub-module is further configured to encrypt and decrypt the data payload.
  - 34. The system of claim 32, wherein the data security protection comprises a digital signature.
  - 35. The system of claim 17, further comprising an access control sub-module configured to manage an access control policy of the system.

36. A system for secure communication between a wireless application protocol (WAP) wireless device and a target network, the system comprising:
- an interface configured to receive a communication from a WAP gateway over a trusted wireless network, the communication originating from the WAP wireless device and destined for a target network; and
  
  a channel manager configured to establish a secure channel with the target network and configured to send the communication to the target network, wherein the interface receives the communication and sends the communication to the target network over the secure channel, the secure channel extending to the target network from a communication module positioned between the target network and the trusted wireless network, and wherein the secure channel does not extend over the trusted wireless network.
- View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47)
- - 37. The system of claim 36, wherein the secure channel is a virtual private network (VPN).
  - 38. The system of claim 36, wherein the communication destined for the target network comprises a data payload and a WAP header, and wherein the WAP gateway is configured to reformat the WAP header as an Internet Protocol (IP) header.
  - 39. The system of claim 38, wherein the WAP gateway is further configured to locate the interface and forward the reformatted communication to the interface.
  - 40. The system of claim 36, wherein the interface is further configured to send an encapsulated communication to the target network.
  - 41. The system of claim 36, wherein the interface is further configured to send a communication having data security protection to the target network.
  - 42. The system of claim 36, wherein the interface is further configured:
    - to receive a communication addressed to the WAP wireless device over the secure channel; and
      
      to send a communication originating from the target network to the WAP wireless device over the trusted wireless network.
  - 43. The system of claim 42, wherein the communication destined for the WAP wireless device comprises a data payload and an IP header, and wherein the WAP gateway is configured to reformat the IP header as a WAP header.
  - 44. The system of claim 36, further comprising an encapsulation sub-module configured to encapsulate and decapsulate a communication.
  - 45. The system of claim 36, further comprising an authentication sub-module configured to authenticate a source of the communication.
  - 46. The system of claim 36, further comprising a data security sub-module configured to add data security protection to a communication and remove data security protection from a communication.
  - 47. The system of claim 36, further comprising an access control sub-module configured to manage an access control policy of the system.

48. A system for secure communication between a wireless device and a target network, the system comprising:
- means for negotiating a secure channel with a target network, the secure channel extending to the target network from a communication module positioned between the target network and the trusted wireless network;
  
  means for receiving a communication originating from a wireless device over a trusted wireless network, the communication comprising a data payload; and
  
  means for sending the communication to the target network,wherein the secure channel does not extend over the trusted wireless network.
- View Dependent Claims (49, 50, 51, 52, 53, 54, 55)
- - 49. The system of claim 48, further comprising means for receiving a communication addressed to the wireless device over the secure channel.
  - 50. The system of claim 48, further comprising means for sending a communication originating from the target network to the wireless device over the trusted wireless network.
  - 51. The system of claim 48, further comprising means for encapsulating a communication.
  - 52. The system of claim 48, further comprising means for authenticating the source of the communication.
  - 53. The system of claim 48, further comprising means for adding data integrity protection to the communication.
  - 54. The system of claim 48, further comprising means to encrypt the data payload.
  - 55. The system of claim 48, further comprising means for managing an access control policy of the system.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Novatel Wireless, Inc. (Inseego Corp.)
Original Assignee
Novatel Wireless, Inc. (Inseego Corp.)
Inventors
Loh, Michael
Primary Examiner(s)
Revak, Christopher A

Application Number

US10/116,321
Time in Patent Office

2,629 Days
Field of Search

726/15, 713/176, 713/180, 235/375, 380/51
US Class Current

726/15
CPC Class Codes

H04L 63/0272   Virtual private networks

H04L 63/0428   wherein the data content is...

H04L 63/123   received data contents, e.g...

H04L 67/04   specially adapted for termi...

Systems and methods for secure communication over a wireless network

First Claim

5 Assignments

Litigations

0 Petitions

Accused Products

Abstract

Citations

55 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for secure communication over a wireless network

First Claim

5 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

55 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links