Remotely configurable bridge system and method for use in secure wireless networks

US 7,822,972 B2
Filed: 02/21/2006
Issued: 10/26/2010
Est. Priority Date: 04/05/2005
Status: Expired due to Fees

First Claim

Patent Images

1. A system, comprising:

a bridge capable of communication with a non-wireless capable device and a wireless network;

wherein the bridge incorporates security functionality for remotely and automatically securing the non-wireless capable device during use of the wireless network by;

exchanging a first key between a granting node and a requesting node via a peer-to-peer wireless network;

generating a human-perceptible hash at the granting node and the requesting node, utilizing the first key;

comparing the human-perceptible hashes via an out-of-band communication channel,wherein the out-of-band communication channel refers to any channel other than a channel by which the first key was exchanged between the granting node and the requesting node; and

transmitting a second key to the requesting node for providing access to the wireless network based on the comparison.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method and computer program product are provided. Included is a bridge capable of communication with a non-wireless capable device and a wireless network. In use, such bridge incorporates security functionality for remotely and automatically securing the non-wireless capable device during use of the wireless network.

67 Citations

View as Search Results

20 Claims

1. A system, comprising:
- a bridge capable of communication with a non-wireless capable device and a wireless network;
  
  wherein the bridge incorporates security functionality for remotely and automatically securing the non-wireless capable device during use of the wireless network by;
  
  exchanging a first key between a granting node and a requesting node via a peer-to-peer wireless network;
  
  generating a human-perceptible hash at the granting node and the requesting node, utilizing the first key;
  
  comparing the human-perceptible hashes via an out-of-band communication channel,wherein the out-of-band communication channel refers to any channel other than a channel by which the first key was exchanged between the granting node and the requesting node; and
  
  transmitting a second key to the requesting node for providing access to the wireless network based on the comparison.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The system as recited in claim 1, wherein the non-wireless capable device is selected from the group consisting of a scanner, a camera, and a printer.
  - 3. The system as recited in claim 1, wherein the wireless network includes the peer-to-peer network.
  - 4. The system as recited in claim 1, wherein the wireless network includes a centrally-based network.
  - 5. The system as recited in claim 1, wherein the security function includes advertising the peer-to-peer wireless network utilizing the granting node.
  - 6. The system as recited in claim 5, wherein the security function includes connecting to the peer-to-peer wireless network utilizing the requesting node.
  - 7. The system as recited in claim 6, wherein the security function includes redirecting the requesting node to a portal.
  - 8. The system as recited in claim 7, wherein the security function includes downloading a software application to the requesting node via the peer-to-peer wireless network utilizing the portal.
  - 9. The system as recited in claim 1, wherein the security function includes distributing another key to a plurality of nodes in a wireless network for use in securing the nodes during use of the wireless network.
  - 10. The system as recited in claim 9, wherein the security function includes automatically updating the other key at the nodes in the wireless network based on predetermined criteria.
  - 11. The system as recited in claim 10, wherein the predetermined criteria requires that the other key be automatically updated with a new key.
  - 12. The system as recited in claim 10, wherein the predetermined criteria requires that the other key be automatically updated based on rotation of a plurality of predetermined keys.
  - 13. The system as recited in claim 10, wherein the predetermined criteria requires that the other key be automatically updated based on a predetermined schedule.
  - 14. The system as recited in claim 10, wherein the predetermined criteria requires that the other key be automatically updated periodically.
  - 15. The system as recited in claim 1, wherein the human perceptible hash is a product of an establishment of a second communications channel between the granting node and the requesting node via a convenient communication protocol including a TLS communication protocol.
  - 16. The system as recited in claim 1, wherein the human perceptible hash includes less precision than the first key exchanged between the granting node and the requesting node and is not transmitted wirelessly.
  - 17. The system as recited in claim 1, wherein the out-of-band communication channel is employed to confirm an identity of the granting node and an identity of the requesting node prior to the exchange of the first key between the granting node and the requesting node.
  - 18. The system as recited in claim 1, wherein the granting node is capable of granting network access to another node.

19. A method, comprising:
- establishing communication between a bridge, and a non-wireless capable device and a wireless network; and
  
  utilizing the bridge to incorporate security functionality for remotely and automatically securing the non-wireless capable device during use of the wireless network by;
  
  exchanging a first key between a granting node and a requesting node via a peer-to-peer wireless network;
  
  generating a human-perceptible hash at the granting node and the requesting node, utilizing the first key;
  
  comparing the human-perceptible hashes via an out-of-band communication channel,wherein the out-of-band communication channel refers to any channel other than a channel by which the first key was exchanged between the granting node and the requesting node; and
  
  transmitting a second key to the requesting node for providing access to the wireless network based on the comparison.

20. A computer program product embodied on a tangible computer readable medium, comprising:
- computer code for establishing communication between a bridge, and a legacy device and a wireless network; and
  
  computer code for utilizing the bridge to incorporate security functionality for remotely and automatically securing the legacy device during use of the wireless network by;
  
  exchanging a first key between a granting node and a requesting node via a peer-to-peer wireless network;
  
  generating a human-perceptible hash at the granting node and the requesting node, utilizing the first key;
  
  comparing the human-perceptible hashes via an out-of-band communication channel,wherein the out-of-band communication channel refers to any channel other than a channel by which the first key was exchanged between the granting node and the requesting node; and
  
  transmitting a second key to the requesting node for providing access to the wireless network based on the comparison.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Wiedmann, Christian, Lillie, Terrance L., Sneiderman, Richard P., Zeljko, Robert, Wiedmann, Ulrich, Lynch, Sean R., Chu, Gigi C.
Primary Examiner(s)
Addy; Anthony S.

Application Number

US11/359,200
Publication Number

US 20060224885A1
Time in Patent Office

1,708 Days
Field of Search

455/410, 455/411, 455/41.2, 713/153, 713/155, 713/163, 713/166, 713/167, 713/168, 726/3, 726/14, 726/15, 726/152, 726/4, 726/5, 726/17, 726/19, 380/247, 380/255, 380/277, 380/278, 709/225, 709/226, 709/229, 370/338, 370/400, 370/401
US Class Current

713/153
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/068   using time-dependent keys, ...

H04L 63/08   for authentication of entit...

H04L 63/166   at the transport layer

H04L 63/18   using different networks or...

H04L 9/0841   involving Diffie-Hellman or...

H04L 9/0891   Revocation or update of sec...

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

H04W 12/43   using shared identity modul...

H04W 84/18   Self-organising networks, e...

H04W 88/02   Terminal devices

H04W 88/08   Access point devices

H04W 92/02   Inter-networking arrangements

Remotely configurable bridge system and method for use in secure wireless networks

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

67 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Remotely configurable bridge system and method for use in secure wireless networks

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

67 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others