Method and apparatus for authentication in a wireless telecommunications system
First Claim
1. A method comprising;
- establishing a communication connection between a wireless terminal device and an access point,identifying at the access point a parameter relating to an authentication method of the wireless terminal device, said authentication method being identified by receiving an association request message from the wireless terminal device,classifying the wireless terminal device on the basis of the identified parameter in the communication network, anddirecting data packets of the wireless terminal device to a logical channel selected on the basis of the classification of the wireless terminal device, different classifications being related to separate logical channels,the wireless terminal device being configured to use one of the following authentication methods in order to authenticate itself to a communication network;
an 802.1x protocol authentication method wherein the access point relays authentication information directly between the terminal device and an authentication server, and an open system authentication method wherein the access point relays authentication information between the terminal device and the authentication server via an access controller, wherein the access point is configured to use both the 802.1x protocol authentication method and the open system authentication method.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and device for routing data packets of a wireless terminal device in a communication network. When Open system Authentication is used, the system operates similarly as the current Nokia Operator Wireless LAN system, in which the terminal device and the access controller are the parties involved in the authentication. The access controller relays information relating to the authentication between the terminal device and an authenticating server, and it is capable of updating independently the list of users it maintains. When authentication according IEEE 802.1X authentication, the access point operates according to the IEEE 802.1X standard, serving as the authenticating party and relaying information relating to the authentication between the terminal device and the authentication server. In addition, the list maintained by the access controller is updated after a successful authentication, for example by the access point or the authenticating server.
46 Citations
37 Claims
-
1. A method comprising;
-
establishing a communication connection between a wireless terminal device and an access point, identifying at the access point a parameter relating to an authentication method of the wireless terminal device, said authentication method being identified by receiving an association request message from the wireless terminal device, classifying the wireless terminal device on the basis of the identified parameter in the communication network, and directing data packets of the wireless terminal device to a logical channel selected on the basis of the classification of the wireless terminal device, different classifications being related to separate logical channels, the wireless terminal device being configured to use one of the following authentication methods in order to authenticate itself to a communication network;
an 802.1x protocol authentication method wherein the access point relays authentication information directly between the terminal device and an authentication server, and an open system authentication method wherein the access point relays authentication information between the terminal device and the authentication server via an access controller, wherein the access point is configured to use both the 802.1x protocol authentication method and the open system authentication method. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An access point comprising:
-
establishing means configured to establish a communication connection between a wireless terminal device and an access point, wherein the access point is configured to accept from the wireless terminal device a request to use one of the following authentication methods in order to authenticate itself to a network;
an 802.1x protocol authentication method wherein the access point is configured to relay authentication information directly between the wireless terminal device and an authentication server, an open system authentication method wherein the access point is configured to relay authentication information between the wireless terminal device and an authentication agent via the access controller, wherein the access point further comprisesidentifying means configured to identify a parameter relating to the authentication method of the wireless terminal device, said authentication method being identified by receiving an association request message from the wireless terminal device, classifying means configured to classify the wireless terminal device on the basis of the identified parameter in the communication network, and directing means configured to detect data packets of the wireless terminal device to a logical channel selected on the basis of the classification of the wireless terminal device, different classifications being related to separate logical channels, wherein the access point is configured to authenticate using both the 802.1x protocol authentication method and the open system authentication method. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A network comprising:
-
an authentication agent configured to relay authentication information between a wireless terminal device and an authentication server via an access point, a logical access controller functionality configured to relay data packets of authenticated terminal devices included on a list and to block data packets of unauthenticated terminal devices, the authentication server configured to provide an authenticating service for the wireless terminal device to authenticate to the network, wherein the access point is configured to accept the wireless terminal device to use one of the following authentication methods in order to authenticate itself to the network;
an 802.1x protocol authentication method wherein the access point is configured to relay authentication information directly between the terminal device and the authentication server, and an open system authentication method wherein the access point is configured to relay authentication information between the terminal device and an authentication server via the authentication agent, the authentication server configured to utilize both the 802.1x protocol authentication method and the open system authentication method, in the network, the access point configured to set up a communication connection to the wireless terminal device, the access point comprisingidentifying means configured to identify whether the terminal device is using the 802.1x or the open system authentication method and selecting the authentication method before starting the authentication, said authentication method being identified by receiving an association request message from the wireless terminal device, first relaying means configured to relay authentication information between the terminal device and the authentication server if the terminal device was identified to be using the 802.1x authentication method, first sending means configured to send identifier data of the terminal device, in response to successful authentication of the terminal device according to only the 802.1x authentication method, to the list of the access controller functionality, second relaying means configured to relay authentication information between the terminal device and the authentication server via the authentication agent if the terminal device was identified to be using the open system authentication method and second sending means configured to send identifier data of the terminal device, in response to successful authentication of the terminal device according to only the open system authentication method, to the list of the access controller functionality. - View Dependent Claims (15, 16, 17)
-
-
18. A network comprising:
-
an access point configured to set up a communication connection to a wireless terminal device, an authentication agent configured to relay authentication information between the wireless terminal device and an authentication server, a logical access controller functionality configured to relay data packets of the authenticated wireless terminal device and to block data packets of unauthenticated terminal devices, the logical access controller functionality further comprising a list of authenticated terminal devices, an authenticating server configured to provide an authenticating service for the wireless terminal device to authenticate to a communication network, the wireless terminal device being configured to use one of the following authentication methods in order to authenticate itself to the network;
an 802.1x protocol authentication method wherein the access point relays authentication information directly between the wireless terminal device and the authentication server, an open system authentication method wherein the access point relays authentication information between the wireless terminal device and the authentication server via the authentication agent, in the communication network, a system for access control of the wireless terminal device, the authentication server configured to utilize both the 802.1x protocol authentication method and the open system authentication method, the network comprising;identifying means configured to identify at the access point whether the wireless terminal device is using the 802.1x or the open system authentication method, said authentication method being identified by receiving an association request message from the wireless terminal device, first relaying means configured to relay at the access point the authentication information of the 802.1x authentication method between the wireless terminal device and the authentication server, second relaying means at the access point configured to relay information between the wireless terminal device and the authentication agent, third relaying means at the authentication agent configured to relay authentication information of the open system authentication method between the access point and the authentication server, first sending means configured to send from the access point identifier data of the terminal device, in response to successful authentication of the wireless terminal device according to only the 802.1x authentication method, to the list of the access controller functionality, second sending means configured to send from the authentication agent the identifier data of the wireless terminal device, in response to successful authentication of the terminal device according to only the open system authentication method, to the list of the access controller functionality and relaying means at the access controller functionality configured to relay data packets of the wireless terminal device included on the list.
-
-
19. A method comprising:
-
establishing a communication connection between a wireless terminal and an access point, identifying at the access point a parameter from an authentication request of the wireless terminal which authentication method from two possible authentication methods the wireless terminal supports before starting the authentication, wherein the two possible authentication methods comprise a layer 2 authentication method and a layer 3 authentication method, said layer 2 or layer 3 authentication method being identified by receiving an association request message from the wireless terminal, and authenticating the wireless terminal utilizing the identified authentication method, wherein in the layer 2 authentication method the access point relays authentication information directly to the wireless terminal, and in the layer 3 authentication method the access point relays authentication information to the wireless terminal via an access controller. - View Dependent Claims (20, 21)
-
-
22. An apparatus comprising:
-
a processor and a memory configured to; establish a connection to a wireless terminal device; identify a parameter from an authentication request of the wireless terminal, which parameter determines which authentication method of the two possible authentication methods the wireless terminal supports before starting the authentication, wherein the two possible authentication methods comprise a layer 2 authentication method where the apparatus relays authentication information directly to the wireless terminal and a layer 3 authentication method where the apparatus relays authentication information to the wireless terminal via an access controller, said layer 2 or layer 3 authentication method being identified by receiving an association request message from the wireless terminal device; and convey authentication information directly or indirectly to the wireless terminal using the authentication method determined by the parameter. - View Dependent Claims (23, 24, 25)
-
-
26. An access point comprising:
-
a processor; and a memory, wherein the access point, in conjunction with the processor and the memory, is configured to set up a communication connection to a wireless terminal device in the communication network, the access point is configured to communicate with an authentication agent configured to relay authentication information of the wireless terminal device received from the access point to an authentication server, and a logical access controller functionality is configured to relay data packets of the authenticated terminal device and to block data packets of unauthenticated terminal devices, the logical access controller functionality further comprising a list of authenticated terminal devices, the authenticating server is configured to provide an authenticating service for the terminal device to authenticate to the network, the access point is configured to use either of the following authentication methods in order to authenticate the terminal device;
an 802.1x protocol authentication method wherein the access point relays authentication information directly between the terminal device and the authentication server, and an open system authentication method wherein the access point relays authentication information between the wireless terminal device and the authentication server via the authentication agent, in the communication network, said 802.1x protocol or open system authentication method being identified by receiving an association request message from the wireless terminal device. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
-
Specification