Method and apparatus for securing communication between an access point and a network controller
First Claim
1. A method of securing communication between an access point that operates using licensed wireless frequencies covering a short-range distance and a network controller in a communication system comprising (i) a first communication system comprising a core network and a licensed radio access network and (ii) a wireless second communication system comprising the network controller and the access point, the network controller for communicatively coupling the access point to the core network, the method comprising:
- at the access point, establishing a particular secure tunnel between the access point and the network controller to protect signaling traffic between the access point and the network controller, wherein said signaling traffic is sent from a plurality of user equipments (UEs) to the access point over a wireless air interface;
after establishing the particular secure tunnel, intercepting a plurality of initial non access stratum (NAS) messages at the access point, each initial NAS message sent from one of the plurality of UEs towards the core network; and
in response to intercepting each particular initial NAS message, communicatively coupling a UE corresponding to the particular initial NAS message to the network controller using the particular secure tunnel,wherein the plurality of UEs are communicatively coupled to the access point through the wireless air interface.
11 Assignments
0 Petitions
Accused Products
Abstract
Some embodiments are implemented in a communication system that includes a first wireless communication system and a second wireless communication system that includes a Femtocell access point (FAP) and a network controller that can communicatively couple the FAP to the first wireless communication system. In some embodiments, the network controller can communicatively couple to the first wireless communication system through a UTRAN Iu interface. In some embodiments, the FAP can communicatively couple to a user equipment using a short-range licensed wireless frequency. Some embodiments provide method of securing communication between the FAP and the network controller. The method establishes a secure tunnel between the FAP and the network controller. The method communicatively couples the FAP and several user equipments (UEs) to the network controller by using the secure tunnel. The UEs are communicatively coupled to the FAP through an air interface.
418 Citations
21 Claims
-
1. A method of securing communication between an access point that operates using licensed wireless frequencies covering a short-range distance and a network controller in a communication system comprising (i) a first communication system comprising a core network and a licensed radio access network and (ii) a wireless second communication system comprising the network controller and the access point, the network controller for communicatively coupling the access point to the core network, the method comprising:
-
at the access point, establishing a particular secure tunnel between the access point and the network controller to protect signaling traffic between the access point and the network controller, wherein said signaling traffic is sent from a plurality of user equipments (UEs) to the access point over a wireless air interface; after establishing the particular secure tunnel, intercepting a plurality of initial non access stratum (NAS) messages at the access point, each initial NAS message sent from one of the plurality of UEs towards the core network; and in response to intercepting each particular initial NAS message, communicatively coupling a UE corresponding to the particular initial NAS message to the network controller using the particular secure tunnel, wherein the plurality of UEs are communicatively coupled to the access point through the wireless air interface. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of securing communication between an access point that operates using licensed wireless frequencies covering a short-range distance and a network controller in a communication system comprising (i) a first communication system comprising a core network and a licensed radio access network and (ii) a wireless second communication system comprising the network controller and the access point, the network controller for communicatively coupling the access point to the core network, the method comprising:
-
at the access point, establishing a particular secure tunnel between the access point and the network controller to protect user plane traffic between the access point and the network controller, wherein said user plane traffic is sent from a plurality of user equipments (UEs) to the access point over a wireless air interface; after establishing the particular secure tunnel, intercepting a plurality of initial non access stratum (NAS) messages at the access point, each initial NAS message sent from one of the plurality of UEs towards the core network; and in response to intercepting each particular initial NAS message, communicatively coupling a UE corresponding to the particular initial NAS message to the network controller using the particular secure tunnel, wherein the plurality of UEs are communicatively coupled to the access point through the wireless air interface. - View Dependent Claims (10)
-
-
11. A non-transitory computer readable storage medium storing a computer program for execution by an access point that operates using licensed wireless frequencies covering a short-range distance, the computer program for securing communications with a network controller in a communication system comprising (i) a first communication system comprising a core network and a licensed radio access network and (ii) a wireless second communication system comprising the access point and the network controller, the network controller for communicatively coupling the access point to the core network, the computer program comprising:
-
a set of instructions for establishing a particular secure tunnel between the access point and the network controller to protect signaling traffic between the access point and the network controller, wherein said signaling traffic is exchanged between a plurality of user equipments (UEs) and the access point over a wireless air interface; a set of instructions for intercepting a plurality of non access stratum (NAS) messages sent from the plurality of UEs towards the core network; a set of instructions for communicatively coupling the plurality of UEs to the network controller using the particular secure tunnel in response to intercepting the NAS messages from the plurality of UEs; and a set of instructions for communicatively coupling the plurality of UEs to the access point through said licensed wireless frequencies. - View Dependent Claims (12, 13, 14)
-
-
15. A non-transitory computer readable storage medium storing a computer program for execution by an access point that operates using licensed wireless frequencies covering a short-range distance, the computer program for securing communications with a network controller in a communication system comprising (i) a first communication system comprising a core network and a licensed radio access network and (ii) a wireless second communication system comprising the access point and the network controller, the network controller for communicatively coupling the access point to the core network, the computer program comprising:
-
a set of instructions for establishing a particular secure tunnel between the access point and the network controller to protect user plane traffic between the access point and the network controller, wherein said user plane traffic is sent from a plurality of user equipments (UEs) to the access point over a wireless air interface; a set of instructions for intercepting a plurality of non access stratum (NAS) messages sent from the plurality of UEs towards the core network; a set of instructions for communicatively coupling the plurality of UEs to the network controller using the particular secure tunnel in response to intercepting the NAS messages from the plurality of UEs; and a set of instructions for communicatively coupling the plurality of UEs to the access point through said licensed wireless frequencies.
-
-
16. A non-transitory computer readable storage medium storing a computer program for execution by an access point that operates using licensed wireless frequencies covering a short-range distance, the computer program for securing communications with a network controller in a communication system comprising (i) a first communication system comprising a core network and a licensed radio access network and (ii) a wireless second communication system comprising the access point and the network controller, the network controller for communicatively coupling the access point to the core network, the computer program comprising:
-
a set of instructions for establishing a particular secure tunnel between the access point and the network controller to protect signaling traffic between the access point and the network controller, wherein said signaling traffic is originated from the access point; a set of instructions for intercepting a plurality of non access stratum (NAS) messages sent from a plurality of user equipments (UEs) towards the core network; a set of instructions for communicatively coupling the plurality of UEs to the network controller using the particular secure tunnel in response to intercepting the NAS messages from the plurality of UEs; and a set of instructions for communicatively coupling the plurality of UEs to the access point through said licensed wireless frequencies.
-
-
17. A method of securing communication between an access point that operates using licensed wireless frequencies covering a short-range distance and a network controller in a communication system comprising (i) a first communication system comprising a core network and a licensed radio access network and (ii) a wireless second communication system comprising the network controller and the access point, the network controller for communicatively coupling the access point to the core network, the method comprising:
-
at the access point, establishing a particular secure tunnel between the access point and the network controller to protect signaling traffic between the access point and the network controller, wherein said signaling traffic is originated from the access point; after establishing the particular secure tunnel, intercepting a plurality of initial non access stratum (NAS) messages at the access point, each initial NAS message sent from one of a plurality of user equipments (UEs) towards the core network; and in response to intercepting each particular initial NAS message, communicatively coupling a UE corresponding to the particular initial NAS message to the network controller using the particular secure tunnel, wherein the plurality of UEs are communicatively coupled to the access point through a wireless air interface.
-
-
18. An access point that operates using licensed wireless frequencies with short-range coverage in a communication system comprising (i) a first communication system comprising a core network and a licensed radio access network and (ii) a wireless second communication system comprising the access point and a network controller, the network controller for communicatively coupling the access point to the core network, the access point comprising:
-
a first module to implement protocols for facilitating communications with the network controller by establishing a particular secure tunnel between the access point and the network controller to protect user plane traffic between the access point and the network controller, wherein said user plane traffic is sent from a plurality of user equipments (UEs) to the access point over an air interface; a second module for intercepting a plurality of initial non access stratum (NAS) messages after the particular secure tunnel is established, each initial NAS message sent from one of the plurality of UEs towards the core network; a third module to implement protocols for facilitating communications with the plurality of UEs by communicatively coupling the UEs to the network controller using the particular secure tunnel; and electronic circuitry for implementing said first, second, and third modules. - View Dependent Claims (19)
-
-
20. An access point that operates using licensed wireless frequencies with short-range coverage in a communication system comprising (i) a first communication system comprising a core network and a licensed radio access network and (ii) a wireless second communication system comprising the access point and a network controller, the network controller for communicatively coupling the access point to the core network, the access point comprising:
-
a first module to implement protocols for facilitating communications with the network controller by establishing a particular secure tunnel between the access point and the network controller to protect signaling traffic between the access point and the network controller, wherein said signaling traffic is sent from a plurality of user equipments (UEs) to the access point over an air interface; a second module for intercepting a plurality of initial non access stratum (NAS) messages after the particular secure tunnel is established, each initial NAS message sent from one of the plurality of UEs towards the core network; a third module to implement protocols for facilitating communications with the plurality of UEs by communicatively coupling the UEs to the network controller using the particular secure tunnel; and electronic circuitry for implementing said first, second, and third modules.
-
-
21. An access point that operates using licensed wireless frequencies with short-range coverage in a communication system comprising (i) a first communication system comprising a core network and a licensed radio access network and (ii) a wireless second communication system comprising the access point and a network controller, the network controller for communicatively coupling the access point to the core network, the access point comprising:
-
a first module to implement protocols for facilitating communications with the network controller by establishing a particular secure tunnel between the access point and the network controller to protect signaling traffic between the access point and the network controller, wherein said signaling traffic is originated from the access point; a second module for intercepting a plurality of initial non access stratum (NAS) messages after the particular secure tunnel is established, each initial NAS message sent from one of a plurality of user equipments (UEs) towards the core network, wherein the plurality of UEs are communicatively coupled to the access point using said licensed wireless frequencies; a third module to implement protocols for facilitating communications with a plurality of UEs by communicatively coupling the UEs to the network controller using the particular secure tunnel; and electronic circuitry for implementing said first, second, and third modules.
-
Specification