Increased security during network entry of wireless communication devices
First Claim
1. A method of operating a wireless communication system, the method comprising:
- exchanging wireless communications between a wireless access node and a wireless communication device to perform a network entry process, wherein the network entry process comprises at least a capability exchange phase and a subsequent authentication exchange phase;
monitoring performance characteristics of a wireless link between the wireless communication device and the wireless access node carrying the wireless communications of the network entry process;
during the capability exchange phase, transferring a capability negotiation message from the wireless communication device, and receiving the capability negotiation message in the wireless access node;
during the authentication exchange phase, transferring an authentication key associated with the wireless communication device and a digital signature for the capability negotiation message from the wireless communication device, and receiving the authentication key associated with the wireless communication device and the digital signature for the capability negotiation message in the wireless access node;
authenticating the capability negotiation message by processing the digital signature for the capability negotiation message and the authentication key associated with the wireless communication device;
detecting when the network entry process is discontinued if the capability negotiation message is not authentic; and
processing the performance characteristics and a time of when the network entry process is discontinued to determine if the performance characteristics at the time of when the network entry process is discontinued indicate a security breach on the wireless link.
6 Assignments
0 Petitions
Accused Products
Abstract
What is disclosed is a method of operating a wireless communication system. The method includes exchanging wireless communications between a wireless access node and a wireless communication device to perform a network entry process, where the network entry process comprises at least a capability exchange phase and a subsequent authentication exchange phase. The method also includes, during the capability exchange phase, transferring a capability negotiation message from the wireless communication device, and receiving the capability negotiation message in the wireless access node. The method also includes, during the authentication exchange phase, transferring an authentication key associated with the wireless communication device and a digital signature for the capability negotiation message from the wireless communication device, and receiving the authentication key associated with the wireless communication device and the digital signature for the capability negotiation message in the wireless access node. The method also includes authenticating the capability negotiation message by processing the digital signature for the capability negotiation message and the authentication key associated with the wireless communication device.
-
Citations
18 Claims
-
1. A method of operating a wireless communication system, the method comprising:
-
exchanging wireless communications between a wireless access node and a wireless communication device to perform a network entry process, wherein the network entry process comprises at least a capability exchange phase and a subsequent authentication exchange phase; monitoring performance characteristics of a wireless link between the wireless communication device and the wireless access node carrying the wireless communications of the network entry process; during the capability exchange phase, transferring a capability negotiation message from the wireless communication device, and receiving the capability negotiation message in the wireless access node; during the authentication exchange phase, transferring an authentication key associated with the wireless communication device and a digital signature for the capability negotiation message from the wireless communication device, and receiving the authentication key associated with the wireless communication device and the digital signature for the capability negotiation message in the wireless access node; authenticating the capability negotiation message by processing the digital signature for the capability negotiation message and the authentication key associated with the wireless communication device; detecting when the network entry process is discontinued if the capability negotiation message is not authentic; and processing the performance characteristics and a time of when the network entry process is discontinued to determine if the performance characteristics at the time of when the network entry process is discontinued indicate a security breach on the wireless link. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A wireless communication system, comprising:
-
a wireless access node and a wireless communication device configured to perform a network entry process by exchanging wireless communications, wherein the network entry process comprises at least a capability exchange phase and a subsequent authentication exchange phase; the wireless access node configured to monitor performance characteristics of a wireless link between the wireless communication device and the wireless access node carrying the wireless communications of the network entry process; during the capability exchange phase, communication circuitry of the wireless communication device configured to transfer a capability negotiation message, and the wireless access node configured to receive the capability negotiation message; during the authentication exchange phase, the communication circuitry of the wireless communication device configured to transfer an authentication key associated with the wireless communication device and a digital signature for the capability negotiation message, and the wireless access node configured to receive the authentication key associated with the wireless communication device and the digital signature for the capability negotiation message; the wireless access node configured to authenticate the capability negotiation message by processing the digital signature for the capability negotiation message and the authentication key associated with the wireless communication device; and the wireless access node configured to detect when the network entry process is discontinued if the capability negotiation message is not authentic, and process the performance characteristics and a time of when the network entry process is discontinued to determine if the performance characteristics at the time of when the network entry process is discontinued indicate a security breach on the wireless link. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification