Protection against unauthorized wireless access points

US 8,457,594 B2
Filed: 08/25/2006
Issued: 06/04/2013
Est. Priority Date: 08/25/2006
Status: Active Grant

First Claim

Patent Images

1. In a wireless network where users connect to the wireless network through one or more wireless access points, a system for preventing connection with an unauthorized wireless access points, comprising:

an authentication server configured to;

receive, from a user device, a password established by the user over a secure link prior to the user attempting an unsecured connection to the wireless network through a wireless access point, the secure link being a hardwired link between the user device and an authorized wireless access point; and

provide the user-established password to each authorized wireless access point; and

a user device configured to;

receive, over the secure link, an authentication program;

locate a wireless access point;

request the user-established password when the user connects to the located wireless access point with the user device, after connecting to the authentication server over the secure link;

attempt to authenticate the located wireless access point with the user-established password;

determine, when the located wireless access point does not have the user-established password, that the located wireless access point is unauthorized; and

transmit an alert to the authentication server, based on the determination that the located wireless access point is unauthorized, the alert identifying the located wireless access point as unauthorized.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A public wireless network has authorized wireless access points through which users connect to the network. Authentication software provided to a user prompts a user to enter a password that is provided over a secure link to an authentication server. The authentication server provides the password to each authorized access point, so that it may be provided to the user when accessing the network through located wireless access point. If the password is not provided to the user by the located access point, the user is alerted that the located access point may be unauthorized.

Citations

21 Claims

1. In a wireless network where users connect to the wireless network through one or more wireless access points, a system for preventing connection with an unauthorized wireless access points, comprising:
- an authentication server configured to;
  
  receive, from a user device, a password established by the user over a secure link prior to the user attempting an unsecured connection to the wireless network through a wireless access point, the secure link being a hardwired link between the user device and an authorized wireless access point; and
  
  provide the user-established password to each authorized wireless access point; and
  
  a user device configured to;
  
  receive, over the secure link, an authentication program;
  
  locate a wireless access point;
  
  request the user-established password when the user connects to the located wireless access point with the user device, after connecting to the authentication server over the secure link;
  
  attempt to authenticate the located wireless access point with the user-established password;
  
  determine, when the located wireless access point does not have the user-established password, that the located wireless access point is unauthorized; and
  
  transmit an alert to the authentication server, based on the determination that the located wireless access point is unauthorized, the alert identifying the located wireless access point as unauthorized.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The system of claim 1, wherein the user communicates with wireless access points through a user device, and whereinthe authentication program provides the password to the authentication server over the secure link and requests the password from the located wireless access point when initiating communications with the located wireless access point after connecting to the authentication server over the secure link.
  - 3. The system of claim 2, whereinthe authentication program provides an alert to the user device and the authentication server if the located wireless access point does not provide the requested password;
    - andthe authentication server is adapted to alert a network operator that the located wireless access point did not provide the requested password.
  - 4. The system of claim 1, wherein the authentication server is maintained by an Internet Service Provider (ISP) and is separate from each authorized wireless access point.
  - 5. The system of claim 1, wherein the authorized wireless access point comprises the authentication server.
  - 6. The system of claim 1, wherein the wireless network has multiple authorized wireless access points.
  - 7. The system of claim 1, wherein the wireless network is a public WiFi network.
  - 8. The system of claim 6, wherein the wireless network connects a user to the internet.
  - 9. The system of claim 2, wherein the authentication program is adapted to control the user device to automatically look for an authorized wireless access point that has received the password and connect to the authorized wireless access point.
  - 10. The system of claim 9, wherein the authentication program controls the user device to automatically looks for the authorized wireless access point, request the password from the authorized wireless access point, connect to the authorized wireless access point, and deny further communications with any unauthorized wireless access point upon powering on the user device.

11. A method for detecting unauthorized wireless access points in a wireless network serving wireless users within a predetermined geographical area, comprising:
- establishing a connection to an authentication server over a secure link prior to the user attempting to access the wireless network with a user device through a wireless access point, wherein the secure link is a hardwired link between the user device and an authorized wireless access point;
  
  receiving, with the authentication server over the secure link, a password established by the user;
  
  providing the user-established password from the authentication server to each of one or more authorized wireless access points;
  
  receiving, at the user device, an authentication program over the secure link;
  
  requesting, with the user device, the password from a located wireless access point when the user initiates access at the located wireless access point after connecting to the authentication server over the secure link;
  
  authenticating, with the user device, the located wireless access point with the user-established password;
  
  when the located wireless access point does not have the user-established password, determining, with the user device, that the located wireless access point is not an authorized wireless access point and transmitting, with the user device, an alert identifying the located wireless access point as an unauthorized wireless access point; and
  
  receiving, at the authentication server, the alert from the user device identifying the located wireless access point as an unauthorized wireless access point.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 12. The method of claim 11, further comprising:
    - alerting the user and the authentication server if the located wireless access point is identified as an unauthorized wireless access point; and
      
      alerting a network operator that the located wireless access point did not provide the requested password.
  - 13. The method of claim 11, further comprising:
    - alerting the authentication server of the unauthorized wireless access point when the user is thereafter connected to the wireless network through an authorized wireless access point.
  - 14. The method of claim 11, further comprising:
    - providing the authentication program to the user device in advance of the user attempting access to the wireless network through an authorized, wireless access point, the authentication program being used to prompt the user for entry of the password.
  - 15. The method of claim 11, wherein the authentication server is maintained by an Internet Service Provider (ISP) and is separate from any authorized wireless access point.
  - 16. The method of claim 11, wherein the authorized wireless access point comprises the authentication server.
  - 17. The method of claim 11, wherein the wireless network has multiple authorized wireless access points.
  - 18. The method of claim 11, wherein the wireless network is a public WiFi network.
  - 19. The method of claim 18, wherein the wireless network connects a user to the internet.
  - 20. The method of claim 14, wherein the authentication program is further used to control the user device to automatically look for an authorized wireless access point that has received the password and connect to the authorized wireless access point.
  - 21. The method of claim 20, wherein the authentication program is provided to the user device and controls the user device to automatically look for an authorized wireless access point, request the password from the authorized wireless access point, connect to the authorized wireless access point, and deny further communications with any unauthorized wireless access point upon powering on the user device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Qwest Communications International Incorporated (Lumen Technologies, Inc.)
Original Assignee
Qwest Communications International Incorporated (Lumen Technologies, Inc.)
Inventors
Stevens, Gilman R., Cook, Charles I.
Primary Examiner(s)
KELLEY, STEVEN SHAUN

Application Number

US11/467,481
Publication Number

US 20080052512A1
Time in Patent Office

2,475 Days
Field of Search

455/411, 455/410, 709/225, 726 1- 4, 726/21, 370/338
US Class Current

455/410
CPC Class Codes

H04L 63/083   using passwords cryptograph...

H04L 63/1441   Countermeasures against mal...

H04W 12/065   Continuous authentication

H04W 12/068   using credential vaults, e....

H04W 12/122   Counter-measures against at...

H04W 88/08   Access point devices

Protection against unauthorized wireless access points

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Protection against unauthorized wireless access points

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links