Wireless access point security for multi-hop networks

US 8,468,338 B2
Filed: 07/06/2007
Issued: 06/18/2013
Est. Priority Date: 07/06/2006
Status: Active Grant

First Claim

Patent Images

1. An access point for use in a multiple hop access point set comprising:

at least one wireless communication interface; and

a control system associated with the at least one wireless communication interface and adapted to;

obtain resource information for communications to be supported by a child access point in the access point set;

encrypt the resource information using a first key to create encrypted resource information;

initiate delivery of the encrypted resource information to the child access point via the at least one wireless communication interface; and

effect delivery of encrypted traffic content intended for a mobile station to the child access point, wherein the encrypted traffic content is encrypted using a traffic encryption key that is different from the first key.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Security in wireless communication networks that employ relay stations to facilitate communications between base stations and mobile stations is enhanced. In one embodiment, resource information provided to one or more relay stations from a base station or another relay station is encrypted prior to being delivered to the one or more relay stations. Only authorized relay stations are allocated an appropriate key necessary to decrypt the resource information. As such, only appropriate relay stations are able to access and use the resource information to effect communications directly or indirectly between the base stations and the mobile stations. In certain embodiments, the resource information is delivered between the various base and relay stations using either unicast or multicast delivery techniques.

9 Citations

View as Search Results

32 Claims

1. An access point for use in a multiple hop access point set comprising:
- at least one wireless communication interface; and
  
  a control system associated with the at least one wireless communication interface and adapted to;
  
  obtain resource information for communications to be supported by a child access point in the access point set;
  
  encrypt the resource information using a first key to create encrypted resource information;
  
  initiate delivery of the encrypted resource information to the child access point via the at least one wireless communication interface; and
  
  effect delivery of encrypted traffic content intended for a mobile station to the child access point, wherein the encrypted traffic content is encrypted using a traffic encryption key that is different from the first key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The access point of claim 1 wherein the access point is a relay station that is at least one wireless communications hop away from a base station, and the child access point is another relay station.
  - 3. The access point of claim 1 wherein the access point is a base station and the child access point is a relay station that is at least one wireless communications hop away from the base station.
  - 4. The access point of claim 1 wherein the encrypted resource information map is delivered over a single wireless communications hop to the child access point.
  - 5. The access point of claim 1 wherein the encrypted resource information map is delivered over a plurality of wireless communications hops via at least one relay station to the child access point.
  - 6. The access point of claim 1 wherein to initiate delivery of the encrypted resource information map, the control system is adapted to unicast the encrypted resource information to the child access point.
  - 7. The access point of claim 6 wherein the control system is further adapted to unicast different encrypted resource information to different child access points.
  - 8. The access point of claim 7 wherein each of the different encrypted resource information for the different child access points is encrypted with a different key.
  - 9. The access point of claim 1 wherein the resource information is used for communications to be supported by a plurality of child access points in the access point set, and to initiate delivery of the encrypted resource information, the control system is adapted to multicast the encrypted resource information to the plurality of child access points.
  - 10. The access point of claim 9 wherein the access point and at least the plurality of child access points form a multicast group and the control system is further adapted to:
    - gain entry into a network comprising the access point set; and
      
      join the multicast group.
  - 11. The access point of claim 1 wherein the resource information comprises resource allocations for each of the plurality of child access points that are maintained in a resource allocation map, and to encrypt the resource information, the control system is further adapted to encrypt the resource allocation map using the first key.
  - 12. The access point of claim 11 wherein the resource allocation map provides resource allocations for access points, and is different from a mobile station resource allocation map providing resource allocations for direct use by a mobile station.
  - 13. The access point of claim 1 wherein the resource information comprises resource allocations to use for the communications to be supported by the child access point.
  - 14. The access point of claim 1 wherein the resource information comprises a mapping of physical layer resources to logical communication channels.
  - 15. The access point of claim 14 wherein the resource information comprises a mapping of physical layer carriers or sub-carriers to logical communication channels or sub-channels.
  - 16. The access point of claim 1 wherein the resource information comprises modulation information to use for the communications to be supported by the child access point.
  - 17. The access point of claim 1 wherein information comprising the resource information is obtained over at least one wireless communication hop from a parent access point.
  - 18. The access point of claim 17 wherein the control system is further adapted to decrypt the information to recover the resource information.
  - 19. The access point of claim 1 wherein to obtain the resource information, the control system is further adapted to internally generate the resource information.
  - 20. The access point of claim 1, wherein the control system is further adapted to further encrypt the encrypted traffic content with the first key.

21. An access point for use in a multiple hop access point set comprising:
- at least one wireless communication interface; and
  
  a control system associated with the at least one wireless communication interface and adapted to;
  
  receive from a parent access point via multicast delivery encrypted resource information for communications, the parent access point resides in the access point set, wherein the resource information comprises resource allocations for each of a plurality of access points that are maintained in a resource allocation map, wherein the resource allocation map provides resource allocations for access points, and is different from a mobile station resource allocation map providing resource allocations for direct use by a mobile station;
  
  decrypt the encrypted resource information map using a first key to obtain the resource information; and
  
  apply the resource information for communications with at least one of the parent access point, a child access point, and a mobile station via the at least one wireless communication interface.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 22. The access point of claim 21 wherein the access point is a relay station that is at least one wireless communications hop away from a base station.
  - 23. The access point of claim 21 wherein the encrypted resource information is received over a single wireless communications hop from the parent access point.
  - 24. The access point of claim 21 wherein the encrypted resource information is received via a plurality of wireless communications hops from the parent access point.
  - 25. The access point of claim 21 wherein the encrypted resource information is received via unicast delivery from the parent access point.
  - 26. The access point of claim 21 wherein the control system is further adapted to decrypt the resource allocation map using the first key.
  - 27. The access point of claim 21 wherein the resource information comprises resource allocations to use for the communications.
  - 28. The access point of claim 21 wherein the resource information comprises a mapping of physical layer resources to logical communication channels.
  - 29. The access point of claim 28 wherein the resource information comprises a mapping of physical layer carriers or sub-carriers to logical communication channels or sub-channels.
  - 30. The access point of claim 21 wherein the resource information comprises modulation information to use for the communications.

31. A method for use in a multiple hop access point set comprising:
- obtaining resource information for communications to be supported by a child access point in the access point set;
  
  encrypting the resource information using a first key to create encrypted resource information map;
  
  initiating delivery of the encrypted resource information map to the child access point via at least one wireless communication interface; and
  
  effecting delivery of encrypted traffic content intended for a mobile station to the child access point, wherein the encrypted traffic content is encrypted using a traffic encryption key that is different from the first key.

32. A method for use in a multiple hop access point set comprising:
- receiving via multicast delivery from a parent access point encrypted resource information for communications, the parent access point residing in the access point set, wherein the resource information comprises resource allocations for each of a plurality of access points that are maintained in a resource allocation map, wherein the resource allocation map provides resource allocations for access points, and is different from a mobile station resource allocation map providing resource allocations for direct use by a mobile station;
  
  decrypting the encrypted resource information using a first key to obtain resource information; and
  
  applying the resource information for communications with at least one of the parent access point, a child access point, and a mobile station via at least one wireless communication interface.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
Zhang, Hang, Zhu, Peiying, Fong, Mo-Han, Tong, Wen, Senarath, Gamini, Yu, Derek, Steer, David
Primary Examiner(s)
ZECHER, CORDELIA P K

Application Number

US12/307,695
Publication Number

US 20090307484A1
Time in Patent Office

2,174 Days
Field of Search

713/153
US Class Current

713/153
CPC Class Codes

H04B 7/155   Ground-based stations H04B7...

H04L 63/0428   wherein the data content is...

H04L 63/0464   using hop-by-hop encryption...

H04L 63/0478   applying multiple layers of...

H04W 12/02   Protecting privacy or anony...

H04W 12/03   Protecting confidentiality,...

H04W 12/122   Counter-measures against at...

H04W 28/16   Central resource management...

H04W 84/18   Self-organising networks, e...

H04W 88/04   adapted for relaying to or ...

H04W 88/08   Access point devices

Wireless access point security for multi-hop networks

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

9 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Wireless access point security for multi-hop networks

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

9 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links