Location-enabled security services in wireless network
First Claim
1. A method of providing location enabled security services in a wireless communications network, said method comprising the steps of:
- receiving by said wireless communications network a network access request from a mobile network node requesting access to said wireless communications network, said wireless communications network having location-positioning capabilities, said requesting node comprising an electronic device capable of wireless communications in the wireless communications network providing to said wireless communications network information for determining the location of said requesting node;
calculating by said wireless communications network a quantitative security value for said requesting, said quantitative security value calculating step comprising;
using position information about said requesting node derived from signal measurements for said requesting node received by at least one existing authorised node in said wireless communications network,using a different form of position information for claimed position information of said requesting node received by said wireless communications network from said requesting node; and
comparing said claimed position information of said requesting node with an error ellipse on the position of the requesting node; and
denying by said wireless communications network access to said requesting node to said wireless communications network if said quantitative security value does not satisfy a specified threshold value for network security.
1 Assignment
0 Petitions
Accused Products
Abstract
A method (300), an apparatus (100), and a computer program product for providing location enabled security services in a wireless network are disclosed. In the method, a network access request from a node requesting access to the wireless network is received (304). A probability level for a position for the requesting node is calculated (310) using position information claimed by the requesting node and position information about the requesting node derived from signal measurements for the requesting node received by at least one existing authorized node in the wireless network. Access for the requesting node to the wireless network is denied (314) if the probability level does not satisfy a specified threshold condition for network security (312). Access for the requesting node to the wireless network is granted (318) if the probability level does satisfy the specified threshold condition (312).
29 Citations
52 Claims
-
1. A method of providing location enabled security services in a wireless communications network, said method comprising the steps of:
-
receiving by said wireless communications network a network access request from a mobile network node requesting access to said wireless communications network, said wireless communications network having location-positioning capabilities, said requesting node comprising an electronic device capable of wireless communications in the wireless communications network providing to said wireless communications network information for determining the location of said requesting node; calculating by said wireless communications network a quantitative security value for said requesting, said quantitative security value calculating step comprising; using position information about said requesting node derived from signal measurements for said requesting node received by at least one existing authorised node in said wireless communications network, using a different form of position information for claimed position information of said requesting node received by said wireless communications network from said requesting node; and comparing said claimed position information of said requesting node with an error ellipse on the position of the requesting node; and denying by said wireless communications network access to said requesting node to said wireless communications network if said quantitative security value does not satisfy a specified threshold value for network security. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 33, 34, 35, 36, 37)
-
-
17. A computer program product comprising a computer readable medium having recorded therein a computer program for providing location enabled security services in a wireless communications network, said computer program product comprising:
-
computer program code means for receiving by said wireless communications network a network access request from a mobile network node requesting access to said wireless communications network, said wireless communications network having location-positioning capabilities, said requesting node comprising an electronic device capable of wireless communications in the wireless communications network and providing to said wireless communications network information for determining the location of said requesting node; computer program code means for calculating by said wireless communications network a quantitative security value for said requesting node, calculating said quantitative security value comprising; using position information about said requesting node derived from signal measurements for said requesting node received by at least one existing authorised node in said wireless communications network, using a different form of position information for claimed position information by said requesting node received by said wireless communications network from said requesting node; and comparing said claimed position information of said requesting node with an error ellipse on the position of the requesting node; and computer program code means for denying by said wireless communications network access to said wireless communications network if said quantitative security value does not satisfy a specified threshold value for network. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 38, 39, 40)
-
-
41. A system comprising:
-
an interface for coupling with a wireless communications network; memory for storing software; and a processing unit coupled to said interface and said memory for executing said software to provide location enabled security services in said wireless communications network, said memory and said processing unit executing said software implmenting a location engine module and a security permission module; said location engine module adapted to receive from at least one authorised node of said wireless communications network a network access request from a mobile network node requesting access to said wireless communications network, said wireless communications network having location-positioning capabilities, said authorised and requesting nodes each comprising an electronic device capable of wireless communications in the wireless communications network, said requesting node being adapted to provide to said wireless communications network information for determining the location of said requesting node; said location engine module adapted to calculate for said wireless communications network a quantitative security value for said requesting node, calculating said quantitative security value comprising; using position information about said requesting node derived from signal measurements for said requesting node received by at least one existing authorised node in said wireless communications network, using a different form of position information for claimed position information of said requesting node received by said wireless communications network from said requesting node; and comparing said claimed position information of said requesting node with an error ellipse on the position of the requesting node; and said security permission module adapted to deny by said wireless communications network access to said wireless communications network if said quantitative security value does not satisfy a specified threshold value for network security. - View Dependent Claims (42, 43, 44, 45, 46, 47, 48, 49)
-
-
50. A method of providing location enabled security services in a wireless communications network, said method comprising the steps of:
-
receiving by said wireless communications network a network access request from a mobile network node requesting access to said wireless communications network, said wireless communications network having location-positioning capabilities, said requesting node comprising an electronic device capable of wireless communications in the wireless communications network and providing to said wireless communications network information for determining the location of said requesting node; calculating by said wireless communications network a quantitative security value for said requesting node, said quantitative security value being calculated; using position information about said requesting node derived from signal measurements for said requesting node received by at least one existing authorised node in said wireless communications network, using a different form of position information for claimed position information of said requesting node received by said wireless communications network from said requesting node, and based on Cramer-Rao Bounds; and denying by said wireless communications network access to said requesting node to said wireless communications network if said quantitative security value does not satisfy a specified threshold value for network security.
-
-
51. A computer program product comprising a non-transitory computer readable medium having recorded therein a computer program for providing location enabled security services in a wireless communications network, said computer program product comprising:
-
computer program code means for receiving by said wireless communications network a network access request from a mobile network node requesting access to said wireless communications network, said wireless communications network having location-positioning capabilities, said requesting node comprising an electronic device capable of wireless communications in the wireless communications network and providing to said wireless communications network information for determining the location of said requesting node; computer program code means for calculating by said wireless communications network a quantitative security value for said requesting node, said quantitative security value calculated; using position information about said requesting node derived from signal measurements for said requesting node received by at least one existing authorised node in said wireless communications network, using a different form of position information for claimed position information by said requesting node received by said wireless communications network from said requesting node, and based on Cramer-Rao Bounds; and computer program code means for denying by said wireless communications network access to said wireless communications network if said quantitative security value does not satisfy a specified threshold value for network security.
-
-
52. A system comprising:
-
an interface for coupling with a wireless communications network; memory for storing software; and a processing unit coupled to said interface and said memory for executing said software to provide location enabled security services in said wireless communications network, said memory and said processing unit executing said software implementing a location engine module and a security permission module; said location engine module adapted to receive from at least one authorised node of said wireless communications network a network access request from a mobile network node requesting access to said wireless communications network, said wireless communications network having location-positioning capabilities, said authorised and requesting nodes each comprising an electronic device capable of wireless communications in the wireless communications network, said requesting node being adapted to provide to said wireless communications network information for determining the location of said requesting node; said location engine module adapted to calculate for said wireless communications network a quantitative security value for said requesting node, said quantitative security value calculated; using position information about said requesting node derived from signal measurements for said requesting node received by at least one existing authorised node in said wireless communications network, using a different form of position information for claimed position information of said requesting node received by said wireless communications network from said requesting node, and based on Cramer-Rao Bounds; and said security permission module adapted to deny by said wireless communications network access to said wireless communications network if said quantitative security value does not satisfy a specified threshold value for network security.
-
Specification