Femtocell access control

US 9,066,232 B2
Filed: 06/07/2010
Issued: 06/23/2015
Est. Priority Date: 06/08/2009
Status: Expired due to Fees

First Claim

Patent Images

1. A method, comprising:

in a wireless communication network comprising a femto access point (FAP) configured for wireless communication with at least one authorized mobile station (MS) accessing the network via the FAP, transmitting FAP authentication data from the FAP to obtain MS access authorization data stored by a remote storage point in communication with the FAP;

receiving the MS access authorization data for the FAP from the storage point at an enforcement point (EP), in response to the FAP authentication data, wherein the EP excludes the FAP; and

controlling, at the EP, wireless network access by the MS via the FAP, in response to the MS access authorization data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Access by a mobile station to a femto access point (FAP) of a wireless communication system is controlled by an enforcement point in response to mobile station authorization data provided from a storage point that is remote from the FAP. The authorization data is provided in response to FAP authentication data. The authentication data may include a FAP identifier and a message authenticator that the FAP generates by hashing shared secret information. The storage point may provide the authorization data in response to determining that the message authenticator is a hash of the shared secret information.

12 Citations

30 Claims

1. A method, comprising:
- in a wireless communication network comprising a femto access point (FAP) configured for wireless communication with at least one authorized mobile station (MS) accessing the network via the FAP, transmitting FAP authentication data from the FAP to obtain MS access authorization data stored by a remote storage point in communication with the FAP;
  
  receiving the MS access authorization data for the FAP from the storage point at an enforcement point (EP), in response to the FAP authentication data, wherein the EP excludes the FAP; and
  
  controlling, at the EP, wireless network access by the MS via the FAP, in response to the MS access authorization data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein the wireless communication network comprises any one of the group consisting of a Session Initiation Protocol (SIP) based circuit-switched network, an Interoperability Specification (IOS) based circuit-switched network, and a packet-switched network.
  - 3. The method of claim 1, further comprising generating the MS access authorization data in response to determining that the FAP authentication data is valid.
  - 4. The method of claim 1, wherein the storage point comprises any one of the group consisting of an AN-AAA, an AAA, and a HAAA.
  - 5. The method of claim 1, wherein the EP comprises a Femto Gateway (FGW).
  - 6. The method of claim 1, wherein the EP comprises a separate enforcement point that is not one of a Femto Convergence Server (FCS), a Femto Gateway (FGW), a Packet Data Serving Node (PDSN), or a mobile switching center (MSC).
  - 7. The method of claim 1, wherein the wireless communication network is a circuit-switched network, and wherein the EP comprises any one of the group consisting of a Femto Convergence Server (FCS), a Femto Gateway (FGW), and a separate enforcement point.
  - 8. The method of claim 1, wherein the wireless communication network is a packet-switched network, and wherein the EP comprises any one of the group consisting of a Packet Data Serving Node (PDSN), a Femto Gateway (FGW), and a separate enforcement point.
  - 9. The method of claim 1, wherein the wireless communication network is an Interoperability Specification (IOS) based circuit-switched network, and wherein the EP comprises any one of the group consisting of a mobile switching center (MSC), a Femto Gateway (FGW), and a separate enforcement point.
  - 10. The method of claim 1, wherein the MS access authorization data comprises an access control list comprising identifiers for authorized mobile stations.
  - 11. The method of claim 1, wherein the MS access authorization data further comprises a FAP type identifier.
  - 12. The method of claim 1, wherein controlling the wireless network access by the MS via the FAP comprises preventing the MS from accessing the wireless network in response to determining that the MS is not listed in an access control list for the FAP.
  - 13. The method of claim 12, wherein controlling the wireless network access by the MS via the FAP comprises redirecting the MS to a macro base station.
  - 14. The method of claim 1, wherein controlling the wireless network access by the MS via the FAP comprises permitting limited access to the wireless network.
  - 15. The method of claim 14, wherein controlling the wireless network access by the MS via the FAP comprises redirecting the MS to a macro base station after the permitting the limited access, and then tearing down a communication session between the MS and the FAP.

16. A communications apparatus, comprising:
- a memory that retains instructions;
  
  for transmitting femto access point (FAP) authentication data from a FAP to obtain MS access authorization data stored by a remote storage point in communication with the FAP;
  
  for receiving the MS access authorization data for the FAP from the storage point at an enforcement point (EP), in response to the FAP authentication data, wherein the EP excludes the FAP; and
  
  for controlling, at the EP, wireless network access by the MS via the FAP, in response to the MS access authorization data; and
  
  a processor that executes the instructions.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The communications apparatus of claim 16, wherein the EP comprises a Femto Gateway (FGW).
  - 18. The communications apparatus of claim 16, wherein the remote storage point comprises an Authorization, Authentication and Accounting (AAA) server.
  - 19. The communications apparatus of claim 16, wherein the memory retains further instructions for generating a request for the MS access authorization data using secret information shared with the storage point, the request comprising an identifier for the FAP and the FAP authentication data.
  - 20. The communications apparatus of claim 16, wherein the memory retains further instructions for controlling access to a wireless communication network (WCN) via the FAP in accordance with an access control list included in the MS access authorization data, the access control list comprising identifiers for mobile stations authorized to access the WCN via the FAP.

21. A communications apparatus, comprising:
- means for transmitting femto access point (FAP) authentication data from a FAP to obtain MS access authorization data stored by a remote storage point in communication with the FAP;
  
  means for receiving the MS access authorization data for the FAP from the storage point at an enforcement point (EP), in response to the FAP authentication data, wherein the EP excludes the FAP; and
  
  means for controlling, at the EP, wireless network access by the MS via the FAP, in response to the MS access authorization data.
- View Dependent Claims (22, 23, 24, 25)
- - 22. The communications apparatus of claim 21, wherein the EP comprises a Femto Gateway (FGW).
  - 23. The communications apparatus of claim 21, wherein the remote storage point comprises an Authorization, Authentication and Accounting (AAA) server.
  - 24. The communications apparatus of claim 21, further comprising means for generating a request for the MS access authorization data using secret information shared with the storage point, the request comprising an identifier for the FAP and the FAP authentication data.
  - 25. The communications apparatus of claim 21, further comprising means for controlling access to a wireless communication network (WCN) via the FAP in accordance with an access control list included in the MS access authorization data, the access control list comprising identifiers for mobile stations authorized to access the FAP.

26. A non-transitory computer readable medium storing computer executable instructions that, when executed by at least one processor, implement components comprising:
- a first set of codes for transmitting femto access point (FAP) authentication data from a FAP to obtain MS access authorization data stored by a remote storage point in communication with the FAP;
  
  a second set of codes for receiving the MS access authorization data for the FAP from the storage point at an enforcement point (EP), in response to the FAP authentication data, wherein the EP excludes the FAP; and
  
  a third set of codes for controlling, at the EP, wireless network access by the MS via the FAP, in response to the MS access authorization data.
- View Dependent Claims (27, 28, 29, 30)
- - 27. The non-transitory computer readable medium of claim 26, wherein the EP comprises a Femto Gateway (FGW).
  - 28. The non-transitory computer readable medium of claim 26, wherein the remote storage point comprises an Authorization, Authentication and Accounting (AAA) server.
  - 29. The non-transitory computer readable medium of claim 26, further comprising a fourth set of codes for generating a request for the MS access authorization data using secret information shared with the storage point, the request comprising an identifier for the FAP and the FAP authentication data.
  - 30. The non-transitory computer readable medium of claim 26, further comprising a fifth set of codes for controlling access to a wireless communication network (WCN) via the FAP in accordance with an access control list included in the MS access authorization data, the access control list comprising identifiers for mobile stations authorized to access the FAP.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Qualcomm, Inc.
Original Assignee
Qualcomm, Inc.
Inventors
Wang, Jun, Palanigounder, Anand, Tinnakornsrisuphap, Peerapol, Cherian, George, Sundarraman, Chandrasekhar Therazhandur, Mao, Yinian, Rauber, Peter Hans
Primary Examiner(s)
Chung, Hoon J

Application Number

US12/795,412
Publication Number

US 20110134837A1
Time in Patent Office

1,842 Days
Field of Search

370/310.2, 370328-339, 370/349, 455/422.1
US Class Current

1/1
CPC Class Codes

H04L 63/0892   by using authentication-aut...

H04L 63/101   Access control lists [ACL]

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 84/045   using private Base Stations...

Femtocell access control

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

12 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Femtocell access control

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links