Securing communications over a first communication link with encryption managed by a second communication link

US 9,106,421 B1
Filed: 01/15/2013
Issued: 08/11/2015
Est. Priority Date: 01/15/2013
Status: Active Grant

First Claim

Patent Images

1. A method for securing a communication link, the method comprising:

establishing a first wireless communication link between a user equipment device (UE) and a communication network, wherein the first wireless communication link is an unsecured communication link and is established under a first air interface protocol;

communicating unencrypted data between the UE and the Internet over the first unsecured wireless communication link;

transmitting, by the UE, a request to engage in a secure communication, wherein the request includes a request to engage in a hypertext transfer protocol secure (HTTPS) communication over the first wireless communication link;

establishing, responsive to the UE transmitting the request to engage in the secure communication, a second wireless communication link between the UE and the communication network, wherein the second wireless communication link is a secured communication link and is established under a second air interface protocol;

transmitting, responsive to the UE transmitting the request to engage in the secure communication, an encryption key to the UE over the second wireless communication link;

encrypting data, by the UE, using the encryption key; and

communicating the encrypted data over the first wireless communication link from the UE to the communication network.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are a method, apparatus, and system for securing a communication link between a user equipment device (UE) and a communication network. A first wireless communication link is established between the UE and the communication network. The first wireless communication link is an unsecured communication link and is established under a first air interface protocol. A second wireless communication link is established between the UE and the communication network. The second wireless communication link is a secured communication link and is established under a second air interface protocol. An encryption key is transmitted to the UE over the second wireless communication link, the UE encrypts data using the encryption key, and the encrypted data is communicated over the first wireless communication link from the UE to the communication network.

Citations

17 Claims

1. A method for securing a communication link, the method comprising:
- establishing a first wireless communication link between a user equipment device (UE) and a communication network, wherein the first wireless communication link is an unsecured communication link and is established under a first air interface protocol;
  
  communicating unencrypted data between the UE and the Internet over the first unsecured wireless communication link;
  
  transmitting, by the UE, a request to engage in a secure communication, wherein the request includes a request to engage in a hypertext transfer protocol secure (HTTPS) communication over the first wireless communication link;
  
  establishing, responsive to the UE transmitting the request to engage in the secure communication, a second wireless communication link between the UE and the communication network, wherein the second wireless communication link is a secured communication link and is established under a second air interface protocol;
  
  transmitting, responsive to the UE transmitting the request to engage in the secure communication, an encryption key to the UE over the second wireless communication link;
  
  encrypting data, by the UE, using the encryption key; and
  
  communicating the encrypted data over the first wireless communication link from the UE to the communication network.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the first air interface protocol is a wireless local area network (WLAN) protocol and the second air interface protocol is a cellular network protocol.
  - 3. The method of claim 2, wherein the WLAN network protocol is Wi-Fi and the cellular network protocol is LTE.
  - 4. The method of claim 1, wherein transmitting the encryption key includes transmitting a changing encryption key to the UE.
  - 5. The method of claim 1, further comprising accessing the encryption key by a network node that serves as a gateway to a packet data network.
  - 6. The method of claim 5, wherein encrypting data includes the UE and the network node encrypting data, wherein communicating the encrypted data includes the UE and the network node communicating the encrypted data over the first wireless communication link, and further comprising decrypting, by the UE and the network node, the encrypted data using the encryption key.
  - 7. The method of claim 1, wherein transmitting the request to engage in the secure communication further includes transmitting, over the first unsecured wireless communication link, the request to engage in the secure communication.

8. A user equipment device (UE) comprising:
- a first radio for establishing a first wireless communication link between the UE and a communication network, wherein the first radio operates under a first air interface protocol;
  
  a second radio for establishing a second wireless communication link between the UE and the communication network, wherein the second radio operates under a second air interface protocol; and
  
  control logic operable to;
  
  establish the first wireless communication link under the first air interface protocol,communicate unencrypted data between the UE and the Internet over the first wireless communication link,transmit a request to engage in a secure communication, wherein the request is to engage in a hypertext transfer protocol secure (HTTPS) communication over the first wireless communication link,establish, responsive to transmitting the request, the second wireless communication link under the second air interface protocol,and wherein the control logic is further operable to receive an encryption key over the second wireless communication link in response to transmitting the request, to encrypt data using the encryption key, and to communicate the encrypted data over the first wireless communication link.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The UE of claim 8, wherein the first air interface protocol is a wireless local area network (WLAN) protocol and the second air interface protocol is a cellular network protocol.
  - 10. The UE of claim 9, wherein the WLAN protocol is Wi-Fi and the cellular network protocol is LTE.
  - 11. The UE of claim 8, wherein the control logic is further operable to receive data encrypted using the encryption key and to decrypt the received encrypted data using the encryption key.
  - 12. The UE of claim 8, wherein the control logic operable to transmit the request to engage in the secure communication further includes the control logic operable to transmit, over the first wireless communication link, the request to engage in the secure communication.

13. A communication network comprising:
- a user equipment device (UE);
  
  a wireless local area network (WLAN) access point;
  
  a base station; and
  
  an encryption node,wherein the UE is configured to communicate with the WLAN access point to establish a first communication link between the UE and the communication network, wherein the first communication link is established under a WLAN protocol,wherein the UE is configured to communicate unencrypted data between the UE and the Internet over the first communication link,wherein the UE is configured to transmit a request for the UE to engage in a secure communication, wherein the request includes a request for the UE to engage in a hypertext transfer protocol secure (HTTPS) communication over the first communication link,wherein the UE is configured to communicate, responsive to the UE transmitting the request to engage in the secure communication, with the base station to establish a second communication link between the UE and the communication network, wherein the second communication link is established under a cellular network protocol,wherein the encryption node is configured to transmit, responsive to identifying the transmitted request, an encryption key to the UE over the second communication link,wherein the UE is configured to encrypt data using the encryption key and to communicate the encrypted data to the encryption node over the first communication link.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The communication network of claim 13, wherein the WLAN protocol is Wi-Fi and the cellular network protocol is LTE.
  - 15. The communication network of claim 13, wherein the encryption node is a gateway to a packet data network.
  - 16. The communication network of claim 13, wherein the encryption node is further configured to encrypt data using the encryption key, to communicate the encrypted data to the UE over the first communication link, to receive encrypted data from the UE, and to decrypt the received encrypted data using the encryption key, further wherein the UE is configured to use the encryption key to decrypt the encrypted data received from the encryption node.
  - 17. The communication network of claim 13, wherein the UE configured to transmit the request to engage in the secure communication further includes the UE configured to transmit, over the first communication link, the request to engage in the secure communication.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sprint Spectrum LLC (Deutsche Telekom AG)
Original Assignee
Sprint Spectrum LP (Deutsche Telekom AG)
Inventors
Singh, Jasinder P., Shah, Maulik K., Landuyt, Kurt M., Sigg, Jason P.
Primary Examiner(s)
Chen, Shin-Hon

Application Number

US13/742,018
Time in Patent Office

938 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

H04L 2209/80   Wireless

H04L 63/18   using different networks or...

H04L 9/0827   involving distinctive inter...

H04W 12/033   of the user plane, e.g. use...

H04W 12/041   Key generation or derivation

Securing communications over a first communication link with encryption managed by a second communication link

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Securing communications over a first communication link with encryption managed by a second communication link

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links