Systems and methods for device-to-device communication in the absence of network coverage

US 9,288,756 B2
Filed: 06/28/2013
Issued: 03/15/2016
Est. Priority Date: 09/28/2012
Status: Active Grant

First Claim

Patent Images

1. A method for coupling a first mobile device with a second mobile device in a one-to-one Proximity-based Services (ProSe) communication session comprising:

the first mobile device discovering the presence of the second mobile device;

negotiating between the first mobile device and the second mobile device to determine which of the first mobile device and the second mobile device is to become a group owner of the communication session and which is to become a client of the communication session; and

wherein when the first mobile device is the client, the method includes conducting a mutual authentication with the group owner;

when the first mobile device is the group owner, the method includes receiving authentication information from the client; and

the connection between the first mobile device and the second mobile device is via a device-to-device (D2D) link,wherein conducting mutual authentication comprises;

transmitting a first certificate owned by the first mobile device to the second mobile device to permit the second mobile device to verify the first certificate; and

the first mobile device verifying a second certificate owned by the second mobile device; and

wherein;

the first certificate includes a first link identifier that identifies the first mobile device;

the second certificate includes a second link identifier that identifies the second mobile device;

the first certificate is arranged to confirm that the first mobile device is authorized; and

the second certificate is arranged to confirm that the second mobile device is authorized.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for establishing a secure device-to-device connection between two mobile devices involves the use of a WiFi Direct (LTE Direct or other similar protocols) link paired with an IP Multimedia Subsystems (IMS) link. A device detects the presence of another device that it wishes to connect to. The devices negotiate a group owner, then authenticate each other using a variety of techniques, such as a centrally issued certificate. Thereafter, the devices derive keys to be used for communication, both over the WiFi Direct link and via the IMS link. A WiFi Direct Link may be paired with a Push to Talk over Cellular (PoC) link in order to couple together more than two devices. In such a connection, devices transmit to a group owner, which then sends multicast versions to the rest of the group devices.

34 Citations

View as Search Results

24 Claims

1. A method for coupling a first mobile device with a second mobile device in a one-to-one Proximity-based Services (ProSe) communication session comprising:
- the first mobile device discovering the presence of the second mobile device;
  
  negotiating between the first mobile device and the second mobile device to determine which of the first mobile device and the second mobile device is to become a group owner of the communication session and which is to become a client of the communication session; and
  
  wherein when the first mobile device is the client, the method includes conducting a mutual authentication with the group owner;
  
  when the first mobile device is the group owner, the method includes receiving authentication information from the client; and
  
  the connection between the first mobile device and the second mobile device is via a device-to-device (D2D) link,wherein conducting mutual authentication comprises;
  
  transmitting a first certificate owned by the first mobile device to the second mobile device to permit the second mobile device to verify the first certificate; and
  
  the first mobile device verifying a second certificate owned by the second mobile device; and
  
  wherein;
  
  the first certificate includes a first link identifier that identifies the first mobile device;
  
  the second certificate includes a second link identifier that identifies the second mobile device;
  
  the first certificate is arranged to confirm that the first mobile device is authorized; and
  
  the second certificate is arranged to confirm that the second mobile device is authorized.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 wherein conducting mutual authentication comprises:
    - generating a pairwise master key; and
      
      wherein the method further comprises;
      
      using the pairwise master key to protect transmissions between the first mobile device and the second mobile device that travel via the D2D link.
  - 3. The method of claim 1 further comprising:
    - establishing an application-layer communication session between the first mobile device and the second mobile device.
  - 4. The method of claim 3 further comprising:
    - generating a pairwise master key; and
      
      wherein the method further comprises;
      
      using the pairwise master key to protect transmissions between the first mobile device and the second mobile device that travel via the communication session.
  - 5. The method of claim 1 wherein:
    - the first link identifier comprises a media access control (MAC) address of the first mobile device; and
      
      the second link identifier comprises a MAC address of the second mobile device.
  - 6. The method of claim 1 wherein:
    - the first certificate further includes a global identifier belonging to a user of the first mobile device;
      
      the second certificate further includes a global identifier belonging to a user of the second mobile device.
  - 7. The method of claim 1 wherein the D2D link is a WiFi Direct connection.
  - 8. The method of claim 1 wherein the D2D link is an LTE Direct connection.
  - 9. The method of claim 1 wherein the first mobile device is arranged to communicate to the second mobile device in the absence of coverage from a network.

10. A method for coupling a first mobile device with a second mobile device in a Proximity-based Services (ProSe) group communication session comprising:
- the first mobile device discovering the presence of the second mobile device;
  
  negotiating between the first mobile device and the second mobile device to determine which of the first mobile device and the second mobile device is to become a group owner of the communication session and which is to become a client of the communication session;
  
  initiating a certificate-based authentication procedure;
  
  establishing a device-to-device connection between the first mobile device and the second mobile device; and
  
  establishing a Push to Talk over Cellular (PoC) connection between the first mobile device and the second mobile device,wherein initiating a certificate-based authentication procedure comprises one of;
  
  a) the first mobile device asserting a D2D link layer identity and an application layer identity and receiving from the second mobile device an assertion of the D2D link layer identity and application layer identity;
  
  having the first mobile device assert its belonging to a group by providing an application layer identity belonging to the group and a link layer identity belonging to the group;
  
  having the first mobile device assert its knowledge of a group master key;
  
  deriving a group temporary key from the group master key; and
  
  using the group temporary key to protect multicast frames the first mobile device sends over the PoC connection,b) having the group owner receive a D2D link identifier for the client;
  
  having the group owner receive a pairwise master key that is shared with the client; and
  
  using the pairwise master key to transmit and receive data to and from the client, andc) having the client receive a D2D link identifier for the group owner;
  
  having the client receive a pairwise master key that is shared with the group owner; and
  
  using the pairwise master key to transmit and receive data with the group owner.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The method of claim 10 wherein initiating a certificate-based authentication procedure comprises:
    - having the first mobile device assert a D2D link layer identity and an application layer identity and receiving from the second mobile device an assertion of the D2D link layer identity and application layer identity;
      
      having the first mobile device assert its belonging to a group by providing an application layer identity belonging to the group and a link layer identity belonging to the group;
      
      having the first mobile device assert its knowledge of a group master key;
      
      deriving a group temporary key from the group master key; and
      
      using the group temporary key to protect multicast frames the first mobile device sends over the PoC connection.
  - 12. The method of claim 10 wherein the first mobile device is able to communicate with the second mobile device in the absence of coverage from a network.
  - 13. The method of claim 10 further comprising:
    - the group owner receiving a unicast frame from the client of the communication session; and
      
      having the group owner re-transmit the unicast frame as a multicast frame.
  - 14. The method of claim 10 further comprising:
    - transmitting data to a PoC server when a network connection is available; and
      
      receiving data from a PoC server when a network connection is available.
  - 15. The method of claim 10 wherein initiating a certificate-based authentication procedure comprises:
    - having the group owner receive a D2D link identifier for the client;
      
      having the group owner receive a pairwise master key that is shared with the client; and
      
      using the pairwise master key to transmit and receive data to and from the client.
  - 16. The method of claim 10 wherein initiating a certificate-based authentication procedure comprises:
    - having the client receive a D2D link identifier for the group owner;
      
      having the client receive a pairwise master key that is shared with the group owner; and
      
      using the pairwise master key to transmit and receive data with the group owner.
  - 17. The method of one of claim 15 or 16 further comprising:
    - receiving a D2D link identifier for the PoC connection.

18. A mobile device for communicating in a Proximity-based Services (ProSe) one-to-one communication session comprising:
- a processor;
  
  a transceiver coupled to the processor and arranged to transmit and receive signals via an antenna assembly;
  
  whereinthe processor is arranged to;
  
  discover the presence of a second mobile device;
  
  negotiate with the second mobile device to determine which of the mobile device and the second mobile device is to become a group owner of the communication session and which is to become a client of the communication session; and
  
  conduct a mutual authentication with the group owner, when the mobile device is a client of the communication session;
  
  wherein,the connection between the first mobile device and the second mobile device is via a device-to-device (D2D) link,to conduct mutual authentication the processor is arranged to;
  
  cause the transceiver to transmit a first certificate owned by the mobile device to the second mobile device to permit the second mobile device to verify the first certificate; and
  
  verify a second certificate owned by the second mobile device; and
  
  wherein;
  
  the first certificate includes a first link identifier that identifies the mobile device;
  
  the second certificate includes a second link identifier that identifies the second mobile device;
  
  the first certificate is arranged to confirm that the mobile device is authorized; and
  
  the second certificate is arranged to confirm that the second mobile device is authorized.
- View Dependent Claims (19, 20, 21)
- - 19. The mobile device of claim 18 wherein the mobile device is a user equipment (UE) arranged to transmit and receive signals via 3rd Generation Partnership Project Long Term Evolution (3GPP-LTE) signaling.
  - 20. The mobile device of claim 18 wherein the D2D link is via a WiFi Direct connection.
  - 21. The mobile device of claim 18 wherein the D2D link is via a LTE Direct connection.

22. A non-transitory machine-readable medium including instructions for coupling a first computing device with a computing mobile device in a Proximity-based Services (ProSe) one-to-one communication session, which when executed by the first computing device, cause the first computing device to:
- discover the presence of a second computing device;
  
  negotiate between with the second computing device to determine which of the first computing device and the second computing device is to become a group owner of the communication session and which is to become a client of the communication session; and
  
  wherein when the first computing device is the client, initiate a mutual authentication with the second computing device;
  
  when the first computing device is the group owner, the instructions cause the first computing device to receive mutual authentication information from the second computing device; and
  
  the connection between the first computing device and the second computing device is via a device-to-device (D2D) link,wherein the instructions to initiate mutual authentication with the second computing device comprise instructions to;
  
  transmit a first certificate owned by the first computing device to the second computing device to permit the second computing device to verify the first certificate; and
  
  verify a second certificate owned by the second computing device;
  
  wherein;
  
  the first certificate includes a first link identifier that identifies the first computing device;
  
  the second certificate includes a second link identifier that identifies the second computing device;
  
  the first certificate is arranged to confirm that the first computing device is authorized; and
  
  the second certificate is arranged to confirm that the second computing device is authorized.
- View Dependent Claims (23, 24)
- - 23. The non-transitory machine-readable medium of claim 22 wherein the medium further comprises instructions which, when executed, cause the first computing device to:
    - establishing a communication session between the first computing device and the second computing device.
  - 24. The non-transitory machine-readable medium of claim 23 wherein the medium further comprises instructions which, when executed, cause the first computing device to:
    - generate a pairwise master key; and
      
      use the pairwise master key to protect transmissions between the first computing device and the second computing device that travel via the D2D link.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Intel Corporation
Inventors
Stojanovski, Alexandre Saso, Luft, Achim, Venkatachalam, Muthaiah
Primary Examiner(s)
Dao, Minh D

Application Number

US13/930,669
Publication Number

US 20140094119A1
Time in Patent Office

991 Days
Field of Search

455/518, 455/519, 455/411, 455/410, 380/247, 380/229, 380/232
US Class Current

1/1
CPC Class Codes

H04B 17/318   Received signal strength

H04J 11/00   Orthogonal multiplex system...

H04J 11/0086   Search parameters, e.g. sea...

H04J 3/1694   Allocation of channels in T...

H04L 1/1812   Hybrid protocols; Hybrid au...

H04L 1/1861   Physical mapping arrangemen...

H04L 1/1864   ARQ related signaling H04L1...

H04L 1/1893   Physical mapping arrangemen...

H04L 41/069   using logs of notifications...

H04L 41/5032   Generating service level re...

H04L 43/16   Threshold monitoring

H04L 5/001   the frequencies being arran...

H04L 5/0035   Resource allocation in a co...

H04L 5/0055   Physical resource allocatio...

H04L 5/0057   Physical resource allocatio...

H04L 5/0073   Allocation arrangements tha...

H04L 5/0091   Signaling for the administr...

H04L 5/14   Two-way operation using the...

H04L 65/60   Network streaming of media ...

H04L 65/612   for unicast

H04L 65/65 : Network streaming protocols...

H04L 65/762 : at the source reformatting...

H04L 67/10 : in which an application is ...

H04W 24/02 : Arrangements for optimising...

H04W 24/08 : Testing, supervising or mon...

H04W 24/10 : Scheduling measurement repo...

H04W 28/0205 : at the air interface dynami...

H04W 28/0215 : based on user or device pro...

H04W 28/0221 : power availability or consu...

H04W 28/0252 : per individual bearer or ch...

H04W 28/0268 : using specific QoS paramete...

H04W 28/16 : Central resource management...

H04W 36/0061 : of neighbour cell information

H04W 36/0066 : of control information betw...

H04W 36/0083 : Determination of parameters...

H04W 36/0085 : Hand-off measurements

H04W 36/0088 : Scheduling hand-off measure...

H04W 36/08 : Reselecting an access point

H04W 36/14 : Reselecting a network or an...

H04W 36/22 : for handling the traffic

H04W 4/70 : Services for machine-to-mac...

H04W 40/005 : Routing actions in the pres...

H04W 40/246 : Connectivity information di...

H04W 48/14 : using user query or user de...

H04W 48/16 : Discovering, processing acc...

H04W 48/18 : Selecting a network or a co...

H04W 48/20 : Selecting an access point

H04W 52/0209 : in terminal devices termina...

H04W 52/0212 : managed by the network, e.g...

H04W 52/0225 : using monitoring of externa...

H04W 52/0235 : where the received signal i...

H04W 52/0258 : controlling an operation mo...

H04W 52/0261 : managing power supply deman...

H04W 52/04 : TPC

H04W 52/14 : Separate analysis of uplink...

H04W 72/02 : Selection of wireless resou...

H04W 72/044 : based on the type of the al...

H04W 72/0453 : Resources in frequency doma...

H04W 72/20 : Control channels or signall...

H04W 72/21 : in the uplink direction of ...

H04W 72/23 : in the downlink direction o...

H04W 72/30 : Resource management for bro...

H04W 72/52 : based on load

H04W 72/541 : using the level of interfer...

H04W 74/002 : Transmission of channel acc...

H04W 74/004 : in the uplink, i.e. towards...

H04W 76/12 : Setup of transport tunnels

H04W 76/15 : Setup of multiple wireless ...

H04W 76/16 : Involving different core ne...

H04W 76/23 : Manipulation of direct-mode...

H04W 76/27 : Transitions between radio r...

H04W 76/28 : Discontinuous transmission ...

H04W 76/30 : Connection release

H04W 8/08 : Mobility data transfer

H04W 80/10 : adapted for application ses...

H04W 84/042 : Public Land Mobile systems,...

H04W 84/12 : WLAN [Wireless Local Area N...

H04W 88/02 : Terminal devices

H04W 88/06 : adapted for operation in mu...

H04W 88/08 : Access point devices

H04W 88/12 : Access point controller dev...

H04W 88/14 : Backbone network devices

H04W 88/16 : Gateway arrangements

H04W 88/18 : Service support devices; Ne...

Y02D 30/70 : in wireless communication n...

View All

Systems and methods for device-to-device communication in the absence of network coverage

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

34 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for device-to-device communication in the absence of network coverage

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

34 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links