Wireless access point security for multi-hop networks
First Claim
1. An access point for use in a multiple hop access point set comprising:
- at least one wireless communication interface; and
a processor associated with the at least one wireless communication interface and adapted to;
obtain resource information for communications to be supported by a child access point in the access point set, wherein the child access point provides a communication link between the access point and a mobile station;
encrypt the resource information using a first key to create encrypted resource information, wherein the first key is known to the mobile station and unknown to the child access point and provides end-to-end security between the access point and the mobile station;
further encrypting the encrypted resource information using a second key to create further encrypted resource information, wherein the second key is known to the child access point and provides per-hop security between the child access point and the mobile station; and
initiate delivery of the further encrypted resource information to the child access point via the at least one wireless communication interface, wherein the further encrypted resource information is delivered over a single wireless communications hop to the child access point.
0 Assignments
0 Petitions
Accused Products
Abstract
Security in wireless communication networks that employ relay stations to facilitate communications between base stations and mobile stations is enhanced. In one embodiment, resource information provided to one or more relay stations from a base station or another relay station is encrypted prior to being delivered to the one or more relay stations. Only authorized relay stations are allocated an appropriate key necessary to decrypt the resource information. As such, only appropriate relay stations are able to access and use the resource information to effect communications directly or indirectly between the base stations and the mobile stations. In certain embodiments, the resource information is delivered between the various base and relay stations using either unicast or multicast delivery techniques.
14 Citations
33 Claims
-
1. An access point for use in a multiple hop access point set comprising:
-
at least one wireless communication interface; and a processor associated with the at least one wireless communication interface and adapted to; obtain resource information for communications to be supported by a child access point in the access point set, wherein the child access point provides a communication link between the access point and a mobile station; encrypt the resource information using a first key to create encrypted resource information, wherein the first key is known to the mobile station and unknown to the child access point and provides end-to-end security between the access point and the mobile station; further encrypting the encrypted resource information using a second key to create further encrypted resource information, wherein the second key is known to the child access point and provides per-hop security between the child access point and the mobile station; and initiate delivery of the further encrypted resource information to the child access point via the at least one wireless communication interface, wherein the further encrypted resource information is delivered over a single wireless communications hop to the child access point. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. An access point for use in a multiple hop access point set comprising:
-
at least one wireless communication interface; and a processor associated with the at least one wireless communication interface and adapted to; receive from a parent access point encrypted resource information for communications, wherein the encrypted resource information is received over a single wireless communications hop from the parent access point, the parent access point residing in the access point set, wherein the encrypted resource is encrypted by a first key known to the access point providing per-hop security between the access point and the mobile station and further encrypted by a second key known to a mobile station and unknown to the access point provides end-to-end security between the parent access point and the mobile station; decrypt a portion of the encrypted resource information using a first key to obtain a portion of resource information; apply the portion of the resource information for communications with at least one of the parent access point, a child access point, and the mobile station via the at least one wireless communication interface. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A method for use in a multiple hop access point set comprising:
-
obtaining resource information for communications to be supported by a child access point in the access point set, wherein the child access point provides a communication link between the access point and a mobile station; encrypting the resource information using a first key to create encrypted resource information, wherein the first key is known to the mobile station and unknown to the child access point and provides end-to-end security between the access point and the mobile station; furthering encrypting the encrypted resource information using a second key to create further encrypted resource information, wherein the second key is known to the child access point and provides per-hop security between the child access point and the mobile station; and initiating delivery of the further encrypted resource information to the child access point via at least one wireless communication interface, wherein the further encrypted resource information is delivered over a single wireless communications hop to the child access point.
-
-
33. A method for use in a multiple hop access point set comprising:
-
receiving from a parent access point encrypted resource information for communications, wherein the encrypted resource information is received over a single wireless communications hop from the parent access point, the parent access point residing in the access point set, wherein the encrypted resource is encrypted by a first key known to the access point providing per-hop security between the access point and the mobile station and further encrypted by a second key known to a mobile station and unknown to the access point provides end-to-end security between the parent access point and the mobile station; decrypting a portion of the encrypted resource information using a first key to obtain a portion of resource information; applying the portion of the resource information for communications with at least one of the parent access point, a child access point, and the mobile station via the at least one wireless communication interface.
-
Specification