Proximity based dual authentication for a wireless network
First Claim
Patent Images
1. A system for accessing a network wirelessly, comprising:
- a wireless device;
a first wireless network node comprising a wireless local area network that is allowed to access the network, the first wireless network node generating a first wireless signal having a first signal range extending outside of an area for which the first wireless signal is intended to cover resulting in security problems with unwanted wireless devices accessing the first wireless network;
a second wireless network node comprising a wireless personal area network generating a second wireless signal having a second signal range, the second signal range is less than the first signal range;
a first wireless interface configured to receive an authentication to access the first wireless network node from the wireless device via the first wireless signal having the first signal range;
a first authentication of the wireless device using a processor of the first wireless local area network that determines whether the wireless device is authorized to access the network and, in response to determining that the wireless device is authorized to access the network, a proximity of the wireless device is obtained to determine whether the wireless device is in a location that is in a desired range of the first wireless signal of the first wireless network node; and
a second authentication of the wireless device using the second wireless personal area network validates a location of the wireless device by determining whether the wireless device is within the second signal range of the second wireless signal, the second authentication using the second signal range to confirm said determined proximity of the wireless device to the first wireless signal of the wireless local area network;
wherein when the wireless device is within the second signal range of the second wireless signal of the second wireless personal area network, a proximity validation key is generated and transmitted from the second wireless personal area to the wireless device identifying that the wireless device resides within the second signal range, the proximity validation key being transmitted from the wireless device to the wireless local area network to determine whether the proximity validation is valid for accessing the network through the wireless local area network; and
upon a determination that the proximity validation key is valid, the wireless local area network allows the wireless device to access the network upon receipt of indication that the proximity validation key is valid; and
whereby combination of the first authentication over the first wireless local area network and the second authentication over the second wireless personal area network reduces security issues for the wireless local area network, and avoids the need to limit range and strength of the first signal range of said wireless local area network.
7 Assignments
0 Petitions
Accused Products
Abstract
A method of accessing a network wirelessly is described. In the method an authentication is provided to access the network from a wireless device to a first network node via a first wireless signal having a first range. A proximity validation is provided to access the network through the first network node. The proximity validation is provided to the first network node when the wireless device is within a second range of a second wireless signal of a second network node. The second range is less than the first range. The method further provides for accessing the network when both the authentication and the proximity validation are valid.
20 Citations
20 Claims
-
1. A system for accessing a network wirelessly, comprising:
-
a wireless device; a first wireless network node comprising a wireless local area network that is allowed to access the network, the first wireless network node generating a first wireless signal having a first signal range extending outside of an area for which the first wireless signal is intended to cover resulting in security problems with unwanted wireless devices accessing the first wireless network; a second wireless network node comprising a wireless personal area network generating a second wireless signal having a second signal range, the second signal range is less than the first signal range; a first wireless interface configured to receive an authentication to access the first wireless network node from the wireless device via the first wireless signal having the first signal range; a first authentication of the wireless device using a processor of the first wireless local area network that determines whether the wireless device is authorized to access the network and, in response to determining that the wireless device is authorized to access the network, a proximity of the wireless device is obtained to determine whether the wireless device is in a location that is in a desired range of the first wireless signal of the first wireless network node; and a second authentication of the wireless device using the second wireless personal area network validates a location of the wireless device by determining whether the wireless device is within the second signal range of the second wireless signal, the second authentication using the second signal range to confirm said determined proximity of the wireless device to the first wireless signal of the wireless local area network; wherein when the wireless device is within the second signal range of the second wireless signal of the second wireless personal area network, a proximity validation key is generated and transmitted from the second wireless personal area to the wireless device identifying that the wireless device resides within the second signal range, the proximity validation key being transmitted from the wireless device to the wireless local area network to determine whether the proximity validation is valid for accessing the network through the wireless local area network; and upon a determination that the proximity validation key is valid, the wireless local area network allows the wireless device to access the network upon receipt of indication that the proximity validation key is valid; and whereby combination of the first authentication over the first wireless local area network and the second authentication over the second wireless personal area network reduces security issues for the wireless local area network, and avoids the need to limit range and strength of the first signal range of said wireless local area network. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer program product for accessing a network wirelessly, the computer program product comprising a non-transitory computer readable storage medium having program code embodied therewith, the program code executable by a first network node to cause the first network node to:
-
receive from a wireless device an authentication to access a wireless local area network from the wireless device via a first wireless signal having a first signal range that extends outside of an area for which the first wireless signal is intended to cover resulting in security problems with unwanted wireless devices accessing the wireless local area network; receive from a wireless personal area network a second wireless signal having a second signal range that is less than the first signal range; determine in a first authentication whether the wireless device is authorized to access the network in response to the authentication to access the network received from the wireless device via the first wireless signal having the first signal range; receive confirmation that the wireless device is authorized to access the network; determine a proximity of the wireless device to determine whether the wireless device is in a location that is in a desired range of the first wireless signal of the first signal range of the wireless local area network; validate in a second authentication a location of the wireless personal area network to determine whether the wireless device is within the second signal range of the second wireless signal, the second authentication using the second signal range to confirm said determined proximity of the wireless device to the first wireless signal of the wireless local area network; receive confirmation that the wireless device is within the second signal range of the second wireless signal of the wireless personal area network; request a proximity validation key from the wireless personal area network to the wireless device identifying that the wireless device resides within the second signal range, the proximity validation key being transmitted from the wireless device to the wireless local area network to determine whether the proximity validation is valid for accessing the network through the wireless local area network; receive the proximity validation key indicating that the wireless device is within the second signal range of the second wireless signal, wherein the second signal range is less than the first range; and enable the wireless device to access the network upon an indication that the proximity validation is valid, whereby combination of the first authentication over the first wireless local area network and the second authentication over the second wireless personal area network reduces security issues to the network while avoiding the need to limit range of and diminish strength of the first signal range. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system for accessing a network wirelessly, comprising:
-
a wireless device; a wireless local area network that is allowed to access the network, the wireless local area network generating a first wireless signal having a first signal range extending outside of an area for which the first wireless signal is intended to cover resulting in security problems with unwanted wireless devices accessing the first wireless network; a wireless personal area network generating a second wireless signal having a second signal range, the second signal range is less than the first signal range; a first authentication of the system identifying that the wireless device is authorized to access the network and, in response thereto, obtaining a proximity of the wireless device to determine whether the wireless device is in a location that is in a desired range of the first wireless signal of the wireless local area network; and a second authentication of the system using the second wireless personal area network to validate a location of the wireless device by determining whether the wireless device is within the second signal range of the second wireless signal, the second authentication using the second signal range to confirm said determined proximity of the wireless device to the first wireless signal of the wireless local area network; when the wireless device is within the second signal range of the second wireless signal of the second wireless personal area network, a proximity validation key is generated and transmitted from the second wireless personal area network to the wireless device identifying that the wireless device resides within the second signal range; the proximity validation key and credentials being transmitted from the wireless device to the wireless local area network to determine based on the credentials whether the proximity validation is valid for accessing the network through the wireless local area network; and upon a determination that the proximity validation key is valid, the wireless local area network allows the wireless device to access the network upon receipt of indication that the proximity validation key is valid; and whereby combination of the first authentication over the first wireless local area network and the second authentication over the second wireless personal area network reduces security issues to the network while avoiding the need to limit range of and diminish strength of the first signal range. - View Dependent Claims (20)
-
Specification