Method for controlling access point in wireless local area network, and communication system

US 9,775,032 B2
Filed: 08/27/2013
Issued: 09/26/2017
Est. Priority Date: 12/31/2012
Status: Active Grant

First Claim

Patent Images

1. A method for controlling an access point (AP) in a wireless local area network (WLAN), comprising:

when an AP accesses the WLAN, authenticating the AP by an authentication server being an Authentication Authorization Accounting (AAA) server or a Dynamic Host Configuration Protocol (DHCP) server, wherein the AAA server and the DCHP server are both devices;

after the authentication succeeds, delivering an access controller (AC) list by the authentication server or a broadband network gateway (BNG) to the AP;

if the authentication fails, not delivering the AC list, so as to deliver the AC list to the AP only in a case that the AP is successfully authenticated, avoiding information leakage caused by delivering the AC list to an illegitimately-set AP device;

the AP selecting one AC from the AC list according to a preset rule and communicating with the selected AC.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for controlling an access point in a wireless local area network (WLAN) and a communication system, the method includes: authenticating an access point; after the authentication succeeds, delivering an access controller list to the access point; the access point selecting an access controller from the access controller list according to a preset rule, and communicating with the selected access controller. Only in the case that the access point is successfully authenticated is the access controller list sent to the successfully-authenticated access point, thus solving the problem that the information of the access controller is leaked out because of delivering the access controller list to an illegitimately-set access point, and ensuring the security of network device information.

5 Citations

13 Claims

1. A method for controlling an access point (AP) in a wireless local area network (WLAN), comprising:
- when an AP accesses the WLAN, authenticating the AP by an authentication server being an Authentication Authorization Accounting (AAA) server or a Dynamic Host Configuration Protocol (DHCP) server, wherein the AAA server and the DCHP server are both devices;
  
  after the authentication succeeds, delivering an access controller (AC) list by the authentication server or a broadband network gateway (BNG) to the AP;
  
  if the authentication fails, not delivering the AC list, so as to deliver the AC list to the AP only in a case that the AP is successfully authenticated, avoiding information leakage caused by delivering the AC list to an illegitimately-set AP device;
  
  the AP selecting one AC from the AC list according to a preset rule and communicating with the selected AC.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method for controlling an AP in a WLAN of claim 1, wherein, the process of authenticating the AP comprises:
    - judging whether access geographical location information of the AP, an account key of the AP or an authorization certificate of the AP is legitimate or not;
      
      if legitimate, judging whether the AP meets policy requirements set by the authentication server or not;
      
      if yes, the authentication of the AP succeeding.
  - 3. The method for controlling an AP in a WLAN of claim 2, wherein, a process of the AP selecting one AC from the AC list according to a preset rule and communicating with the selected AC is:
    - the AP sequentially sending access requests to all the ACs in accordance with an order of access controllers in the AC list, selecting a successfully-accessed AC to establish a communication connection, and communicating with the selected AC.
  - 4. The method for controlling an AP in a WLAN of claim 1, wherein, after the authentication succeeds and before delivering the AC list to the AP, the method further comprises:
    - updating the AC list.
  - 5. The method for controlling an AP in a WLAN of claim 4, wherein, said updating the AC list is:
    - a broadband network gateway (BNG) or an authentication server updating an original AC list based on the original AC list and current loads of all ACs in the original AC list, and generating an AC list which will be delivered to the AP.
  - 6. The method for controlling an AP in a WLAN of claim 5, wherein, a process of the AP selecting one AC from the AC list according to a preset rule and communicating with the selected AC is:
    - the AP sequentially sending access requests to all the ACs in accordance with an order of access controllers in the AC list, selecting a successfully-accessed AC to establish a communication connection, and communicating with the selected AC.
  - 7. The method for controlling an AP in a WLAN of claim 4, wherein, a process of the AP selecting one AC from the AC list according to a preset rule and communicating with the selected AC is:
    - the AP sequentially sending access requests to all the ACs in accordance with an order of access controllers in the AC list, selecting a successfully-accessed AC to establish a communication connection, and communicating with the selected AC.
  - 8. The method for controlling an AP in a WLAN of claim 1, wherein, a process of the AP selecting one AC from the AC list according to a preset rule and communicating with the selected AC is:
    - the AP sequentially sending access requests to all the ACs in accordance with an order of access controllers in the AC list, selecting a successfully-accessed AC to establish a communication connection, and communicating with the selected AC.
  - 9. The method for controlling an AP in a WLAN of claim 8, wherein, a process of communicating with the selected AC is:
    - the AP communicating with the selected AC via Control And Provisioning of Wireless Access Points Protocol (CAPWAP).
  - 10. The method for controlling an AP in a WLAN of claim 1, wherein, a process of the AP selecting one AC from the AC list according to a preset rule and communicating with the selected AC is:
    - the AP sequentially sending access requests to all the ACs in accordance with an order of access controllers in the AC list, selecting a successfully-accessed AC to establish a communication connection, and communicating with the selected AC.

11. A communication system, comprising at least one AP, at least one AC, a BNG and an authentication server;
- wherein the AP connects with the AC and the authentication server via the BNG;
  
  wherein, the authentication server is an Authentication Authorization Accounting (AAA) server or a Dynamic Host Configuration Protocol (DHCP) server, and the AAA server and the DCHP server are both devices;
  
  the authentication server is configured to;
  
  when the AP accesses a WLAN, authenticate the AP, deliver an AC list to the AP after the authentication succeeds, or deliver the AC list to the AP by a broadband network gateway (BNG), and not to deliver the AC list if the authentication fails, so as to deliver the AC list to the AP only in a case that the AP is successfully authenticated, avoiding information leakage caused by delivering the AC list to an illegitimately-set AP device;
  
  the AP is configured to;
  
  select one AC from the AC list according to a preset rule and communicate with the selected AC.
- View Dependent Claims (12, 13)
- - 12. The communication system of claim 11, wherein, the BNG is further configured to:
    - save the AC list and deliver the saved AC list to the AP after the authentication server successfully authenticates the AP.
  - 13. The communication system of claim 12, wherein, the BNG or the authentication server is further configured to:
    - update the AC list.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ZTE Corporation
Original Assignee
ZTE Corporation
Inventors
Liang, Qiandeng, Fan, Liang, Chen, Yong
Primary Examiner(s)
HENNING, MATTHEW T

Application Number

US14/439,405
Publication Number

US 20150304844A1
Time in Patent Office

1,491 Days
Field of Search

726 3
US Class Current
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/0892   by using authentication-aut...

H04L 63/101   Access control lists [ACL]

H04W 12/069   using certificates or pre-s...

H04W 84/12   WLAN [Wireless Local Area N...

H04W 88/08   Access point devices

Method for controlling access point in wireless local area network, and communication system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

5 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Method for controlling access point in wireless local area network, and communication system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

5 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links