Secure network enrollment
First Claim
Patent Images
1. A method for enrolling a mobile device with a second network, the method comprising:
- establishing a wireless network connection to a communication system;
receiving at a user equipment (UE), a first network identifier associated with a first network associated with the communication system;
communicating identification data to a provisioning device accessible via the first network based at least in part on the first network identifier;
receiving second network access data from the provisioning device, the second network access data including a first private network credential and a second private network credential;
requesting access to a second network associated with the communication system based at least in part on the second network access data;
receiving a second network identifier associated with the second network from the communication system;
establishing a first virtual private network (VPN) tunnel to a first private network based at least in part on the second network identifier and the first private network credential;
receiving a first private network identifier associated with the first private network;
establishing a second VPN tunnel to a second private network based at least in part on the first private network identifier and the second private network credential; and
receiving a second private network identifier associated with the second private network.
2 Assignments
0 Petitions
Accused Products
Abstract
A UE communicates with a network gateway to access a provisioning device via a provisioning network. The provisioning device uses identification data of the UE to authenticate the UE for a primary network, and provides primary network configuration data to the UE. Using the primary network configuration data, the UE communicates with the network gateway to access the primary network. The primary network configuration data can include data to enable the UE to establish communications with one or more private networks accessible via the primary network.
-
Citations
27 Claims
-
1. A method for enrolling a mobile device with a second network, the method comprising:
-
establishing a wireless network connection to a communication system; receiving at a user equipment (UE), a first network identifier associated with a first network associated with the communication system; communicating identification data to a provisioning device accessible via the first network based at least in part on the first network identifier; receiving second network access data from the provisioning device, the second network access data including a first private network credential and a second private network credential; requesting access to a second network associated with the communication system based at least in part on the second network access data; receiving a second network identifier associated with the second network from the communication system; establishing a first virtual private network (VPN) tunnel to a first private network based at least in part on the second network identifier and the first private network credential; receiving a first private network identifier associated with the first private network; establishing a second VPN tunnel to a second private network based at least in part on the first private network identifier and the second private network credential; and receiving a second private network identifier associated with the second private network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for enrolling a mobile device with a second network, the method comprising:
-
establishing a wireless network connection to a communication system; receiving at a user equipment (UE), a first network identifier associated with a first network associated with the communication system; establishing a first virtual private network (VPN) tunnel to a first private network based at least in part on the first network identifier and first private network credentials; receiving a first private network identifier associated with the first private network; communicating identification data to a provisioning device accessible via the first network based at least in part on the first network identifier and the first private network identifier; receiving second network access data from the provisioning device; requesting access to a second network associated with the communication system based at least in part on the second network access data; receiving a second network identifier associated with the second network from the communication system; deleting or discontinuing the use of the first network identifier based at least in part on at least one of said receiving the second network access data from the provisioning device or said receiving the second network identifier; establishing a second VPN tunnel to a second private network based at least in part on the second network identifier; and receiving a second private network identifier associated with the second private network. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A system for enrolling a mobile device with a second network, the system comprising one or more processors configured to:
-
establish a wireless network connection to a communication system; receive at a user equipment (UE), a first network identifier associated with a first network associated with the communication system; communicate identification data to a provisioning device accessible via the first network based at least in part on the first network identifier; receive second network access data from the provisioning device, the second network access data including a first private network credential and a second private network credential; request access to a second network associated with the communication system based at least in part on the second network access data; receive a second network identifier associated with the second network from the communication system; establish a first virtual private network (VPN) tunnel to a first private network based at least in part on the second network identifier and the first private network credential; receive a first private network identifier associated with the private network; establish a second VPN tunnel to a second private network based at least in part on the first private network identifier and the second private network credential; and receive a second private network identifier associated with the second private network. - View Dependent Claims (18, 19, 20, 21, 22)
-
-
23. A system for enrolling a mobile device with a second network, the system comprising one or more processors configured to:
-
establish a wireless network connection to a communication system; receive at a user equipment (UE), a first network identifier associated with a first network associated with the communication system; establish a first virtual private network (VPN) tunnel to a first private network based at least in part on the first network identifier and first private network credentials; receive a first private network identifier associated with the first private network; communicate identification data to a provisioning device accessible via the first network based at least in part on the first network identifier and the first private network identifier; receive second network access data from the provisioning device; request access to a second network associated with the communication system based at least in part on the second network access data; receive a second network identifier associated with the second network from the communication system; delete or discontinue the use of the first network identifier based at least in part on at least one of receipt of the second network access data from the provisioning device or receipt of the second network identifier; establish a second VPN tunnel to a second private network based at least in part on the second network identifier; and receive a second private network identifier associated with the private network. - View Dependent Claims (24, 25, 26, 27)
-
Specification