Establishing a wireless connection to a wireless access point
First Claim
1. A method for establishing a wireless connection, the method comprising:
- receiving a selection of a network using a first name broadcast by a wireless access point;
obtaining, by a processor unit, a digital certificate having a second name from the wireless access point;
determining, by the processor unit, whether the digital certificate is valid by determining whether the digital certificate matches one of a number of digital certificates previously identified by the processor unit as being valid, and responsive to determining that the digital certificate does not match one of the number of digital certificates previously identified as being valid, requesting a user input as to whether to trust the digital certificate;
determining, by the processor unit, whether the second name in the digital certificate matches the first name broadcast by the wireless access point; and
responsive to the digital certificate being valid and the second name in the digital certificate matching the first name broadcast by the wireless access point, establishing, by the processor unit, the wireless connection to the wireless access point, wherein the step of establishing, by the processor unit, the wireless connection to the wireless access point comprises;
generating, by the processor unit, a session key for the wireless connection using the digital certificate responsive to the digital certificate being valid and the second name in the digital certificate matching the first name broadcast by the wireless access point; and
exchanging, by the processor unit, information with a server using the session key to encrypt and decrypt the information.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for establishing a wireless connection. A digital certificate having a second name is obtained by a processor unit in response to receiving a selection of a network using a first name broadcast by a wireless access point. A determination is made by the processor unit as to whether the digital certificate is valid. A determination is made by the processor unit as to whether the second name in the digital certificate matches the first name broadcast by the wireless access point. The processor unit establishes the wireless connection to the wireless access point in response to the digital certificate being valid and the second name in the digital certificate matching the first name broadcast by the wireless access point.
27 Citations
17 Claims
-
1. A method for establishing a wireless connection, the method comprising:
-
receiving a selection of a network using a first name broadcast by a wireless access point; obtaining, by a processor unit, a digital certificate having a second name from the wireless access point; determining, by the processor unit, whether the digital certificate is valid by determining whether the digital certificate matches one of a number of digital certificates previously identified by the processor unit as being valid, and responsive to determining that the digital certificate does not match one of the number of digital certificates previously identified as being valid, requesting a user input as to whether to trust the digital certificate; determining, by the processor unit, whether the second name in the digital certificate matches the first name broadcast by the wireless access point; and responsive to the digital certificate being valid and the second name in the digital certificate matching the first name broadcast by the wireless access point, establishing, by the processor unit, the wireless connection to the wireless access point, wherein the step of establishing, by the processor unit, the wireless connection to the wireless access point comprises; generating, by the processor unit, a session key for the wireless connection using the digital certificate responsive to the digital certificate being valid and the second name in the digital certificate matching the first name broadcast by the wireless access point; and exchanging, by the processor unit, information with a server using the session key to encrypt and decrypt the information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 16, 17)
-
-
8. A computer comprising:
-
a bus; a storage device connected to the bus; a processor unit connected to the bus; and program code stored on the storage device, for execution by the processor to receive a selection of a network using a first name broadcast by a wireless access point, obtain a digital certificate having a second name from the wireless access point, determine whether the digital certificate is valid by determining whether the digital certificate matches one of a number of digital certificates previously identified by the processor unit as being valid, and requesting a user input as to whether to trust the digital certificate responsive to determining that the digital certificate does not match one of the number of digital certificates previously identified as being valid, determine whether the second name in the digital certificate matches the first name broadcast by the wireless access point in response to determining that the digital certification is valid, and establish a wireless connection to the wireless access point using the digital certificate in response to the digital certificate being valid and the second name in the digital certificate matching the first name broadcast by the wireless access point by generating a session key for the wireless connection using the digital certificate responsive to the digital certificate being valid and the second name in the digital certificate matching the first name broadcast by the wireless access point, and exchanging information with a server using the session key to encrypt and decrypt the information. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A computer program product comprising:
-
a non-transitory computer readable storage medium; first program code, stored on the non-transitory computer readable storage medium, responsive to receiving a selection of a network using a first name broadcast by a wireless access point, for obtaining a digital certificate having a second name from the wireless access point; second program code, stored on the non-transitory computer readable storage medium, for determining whether the digital certificate is valid by determining whether the digital certificate matches one of a number of digital certificates previously identified by the processor unit as being valid, and requesting a user input as to whether to trust the digital certificate responsive to determining that the digital certificate does not match one of the number of digital certificates previously identified as being valid; third program code, stored on the non-transitory computer readable storage medium, for determining whether the second name in the digital certificate matches the first name broadcast by the wireless access point in response to determining that the digital certification is valid; and fourth program code, stored on the non-transitory computer readable storage medium, responsive to the digital certificate being valid and the second name in the digital certificate matching the first name broadcast by the wireless access point, for establishing a wireless connection to the wireless access point using the digital certificate by generating a session key for the wireless connection using the digital certificate responsive to the digital certificate being valid and the second name in the digital certificate matching the first name broadcast by the wireless access point, and exchanging information with a server using the session key to encrypt and decrypt the information. - View Dependent Claims (14, 15)
-
Specification