Method and apparatus for enhancing security in a wireless network using distance measurement techniques

US 20030220765A1
Filed: 05/24/2002
Published: 11/27/2003
Est. Priority Date: 05/24/2002
Status: Active Grant

First Claim

Patent Images

1. A method for establishing a secure wireless connection between a first wireless device and a second wireless device, said method comprising:

measuring a radio-frequency communications delay between said second wireless device and at least one other wireless device;

computing an indication of physical location of said second wireless device with respect to said at least one other wireless device;

determining whether or not said indication of physical location indicates that connection between said first wireless device and said second wireless device is desirable; and

in response to determining that said connection is desirable, initiating said secure wireless connection between said first wireless device and said second wireless device.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for enhancing security in a wireless network using distance measurement techniques provides an additional layer of security and privacy in wireless communications. A distance measurement or location-finding is performed between two devices by transmitting and receiving one or more signals and computing a distance between the two devices or a location of a connecting device. The resulting computed distance or location is used to determine whether or not to permit pairing, secure connection or secure transactions between the two devices. The computed distance or location can be further used in combination with a signal strength measurement to link to locate and measure nearby devices first, reducing the time required to initialize network communications. Management software may be enhanced to facilitate connecting to desired devices by providing an indication of computed distance or location of each device, and a list may be generated in order of proximity, further facilitating connection to the desired devices. Set-up of wireless networks may automated by using a short distance to facilitate connection between nodes.

214 Citations

37 Claims

1. A method for establishing a secure wireless connection between a first wireless device and a second wireless device, said method comprising:
- measuring a radio-frequency communications delay between said second wireless device and at least one other wireless device;
  
  computing an indication of physical location of said second wireless device with respect to said at least one other wireless device;
  
  determining whether or not said indication of physical location indicates that connection between said first wireless device and said second wireless device is desirable; and
  
  in response to determining that said connection is desirable, initiating said secure wireless connection between said first wireless device and said second wireless device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 2. The method of claim 1, wherein said at least one other wireless device is said first wireless device, wherein said computing computes a distance between said first wireless device and said second wireless device, and wherein said determining determines whether or not said distance indicates that said connection is desirable.
  - 3. The method of claim 2, wherein said determining determines that said distance is substantially equal to a predetermined distance corresponding to an expected distance between said first wireless device and said second wireless device.
  - 4. The method of claim 2, wherein said determining determines that said distance is less than a predetermined security perimeter distance.
  - 5. The method of claim 4, wherein said determining determines that said distance is less than a predetermined distance and wherein said initiating is performed automatically in response to placing said first wireless device and said second wireless device within said predetermined distance.
  - 6. The method of claim 1, wherein said at least one other wireless device comprises at least two other wireless devices, wherein said computing computes a triangulated location of said second wireless device in conformity with said radio-frequency communications delay between said two other wireless devices, and wherein said determining determines whether or not said location of said second wireless device indicates that said connection is desirable.
  - 7. The method of claim 1, wherein one of said at least two other wireless devices is said first wireless device, whereby said triangulation is performed between said first wireless device and at least one other wireless device.
  - 8. The method of claim 1, wherein said determining further comprises:
    - providing a display of said indication of physical location of said second wireless device to a user; and
      
      in response to receiving a user input confirming that connection to said second wireless device is desirable, performing said initiating.
  - 9. The method of claim 1, further comprising in response to determining that said connection is not desirable, alerting a user to a presence of said second wireless device.
  - 10. The method of claim 1, wherein said second wireless device comprises multiple wireless devices and wherein said measuring and computing are performed for said multiple wireless devices.
  - 11. The method of claim 10, further comprising:
    - determining signal strengths of signals received from said multiple wireless devices;
      
      performing said measuring and computing in order of decreasing signal strength, whereby a time of said initiating is reduced for said multiple devices.
  - 12. The method of claim 10, further comprising providing a list of said multiple devices to a user, said list including said computed indications of physical location, whereby said user may view a number of said multiple devices and their corresponding physical location indications.
  - 13. The method of claim 12, wherein said list is displayed in order of increasing distance, whereby selection of nearby devices is facilitated.
  - 14. The method of claim 1, wherein said first wireless device is a server, and wherein said determining provides additional security for access to a wireless network.
  - 15. The method of claim 1, wherein said first wireless device is a workstation, and wherein said determining provides additional security for access to said workstation.
  - 16. The method of claim 1, wherein said measuring is performed by receiving and decrypting an encrypted distance measurement signal.
  - 17. The method of claim 1, wherein said secure wireless connection activates a physical access device.
  - 18. The method of claim 1, wherein a non-secure connection exists between said first wireless device and said second wireless device and wherein said determining and initiating are performed in response to a secure transaction request from one of said first wireless device or said second wireless device.
  - 19. The method of claim 1, further comprising adjusting a power level of transmissions associated with said connection in conformity with said indication of physical location, whereby security of said connection is improved.
  - 20. The method of claim 1, wherein said connection represents a connection hand-off of a connection between a connected device and said second wireless device for hand-off from said connected device to said first wireless device, and further comprising determining whether or not to accept said hand-off in conformity with said indication of physical location.
  - 21. The method of claim 1, further comprising:
    - comparing said indication of physical location to a predetermined security perimeter;
      
      in response to determining that said indication of physical location is outside of said predetermined security perimeter, determining whether or not said second wireless device is a known device, and wherein said initiating is performed only in response to determining that said second wireless device is a known device.
  - 22. The method of claim 1, further comprising:
    - comparing said indication of physical location to a predetermined security perimeter;
      
      in response to determining that said indication of physical location is outside of said predetermined security perimeter, determining whether or not said second wireless device is of a type within a set of predetermined types, and wherein said initiating is performed only in response to determining that said second wireless device is of a type within said set.

23. A wireless communications device, comprising:
- an antenna;
  
  a radio-frequency receiver coupled to said antenna;
  
  a radio-frequency transmitter coupled to said antenna;
  
  a measurement sub-system coupled to said receiver for measuring a radio-frequency delay between said wireless device and at least one other wireless device;
  
  a processing sub-system for computing an indication of a distance of said at least one other wireless device in conformity with said measured delay; and
  
  and a security sub-system for determining whether or not communications with said at least one other wireless device are desirable in conformity with said indication of distance.
- View Dependent Claims (24, 25, 26)
- - 24. The wireless communications device of claim 23, wherein said security sub-system determines that said distance is substantially equal to a predetermined distance corresponding to an expected distance between said first wireless device and said second wireless device.
  - 25. The wireless communications device of claim 23, wherein said security sub-system determine determines that said distance is less than a predetermined security perimeter distance.
  - 26. The wireless communications device of claim 25, wherein said security sub-system determines that said distance is less than a predetermined pairing distance and wherein said initiating is performed automatically in response to moving said first wireless device and said second wireless device within said predetermined pairing distance.

27. A wireless network comprising:
- a first wireless communications device;
  
  at least one other wireless communications device, including a measurement sub-system for measuring a radio-frequency delay between said at least one other wireless device and a connecting wireless device; and
  
  a processing sub-system for computing an indication of a physical location of said connecting wireless device in conformity with said measured delay; and
  
  a security sub-system for determining whether or not a connection between said first wireless device and said connecting wireless device is desirable in conformity with said indication of physical location.
- View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
- - 28. The wireless network of claim 27, wherein said at least one other wireless device comprises at least two other wireless devices, wherein said processing subsystem computes a triangulated location of said connecting wireless device in conformity with said radio-frequency communications delay between said two other wireless devices, and wherein said security subsystem determines whether or not said location of said connecting wireless device indicates that said connection is desirable.
  - 29. The wireless network of claim 28, wherein one of said at least two other wireless devices is said first wireless device, whereby said triangulation is performed between said first wireless device and at least one other wireless device.
  - 30. The wireless network of claim 27, wherein said security subsystem further includes means for providing a display of said indication of physical location of said connecting wireless device to a user.
  - 31. The wireless network of claim 27, further comprising means for receiving a user input confirming that connection to said connecting wireless device is desirable, and wherein said security subsystem permits connection of said first wireless device with said connecting wireless device in conformity with said user input.
  - 32. The wireless network of claim 27, wherein said security subsystem further provides an alert in response to determining that connecting to said connecting wireless device is undesirable.
  - 33. The wireless network of claim 27, further wherein said first wireless device further comprises a signal strength measuring circuit coupled to said measurement subsystem for measuring a signal strength of signals received from multiple wireless devices, and wherein said measurement subsystem measures said multiple wireless devices in order of decreasing signal strength, whereby connection time is reduced for said multiple devices.
  - 34. The wireless network of claim 27, further comprising means for displaying a list of multiple wireless devices to a user, said list including said computed indications of physical location provided by said measurement subsystem, whereby said user may view a number of said multiple devices and their corresponding physical location indications.
  - 35. The wireless network of claim 34, wherein said list is displayed in order of increasing distance, whereby selection of nearby devices is facilitated.
  - 36. The wireless network of claim 27, wherein said first wireless device is a server, and wherein said security subsystem provides additional security for access to a wireless network.
  - 37. The wireless network of claim 27, wherein said first wireless device is a workstation, and wherein said security subsystem provides additional security for access to said workstation.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AeroScout (US) LLC (Stanley Black & Decker, Inc.)
Original Assignee
AeroScout Incorporated (Stanley Black & Decker, Inc.)
Inventors
Sullivan, Michael James, Overy, Michael Robert

Granted Patent

US 6,961,541 B2
Time in Patent Office

Days
Field of Search
US Class Current

702/158
CPC Class Codes

H04L 63/0492   by using a location-limited...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/10   for controlling access to d...

H04L 63/107   wherein the security polici...

H04L 63/14   for detecting or protecting...

H04L 63/1466   Active attacks involving in...

H04L 67/52   specially adapted for the l...

H04W 12/08   Access security

H04W 12/50   Secure pairing of devices

H04W 24/00   Supervisory, monitoring or ...

H04W 64/00   Locating users or terminals...

H04W 76/10   Connection setup

Method and apparatus for enhancing security in a wireless network using distance measurement techniques

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

214 Citations

37 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for enhancing security in a wireless network using distance measurement techniques

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

214 Citations

37 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others