Multi-level encryption access point for wireless network

US 6,526,506 B1
Filed: 02/25/1999
Issued: 02/25/2003
Est. Priority Date: 02/25/1999
Status: Expired due to Term

First Claim

Patent Images

1. An access point, comprising:

a transceiver for wirelessly communicating with mobile terminals;

an interface for coupling the access point to a system backbone;

an encryption engine for encrypting messages using a first encryption key which are to be transmitted to a mobile terminal via the transceiver, and for decrypting messages using the first encryption key which are received from the mobile terminal via the transceiver; and

operational means for determining whether a message received via the transceiver has been encrypted using the first encryption key and, based on such determination, selectively forwarding the message to a destination on the system backbone specified in the message if the message had been encrypted, and at least one of forwarding the message to a predefined destination on the system backbone to selectively request registration onto the system backbone and receipt of a second encryption key, blocking the message from being place onto the system backbone, and placing the message onto the system backbone if the message had not been encrypted.

View all claims

13 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A multi-level encryption scheme is provided for a wireless network. A first level of encryption is provided primarily for wireless communications taking place between a mobile terminal and an access point. In addition, a second, higher level of encryption is provided which is distributed beyond the wireless communications onto the system backbone itself. Through a key distribution server/access point arrangement, the second level of encryption provides a secure means for distributing the encryption scheme of the first level without compromising the integrity of the network.

320 Citations

11 Claims

1. An access point, comprising:
- a transceiver for wirelessly communicating with mobile terminals;
  
  an interface for coupling the access point to a system backbone;
  
  an encryption engine for encrypting messages using a first encryption key which are to be transmitted to a mobile terminal via the transceiver, and for decrypting messages using the first encryption key which are received from the mobile terminal via the transceiver; and
  
  operational means for determining whether a message received via the transceiver has been encrypted using the first encryption key and, based on such determination, selectively forwarding the message to a destination on the system backbone specified in the message if the message had been encrypted, and at least one of forwarding the message to a predefined destination on the system backbone to selectively request registration onto the system backbone and receipt of a second encryption key, blocking the message from being place onto the system backbone, and placing the message onto the system backbone if the message had not been encrypted.
- View Dependent Claims (2, 3, 4, 5, 11)
- - 2. The access point of claim 1, further comprising a table including a list of devices authorized to communicate on the system backbone without encryption based on the first encryption key.
  - 3. The access point of claim 2, wherein the access point compares the source of the message with the devices included in table and if the message had not been encrypted but the source of the message is included in the table, the access point is configured to place the message onto the system backbone.
  - 4. The access point of claim 1, wherein the operational means determines whether a message received via the transceiver is directed to a key distribution server coupled to the system backbone and passes the message onto the system backbone if it is determined that the message is directed to the key distribution server.
  - 5. The access point of claim 1, wherein the operational means cooperates with the encryption engine to encrypt messages sent to mobile terminals via the transceiver selectively in order that messages directed to mobile terminals meeting a predefined criteria are encrypted and messages directed to mobile terminals meeting a different predefined criterial are not encrypted.
  - 11. The access point of claim 10, wherein the access point obtains the first level of encryption from the source using a second level of encryption.

6. An access point, comprising:
- a transceiver for wirelessly communicating with mobile terminals;
  
  an interface for coupling the access point to a system backbone;
  
  a memory which stores mobile terminal identifiers indicating which mobile terminals are to be permitted access to the system backbone, and whether such permitted access is secure access or non-secure access;
  
  control means, operatively coupled to the transceiver and the memory, for determining whether a received communication is from a mobile terminal which is permitted access to the system backbone and allowing selective registration of a mobile terminal for receiving secure access; and
  
  means for processing the received communication based on whether the mobile terminal is permitted access.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The access point of claim 6, wherein the access point denies the mobile terminal access if the control means determines that the mobile terminal is not permitted access.
  - 8. The access point of claim 6, wherein the access point grants the mobile terminal non-secure access to the system backbone if the mobile terminal is identified in the memory as being permitted non-secure access.
  - 9. The access point of claim 6, wherein the access point grants the mobile terminal secure access provided the mobile terminal is identified in the memory as being permitted to secure access and the mobile terminal exhibits knowledge of a first level of encryption.
  - 10. The access point of claim 6, wherein the access point grants the mobile terminal secure access provided the mobile terminal is identified in the memory as being permitted to secure access, and the access point is able to obtain a first level of encryption for the mobile terminal from a source on the system backbone.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Extreme Networks, Inc.
Original Assignee
Telxon Corporation (Zebra Technologies Corporation)
Inventors
Lewis, Daniel E.
Primary Examiner(s)
SMITHERS, MATTHEW

Application Number

US09/257,341
Time in Patent Office

1,461 Days
Field of Search

713/153, 713/154, 713/160, 380/270, 380/272, 380/281, 380/284, 380/278, 370/338, 370/349, 455/3.01
US Class Current

713/153
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 9/083   involving central third par...

H04L 9/0891   Revocation or update of sec...

Multi-level encryption access point for wireless network

First Claim

13 Assignments

0 Petitions

Accused Products

Abstract

320 Citations

11 Claims

Specification

Use Cases

Quick Links

Others

Multi-level encryption access point for wireless network

First Claim

13 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

320 Citations

11 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others