Dynamic PSK for hotspots

US 9,226,146 B2
Filed: 06/02/2014
Issued: 12/29/2015
Est. Priority Date: 02/09/2012
Status: Active Grant

First Claim

Patent Images

1. A method for providing secured network access, the method comprising:

storing information in memory of a hotspot controller, the stored information regarding a plurality of user devices each associated with a different pre-shared key unique to the respective user device;

receiving a request initiated by a user device located within a range of a hotspot associated with the hotspot controller, the request sent via an open communication network associated with the hotspot and concerning access to a secured communication network associated with the hotspot, wherein the request initiated by the user device is redirected by an intermediary web portal server to the hotspot controller; and

executing instructions stored in memory of the hotspot controller, wherein execution of the instructions by a hardware processor;

identifies a pre-shared key included in the request from the requesting user device,accesses the stored information to determine that the identified pre-shared key is associated with the requesting user device,authenticates the requesting user device based on the identified pre-shared key and the stored information, andgrants the requesting user device access to the secured communication network associated with the hotspot, wherein communications by the requesting user device in the secured communications network are encrypted based on the identified pre-shared key, and wherein communications by each other user device in the secured wireless network are encrypted based on the respective different pre-shared key unique to the other user device.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for providing secured network access are provided. A user device located within range of a hotspot initiates a request sent via an open communication network associated with the hotspot. The request concerns secured network access at the hotspot by the user device. A unique pre-shared key is generated for the user device based on information in the received request and transmitted over the open communication network for display on a webpage accessible to the user device. The unique pre-shared key is stored in association with information regarding the user device. The user device may then use the unique pre-shared key in subsequent requests for secured network access.

481 Citations

19 Claims

1. A method for providing secured network access, the method comprising:
- storing information in memory of a hotspot controller, the stored information regarding a plurality of user devices each associated with a different pre-shared key unique to the respective user device;
  
  receiving a request initiated by a user device located within a range of a hotspot associated with the hotspot controller, the request sent via an open communication network associated with the hotspot and concerning access to a secured communication network associated with the hotspot, wherein the request initiated by the user device is redirected by an intermediary web portal server to the hotspot controller; and
  
  executing instructions stored in memory of the hotspot controller, wherein execution of the instructions by a hardware processor;
  
  identifies a pre-shared key included in the request from the requesting user device,accesses the stored information to determine that the identified pre-shared key is associated with the requesting user device,authenticates the requesting user device based on the identified pre-shared key and the stored information, andgrants the requesting user device access to the secured communication network associated with the hotspot, wherein communications by the requesting user device in the secured communications network are encrypted based on the identified pre-shared key, and wherein communications by each other user device in the secured wireless network are encrypted based on the respective different pre-shared key unique to the other user device.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the stored information regarding the requesting user device includes at least one parameter, and wherein access to the secured communication network granted to the requesting user device is governed at least in part by the at least one parameter.
  - 3. The method of claim 2, wherein the at least one parameter includes one or more of the following:
    - expiration date, session duration, bandwidth, user identity, user rewards, or access policies.
  - 4. The method of claim 3, wherein the user rewards comprises adjusting bandwidth provided to the requesting user device based on the stored information regarding a user of the requesting user device.
  - 5. The method of claim 1, wherein encryption in accordance with the pre-shared key of the requesting user device is different than encryption in accordance with the different pre-shared keys associated with other user devices.
  - 6. The method of claim 1, wherein a downloaded application connects the requesting user device to the secured wireless communication network.

7. An apparatus for providing secured network access, the apparatus comprising:
- memory that stores information regarding a plurality of user devices each associated with a different pre-shared key unique to the respective user device;
  
  a communication interface that receives a request initiated by a user device located within a range of a hotspot, the request sent via an open communication network associated with the hotspot and concerning access to a secured communication network associated with the hotspot, wherein the request initiated by the user device is redirected by an intermediary web portal server t to the hotspot controller; and
  
  a hardware processor for executing instructions stored in memory, wherein execution of the instructions by the hardware processor;
  
  identifies a pre-shared key included in the request from the requesting user device,accesses the stored information to determine that the identified pre-shared key is associated with the requesting user device,authenticates the requesting user device based on the identified pre-shared key and the stored information, andgrants the requesting user device access to the secured communication network associated with the hotspot, wherein communications by the requesting user device in the secured communications network are encrypted based on the identified pre-shared key, and communications by each other user device are encrypted based on the respective different pre-shared key unique to the other user device.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The apparatus of claim 7, wherein the stored information regarding the requesting user device includes at least one parameter, and wherein access to the secured communication network granted to the requesting user device is governed at least in part by the at least one parameter.
  - 9. The apparatus of claim 8, wherein the at least one parameter includes one or more of the following:
    - expiration date, session duration, bandwidth, user identity, user rewards, or access policies.
  - 10. The apparatus of claim 9, wherein the user rewards comprises adjusting bandwidth provided to the requesting user device based on the stored information regarding a user of the requesting user device.
  - 11. The apparatus of claim 7, wherein encryption in accordance with the pre-shared key of the requesting user device is different than encryption in accordance with the different pre-shared keys associated with other user devices.
  - 12. The apparatus of claim 7, wherein a downloaded application connects the requesting user device to the secured wireless communication network.

13. A system for providing secured network access, the system comprising:
- an access point associated with a hotspot, the access point providing both;
  
  open access over an open communication network, andsecured network access over a secured communication network based on a pre-shared key;
  
  an intermediary web portal server, wherein a request initiated by a user device located within a range of the hotspot is redirected to the intermediary web portal server, the request sent via the open communication network and concerning access to the secured communication network at the hotspot by the user device; and
  
  a hotspot controller comprising;
  
  memory that stores information regarding a plurality of user devices each associated with a different pre-shared key unique to the respective user device;
  
  a communication interface that receives the request from the intermediary web portal server; and
  
  a hardware processor for executing instructions stored in memory, wherein execution of the instructions by the hardware processor;
  
  identifies a pre-shared key included in the request from the requesting user device,accesses the stored information to determine that the identified pre-shared key is associated with the requesting user device,authenticates the requesting user device based on the identified pre-shared key and the stored information, andgrants the requesting user device access to the secured communication network associated with the hotspot, wherein communications by the requesting user device in the secured communications network are encrypted based on the identified pre-shared key, and communications by each other user device are encrypted based on the respective different pre-shared key unique to the other user device.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The system of claim 13, wherein the stored information regarding the requesting user device includes at least one parameter, and wherein access to the secured communication network granted to the requesting user device is governed at least in part by the at least one parameter.
  - 15. The system of claim 14, wherein the at least one parameter includes one or more of the following:
    - expiration date, session duration, bandwidth, user identity, user rewards, or access policies.
  - 16. The system of claim 15, wherein the user rewards comprises adjusting bandwidth provided to the requesting user device based on the stored information regarding a user of the requesting user device.
  - 17. The system of claim 13, wherein encryption in accordance with the pre-shared key of the requesting user device is different than encryption in accordance with the different pre-shared keys associated with other user devices.
  - 18. The system of claim 13, wherein a downloaded application connects the requesting user device to the secured wireless communication network.

19. A non-transitory computer-readable storage medium, having embodied thereon a program executable by a hardware processor to perform steps for providing secured network access, the steps comprising:
- storing information regarding a plurality of user devices each associated with a different pre-shared key unique to the respective user device;
  
  receiving a request initiated by a user device located within a range of a hotspot, the request sent via an open communication network associated with the hotspot and concerning access to a secured communication network associated with the hotspot, wherein the request initiated by the user device is redirected by an intermediary web portal server to the hotspot controller;
  
  identifying a pre-shared key included in the request from the requesting user device;
  
  accessing the stored information to determine that the identified pre-shared key is associated with the requesting user device;
  
  authenticating the requesting user device based on the identified pre-shared key and the stored information; and
  
  granting the requesting user device access to the secured communication network associated with the hotspot, wherein communications by the requesting user device in the secured communications network are encrypted based on the identified pre-shared key, and communications by each other user device are encrypted based on the respective different pre-shared key unique to the other user device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ruckus IP Holdings LLC
Original Assignee
Ruckus Wireless, Inc. (CommScope Holding Company, Inc.)
Inventors
Ranade, Prashant, Sheu, Ming-Jye
Primary Examiner(s)
LEE, JASON T

Application Number

US14/294,012
Publication Number

US 20140282951A1
Time in Patent Office

575 Days
Field of Search

726/6
US Class Current

1/1
CPC Class Codes

H04L 63/062   for key distribution, e.g. ...

H04L 63/083   using passwords cryptograph...

H04L 67/01   Protocols

H04L 67/02   based on web technology, e....

H04L 67/10   in which an application is ...

H04W 12/04   Key management, e.g. using ...

H04W 12/0431   Key distribution or pre-dis...

H04W 12/08   Access security

Dynamic PSK for hotspots

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

481 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Dynamic PSK for hotspots

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

481 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links