Authentication and authorization in proximity based service communication using a group key
US-2024314112-A1 · Sep 19, 2024 · US
Authentication for relay deployment
US2016269183A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016269183-A1 |
| Application number | US-201615161105-A |
| Country | US |
| Kind code | A1 |
| Filing date | May 20, 2016 |
| Priority date | Mar 15, 2013 |
| Publication date | Sep 15, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Techniques for proving enterprise mode security for relays are disclosed. For example, enterprise mode security based on IEEE 802.1x is provided for relays or other similar devices to extend the coverage of access point hotspots or other similar access point use cases. According to one aspect, a relay incorporates an authentication client associated with an authentication server. According to another aspect, a four address format is employed for tunneling messages via a relay between a station and an access point. According to another aspect, a cryptographic master key associated with an access point and a station is provided to a relay to enable the relay to be an authenticator for the station.
First claim
Opening claim text (preview).
What is claimed is: 1 . An apparatus for communication, wherein a second apparatus is configured to be associated with the apparatus, the apparatus is configured to be associated with a third apparatus, and the second apparatus is configured to be connected to a server, the apparatus comprising: a communication device configured to receive an authentication credential from the second apparatus to setup a session with the server; and a processing system configured to set up the session using the authentication credential, wherein the communication device is further configured to communicate with the server via the session to authenticate the third apparatus with the server. 2 . The apparatus of claim 1 , wherein: the server comprises a RADIUS server or a DIAMETER server; the communication with the server employs a RADIUS message or a DIAMETER message; and the authentication credential comprises a RADIUS authentication credential or a DIAMETER authentication credential. 3 . The apparatus of claim 1 , wherein: the communication device is further configured to receive a cryptographic key from the server; the processing system is further configured to use the cryptographic key to establish secure communication with the third apparatus over a wireless channel. 4 . The apparatus of claim 1 , wherein: the communication device is further configured to receive, from the second apparatus, a cryptographic master key generated by the server for the second apparatus; and the processing system is further configured to use the cryptographic master key to establish secure communication with the third apparatus over a wireless channel. 5 . The apparatus of claim 4 , wherein the cryptographic master key comprises a pairwise master key. 6 . The apparatus of claim 4 , wherein the processing system is further configured to obtain a second cryptographic key from the cryptographic master key, a Media Access Control (MAC) address of the apparatus, a MAC address of the third apparatus, a nonce selected by the apparatus, and a nonce selected by the third apparatus. 7 . A method of communication, wherein a first apparatus is associated with a second apparatus, the first apparatus is associated with a third apparatus, and the second apparatus is connected to a server, the method comprising: receiving, by the first apparatus, an authentication credential from the second apparatus to setup a session with the server; setting up the session using the authentication credential; and communicating with the server via the session to authenticate the third apparatus with the server. 8 . The method of claim 7 , wherein: the server comprises a RADIUS server or a DIAMETER server; the communication with the server employs a RADIUS message or a DIAMETER message; and the authentication credential comprises a RADIUS authentication credential or a DIAMETER authentication credential. 9 . The method of claim 7 , further comprising: receiving a cryptographic key from the server; using the cryptographic key to establish secure communication with the third apparatus over a wireless channel. 10 . The method of claim 7 , further comprising: receiving, by the first apparatus from the second apparatus, a cryptographic master key generated by the server for the second apparatus; and using the cryptographic master key to establish secure communication with the third apparatus over a wireless channel. 11 . The method of claim 10 , wherein the cryptographic master key comprises a pairwise master key. 12 . The method of claim 10 , further comprising obtaining a second cryptographic key from the cryptographic master key, a Media Access Control (MAC) address of the first apparatus, a MAC address of the third apparatus, a nonce selected by the first apparatus, and a nonce selected by the third apparatus. 13 . A relay for communication, wherein the relay is configured to be associated with an access point, the relay is configured to be associated with a station, and the access point is configured to be connected to a server, the relay comprising: a communication device configured to receive an authentication credential from the access point to setup a session with the server; and a processing system configured to set up the session using the authentication credential, wherein the communication device is further configured to communicate with the server via the session to authenticate the station with the server.
Assignees
Inventors
Classifications
- H04L63/06Primary
for supporting key management in a packet data network (cryptographic mechanisms or cryptographic arrangements for key management H04L9/08) · CPC title
by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity · CPC title
at the data link layer · CPC title
Firewall traversal, e.g. tunnelling or, creating pinholes · CPC title
Wireless · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016269183A1 cover?
- Techniques for proving enterprise mode security for relays are disclosed. For example, enterprise mode security based on IEEE 802.1x is provided for relays or other similar devices to extend the coverage of access point hotspots or other similar access point use cases. According to one aspect, a relay incorporates an authentication client associated with an authentication server. According to a…
- Who is the assignee on this patent?
- Qualcomm Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/06. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Sep 15 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).