Patents by Inventor Jouni Kalevi Malinen
Jouni Kalevi Malinen has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9769661Abstract: A method, an apparatus, and a computer program product for wireless communication are provided. The apparatus may be a STA. The STA sends, in a re-association procedure, a re-association object to a first AP to establish a first security association with the first AP. The re-association object is encrypted by using a first key unknown to the STA. The re-association object includes a second key derived from a second security association in a previous association procedure between the STA and a second AP. The STA receives a response from the first AP indicating that the first security association has been successfully established. The STA authenticates the response.Type: GrantFiled: April 6, 2015Date of Patent: September 19, 2017Assignee: QUALCOMM, IncorporatedInventors: Soo Bum Lee, Jouni Kalevi Malinen, Anand Palanigounder
-
Publication number: 20170208006Abstract: A method, an apparatus, and a computer-readable medium for wireless communication are provided. The apparatus may be configured to transmit a request message to a plurality of access points. The request message may include an address reserved for at least one of an access point feature, an access point service, or an access point vendor. The apparatus may be configured to receive a response message from at least one access point of the plurality of access points. The response message may indicate that the at least one access point has the access point feature, is associated with the access point service, or is associated with the access point vendor.Type: ApplicationFiled: January 12, 2017Publication date: July 20, 2017Inventors: Abhishek Pramod PATIL, Santosh Paul ABRAHAM, Jouni Kalevi MALINEN, George CHERIAN
-
Publication number: 20170208472Abstract: Certain aspects of the present disclosure generally relate to wireless communications and, more particularly, to protecting control frames with power-related subfields. One example apparatus for wireless communications generally includes a processing system configured to generate a control frame comprising one or more power-related subfields and an integrity check value calculated based, at least in part, on the one or more power-related subfields and a transmitter configured to transmit the control frame. In aspects, a power management (PM) subfield, an end-of-service-period (EOSP) subfield, a more data (MD) subfield, or a traffic identifier (TID) subfield can be added to a group of additional authentication data (AAD) and the integrity check value is calculated based on the group of AAD.Type: ApplicationFiled: March 30, 2017Publication date: July 20, 2017Inventors: Maarten Menzo WENTINK, Alfred ASTERJADHI, Jouni Kalevi MALINEN
-
Publication number: 20160295409Abstract: A method, an apparatus, and a computer program product for wireless communication are provided. The apparatus may be a STA. The STA sends, in a re-association procedure, a re-association object to a first AP to establish a first security association with the first AP. The re-association object is encrypted by using a first key unknown to the STA. The re-association object includes a second key derived from a second security association in a previous association procedure between the STA and a second AP. The STA receives a response from the first AP indicating that the first security association has been successfully established. The STA authenticates the response.Type: ApplicationFiled: April 6, 2015Publication date: October 6, 2016Inventors: Soo Bum LEE, Jouni Kalevi MALINEN, Anand PALANIGOUNDER
-
Publication number: 20160285834Abstract: Methods, systems, apparatuses, and devices are described for wireless station privacy using encryption to protect destination and source addresses of data frames. In one example, a method includes identifying a source address, a destination address, or any combination thereof to be transmitted in a plain-text portion of a data frame. The method may also include extracting the identified source address, the identified destination address, or any combination thereof. The method also includes inserting the extracted source address, the extracted destination address, or any combination thereof in a frame body of the data frame. The method may further include encrypting the inserted source address, the inserted destination address, or any combination thereof in the frame body.Type: ApplicationFiled: October 30, 2015Publication date: September 29, 2016Inventors: Soo Bum Lee, Jouni Kalevi Malinen, George Cherian
-
Publication number: 20160218865Abstract: A device for wireless communication includes key logic configured to obtain a candidate group key corresponding to a data link group. The device also includes a wireless interface configured to transmit an announcement message to one or more devices of the data link group during a paging window designated for the data link group. The announcement message includes a multicast message and indicates availability of the candidate group key, and the announcement message.Type: ApplicationFiled: January 26, 2016Publication date: July 28, 2016Inventors: Abhishek Pramod Patil, George Cherian, Soo Bum Lee, Jouni Kalevi Malinen, Santosh Paul Abraham, Alireza Raissinia
-
Publication number: 20160218866Abstract: A device for wireless communication includes key logic configured to obtain a candidate group key corresponding to a data link group. The device also includes a wireless interface configured to transmit an announcement message to one or more devices of the data link group during a discovery window of a first communication channel. The announcement message includes a multicast message and indicates availability of the candidate group key.Type: ApplicationFiled: January 26, 2016Publication date: July 28, 2016Inventors: Abhishek Pramod Patil, George Cherian, Soo Bum Lee, Jouni Kalevi Malinen, Santosh Paul Abraham, Alireza Raissinia
-
Patent number: 9402226Abstract: A station, method, and apparatus for network detection in a wireless communication system are provided. One implementation may include a station for identifying the presence of at least one access point to associate with. The station comprises a processor configured to generate a probe message, the probe message including a scrambling seed. The processor is further configured to transmit the probe message. The processor is further configured to receive a first probe response message from each access point, the first probe response message being encoded with the scrambling seed. The processor is further configured to receive the second probe response message from each of the access points, the second probe response message from each of the access points including at least an address of the access point. The processor is further configured to identify an access point to associate with based on the second probe response messages.Type: GrantFiled: October 23, 2013Date of Patent: July 26, 2016Assignee: QUALCOMM IncorporatedInventors: Santosh Paul Abraham, George Cherian, Jouni Kalevi Malinen
-
Publication number: 20160135053Abstract: Methods, systems, apparatuses, and devices are described for access point privacy using media access control (MAC) address randomization. The access point may identify a MAC address for use with over-the-air (OTA) transmissions and a persistent MAC address for backend communications. The access point may communicate the OTA MAC address and the persistent MAC address to a wireless station. The access point and the wireless station may exchange data frames and perform MAC replacement techniques to map the OTA MAC address to the persistent MAC address. The persistent MAC address may provide for data routing, mobility management, etc., whereas the OTA MAC address may provide for privacy for the wireless transmissions.Type: ApplicationFiled: November 6, 2015Publication date: May 12, 2016Inventors: Soo Bum Lee, Jouni Kalevi Malinen, George Cherian, Santosh Paul Abraham, Anand Palanigounder
-
Publication number: 20160135041Abstract: Methods, systems, apparatuses, and devices are described for wireless station privacy using media access control (MAC) address randomization. The wireless station may identify a MAC address for use with over-the-air transmissions and a persistent MAC address for backend communications. The wireless station may communicate the OTA MAC address and the persistent MAC address to an access point. The wireless station and the access point may exchange data frames and perform MAC replacement techniques to map the OTA MAC address to the persistent MAC address. The persistent MAC address may provide for data routing, mobility management, etc., whereas the OTA MAC address may provide for privacy for the wireless transmissions.Type: ApplicationFiled: October 29, 2015Publication date: May 12, 2016Inventors: Soo Bum Lee, Jouni Kalevi Malinen, George Cherian
-
Patent number: 9288754Abstract: Apparatuses and methods of power save for wireless access point and multi-hop relays are disclosed. In one innovation, an apparatus comprises a memory unit configured to store latency information received from the at least one communication device and a processor operationally coupled to the memory unit and configured to retrieve the latency information from the memory unit and determine a sleep-cycle for the apparatus based on the latency information, the sleep-cycle indicating a time period when the apparatus will not receive signals and will not send signals.Type: GrantFiled: August 26, 2013Date of Patent: March 15, 2016Assignee: QUALCOMM IncorporatedInventors: Santosh Paul Abraham, George Cherian, Jouni Kalevi Malinen
-
Patent number: 9277399Abstract: Systems and methods reduce latency associated with establishing communication on a wireless network. In one aspect, an access point determines interface identifiers for associated stations. Because the access point can ensure interface identifiers are not duplicated across associated stations, the need for duplicate address detection by the stations is reduced. In another aspect, an access point provides domain name system server network address information to a station. By providing the network address information of the DNS server, the need for the station to perform separate signaling to obtain the information is reduced. In another aspect, an access point transmits a mapping of a first station's network address to the first station's medium access control address to one or more associated stations. This may reduce the need for an associated station to perform address resolution signaling when attempting to communicate with the first station.Type: GrantFiled: February 19, 2014Date of Patent: March 1, 2016Assignee: QUALCOMM IncorporatedInventors: George Cherian, Jouni Kalevi Malinen, Santosh Paul Abraham
-
Publication number: 20160014689Abstract: In an aspect of the disclosure, a method, a computer-readable medium, and an apparatus are provided. The apparatus may be a station. The station receives a first beacon frame from an access point. The first beacon frame includes a first indication of a first set of domains that are supported by the access point. The station determines that the station has not established credentials with any one domain of the first set of domains. The station may receive a second beacon frame from the access point. The second beacon frame includes a second indication of a second set of domains that are supported by the access point. The first set of domains is different from the second set of domains. The station may send, to the access point, a probe request frame including a third indication of a third set of domains with which the station has established second credentials.Type: ApplicationFiled: July 13, 2015Publication date: January 14, 2016Inventors: Jouni Kalevi MALINEN, Abhishek Pramod PATIL, George CHERIAN
-
Publication number: 20150229475Abstract: Device provisioning (e.g., enrollment, configuration, and/or authentication) of a client device with a network device may be assisted using a configurator device. The configurator device may obtain a client public key associated with the client device and send the client public device to the network device. The network device may use the client public key in an authentication process between the network device and the client device. Following the authentication process, the client device may be configured for use with the network device to gain access to other network resources. In this manner, permission to gain access to the network device can be transparent to the user, often without the user having to enter codes or passwords.Type: ApplicationFiled: February 6, 2015Publication date: August 13, 2015Inventors: Olivier Jean Benoit, Jouni Kalevi Malinen, Peerapol Tinnakornsrisuphap
-
Publication number: 20140328234Abstract: Systems, methods, and devices for communicating data in a wireless communications network are described herein. In some aspects, a station transmits an authentication request to an access point and for the access point to transmit an authentication initiation request to an authentication server. The station receives an authentication response comprising an estimated response delay from the access point. The station transitions from an awake state to a sleep state for a duration of time based on the estimated response delay. The station transmits an association request to the access point after the duration of time and transitioning from the sleep state to the awake state. The station receives an association response from the access point, where the association response comprises an authentication status that indicates whether authentication with the authentication server is successful.Type: ApplicationFiled: April 28, 2014Publication date: November 6, 2014Applicant: QUALCOMM IncorporatedInventors: George Cherian, Santosh Paul Abraham, Jouni Kalevi Malinen
-
Publication number: 20140329498Abstract: Systems, methods, and devices for communicating data in a wireless communications network are described herein. In some aspects, an access point receives an authentication request from a station. The access point transmits an authentication initiation request to an authentication server. The access point transmits an authentication response, which includes an estimated response delay, to the station after the authentication initiation request is transmitted to the authentication server. The estimated response delay may allow the station to transition from an awake state to a sleep state for a time based on the estimated response delay. The access point receives an authentication status from the authentication server. The access point receives an association request from the station after the station transitions from the sleep state to the awake state. The access point transmits the authentication status to the station in response to receiving the association request.Type: ApplicationFiled: April 28, 2014Publication date: November 6, 2014Applicant: Qualcomm IncorporatedInventors: George Cherian, Santosh Paul Abraham, Jouni Kalevi Malinen
-
Publication number: 20140241266Abstract: Systems and methods reduce latency associated with establishing communication on a wireless network. In one aspect, an access point determines interface identifiers for associated stations. Because the access point can ensure interface identifiers are not duplicated across associated stations, the need for duplicate address detection by the stations is reduced. In another aspect, an access point provides domain name system server network address information to a station. By providing the network address information of the DNS server, the need for the station to perform separate signaling to obtain the information is reduced. In another aspect, an access point transmits a mapping of a first station's network address to the first station's medium access control address to one or more associated stations. This may reduce the need for an associated station to perform address resolution signaling when attempting to communicate with the first station.Type: ApplicationFiled: February 19, 2014Publication date: August 28, 2014Applicant: QUALCOMM IncorporatedInventors: George Cherian, Jouni Kalevi Malinen, Santosh Paul Abraham
-
Publication number: 20140241267Abstract: Systems and methods reduce latency associated with establishing communication on a wireless network. In one aspect, an access point determines interface identifiers for associated stations. Because the access point can ensure interface identifiers are not duplicated across associated stations, the need for duplicate address detection by the stations is reduced. In another aspect, an access point provides domain name system server network address information to a station. By providing the network address information of the DNS server, the need for the station to perform separate signaling to obtain the information is reduced. In another aspect, an access point transmits a mapping of a first station's network address to the first station's medium access control address to one or more associated stations. This may reduce the need for an associated station to perform address resolution signaling when attempting to communicate with the first station.Type: ApplicationFiled: February 19, 2014Publication date: August 28, 2014Applicant: QUALCOMM IncorporatedInventors: George Cherian, Jouni Kalevi Malinen, Santosh Paul Abraham
-
Publication number: 20140133394Abstract: A station, method, and apparatus for network detection in a wireless communication system are provided. One implementation may include a station for identifying the presence of at least one access point to associate with. The station comprises a processor configured to generate a probe message, the probe message including a scrambling seed. The processor is further configured to transmit the probe message. The processor is further configured to receive a first probe response message from each access point, the first probe response message being encoded with the scrambling seed. The processor is further configured to receive the second probe response message from each of the access points, the second probe response message from each of the access points including at least an address of the access point. The processor is further configured to identify an access point to associate with based on the second probe response messages.Type: ApplicationFiled: October 23, 2013Publication date: May 15, 2014Applicant: QUALCOMM, IncorporatedInventors: Santosh Paul Abraham, George Cherian, Jouni Kalevi Malinen
-
Publication number: 20140071870Abstract: Apparatuses and methods of power save for wireless access point and multi-hop relays are disclosed. In one innovation, an apparatus comprises a memory unit configured to store latency information received from the at least one communication device and a processor operationally coupled to the memory unit and configured to retrieve the latency information from the memory unit and determine a sleep-cycle for the apparatus based on the latency information, the sleep-cycle indicating a time period when the apparatus will not receive signals and will not send signals.Type: ApplicationFiled: August 26, 2013Publication date: March 13, 2014Applicant: QUALCOMM IncorporatedInventors: Santosh Paul Abraham, George Cherian, Jouni Kalevi Malinen