Key assignment for a brand

- Ruckus Wireless, Inc.

Systems and methods for providing secured network access are provided. A user device located within range of a branded hotspot initiates a request for the secured network access. The request concerns secured network access at the hotspot by the user device and includes a unique pre-shared key. A query regarding the unique pre-shared key is sent to a database, which retrieves information regarding a corresponding pre-shared key. That information is sent to the hotspot controller, which allows the user device secured network access as governed by one or more parameters associated with the pre-shared key.

Skip to: Description  ·  Claims  ·  References Cited  · Patent History  ·  Patent History
Description
BACKGROUND

1. Field of the Invention

The present invention generally relates to key assignment. More specifically, the present invention relates to key assignment for a brand.

2. Description of the Related Art

An increasing number of individuals and businesses rely on wireless services to carry out various transactions and enable communication from remote locations. Many businesses such as hotels and coffee houses have sought to capitalize on this trend and offer free wireless access to attract and retain customers. A business offering such wireless access may do by creating a “hotspot”—a location that offers Internet access over a wireless local area network through the use of a router connected to a link to an Internet service provider.

Many hotspots only offer open and unsecured communications. Some users, however, may wish to engage in communications or transactions that involve personal, sensitive, or proprietary information that is not necessarily suited for an open and unsecured communications network. As such, users may wish for such transactions be conducted in a secure manner, such that such information may not be exposed or stolen.

Implementing security features is complicated, difficult to maintain, and requires a high level of technical knowledge. An additional complication is that users at a hotspot may be continually changing. Authentication relying on 802.1x/EAP is not a practical option as hotspot users may vary widely in security needs. Setting up a RADIUS server on a network backend may likewise be complicated and unwieldy.

Pre-shared key (PSK)-based security systems require that a secret be manually entered onto all user devices using the network. A PSK-based system relies on a secret shared between and stored at both the client station and the access point. The secret may be, for example, a long bit stream, such as a passphrase, a password, a hexadecimal string, or the like. Used by a client station and the access point to authenticate each other, the secret may also be used to generate an encryption key set.

A disadvantage to PSK-based systems is that once the shared secret becomes known to unauthorized personnel, the security of the entire network is compromised. This may pose a problem where network access is provided to an ever-changing set of numerous, diverse, and transient mobile users. Generally, to maintain the security of a PSK-based system, the secret must be changed on all client stations whenever a person with knowledge of the secret departs from the organization or is no longer authorized to access the network. As a result, many commercial organizations (e.g., small- and medium-sized businesses or enterprises with a high degree of turn over) have been unable to deploy security measures around their hotspots, because of their lack of expertise and/or full-time professional technical support.

In addition, a business (e.g., branded hotels) may have multiple locations where customers are provided service. While wireless internet services may be provided at these multiple locations, the customer is generally required to login and authenticate anew at each location. Such a business may wish to be able to leverage the information previously provided and steps previously performed at one location to facilitate and ease the customer experience at a second location. As used herein, a brand refers to any related products or services that may be provided at a plurality of locations. A branded hotspot, for example, may be a hotspot associated with a particular coffee shop that is associated with a chain of coffee shops, each of which may have its own branded hotspot.

SUMMARY OF THE CLAIMED INVENTION

Embodiments of the present invention include systems and methods for providing secured network access at a branded hotspot. A user device located within range of a branded hotspot initiates a request for the secured network access. The request concerns secured network access at the hotspot by the user device and includes a unique pre-shared key. A query regarding the unique pre-shared key is sent to a database, which retrieves information regarding a corresponding pre-shared key. That information is sent to the hotspot controller, which allows the user device secured network access as governed by one or more parameters associated with the pre-shared key.

Various embodiments of the present invention include methods for providing secured network access at a branded hotspot. Such methods may include receiving a request for secured network access initiated by a user device located within a range of a hotspot associated with a brand. The request may include a unique pre-shared key associated with the user device. Methods may further include sending a query to a database of pre-shared keys concerning the unique pre-shared key included in the request, receiving a response to the query including a corresponding pre-shared key regarding secured network access that has been generated at another hotspot associated with the brand, and providing secured network access at the hotspot based on the unique pre-shared key associated with the user device and the corresponding pre-shared key.

Additional embodiments include apparatuses for providing secured network access at a branded hotspot. Such apparatuses may include an interface for receiving an incoming request initiated by a user device located within a range of a hotspot associated with a brand and a processor for executing instructions stored in memory to generates a query to a database of pre-shared keys concerning the unique pre-shared key included in the request. The interface may further receive a response to the query including a corresponding pre-shared key regarding secured network access that has been generated at another hotspot associated with the brand, and secured network access may be provided at the hotspot based on the unique pre-shared key associated with the user device and the corresponding pre-shared key.

Embodiments of the present invention may further include systems for providing secured network access at a branded hotspot. Such systems may include a hotspot controller controlling a branded hotspot and comprising an interface that receives an incoming request for secured network access concerning a unique pre-shared key and initiated by a user device located within a range of the branded hotspot, sends a query to a database of pre-shared keys concerning the unique pre-shared key included in the request, and receives a response to the query including a corresponding pre-shared key regarding secured network access that has been generated at another hotspot associated with the brand. Systems may further include an access point associated with the branded hotspot that provides secured network access based on the unique pre-shared key associated with the user device and the corresponding pre-shared key.

Other embodiments of the present invention include non-transitory computer-readable storage media on which is embodied instructions executable to providing secured network access at a branded hotspot in general accordance with the method previously set forth above.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates a network environment in which a system for providing secured network access at a branded hotspot may be implemented.

FIG. 2 illustrates a method for providing secured network access at a branded hotspot.

DETAILED DESCRIPTION

Secured network access at a branded hotspot is provided. A user device located within range of the hotspot initiates a request sent via an open communication network associated with the hotspot. The request concerns secured network access at the hotspot by the user device and includes a unique pre-shared key. A query regarding the unique pre-shared key is sent to a database, which retrieves information regarding a corresponding pre-shared key. That information is sent to the hotspot controller, which allows the user device secured network access as governed by one or more parameters associated with the pre-shared key.

FIG. 1 illustrates a network environment 100 in which a system for secured network access at a branded hotspot may be implemented. Network environment 100 may include a user device 110 and a ‘hotspot’ including access point 130 and that provides open communication network 120A and secured communication network 120B. The network environment 100 may further include web server 140, a hotspot controller 150, and a database of pre-shared keys 160.

Users may use any number of different wireless user devices 110 such as notebook, netbook, and tablet computers with WiFi capability, smartphones with WiFi capability, or any other type of wireless computing device capable of communicating over communication networks 120. User device 110 may also be configured to access data from other storage media, such as memory cards or disk drives as may be appropriate in the case of downloaded services. User device 110 may include standard hardware computing components such as network (e.g., wireless) and media interfaces, non-transitory computer-readable storage (memory), and processors for executing instructions that may be stored in memory.

Communication networks 120A-B may convey various kinds of information to user devices, such as user device 110. Communication networks 120A-B may be a local, proprietary network (e.g., an intranet) and/or may be a part of a larger wide-area network. The communications network 120A-B may be a local area network (LAN), which may be communicatively coupled to a wide area network (WAN) such as the Internet. The Internet is a broad network of interconnected computers and servers allowing for the transmission and exchange of Internet Protocol (IP) data between users connected through a network service provider. Examples of network service providers are the public switched telephone network, a cable service provider, a provider of digital subscriber line (DSL) services, or a satellite service provider. Communications networks 120A-B allow a connecting device (e.g., user device 110) to access the Internet. Open communication network 120A is open and unsecured. As such, any user device 110 may be able to connect to the open communication network 120A without (much) restriction. In contrast, secured communication network 120B may involve various security policies and protocols so that communications to and from user device 110 may remain secure.

Communication networks 120A-B are provided by a hotspot access point 130, which can transmit various electromagnetic waves. Examples of wireless protocols that might be used by hotspot access point 130 include IEEE 802.11 (Wi-Fi or Wireless LAN), IEEE 802.16 (WiMAX), or IEEE 802.16c network. Hotspot may be inclusive or a number of wireless transceivers distributed over an area.

Access point 130 includes, at the least, an antenna system, radio, memory, and processor. The antenna system wirelessly receives and transmits data packets. For example, the antenna system can receive packet data such as Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) packet data using the IEEE 802.11 wireless protocol. Radio converts data into the requisite wireless protocols. Various instructions governing the control of the access point 130 are stored in memory and executed by processor.

One or more wireless or wired connections may be created to allow for data transmission between access point 130 and user device 110 (via communication networks 120A-B) as well as web server 140, hotspot controller 150, and various other access points in network environment 100. The antenna may further include selectable antenna elements like those disclosed in U.S. Pat. No. 7,292,198 for a “System and Method for an Omnidirectional Planar Antenna Apparatus,” the disclosure of which is incorporated herein by reference. Hotspot access point 130 may also utilize various transmission parameter controls like those disclosed in U.S. Pat. No. 7,889,497 for a “System and Method for Transmission Parameter Control for an Antenna Apparatus with Selectable Elements,” the disclosure of which is incorporated herein by reference.

Web server 140 may include any type of server or other computing device as is known in the art for communication over the Internet (web). Web server 140 may include standard hardware computing components such as network and media interfaces, non-transitory computer-readable storage (memory), and processors for executing instructions or accessing information that may be stored in memory. The functionalities of multiple servers may be integrated into a single server. Any of the aforementioned servers (or an integrated server) may take on certain client-side, cache, or proxy server characteristics. These characteristics may depend on the particular network placement of the server or certain configurations of the server.

Hotspot controller 150 manages the one or more hotspot access points 130 in network environment 100. As such, the hotspot controller 150 intelligently manages the hotspot wireless services, including deployment, RF assignments, traffic/load balancing, and security. In terms of security, for example, the hotspot controller 150 may receive a request that a user device 110 be allowed to use the secured communication network 120B. The hotspot controller 150 may be located remotely (e.g., in the cloud) or in the same local area network as the hotspot access point 130.

In some instances, the hotspot controlled by hotspot controller 150 may be associated with a particular brand (e.g., hotel or coffee shop chain). When a user device 110 that is new to a brand requests secure network access, the request may be redirected to web server 140, which may convey the request to hotspot controller 150. Hotspot controller 150 dynamically generates a unique pre-shared key for the requesting user device 110 and return the key to web portal server 140, which in turns generates a web page displaying the unique pre-shared key to the user device 110. User device 110 may then use the pre-shared key in a request to access secure communication network 120B. Information regarding the pre-shared key associated with user device 110 is further sent by hotspot controller 150 to database of pre-shared keys 160 for storage.

The database of pre-shared keys 160 is accessible via the cloud (e.g., Internet) and stores a plurality of pre-shared keys associated with a brand. In some instances, the database 160 may store keys for a plurality of brands. The pre-shared keys and related information (e.g., associated parameter(s) for secured network access) may provided by a plurality of branded hotspots. Because the database 160 is located in the cloud, any hotspot controller 150 may send a query to the database 160 when an unfamiliar (to the hotspot controller 150) user device 110 submits an unfamiliar pre-shared key in a request for secured network access.

In some cases, the user device 110 may wish to request secured network access at another hotspot that is associated with the same brand but that is new to the user device 110. Because the user device 110 is already associated with a pre-shared key, the request sent by user device 110 may be sent using secured communication network 120B to hotspot controller 150. Since the user device 110 is new to this particular hotspot controller 150, a query regarding the pre-shared key is sent to database of pre-shared keys 160. In response to the query, the database 160 retrieves information regarding a corresponding pre-shared key. Such information may additionally include parameters of the secured network access to be provided to the user device 110.

FIG. 2 illustrates a method 200 for providing secure network access at a branded hotspot. The method 200 of FIG. 2 may be embodied as executable instructions in a non-transitory computer readable storage medium including but not limited to a CD, DVD, or non-volatile memory such as a hard drive. The instructions of the storage medium may be executed by a processor (or processors) to cause various hardware components of a computing device hosting or otherwise accessing the storage medium to effectuate the method. The steps identified in FIG. 2 (and the order thereof) are exemplary and may include various alternatives, equivalents, or derivations thereof including but not limited to the order of execution of the same.

In method 200 of FIG. 2, it is determined whether the user device is already associated with a pre-shared key. If so, the user device connects to an open communication network hosted by a hotspot access point. The request is redirected to a web server, which requests a pre-shared key from a hotspot controller. The hotspot controller may generate and return the unique pre-shared key to the web portal server, which generates a webpage displaying the unique pre-shared key to the user device. The user device may then use the unique pre-shared key to access the secure communication network. Where the user device already has a pre-shared key, the user device may immediately connect to the secured communication network.

It is further determined whether the controller has a corresponding pre-shared key. Where the particular controller generated the key, for example, the controller may already have a corresponding key stored in memory. In some cases, however, the user device may be requesting secured network access from another hotspot new to the user device, but associated with the same brand as the hotspot where the pre-shared key was generated. The particular controller at the new hotspot may request the database for information regarding the pre-shared key associated with the user device. Such information may be retrieved and sent to the new hotspot, and secured network access is provided to the user device in accordance with the retrieved information.

In step 210, it is determined whether the user device 110 has already been associated with a pre-shared key. In such a scenario, user device 110 is within a range of a branded hotspot and is attempting to connect to a secured wireless network. If the user device 110 is already associated with a pre-shared key (e.g., previously generated at the branded hotspot or at another hotspot associated with the same brand), the method may skip ahead to step 245. If the user device 110 is not already associated with a pre-shared key, the method proceeds to step 215.

In step 215, a user device 110 connects to an open communication network 120A provided by hotspot access point 130. For some network activity (e.g., reading the news), the user may not necessarily require security and the use of the open communication network 120A may be sufficient. Some transactions (e.g., financial or business related) may require additional security so as to ensure that sensitive information is not exposed or misappropriated by other users of the open communication network 120A. The user of device 110 may be offered access to the secured communication network 120B as an option. Upon selection of that offering, a user request for access to the secure communication network 120B may be sent over the open communication network 120A. Connection to the open communication network 120A may, in some implementations, automatically initiate a request for secure access to the secured communication network 120B.

In step 220, the request for secure network access is redirected to web portal server 140. In addition to information regarding the particular user device 110, the access request may include information concerning various policies and parameters as determined by the particular entity (e.g., business) providing wireless access at the hotspot. These parameters and policies may include information used to configure a wireless device for connection to a restricted wireless network and access policies related to the same, such as a wireless network name, wireless device parameters, adapter configurations, security-related parameters, access constraints, quality of service parameters, security-related parameters, expiration date of the secure access, limits on session duration, bandwidth, user identity, user rewards, and access policies.

In step 225, the web portal server 140 submits a request for a unique pre-shared key to hotspot controller 150. Assigning each individual user/user device 110 a unique pre-shared key ensures that third-parties cannot eavesdrop on or otherwise access information belonging to another user accessing the network by way of device 110. Because each pre-shared key is unique, the encryption (and decryption) of information belonging to one particular user is different from that for any other user. Moreover, when the user leaves the hotspot, the unique pre-shared key assigned to that user/user device 110 does not need to be changed to maintain security for users remaining in the hotspot.

In step 230, the hotspot controller 150 generates a unique pre-shared key for the requesting user device 110 and sends the generated unique pre-shared key to the web portal server 140. Hotspot controller 150 may randomly generate the unique pre-shared secret for each user device 110 using various algorithms and formulas. By providing for randomly generated and unique keys, hotspot controller 150 increases the difficulty of illicitly gaining accessing user information by deducing the secret of any particular user.

Hotspot controller 150 may also store information associating the particular key with the requesting user device 110. Where a particular business providing the hotspot wishes to apply certain policies and parameters, those policies and parameters may also be stored. A hotel, for example, may wish to provide frequent guests with greater bandwidth than other guests. As such, information regarding the guest identity, the user device 110 belonging to the guests (e.g., as identified by MAC address) and the amount of bandwidth allotted may also be stored in association with the unique pre-shared key.

In step 235, the web portal server 140 generates a webpage to display the unique pre-shared key to the user of user device 110.

In step 240, information regarding the generated pre-shared key is sent from the hotspot controller 150 to the database of pre-shared keys 160. Any related information (e.g., policies and parameters described in relation to step 220) may also be sent to database 160 for storage and retrieval in response to subsequent queries.

In step 245, the unique pre-shared key is entered into user device 110, either manually by the user (e.g., a cut and paste operation), via user selection (e.g., execution of a script associated with a ‘install’ button), or automatically as a result of instructions embedded with a pre-shared key download package. A subsequent request for access to the secure communication network 120B is generated based on the unique pre-shared key. In some instances, the unique pre-shared key may be bundled as part of a package that may be installed automatically or upon request on the user device 110. The package may include any applications, policies, or parameters required for connection to the secure communication network 120B. For example, an application may be downloaded to the wireless device and executed to survey, configure (e.g., install parameters and policies), and/or connect the wireless device to the secured communication network 120B. The unique pre-shared key may then be used to authenticate the user device 110 so that the user device 110 can access the secured communication network 120B according to the installed policies and parameters.

In step 250, it is determined whether the hotspot controller 150 has a corresponding pre-shared key. In instances where the user device 110 is a repeat user of the same hotspot, the associated hotspot controller 150 may already have a corresponding pre-shared key in memory and the method may skip ahead to step 265. Where secured network access is being requested from a hotspot new to the user device 110, the hotspot controller 150 at this new hotspot may not have a corresponding pre-shared key, and the method proceeds to step 255.

In step 255, a query is generated and sent to a database of pre-shared keys 160. The query may include information regarding the user device 110 that may be used to identify the pre-shared key associated with the user device 110, and other associated information (e.g., policies and parameters described in relation to step 220). In some embodiments, the query may include information to identify the user device 110 (e.g., the MAC address).

In step 260, the pre-shared key information is retrieved from the database 160. Using the information in the query, the database 160 may identify that the user device 110 has been provided with a pre-shared key at a hotspot associated with the same brand as the hotspot (i.e., hotspot controller 150) that sent the query. In addition, certain policies and parameters may have been associated with that pre-shared key at other hotspots at other locations. For example, a customer may accumulate points by staying at a variety of locations of a branded hotel chain. Parameters of secured network access may be adjusted (e.g., higher bandwidth) as a reward to frequent customers. As such, information regarding a corresponding pre-shared key (including related policies and parameters) may be sent to the hotspot controller 150 in response to the query.

In step 265, secured network access is provided to the user device 110 in accordance with the parameters and policies indicated by the query response sent from the database 160. In addition, the current hotspot 160 may update 160 regarding any information that may affect the parameters and policies associated with the secured network access to be provided to the user device 110.

The present invention may be implemented in a variety of devices. Non-transitory computer-readable storage media refer to any non-transitory storage medium or media that participate in providing instructions to a central processing unit (CPU) for execution. Such media can take many forms, including, but not limited to, non-volatile and volatile media, which may include optical disks, dynamic memory, floppy disks, flexible disks, hard disks, magnetic tape, any other magnetic medium, CD-ROM disks, digital video disks (DVDs), any other optical medium, RAM, PROM, EPROM, a FLASHEPROM, and any other memory chip or cartridge.

Various forms of transmission media may be involved in carrying one or more sequences of one or more instructions to a CPU for execution. A bus carries the data to system RAM, from which a CPU retrieves and executes the instructions. The instructions received by system RAM can optionally be stored on a fixed disk either before or after execution by a CPU. Various forms of storage may likewise be implemented as well as the necessary network interfaces and network topologies to implement the same.

While various embodiments have been described above, it should be understood that they have been presented by way of example only, and are not intended to limit the scope of the invention to the particular forms set forth herein. To the contrary, the present descriptions are intended to cover such alternatives, modifications, and equivalents as may be included within the spirit and scope of the invention as defined by the appended claims and otherwise appreciated by one of ordinary skill in the art along with their full scope of equivalents.

Claims

1. A method for providing secured communication network access, the method comprising:

receiving a request sent over an open communication network for secured communication network access, the request initiated by a requesting user device located within a range of a first hotspot associated with a brand, the request including a unique pre-shared encryption key associated with the requesting user device, wherein the unique pre-shared encryption key was displayed in a web page generated by a web portal server to the requesting user device;
determining there is currently no corresponding pre-shared encryption key stored at the first hotspot, wherein the corresponding pre-shared encryption key is required to decrypt communications encrypted based on the unique pre-shared encryption key associated with the requesting user device;
sending a query for the corresponding pre-shared encryption key to a cloud database of pre-shared encryption keys generated at a plurality of different hotspots, the different hotspots including hotspots associated with a plurality of brands, wherein each pre-shared encryption key in the cloud database corresponds to a different pre-shared encryption key that is unique to an associated user device, the query concerning any prior use of the unique pre-shared encryption key associated with the requesting user device and included in the request;
receiving a response to the query including the corresponding pre-shared encryption key, wherein the corresponding pre-shared encryption key is unique to the requesting user device and had been generated during prior use at a second hotspot associated with the brand; and
providing secured communication network access at the first hotspot based on the unique pre-shared encryption key associated with the requesting user device and the corresponding pre-shared encryption key obtained from the cloud database, wherein encryption in accordance with the unique pre-shared encryption key associated with the requesting user device is different than encryption for any other user device in the secured communication network, and wherein the secured communication network access provided to the requesting user device is governed at least in part by at least one parameter identified as being associated with the unique pre-shared encryption key, the at least one parameter including an access policy.

2. The method of claim 1, further comprising storing information regarding the associated at least one parameter, the associated at least one parameter further including one or more of the following: expiration date, session duration, bandwidth, user identity, or user rewards.

3. The method of claim 1, further comprising submitting a second unique pre-shared encryption key to the cloud database of pre-shared encryption keys for retrieval in response to a subsequent query concerning the second pre-shared encryption key.

4. The method of claim 3, wherein adding the second unique pre-shared encryption key to the cloud database of pre-shared encryption keys comprises:

executing instructions stored in memory, wherein execution of the instructions by a processor generates the second unique pre-shared encryption key for a second user device; and
transmitting a corresponding pre-shared encryption key associated with the second unique pre-shared encryption key to the cloud database of pre-shared encryption keys for retrieval in response to a subsequent request sent by the second user device while located within range of another hotspot associated with the brand.

5. The method of claim 4, further comprising determining at least one parameter governing the secured communication network access to be provided to the second user device, wherein transmitted information regarding the second unique pre-shared encryption key further includes the at least one parameter.

6. An apparatus for providing secured communication network access, the apparatus comprising:

an interface for receiving an incoming request sent over an open communication network for secured communication network access, the request initiated by a requesting user device located within a range of a first hotspot associated with a brand, the request including a unique pre-shared encryption key associated with the requesting user device, wherein the unique pre-shared encryption key was displayed in a web page generated by a web portal server to the requesting user device; and
a processor for executing instructions stored in memory, wherein execution of the instructions by the processor: determines there is currently no corresponding pre-shared encryption key stored at the first hotspot, wherein the corresponding pre-shared encryption key is required to decrypt communications encrypted based on the unique pre-shared encryption key associated with the requesting user device, and generates a query for the corresponding pre-shared encryption key to a cloud database of pre-shared encryption keys generated at a plurality of different hotspots, the different hotspots including hotspots associated with a plurality of brands, wherein each pre-shared encryption key in the cloud database corresponds to a different pre-shared encryption key that is unique to an associated user device, the query concerning any prior use of the unique pre-shared encryption key associated with the requesting user device and included in the request, wherein the interface receives a response to the query from the cloud database, the response including the corresponding pre-shared encryption wherein the corresponding pre-shared encryption key is unique to the requesting user device and had been generated during prior use at a second hotspot associated with the brand use at a second hotspot associated with the brand;
wherein secured communication network access at the first hotspot is subsequently provided based on the unique pre-shared encryption key associated with the requesting user device and the corresponding pre-shared encryption key obtained from the cloud database, wherein encryption in accordance with the unique pre-shared encryption key associated with the requesting user device is different than encryption for any other user device in the secured communication network, and wherein the secured communication network access provided to the requesting user device is governed at least in part by at least one parameter identified as being associated with the unique pre-shared encryption key, the at least one parameter including an access policy.

7. The apparatus of claim 6, further comprising memory for storing information regarding the associated at least one parameter, the associated at least one parameter further including one or more of the following: expiration date, session duration, bandwidth, user identity, or user rewards.

8. The apparatus of claim 6, wherein the interface sends a submission including a corresponding pre-shared encryption key associated with a second unique pre-shared encryption key to the cloud database of pre-shared encryption keys for retrieval in response to a subsequent query concerning the second unique pre-shared encryption key sent by a second user device while located within range of another hotspot associated with the brand.

9. The apparatus of claim 8, wherein further execution of instructions by the processor generates the second unique pre-shared encryption key for the second user device.

10. The apparatus of claim 9, wherein further execution of instructions by the processor determines at least one parameter governing the secured communication network access to be provided to the second user device, wherein transmitted information regarding the second unique pre-shared encryption key further includes the at least one parameter.

11. A system for providing secured communication network access, the system comprising:

a hotspot controller of a first hotspot comprising an interface for: receiving an incoming request sent over an open communication network for secured communication network access, the request initiated by a requesting user device located within a range of the first hotspot, the request including a unique pre-shared encryption key associated with the requesting user device, wherein the unique pre-shared encryption key was displayed in a web page generated by a web portal server to the requesting user device,
determining there is currently no corresponding pre-shared encryption key stored at the first hotspot, wherein the corresponding pre-shared encryption key is required to decrypt communications encrypted based on the unique pre-shared encryption key associated with the requesting user device,
sending a query for the corresponding pre-shared encryption key to a cloud database of pre-shared encryption keys generated at a plurality of different hotspots, the different hotspots including hotspots associated with a plurality of brands, wherein each pre-shared encryption key in the cloud database corresponds to a different pre-shared encryption key that is unique to an associated user device, the query concerning any prior use of the unique pre-shared encryption key associated with the requesting user device and included in the request, and
receiving a response to the query including the corresponding pre-shared encryption key, wherein the corresponding pre-shared encryption key is unique to the requesting user device and had been generated during prior use at a second hotspot associated with the brand; and
an access point associated with the first hotspot, the hotspot associated with a brand, the access point providing secured communication network access based on the unique pre-shared encryption key associated with the requesting user device and the corresponding pre-shared encryption key obtained from the cloud database, wherein encryption in accordance with the unique pre-shared encryption key associated with the requesting user device is different than encryption for any other user device in the secured communication network, and wherein the secured communication network access provided to the requesting user device is governed at least in part by at least one parameter identified as being associated with the unique pre-shared encryption key, the at least one parameter including an access policy.

12. The system of claim 11, further comprising a server for storing the cloud database of pre-shared encryption keys, the server in communication with the hotspot controller via the Internet.

13. The system of claim 11, wherein the hotspot controller further includes memory for storing information regarding the associated at least one parameter, the associated at least one parameter further including one or more of the following: expiration date, session duration, bandwidth, user identity, or user rewards.

14. The system of claim 11, wherein the interface sends a submission including a corresponding pre-shared encryption key associated with a second unique pre-shared encryption key to the cloud database of pre-shared encryption keys for retrieval in response to a subsequent query concerning the second unique pre-shared encryption key sent by a second user device while located within range of another hotspot associated with the brand.

15. The system of claim 14, wherein further execution of instructions by the processor generates the second unique pre-shared encryption key for the second user device.

16. The system of claim 15, wherein the hotspot controller further includes a processor for executing instructions stored in memory, wherein execution of instructions by the processor determines at least one parameter governing the secured communication network access to be provided to the second user device, wherein transmitted information regarding the second unique pre-shared encryption key further includes the at least one parameter.

17. A non-transitory computer-readable storage medium, having embodied thereon a program executable by a processor to perform a method for providing secured communication network access, the method comprising:

receiving a request sent over an open communication network for secured communication network access, the request initiated by a requesting user device located within a range of a first hotspot associated with a brand, the request including a unique pre-shared encryption key associated with the requesting user device, wherein the unique pre-shared encryption key was displayed in a web page generated by a web portal server to the requesting user device;
determining there is currently no corresponding pre-shared encryption key stored at the first hotspot, wherein the corresponding pre-shared encryption key is required to decrypt communications encrypted based on the unique pre-shared encryption key associated with the requesting user device;
sending a query for the corresponding pre-shared encryption key to a cloud database of pre-shared encryption keys generated at a plurality of different hotspots, the different hotspots including hotspots associated with a plurality of brands, wherein each pre-shared encryption key in the cloud database corresponds to a different pre-shared encryption key that is unique to an associated user device, the query concerning any prior use of the unique pre-shared encryption key associated with the requesting user device and included in the request;
receiving a response to the query including a corresponding pre-shared encryption key, wherein the corresponding pre-shared encryption key is unique to the requesting user device and had been generated during prior use at a second hotspot associated with the brand; and
providing secured communication network access at the first hotspot based on the unique pre-shared encryption key associated with the requesting user device and the corresponding pre-shared encryption key obtained from the cloud database, wherein encryption in accordance with the unique pre-shared encryption key associated with the requesting user device is different than encryption for any other user device in the secured communication network, and wherein the secured communication network access provided to the requesting user device is governed at least in part by at least one parameter identified as being associated with the unique pre-shared encryption key, the at least one parameter including an access policy.
Referenced Cited
U.S. Patent Documents
725605 April 1903 Tesla
1869659 August 1932 Broertjes
2292387 August 1942 Markey et al.
3488445 January 1970 Chang
3568105 March 1971 Felsenheld
3721990 March 1973 Gibson et al.
3887925 June 1975 Ranghelli
3967067 June 29, 1976 Potter
3969730 July 13, 1976 Fuchser
3982214 September 21, 1976 Burns
3991273 November 9, 1976 Mathes
4001734 January 4, 1977 Burns
4027307 May 31, 1977 Litchford
4176356 November 27, 1979 Foster et al.
4193077 March 11, 1980 Greenberg et al.
4203118 May 13, 1980 Alford
4253193 February 24, 1981 Kennard
4305052 December 8, 1981 Baril et al.
4513412 April 23, 1985 Cox
4554554 November 19, 1985 Olesen et al.
4733203 March 22, 1988 Ayasli
4764773 August 16, 1988 Larsen et al.
4800393 January 24, 1989 Edward et al.
4814777 March 21, 1989 Monser
4821040 April 11, 1989 Johnson et al.
4920285 April 24, 1990 Clark et al.
4937585 June 26, 1990 Shoemaker
5063574 November 5, 1991 Moose
5097484 March 17, 1992 Akaiwa
5173711 December 22, 1992 Takeuchi et al.
5203010 April 13, 1993 Felix
5208564 May 4, 1993 Burns et al.
5220340 June 15, 1993 Shafai
5241693 August 31, 1993 Kim
5282222 January 25, 1994 Fattouche et al.
5291289 March 1, 1994 Hulyalkar et al.
5311550 May 10, 1994 Fouche et al.
5373548 December 13, 1994 McCarthy
5434575 July 18, 1995 Jelinek
5453752 September 26, 1995 Wang et al.
5479176 December 26, 1995 Zavrel
5507035 April 9, 1996 Bantz
5532708 July 2, 1996 Krenz et al.
5559800 September 24, 1996 Mousseau et al.
5726666 March 10, 1998 Hoover et al.
5754145 May 19, 1998 Evans
5767755 June 16, 1998 Kim et al.
5767807 June 16, 1998 Prtichett
5767809 June 16, 1998 Chuang et al.
5786793 July 28, 1998 Maeda et al.
5802312 September 1, 1998 Lazaridis et al.
5828346 October 27, 1998 Park
5936595 August 10, 1999 Wang
5964830 October 12, 1999 Durrett
5990838 November 23, 1999 Burns et al.
6005525 December 21, 1999 Kivela
6011450 January 4, 2000 Miya
6023250 February 8, 2000 Cronyn
6031503 February 29, 2000 Preiss, II et al.
6034638 March 7, 2000 Thiel et al.
6046703 April 4, 2000 Wang
6052093 April 18, 2000 Yao et al.
6091364 July 18, 2000 Murakami et al.
6094177 July 25, 2000 Yamamoto
6097347 August 1, 2000 Duan et al.
6104356 August 15, 2000 Hikuma et al.
6169523 January 2, 2001 Ploussios
6249216 June 19, 2001 Flick
6266528 July 24, 2001 Farzaneh
6281762 August 28, 2001 Nakao
6288682 September 11, 2001 Thiel et al.
6292153 September 18, 2001 Aiello et al.
6307524 October 23, 2001 Britain
6317599 November 13, 2001 Rappaport et al.
6323810 November 27, 2001 Poilasne et al.
6326922 December 4, 2001 Hegendoerfer
6326924 December 4, 2001 Muramoto et al.
6337628 January 8, 2002 Campana, Jr.
6337668 January 8, 2002 Ito et al.
6339404 January 15, 2002 Johnson
6345043 February 5, 2002 Hsu
6351240 February 26, 2002 Karimullah et al.
6356242 March 12, 2002 Ploussios
6356243 March 12, 2002 Schneider et al.
6356905 March 12, 2002 Gershman et al.
6366254 April 2, 2002 Sivenpiper
6377227 April 23, 2002 Zhu et al.
6392610 May 21, 2002 Braun et al.
6396456 May 28, 2002 Chiang et al.
6400329 June 4, 2002 Barnes
6404386 June 11, 2002 Proctor, Jr. et al.
6407719 June 18, 2002 Ohira et al.
RE37802 July 23, 2002 Fattouche et al.
6414647 July 2, 2002 Lee
6424311 July 23, 2002 Tsai et al.
6442507 August 27, 2002 Skidmore et al.
6445688 September 3, 2002 Garces et al.
6456242 September 24, 2002 Crawford
6476773 November 5, 2002 Palmer
6492957 December 10, 2002 Carillo et al.
6493679 December 10, 2002 Rappaport et al.
6496083 December 17, 2002 Kushitani et al.
6498589 December 24, 2002 Horii
6499006 December 24, 2002 Rappaport et al.
6507321 January 14, 2003 Oberschmidt et al.
6521422 February 18, 2003 Hsu
6531985 March 11, 2003 Jones et al.
6545643 April 8, 2003 Sward
6583765 June 24, 2003 Schamberget et al.
6586786 July 1, 2003 Kitazawa et al.
6593891 July 15, 2003 Zhang
6606059 August 12, 2003 Barabash
6611230 August 26, 2003 Phelan
6621029 September 16, 2003 Galmiche
6625454 September 23, 2003 Rappaport et al.
6633206 October 14, 2003 Kato
6642889 November 4, 2003 McGrath
6642890 November 4, 2003 Chen
6674459 January 6, 2004 Ben-Shachar et al.
6700546 March 2, 2004 Benhammou et al.
6701522 March 2, 2004 Rubin et al.
6724346 April 20, 2004 Le Bolzer
6725281 April 20, 2004 Zintel et al.
6741219 May 25, 2004 Shor
6747605 June 8, 2004 Lebaric
6753814 June 22, 2004 Killen et al.
6757267 June 29, 2004 Evans
6762723 July 13, 2004 Nallo et al.
6774852 August 10, 2004 Chiang et al.
6774864 August 10, 2004 Evans
6779004 August 17, 2004 Zintel et al.
6819287 November 16, 2004 Sullivan et al.
6839038 January 4, 2005 Weinstein
6859176 February 22, 2005 Choi
6859182 February 22, 2005 Horii
6864852 March 8, 2005 Chiang et al.
6876280 April 5, 2005 Nakano
6876836 April 5, 2005 Lin
6879293 April 12, 2005 Sato
6888504 May 3, 2005 Chiang et al.
6888893 May 3, 2005 Li et al.
6892230 May 10, 2005 Gu et al.
6894653 May 17, 2005 Chiang et al.
6903686 June 7, 2005 Vance et al.
6906678 June 14, 2005 Chen
6910068 June 21, 2005 Zintel et al.
6914581 July 5, 2005 Popek
6924768 August 2, 2005 Wu et al.
6931429 August 16, 2005 Gouge et al.
6933907 August 23, 2005 Shirosaka
6941143 September 6, 2005 Mathur
6943749 September 13, 2005 Paun
6950019 September 27, 2005 Bellone et al.
6950069 September 27, 2005 Gaucher et al.
6961028 November 1, 2005 Joy et al.
6965353 November 15, 2005 Shirosaka et al.
6973622 December 6, 2005 Rappaport et al.
6975834 December 13, 2005 Forster
6980782 December 27, 2005 Braun et al.
7023909 April 4, 2006 Adams et al.
7024225 April 4, 2006 Ito
7034769 April 25, 2006 Surducan et al.
7034770 April 25, 2006 Yang et al.
7043277 May 9, 2006 Pfister
7046201 May 16, 2006 Okada
7050809 May 23, 2006 Lim
7053844 May 30, 2006 Gaucher et al.
7064717 June 20, 2006 Kaluzni
7085814 August 1, 2006 Ghandi et al.
7088299 August 8, 2006 Siegler et al.
7088306 August 8, 2006 Chiang et al.
7089307 August 8, 2006 Zintel et al.
7098863 August 29, 2006 Bancroft
D530325 October 17, 2006 Kerila
7120405 October 10, 2006 Rofougaran
7130895 October 31, 2006 Zintel et al.
7148846 December 12, 2006 Qi et al.
7162273 January 9, 2007 Ambramov et al.
7164380 January 16, 2007 Saito
7171475 January 30, 2007 Weisman et al.
7193562 March 20, 2007 Shtrom
7206610 April 17, 2007 Iacono et al.
7215296 May 8, 2007 Ambramov et al.
7277063 October 2, 2007 Shirosaka et al.
7292198 November 6, 2007 Shtrom
7292870 November 6, 2007 Heredia et al.
7295825 November 13, 2007 Raddant
7298228 November 20, 2007 Sievenpiper
7312762 December 25, 2007 Puente Ballarda et al.
7319432 January 15, 2008 Andersson
7333460 February 19, 2008 Vaisanen et al.
7358912 April 15, 2008 Kish et al.
7362280 April 22, 2008 Shtrom
7385563 June 10, 2008 Bishop
7498999 March 3, 2009 Shtrom et al.
7511680 March 31, 2009 Shtrom et al.
7522569 April 21, 2009 Rada
7525486 April 28, 2009 Shtrom
7609648 October 27, 2009 Hoffmann et al.
7697550 April 13, 2010 Rada
7733275 June 8, 2010 Hirota
7782895 August 24, 2010 Pasanen et al.
7835697 November 16, 2010 Wright
7847741 December 7, 2010 Hirota
7864119 January 4, 2011 Shtrom et al.
7893882 February 22, 2011 Shtrom
7916463 March 29, 2011 Aya et al.
8068068 November 29, 2011 Kish et al.
8085206 December 27, 2011 Shtrom
8217843 July 10, 2012 Shtrom
8355912 January 15, 2013 Keesey et al.
8358248 January 22, 2013 Shtrom
8686905 April 1, 2014 Shtrom
8704720 April 22, 2014 Kish
8723741 May 13, 2014 Shtrom
8756668 June 17, 2014 Ranade et al.
8836606 September 16, 2014 Kish
20010046848 November 29, 2001 Kenkel
20020031130 March 14, 2002 Tsuchiya et al.
20020036586 March 28, 2002 Gothard et al.
20020047800 April 25, 2002 Proctor, Jr. et al.
20020080767 June 27, 2002 Lee
20020084942 July 4, 2002 Tsai et al.
20020101377 August 1, 2002 Crawford
20020105471 August 8, 2002 Kojima et al.
20020112058 August 15, 2002 Weisman et al.
20020119757 August 29, 2002 Hamabe
20020158798 October 31, 2002 Chiang et al.
20020170064 November 14, 2002 Monroe et al.
20030026240 February 6, 2003 Eyuboglu et al.
20030030588 February 13, 2003 Kalis et al.
20030038698 February 27, 2003 Hirayama
20030063591 April 3, 2003 Leung et al.
20030122714 July 3, 2003 Wannagot et al.
20030169330 September 11, 2003 Ben-Shachar et al.
20030184490 October 2, 2003 Raiman et al.
20030189514 October 9, 2003 Miyano et al.
20030189521 October 9, 2003 Yamamoto et al.
20030189523 October 9, 2003 Ojantakanen et al.
20030210207 November 13, 2003 Suh et al.
20030214446 November 20, 2003 Shehab
20030227414 December 11, 2003 Saliga et al.
20040014432 January 22, 2004 Boyle
20040017310 January 29, 2004 Vargas-Hurlston et al.
20040017315 January 29, 2004 Fang et al.
20040017860 January 29, 2004 Liu
20040027291 February 12, 2004 Zhang et al.
20040027304 February 12, 2004 Chiang et al.
20040030900 February 12, 2004 Clark
20040032378 February 19, 2004 Volman et al.
20040036651 February 26, 2004 Toda
20040036654 February 26, 2004 Hsieh
20040041732 March 4, 2004 Aikawa et al.
20040048593 March 11, 2004 Sano
20040058690 March 25, 2004 Ratzel et al.
20040061653 April 1, 2004 Webb et al.
20040070543 April 15, 2004 Masaki
20040075609 April 22, 2004 Li
20040080455 April 29, 2004 Lee
20040090371 May 13, 2004 Rossman
20040095278 May 20, 2004 Kanemoto et al.
20040114535 June 17, 2004 Hoffmann et al.
20040125777 July 1, 2004 Doyle et al.
20040145528 July 29, 2004 Mukai et al.
20040153647 August 5, 2004 Rotholtz et al.
20040160376 August 19, 2004 Hornsby et al.
20040190477 September 30, 2004 Olson et al.
20040203347 October 14, 2004 Nguyen
20040207563 October 21, 2004 Yang
20040227669 November 18, 2004 Okada
20040260800 December 23, 2004 Gu et al.
20050022210 January 27, 2005 Zintel et al.
20050041739 February 24, 2005 Li et al.
20050042988 February 24, 2005 Hoek et al.
20050048934 March 3, 2005 Rawnick et al.
20050050352 March 3, 2005 Narayanaswami et al.
20050062649 March 24, 2005 Chiang et al.
20050074018 April 7, 2005 Zintel et al.
20050097503 May 5, 2005 Zintel et al.
20050122265 June 9, 2005 Gaucher et al.
20050128983 June 16, 2005 Kim et al.
20050128988 June 16, 2005 Simpson et al.
20050135480 June 23, 2005 Li et al.
20050138137 June 23, 2005 Encarnacion et al.
20050138193 June 23, 2005 Encarnacion et al.
20050146475 July 7, 2005 Bettner et al.
20050180381 August 18, 2005 Retzer et al.
20050188193 August 25, 2005 Kuehnel et al.
20050237258 October 27, 2005 Abramov et al.
20050240665 October 27, 2005 Gu et al.
20050267935 December 1, 2005 Gandhi et al.
20060031922 February 9, 2006 Sakai
20060038734 February 23, 2006 Shtrom et al.
20060050005 March 9, 2006 Shirosaka et al.
20060094371 May 4, 2006 Nguyen
20060098607 May 11, 2006 Zeng et al.
20060109191 May 25, 2006 Shtrom
20060111902 May 25, 2006 Julia et al.
20060123124 June 8, 2006 Weisman et al.
20060123125 June 8, 2006 Weisman et al.
20060123455 June 8, 2006 Pai et al.
20060168159 July 27, 2006 Weisman et al.
20060184660 August 17, 2006 Rao et al.
20060184661 August 17, 2006 Weisman et al.
20060184693 August 17, 2006 Rao et al.
20060224690 October 5, 2006 Falkenburg et al.
20060225107 October 5, 2006 Seetharaman et al.
20060227062 October 12, 2006 Francque et al.
20060227761 October 12, 2006 Scott, III et al.
20060239369 October 26, 2006 Lee
20060251256 November 9, 2006 Asokan et al.
20060262015 November 23, 2006 Thornell-Pers et al.
20060291434 December 28, 2006 Gu et al.
20070027622 February 1, 2007 Cleron et al.
20070037619 February 15, 2007 Matsunaga et al.
20070055752 March 8, 2007 Wiegand et al.
20070115180 May 24, 2007 Kish et al.
20070124490 May 31, 2007 Kalavade et al.
20070130294 June 7, 2007 Nishio
20070135167 June 14, 2007 Liu
20080060064 March 6, 2008 Wynn et al.
20080062058 March 13, 2008 Bishop
20080075280 March 27, 2008 Ye et al.
20080096492 April 24, 2008 Yoon
20080109657 May 8, 2008 Bajaj et al.
20080136715 June 12, 2008 Shtrom
20080212535 September 4, 2008 Karaoguz et al.
20080272977 November 6, 2008 Gaucher et al.
20090005005 January 1, 2009 Forstall et al.
20090103731 April 23, 2009 Sarikaya
20090187970 July 23, 2009 Mower et al.
20090217048 August 27, 2009 Smith
20090219903 September 3, 2009 Alamouti et al.
20090295648 December 3, 2009 Dorsey et al.
20090315794 December 24, 2009 Alamouti et al.
20100053023 March 4, 2010 Shtrom
20100103065 April 29, 2010 Shtrom et al.
20100103066 April 29, 2010 Shtrom et al.
20100299518 November 25, 2010 Viswanathan et al.
20100332828 December 30, 2010 Goto
20110007705 January 13, 2011 Buddhikot et al.
20110040870 February 17, 2011 Wynn et al.
20110047603 February 24, 2011 Gordon et al.
20110095960 April 28, 2011 Shtrom
20110126016 May 26, 2011 Sun
20110208866 August 25, 2011 Marmolejo-Meillon et al.
20120030466 February 2, 2012 Yamaguchi
20120054338 March 1, 2012 Ando
20120089845 April 12, 2012 Raleigh
20120098730 April 26, 2012 Kish
20120134291 May 31, 2012 Raleigh
20120257536 October 11, 2012 Kholaif et al.
20120284785 November 8, 2012 Salkintzis et al.
20120299772 November 29, 2012 Shtrom
20120322035 December 20, 2012 Julia et al.
20130007853 January 3, 2013 Gupta et al.
20130038496 February 14, 2013 Shtrom
20130047218 February 21, 2013 Smith
20130182693 July 18, 2013 Sperling et al.
20130207865 August 15, 2013 Shtrom
20130207866 August 15, 2013 Shtrom
20130207877 August 15, 2013 Shtrom
20130212656 August 15, 2013 Ranade et al.
20130241789 September 19, 2013 Shtrom
20140210681 July 31, 2014 Shtrom
20140282951 September 18, 2014 Ranade
Foreign Patent Documents
2003/227399 October 2003 AU
02494982 October 2003 CA
10 2006 026350 December 2006 DE
352 787 January 1990 EP
0 534 612 March 1993 EP
0 756 381 January 1997 EP
0 883 206 December 1998 EP
1 152 452 November 2001 EP
1 152 542 November 2001 EP
1 152 543 November 2001 EP
1 376 920 June 2002 EP
1 220 461 July 2002 EP
1 315 311 May 2003 EP
1 450 521 August 2004 EP
1 608 108 December 2005 EP
1 909 358 April 2008 EP
1 287 588 January 2009 EP
2 426 870 June 2006 GB
2 423 191 August 2006 GB
03038933 February 1991 JP
2008/088633 April 1996 JP
2001-057560 February 2001 JP
2002-505835 February 2002 JP
2005-354249 December 2005 JP
2006/060408 March 2006 JP
201351188 December 2013 TW
WO 90/04893 May 1990 WO
WO 99/55012 October 1999 WO
WO 01/13461 February 2001 WO
WO 01/69724 September 2001 WO
WO 02/07258 January 2002 WO
WO 02/07258 January 2002 WO
WO 02/25967 March 2002 WO
WO 03/079484 September 2003 WO
WO 03/081718 October 2003 WO
WO 2004/051798 June 2004 WO
WO 2006/023247 March 2006 WO
WO 2006/057679 June 2006 WO
WO 2007/076105 July 2007 WO
WO 2007/127087 November 2007 WO
WO 2013/119750 August 2013 WO
WO 2013/152027 October 2013 WO
Other references
  • Ruckus Wireless, Inc. vs. Netgear, Inc; Defendant Netgear, Inc. Invalidity Contentions.
  • Abramov 2003—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Abramov 273—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Abramov 296—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Airgain 2004—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Bancroft 863—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Barabash 059—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Cetiner 2003—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Chuang 2003—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Evans 864—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486.
  • Johnson 404—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Kalis 2000—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Kalis 2002—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486.
  • Kaluzni 717—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Kim 693—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Lin 836—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Nakao 762—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486.
  • Okada 201—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Palmer 773—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Paun 749—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Qian 2000—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Shehab 2003—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Shirosaka 907—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Shtrom 198 & 280—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Sievenpiper 254—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Simons 1994—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Sward 643—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Vaughan 1995—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Wang 703—P.R. 3-3 © Chart for U.S. Patent No. 7,525,486 and U.S. Patent No. 7,193,562.
  • Alard, M., et al., “Principles of Modulation and Channel Coding for Digital Broadcasting for Mobile Receivers,” 8301 EBU Review Technical, Aug. 1987, No. 224, Brussels, Belgium.
  • Ando et al., “Study of Dual-Polarized Omni-Directional Antennas for 5.2 GHz-Band 2×2 MIMO-OFDM Systems,” Antennas and Propogation Society International Symposium, 2004, IEEE, pp. 1740-1743 vol. 2.
  • Areg Alimian et al., “Analysis of Roaming Techniques,” doc.:IEEE 802.11-04/0377r1, Submission, Mar. 2004.
  • “Authorization of Spread Spectrum Systems Under Parts 15 and 90 of the FCC Rules and Regulations,” Rules and Regulations Federal Communications Commission, 47 CFR Part 2, and 90, Jun. 18, 1985.
  • “Authorization of spread spectrum and other wideband emissions not presently provided for in the FCC Rules and Regulations,” Before the Federal Communications Commission, FCC 81-289, 87 F.C.C.2d 876, Gen Docket No. 81-413, Jun. 30, 1981.
  • Bedell, Paul, “Wireless Crash Course,” 2005, p. 84, The McGraw-Hill Companies, Inc., USA.
  • Behdad et al., Slot Antenna Miniaturization Using Distributed Inductive Loading, Antenna and Propagation Society International Symposium, 2003 IEEE, vol. 1, pp. 308-311 (Jun. 2003).
  • Berenguer, Inaki, et al., “Adaptive MIMO Antenna Selection,” Nov. 2003.
  • Casas, Eduardo F., et al., “OFDM for Data Communication Over Mobile Radio FM Channels—Part I: Analysis and Experimental Results,” IEEE Transactions on Communications, vol. 39, No. 5, May 1991, pp. 783-793.
  • Casas, Eduardo F., et al., “OFDM for Data Communication over Mobile Radio FM Channels; Part II: Performance Improvement,” Department of Electrical Engineering, University of British Columbia.
  • Chang, Nicholas B. et al., “Optimal Channel Probing and Transmission Scheduling for Opportunistics Spectrum Access,” Sep. 2007.
  • Chang, Robert W., et al., “A Theoretical Study of Performance of an Orthogonal Multiplexing Data Transmission Scheme,” IEEE Transactions on Communication Technology, vol. Com-16, No. 4, Aug. 1968, pp. 529-540.
  • Chang, Robert W., “Synthesis of Band-Limited Orthogonal Signals for Multichannel Data Transmission,” The Bell System Technical Journal, Dec. 1966, pp. 1775-1796.C.
  • Chuang et al., A 2.4 GHz Polarization-diversity Planar Printed Dipole Antenna for WLAN and Wireless Communication Applications, Microwave Journal, vol. 45, No. 6, pp. 50-62 (Jun. 2002).
  • Cimini, Jr., Leonard J, “Analysis and Simulation of a Digital Mobile Channel Using Orthogonal Frequency Division Multiplexing,” IEEE Transactions on Communications, vol. Com-33, No. 7, Jul. 1985, pp. 665-675.
  • Cisco Systems, “Cisco Aironet Access Point Software Configuration Guide: Configuring Filters and Quality of Service,” Aug. 2003.
  • Dell Inc., “How Much Broadcast and Multicast Traffic Should I Allow in My Network,” PowerConnect Application Note #5, Nov. 2003.
  • Dutta, Ashutosh et al., “MarconiNet Supporting Streaming Media Over Localized Wireless Multicast,” Proc. of the 2d Int'l Workshop on Mobile Commerce, 2002.
  • Dunkels, Adam et al., “Making TCP/IP Viable for Wireless Sensor Networks,” Proc. of the 1st Euro. Workshop on Wireless Sensor Networks, Berlin, Jan. 2004.
  • Dunkels, Adam et al., “Connecting Wireless Sensornets with TCP/IP Networks,” Proc. of the 2d Int'l Conf. on Wired Networks, Frankfurt, Feb. 2004.
  • English Translation of PCT Pub. No. WO2004/051798 (as filed U.S. Appl. No. 10/536,547).
  • Festag, Andreas, “What is MOMBASA?” Telecommunication Networks Group (TKN), Technical University of Berlin, Mar. 7, 2002.
  • Frederick et al., Smart Antennas Based on Spatial Multiplexing of Local Elements (SMILE) for Mutual Coupling Reduction, IEEE Transactions of Antennas and Propogation, vol. 52., No. 1, pp. 106-114 (Jan. 2004).
  • Gaur, Sudhanshu, et al., “Transmit/Receive Antenna Selection for MIMO Systems to Improve Error Performance of Linear Receivers,” School of ECE, Georgia Institute of Technology, Apr. 4, 2005.
  • Gledhill, J. J., et al., “The Transmission of Digital Television in the UHF Band Using Orthogonal Frequency Division Multiplexing,” Sixth International Conference on Digital Processing of Signals in Communications, Sep. 2-6, 1991, pp. 175-180.
  • Golmie, Nada, “Coexistence in Wireless Networks: Challenges and System-Level Solutions in the Unlicensed Bands,” Cambridge University Press, 2006.
  • Hewlett Packard, “HP ProCurve Networking: Enterprise Wireless LAN Networking and Mobility Solutions,” 2003.
  • Hirayama, Koji et al., “Next-Generation Mobile-Access IP Network,” Hitachi Review vol. 49, No. 4, 2000.
  • Ian F. Akyildiz, et al., “A Virtual Topology Based Routing Protocol for Multihop Dynamic Wireless Networks,” Broadband and Wireless Networking Lab, School of Electrical and Computer Engineering, Georgia Institute of Technology.
  • Information Society Technologies Ultrawaves, “System Concept / Architecture Design and Communication Stack Requirement Document,” Feb. 23, 2004.
  • Ken Tang, et al., “MAC Layer Broadcast Support in 802.11 Wireless Networks,” Computer Science Department, University of California, Los Angeles, 2000 IEEE, pp. 544-548.
  • Ken Tang, et al., “MAC Reliable Broadcast in Ad Hoc Networks,” Computer Science Department, University of California, Los Angeles, 2001 IEEE, pp. 1008-1013.
  • Mawa, Rakesh, “Power Control in 3G Systems,” Hughes Systique Corporation, Jun. 28, 2006.
  • Microsoft Corporation, “IEEE 802.11 Networks and Windows XP,” Windows Hardware Developer Central, Dec. 4, 2001.
  • Molisch, Andreas F., et al., “MIMO Systems with Antenna Selection—an Overview,” Draft, Dec. 31, 2003.
  • Moose, Paul H., “Differential Modulation and Demodulation of Multi-Frequency Digital Communications Signals,” 1990 IEEE,CH2831-6/90/0000-0273.
  • ORINOCO AP-2000 5GHz Kit, “Access Point Family,” Proxim Wireless Corporation.
  • Pat Calhoun et al., “802.11r strengthens wireless voice,” Technology Update, Network World, Aug. 22, 2005, http://www.networkworld.com/news/tech/2005/082208techupdate.html.
  • Press Release, NETGEAR RangeMax(TM) Wireless Networking Solutions Incorporate Smart MIMO Technology to Eliminate Wireless Dead Spots and Take Consumers Farther, Ruckus Wireles Inc. (Mar. 7, 2005), available at http://ruckuswireless.com/press/releases/20050307.php.
  • RL Miller, “4.3 Project X—A True Secrecy System for Speech,” Engineering and Science in the Bell System, A History of Engineering and Science in the Bell System National Service in War and Peace (1925-1975), pp. 296-317, 1978, Bell Telephone Laboratories, Inc.
  • Sadek, Mirette, et al., “Active Antenna Selection in Multiuser MIMO Communications,” IEEE Transactions on Signal Processing, vol. 55, No. 4, Apr. 2007, pp. 1498-1510.
  • Saltzberg, Burton R., “Performance of an Efficient Parallel Data Transmission System,” IEEE Transactions on Communication Technology, vol. Com-15, No. 6, Dec. 1967, pp. 805-811.
  • Steger, Christopher et al., “Performance of IEEE 802.11b Wireless LAN in an Emulated Mobile Channel,” 2003.
  • Toskala, Antti, “Enhancement of Broadcast and Introduction of Multicast Capabilities in RAN,” Nokia Networks, Palm Springs, California, Mar. 13-16, 2001.
  • Tsunekawa, Kouichi, “Diversity Antennas for Portable Telephones,” 39th IEEE Vehicular Technology Conference, pp. 50-56, vol. I, Gateway to New Concepts in Vehicular Technology, May 1-3, 1989, San Francisco, CA.
  • Varnes et al., A Switched Radial Divider for an L-Band Mobile Satellite Antenna, European Microwave Conference (Oct. 1995), pp. 1037-1041.
  • Vincent D. Park, et al., “A Performance Comparison of the Temporally-Ordered Routing Algorithm and Ideal Link-State Routing,” IEEE, Jul. 1998, pp. 592-598.
  • W.E. Doherty, Jr. et al., The Pin Diode Circuit Designer's Handbook (1998).
  • Weinstein, S. B., et al., “Data Transmission by Frequency-Division Multiplexing Using the Discrete Fourier Transform,” IEEE Transactions on Communication Technology, vol. Com-19, No. 5, Oct. 1971, pp. 628-634.
  • Wennstrom, Mattias et al., “Transmit Antenna Diversity in Ricean Fading MIMO Channels with Co-Channel Interference,” 2001.
  • Petition Decision Denying Request to Order Additional Claims for U.S. Patent No. 7,193,562 (Control No. 95/001078) mailed on Jul. 10, 2009.
  • Right of Appeal Notice for U.S. Patent No. 7,193,562 (Control No. 95/001078) mailed on Jul. 2009.
  • European Examination Report for EP Application No. 05776697.4 mailed Jan. 21, 2011.
  • European Second Examination Report for EP Application No. 07775498.4 dated Mar. 12, 2013.
  • European Third Examination Report for EP Application No. 07775498.4 dated Oct. 17, 2011.
  • European First Examination Report for EP Application No. 09014989.9 dated May 7, 2012.
  • Supplementary European Search Report for EP Application No. EP05776697.4 dated Jul. 10, 2009.
  • Supplementary European Search Report for EP Application No. EP07755519 dated Mar. 11, 2009.
  • PCT Application No. PCT/US2005/27023, International Search Report and Written Opinion mailed Dec. 23, 2005.
  • PCT Application No. PCT/US2006/49211, International Search Report and Written Opinion mailed Aug. 29, 2008.
  • PCT Application No. PCT/US2007/09276, International Search Report and Written Opinion mailed Aug. 11, 2008.
  • Chinese Application No. 200680048001.7, Office Action dated Jun. 20, 2012.
  • Chinese Application No. 200780020943.9, Office Action dated Feb. 7, 2013.
  • Chinese Application No. 200780020943.9, Office Action dated Aug. 29, 2012.
  • Chinese Application No. 200780020943.9, Office Action dated Dec. 19, 2011.
  • Chinese Application No. 200910258884.X, Office Action dated Aug. 3, 2012.
  • Taiwan Application No. 094127953, Office Action dated Mar. 20, 2012.
  • Taiwan Application No. 096114265, Office Action dated Jun. 20, 2011.
  • U.S. Appl. No. 11/010,076, Office Action mailed Oct. 31, 2006.
  • U.S. Appl. No. 11/010,076, Final Office Action mailed Aug. 8, 2006.
  • U.S. Appl. No. 11/010,076, Office Action mailed Dec. 23, 2006.
  • U.S. Appl. No. 11/022,080, Office Action mailed Jul. 21, 2006.
  • U.S. Appl. No. 11/041,145, Final Office Action mailed Jan. 29, 2007.
  • U.S. Appl. No. 11/041,145, Office Action mailed Jul. 21, 2006.
  • U.S. Appl. No. 11/265,751, Office Action mailed Mar. 18, 2008.
  • U.S. Appl. No. 11/714,707, Final Office Action mailed May 30, 2008.
  • U.S. Appl. No. 11/714,707, Office Action mailed Oct. 15, 2007.
  • U.S. Appl. No. 11/924,082, Office Action mailed Aug. 29, 2008.
  • U.S. Appl. No. 12/082,090, Office Action mailed Jan. 18, 2011.
  • U.S. Appl. No. 12/404,124, Final Office Action mailed Feb. 7, 2012.
  • U.S. Appl. No. 12/404,124, Office Action mailed Sep. 19, 2011.
  • U.S. Appl. No. 12/953,324, Office Action mailed Mar. 24, 2011.
  • U.S. Appl. No. 13/280,278, Office Action mailed Mar. 25, 2013.
  • U.S. Appl. No. 13/280,278, Final Office Action mailed Aug. 22, 2012.
  • U.S. Appl. No. 13/280,278, Office Action mailed Feb. 21, 2012.
  • U.S. Appl. No. 13/305,609, Final Office Action mailed Jul. 3, 2012.
  • U.S. Appl. No. 13/305,609, Office Action mailed Dec. 20, 2011.
  • U.S. Appl. No. 13/370,201, Office Action mailed May 13, 2013.
  • U.S. Appl. No. 13/485,012, Final Office Action mailed Mar. 3, 2013.
  • U.S. Appl. No. 13/485,012, Office Action mailed Oct. 25, 2012.
  • Encrypted Preshared key; cisco corp. 14 pages, 2010.
  • Request for Inter Partes Rexamination for U.S. Patent No. 7,358,912, filed by Rayspan Corporation and Netgear, Inc. on Sep. 4, 2008.
  • Third Party Comments after Patent Owner's Response in Accordance with 37 CFR 1.947 for U.S. Patent No. 7,358,912 (Control No. 95/001079) mailed on Jul. 17, 2009.
  • U.S. Appl. No. 95/001,078, Sep. 4, 2008, Shtrom et al. (Re-Exam).
  • U.S. Appl. No. 95/001,079, Sep. 4, 2008, Shtrom et al. (Re-Exam).
  • PCT Application No. PCT/US2005/027169, International Search Report and Written Opinion mailed Aug. 10, 2006.
  • PCT Application No. PCT/US2013/34997, International Search Report mailed Jun. 17, 2013.
  • Chinese Application No. 20058001532.6, Office Action dated Jun. 23, 2011.
  • Chinese Application No. 200910258884.X, Office Action dated Apr. 15, 2013.
  • Taiwan Application No. 094127953, Office Action dated Aug. 16, 2011.
  • U.S. Appl. No. 12/404,127, Final Office Action mailed Feb. 7, 2012.
  • U.S. Appl. No. 12/404,127, Office Action mailed Sep. 19, 2011.
  • U.S. Appl. No. 11/877,465, Final Office Action mailed May 16, 2013.
  • U.S. Appl. No. 11/877,465, Office Action mailed Oct. 3, 2012.
  • U.S. Appl. No. 11/877,465, Final Office Action mailed Jun. 20, 2012.
  • U.S. Appl. No. 11/877,465, Office Action mailed Sep. 19, 2011.
  • U.S. Appl. No. 11/877,465, Final Office Action mailed Dec. 9, 2010.
  • U.S. Appl. No. 11/877,465, Office Action mailed Apr. 12, 2010.
  • U.S. Appl. No. 12/980,253, Final Office Action mailed Jun. 6, 2013.
  • U.S. Appl. No. 12/980,253, Office Action mailed Aug. 17, 2012.
  • U.S. Appl. No. 12/980,253, Office Action mailed Sep. 13, 2011.
  • U.S. Appl. No. 12/980,253, Office Action mailed Mar. 1, 2011.
  • U.S. Appl. No. 12/425,374, Office Action mailed Jul. 6, 2010.
  • U.S. Appl. No. 11/413,461, Office Action mailed Jun. 7, 2007.
  • U.S. Appl. No. 13/653,405, Office Action mailed Dec. 19, 2012.
  • U.S. Appl. No. 13/731,273, Office Action mailed May 23, 2013.
  • U.S. Appl. No. 13/396,482, Office Action mailed Oct. 18, 2013.
  • U.S. Appl. No. 13/396,484, Office Action mailed Oct. 11, 2013.
  • Bargh et al., “Fast Authentication Methods for Handovers between IEEE 802.11 Wireless LANs”, Proceedings of the ACM International Workshop on Wireless Mobile Applications and Services on WLAN Hotspots. Oct. 1, 2004.
  • Kassab et al., “Fast Pre-Authentication Based on Proactive Key Distribution for 802.11 Infrastructure Networks”, WMuNeP'05, Oct. 13, 2005, Montreal, Quebec, Canada, Copyright 2005 ACM.
  • European Second Examination Report for EP Application No. 09014989.9 dated Dec. 13, 2013.
  • Taiwan Application No. 094141018, Office Action dated May 8, 2013.
  • U.S. Appl. No. 13/653,405, Office Action mailed Dec. 19, 2013.
  • U.S. Appl. No. 12/980,253, Office Action mailed Mar. 27, 2014.
  • U.S. Appl. No. 13/396,482, Final Office Action mailed Mar. 28, 2014.
  • U.S. Appl. No. 13/396,484, Final Office Action mailed Apr. 11, 2014.
  • U.S. Appl. No. 11/877,465, Office Action mailed Jul. 29, 2014.
  • U.S. Appl. No. 13/396,482, Office Action mailed Sep. 16, 2014.
  • U.S. Appl. No. 12/980,253, Final Office Action mailed Jan. 23, 2015.
  • U.S. Appl. No. 13/396,482, Final Office Action mailed Jan. 22, 2015.
  • U.S. Appl. No. 13/396,484, Office Action mailed Jan. 21 2015.
Patent History
Patent number: 9015816
Type: Grant
Filed: Apr 4, 2012
Date of Patent: Apr 21, 2015
Patent Publication Number: 20130269008
Assignee: Ruckus Wireless, Inc. (Sunnyvale, CA)
Inventors: Ming-Jye Sheu (San Jose, CA), Prashant Ranade (San Jose, CA)
Primary Examiner: Ashok Patel
Assistant Examiner: Gary Gracia
Application Number: 13/439,844
Classifications
Current U.S. Class: Management (726/6); Policy (726/1); Network (726/3); Particular Algorithmic Function Encoding (380/28); Having Particular Key Generator (380/44); Mutual Entity Authentication (713/169); Authentication Of An Entity And A Message (713/170)
International Classification: G06F 17/30 (20060101); G06F 21/44 (20130101); H04W 12/04 (20090101); H04W 12/06 (20090101); G06F 7/04 (20060101);