[go: up one dir, main page]

WO2014009391A1 - A method and a system for transferring access point passwords - Google Patents

A method and a system for transferring access point passwords Download PDF

Info

Publication number
WO2014009391A1
WO2014009391A1 PCT/EP2013/064530 EP2013064530W WO2014009391A1 WO 2014009391 A1 WO2014009391 A1 WO 2014009391A1 EP 2013064530 W EP2013064530 W EP 2013064530W WO 2014009391 A1 WO2014009391 A1 WO 2014009391A1
Authority
WO
WIPO (PCT)
Prior art keywords
access point
wireless
wireless device
user
password
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/EP2013/064530
Other languages
French (fr)
Inventor
Luis CUCALA GARCÍA
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Telefonica SA
Original Assignee
Telefonica SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonica SA filed Critical Telefonica SA
Publication of WO2014009391A1 publication Critical patent/WO2014009391A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]

Definitions

  • the present invention generally relates to the field of wireless communications, in particular, in a first aspect, to a method for transferring access point passwords between devices.
  • a second aspect of the invention relates to a system arranged to implement the method of the first aspect.
  • the current procedure to provide local short to medium range connectivity to wireless devices is the installation of a wireless base station, which depending on the wireless technology is in some cases called Access Point, to which the wireless devices like mobile terminals or computers connect by means of a radio interface.
  • a wireless base station which depending on the wireless technology is in some cases called Access Point, to which the wireless devices like mobile terminals or computers connect by means of a radio interface.
  • a common example of this scenario is a Wi-Fi Access Point that radiates a Wi-Fi radio signal.
  • connection to the wireless base station can be protected by means of some kind of access control and encryption, and the wireless device that requires to connect to the wireless base station needs to provide a string of characters or password in order that the wireless access point grants it the connection right, a password that must be manually entered by the user of the wireless device, or must be previously stored in it.
  • the length of this password depends on the wireless base station access security implementation, but typically consists of a string of 13 or more alphanumerical characters, which must not resemble any known word in order to improve the security of the encryption procedure.
  • Some examples of common encryption procedures are the "Wired Equivalent Privacy” algorithm (WEP, IEEE 802.1 1 standard) and the “Wi-Fi Protected Access” algorithm (WPA, IEEE 802.1 1 i standard).
  • PLMN Public Land Mobile Networks
  • UMTS Universal Mobile Terrestrial Service
  • This procedure is usually called Wi-Fi Offloading, because it enables to offload the traffic load of the PLMN by means of a Wi-Fi Access Point, and is widely used in home or small office scenarios, where the residents of the home or owner of the office usually connect their UE's to the Wi-Fi Access Point to get access to the Internet, e-mail or similar services, instead of receiving those services through the PLMN.
  • Wi-Fi Offloading in home or small office scenarios works well when it is the owner of the access point who connects to the wireless access point, because even though the procedure of introducing a password consisting in a long string of characters is cumbersome, it must be done only once because the wireless connection manager in the UE stores the password and makes the procedure automatic for the next occasions.
  • Another problem with the current procedure for local wireless access point connectivity is the long passwords that are required, which are usually impossible to memorize, and it also happens that in many occasions the access point owner loses its record. If the access point owner loses the password, it will not be possible to connect any new wireless device to the wireless access point.
  • the problem of password availability is solved with authentication protocols like the Extensible Authentication Protocol Method for Subscriber Identity Module, or EAP-SIM, where authentication and encryption is done with the aid of the Subscriber Identity Module (SIM) of the UE, but this procedure is only available for wireless devices that include a SIM card, and even in UE's that include a SIM card it is not commonly used.
  • the invention provides an alternative to the state of the art by providing a procedure for the transfer of the wireless access point identification and password between different devices.
  • the invention provides, in a first aspect, a method that, according to conventional techniques, comprises:
  • the method further comprises:
  • the automatically transmission in step b) is performed by means of the PLMN and using its encryption capabilities, or is performed by using connection capabilities of the wireless access point of the first user and a fixed access line.
  • the identification of the first user comprises an International Mobile Subscriber Identity (IMSI) or an Integrated Services Digital Network Number (MSISDN) which is automatically retrieved from a SIM or USI M card of the first wireless device of the first user.
  • IMSI International Mobile Subscriber Identity
  • MSISDN Integrated Services Digital Network Number
  • a reliable third party such as a telecommunication operator provides information related to the identity of the user and the fixed access line where the access point is connected to. Then, the identification of the wireless access point of the first user is provided to the node located in the PLMN, where the node records it and further identifies the fixed access line identity from which the connection has been performed.
  • the node which in an embodiment is any of a computer device or any other device with storage and processing capabilities, then checks if the first wireless device corresponds to the same user of the fixed access line and it further performs a validation of the connectivity permission of the at least one additional second wireless device to the wireless access point of the first user before performing step c).
  • said step b) further transmits to the node located in the PLMN at least the information about the executable application and/or directly the executable application.
  • the method automatically connects, in another embodiment, the at least one additional second wireless device to the wireless access point of the first user when the at least one additional second wireless device is within the coverage area of the wireless access point of the first user.
  • the method of the present invention keeps encrypted in the at least one additional second wireless device the password of the wireless access point of the first user.
  • a second aspect of the present invention provides a system for transferring access point passwords, which according to conventional techniques comprises:
  • a first wireless device of a first user with a memory for storing a password protecting a wireless access point of the first user;
  • said wireless access point adapted to authenticate the first wireless device by means of the password each time a connection is performed using the wireless access point;
  • the system further comprises:
  • PLMN Public Land Mobile Network
  • the node is adapted to provide, following instructions from the first wireless device, an identification and the password of the wireless access point to any of said plurality of second wireless device, if any of the plurality of second wireless device is within a list of wanted additional users having connectivity permission to the wireless access point.
  • the node in the present invention is any of a computer device or any other device with storage and/or processing capabilities.
  • any of the first or second wireless devices are any of a mobile phone, a portable computer, a tablet, a PDA or any other similar computing device.
  • Figure 1 is a representation of the Automatic identification of the Own Access Node process, according to an embodiment.
  • Figure 2 is a representation of the general description of the full procedure described the present invention, according to an embodiment.
  • Embodiments of the present invention provide a method and a system for the transfer of local wireless access point identification and password between a device (inviting device) that stores the password to an inviting device to which wireless access point connectivity will be granted.
  • Password transfer is done through the PLMN, and the procedure enables an automatic retrieval of the password in the inviting wireless device without the user intervention, the secure transfer of the password and the wireless access point identification through the PLMN, the provision of the password and the wireless access point identification to the invited wireless device, and the automatic connection of the invited wireless device to the wireless access point it is invited to connect to.
  • the owner of the home or small office wireless access point installs a software application, the Inviting Application, in a wireless device, the Inviting Device.
  • This software application can also be pre-installed in the wireless device and thus the owner does not have to install it.
  • This software application will be the same for any wireless device, i.e. it will not be necessary to have any adaptation depending on the wireless access point it will have to connect to.
  • This software application does not have to be downloaded from the wireless access point the wireless device connects to.
  • An example of this wireless device is a mobile terminal or User Equipment (UE) that supports both connectivity to the PLMN and local connectivity to a wireless access point, for example but not precluding any other implementation, an IEEE 802.1 1 Wi-Fi access point.
  • Another example of a wireless device is a portable computer, a tablet or any other similar device.
  • a wireless device that includes PLMN and local wireless access point connectivity always includes with its Operating System (OS) a Wireless Connection Manager.
  • OS Operating System
  • the Wireless Connection Manager stores a list of previously connected wireless access points, identified by means of their ID (for example, in the case of Wi- Fi, but not precluding any other kind of access points, the Service Set IDentifier or SSID), and the password of every wireless access point.
  • ID for example, in the case of Wi- Fi, but not precluding any other kind of access points, the Service Set IDentifier or SSID
  • the owner of the access point can then use the Inviting Application installed in the inviting device to provide a list of mobile telephone numbers of people that he or she wants to invite to have connectivity to the access point.
  • the owner of the access point can be safely identified by means of procedures later described in this invention.
  • the Inviting Application When the Inviting Application is run, it automatically communicates with the wireless device Wireless Connection Manager in the Operating System in order to retrieve the wireless access point password, without the user intervention. This process of automatically retrieving the stored passwords is already implemented in other software applications and is not a preferred embodiment of this invention.
  • the Wireless Connection Manager stores many access points I Ds along with their passwords, and therefore it is necessary for the Inviting Application to determine which is the ID of the user's access point, the Own Access Point.
  • the Inviting Application presents a list of access points IDs to the user, who selects which is his or her access point. This option is feasible but presents a drawback: the user intentionally or unintentionally can select an access point ID than does not correspond to his or her access point, thus inviting connection to an access point that does not belong to him or her.
  • the Inviting Application automatically determines which is the Own Access Point, without any user intervention, thus precluding the possibility of sharing of the passwords of other access points.
  • the Inviting Application does not have any means of determining which is the user's Own Access Point, as all the access points ID's stored in the Operating Systems Wireless Connection Manager are undistinguishable from each other.
  • the Inviting Application is helped by a third party that has the knowledge of who is the owner of the wireless Inviting Device and the owner of the wireless access point, a third party who in many occasions will be a telecommunications operator.
  • the third party will install a node, the Invite Service Node, which can be a computer or any other device with memory and processing capabilities, in its network.
  • the Invite Service Node stores the following data, or can connect to another telecommunication operator's nodes where the data is recorded: i. Identifiers of fixed access lines. For example, but not precluding any other identifier, the fixed phone numbers of its customers. This information can include also if the phone number has associated with it some fixed broadband service.
  • iii Fixed access line owner identification (for example, but not precluding any other possibility, the name of the owner, passport number, fiscal identification, etc.)
  • iii. Identifiers the owners of the mobile terminals or UE's. For example, but not precluding any other identifier, the mobile phone numbers of its customers, the International Mobile Subscriber Identity (IMSI) of every customer, or the Mobile Subscriber Integrated Services Digital Network Number (MSISDN) of the customers.
  • the preferred identifiers are those that cannot be deduced or discovered by the user, for example the IMSI which is only known by the telecom operator, in order to avoid any fraudulent use of the Inviting Application.
  • Customer mobile terminal information can include also if the customer has associated with it some previous subscription to an access point invite service, as an additional security measure to prevent unwanted connection invitations to his or her access point.
  • the data described in points ii) and iii) enables to determine that the owner of the access line and the owner of the mobile terminal are the same person, and thus he or she is entitled to perform inviting operations.
  • the Automatic identification of the Own Access Point process is as follows. In a preferred embodiment of this invention, when the user runs the Inviting Application for the first time he or she is requested to be connected to the access point that is expected to be his or her Own Access Point, in order to check if it is really the Own Access Point. This process can be repeated lately in any other occasion in order to update the Own Access Point Information. The Inviting Application then connects to the access point which is supposed to be the Own Access Point, retrieving the connection password from the Operating System Wireless Connection Manager.
  • the Inviting Application will manage the wireless connection with Access Point, using the Access Point password provided by the user, or retrieved from the Wireless Connection Manager in the Operating System, in the latter case without the user intervention.
  • the password used by the Inviting Application to connect to the Access Point will be the password that Inviting Application will eventually transmit to the Invite Service Node when inviting, and in this way it is possible to ensure that the user will not use the Inviting Application to send erroneous or fraudulent passwords to the Invite Service Node.
  • the Inviting Application connects with the Invite Service Node, through the access node and the fixed access interface where the access node is connected to.
  • the Inviting Application provides to the Invite Service Node the identifier of the owner of the mobile terminal where the Inviting Application is installed and run, for example the I MSI. This information is automatically retrieved from the SIM or USIM card installed in the UE, without any user information, avoiding error and a fraudulent introduction of this identifier.
  • the Invite Service Node records the identifier of the owner of the mobile terminal which is requesting own access point identification by means of the Inviting Application, and subsequently proceeds to identify the fixed access line identity from which the connection has come from, for example the fixed phone number.
  • the identification of the access line identity is a procedure common in the telecommunications industry and implemented by different ways in every operator, and thus is out of the scope of this invention.
  • the Invite Service Node checks if the associated customer to the fixed access line is the same customer than the one associated with the mobile terminal.
  • the Invite Service Node can also check if the customer has also previously subscribed to an access point invite service.
  • the Invite Service Node determines that the same customer is associated with the fixed access line the connection has come from, and with the mobile terminal where the Inviting Application has been run, the Invite Service Node sends an indication through the fixed access line and the access point to the Inviting Application that the access point it has connected to is the Own Access Point. Then, the Inviting Application records that access point as the Own Access Point, the only one which could be shared with other parties by means of the Inviting Application.
  • Figure 1 schematically illustrates the process.
  • the Inviting Application with the help of the Invite Service Node, it can also provide to the Invite Service Node the Own Access Node ID and the Own Access Node password.
  • the Own Access Node password will be the one used by the Inviting Application to connect to the Own Access Node.
  • the Invite Service Node can store this information and associate it with the fixed access line identification, the identification of the owner of the mobile terminal and the customer data.
  • This invention takes also into account the case when the owner of the Own Access Point changes the connection password or the Own Access Point identification of the access point itself. This happens for example when the owner replaces the access point by a new one, or when the owner connects to the access node by means of a computer and running a specific software application of the access node that changes locally the access point identification and / or its password. In this case, it is a process that has been done intentionally by the user, who installs a new access point discarding the old one, or who intentionally changes the identification and or the password of the access point. As it has been an intentional action, when the user then tries to connect to the access point, he or she will use the mobile terminal Wireless Connection Manager to select the appropriate access point and provide its connection password.
  • the Inviting Application cannot know if the new access point corresponds to a new Own Access Point that must be updated, or it is simply a third party access point the mobile terminal is connecting to. In order to solve this ambiguity, the Inviting Application must be always running in the Inviting Device as a background process, regardless it is being used by the Inviting Device user or not. If the always-running Inviting Application detects that the user has provided a connection password to a new access point by means of the Wireless Connection Manager, it will start the Automatic identification of the Own Access Node process that has already been described. It will start by asking the user if the new access point and password are those of his or her Own Access Node, and in the case of a positive answer from the user, it will proceed with all the steps of the Automatic identification of the Own Access Node process.
  • the owner of the Own Access Point can use the Inviting Application to provide a list of mobile telephone numbers that he or she wants to invite to have wireless connectivity to the access point.
  • the Inviting Application will then automatically send the list of the invited numbers, along with the Own Access Point identification and access password to the Invite Service Node.
  • This connection can be done through the Own Access Point and the fixed access line, or through the PLMN, using the encryption capabilities of the PLMN or adding any additional encryption layer.
  • the Invite Service Node receives the invitation from the Inviting Application.
  • This invitation includes the following data:
  • the Own Access Point password This password is not necessarily sent if the Invite Service Node has already stored it during the Own Access Point identification process.
  • Application is installed (e.g. IMSI or MSISDN)
  • the Invite Service Node has also previously recorded the following information: - Identifiers of fixed access lines, and the Own Access Point ID associated to every access line, and the customer identification associated to it.
  • Customer mobile terminal information can include also if the customer has associated with it some previous subscription to an access point invite service, as an additional security measure to prevent unwanted connection invitations to his or her access point.
  • the first action of the Invite Service Node is to check if the invitation has been generated from an Inviting Application installed in a mobile terminal whose identification, as it is sent by the Inviting Application, is the same than the identification the Invite Service Node has previously stored.
  • the Invite Service Node can then proceed in two ways: a) automatically send the access point identification and the access password to every invited mobile telephone number, without any further checking, b) in order to increase the security of the process, the Invite Service Node can check if this invitation is legitimate prior to sending the access point identification and password to the invited telephone numbers.
  • the Invite Service Node checks if the invitation is legitimate prior to sending the access point identification and password to the invited telephone numbers.
  • the Invite Service Node stores, for every customer who has already used the Inviting Application to identify the Own Access Node, a set of data about the associated fixed access line identification and its customer identification, the associated mobile terminal identification and its customer identification, the Own Access Point identification, and optionally the Own Access Point password, and information about if the customer is subscribed to an access point invite service.
  • the Invite Service Node can perform any of the following checks before sending any access point data to the invited telephone numbers:
  • the Invite Access Node can then use two procedures to send the access point data to the invited telephone numbers:
  • the Invite Access Node If the Invite Access Node has not stored previously the Own Access Node identification or the Own Access Node password, it will send the identification and / or the password sent by the Inviting Application during the inviting process.
  • the Invite Access Node If the Invite Access Node has stored previously the Own Access Node identification or the Own Access Node password, it will send the identification and / or the password that are stored in the Invite Service Node. This procedure enables the possibility that the Inviting Application sends the Own Access Point identification and password only once, during the Own Access Point identification process.
  • the Invite Service Node will send the Own Access Node identification and password to the invited telephone numbers.
  • the connection between the Invite Service Node and the invited devices will be done by means of the PLMN.
  • the Invite Service Node can also provide the Own Access Node password to the Inviting Device, in the case the customer forgets it.
  • the customer can use the Inviting Application to request the password, a procedure that can be implemented in two ways:
  • the basic implementation is a request from the Inviting Application to the Operating System Wireless Connection Manager to provide the password, which will be graphically shown to the customer.
  • the mobile terminal user changes by error the access point password recorded in the mobile terminal, which now will not match with the real access point password. It is also possible that the mobile terminal user deletes by error the access point data recorded in the Wireless Connection Manager.
  • the Inviting Application connects with the Invite Service Node through the PLMN, because in these conditions it cannot connect to the Own Access Point, and it will provide to the Invite Service Node the fixed access line identification (i.e. the telephone number the Own Access Point is connected to), the identification of the owner of the mobile terminal, and if available the Own Access Node identification.
  • the Invite Service Node will compare the data that is provided by the Inviting Application with its stored data, and if there is a match between the fixed access line identification, identification of the owner of the mobile terminal and the Own Access Point identification, it will retrieve the stored password to the Inviting Application through the PLMN.
  • the Inviting Application can manage the wireless connection to the Own Access Node by itself, making use of the retrieved password and Own Access
  • Node identification or it can automatically provide these data to the Operating System Wireless Connection Manager.
  • the Invited Application which can be the same software application than the Inviting Application but performing different actions when inviting than when being invited.
  • the Invited Application receives from the Invite Service Node and through the PLMN an access point invitation, which includes the access point identification of the access point the invited device is invited to connect to, and the access point password.
  • the Invited Application stores these data, along with the data of other access points it is invited to connect to.
  • This Invited Application can automatically manage the wireless connection of the invited device to the wireless access point, not needing to use the connection capabilities of the invited device Operating System Wireless Connection Manager.
  • the Invited Application must be always running in the invited device as a background process, regardless it is being used by the invited device user or not. If the always- running Invited Application detects that the invited device is within the coverage area of one of the access points it is invited to connect to, the Invited Application automatically manages the connection, making use of the password that has been provided by the Invite Service Node.
  • the Invited Application in the invited device stores all the passwords but never shows them to the invited device user, keeping them encrypted.
  • the Invited Application cannot disclose the invited access points identifications and passwords with any other software application running in the invited device or running on any processing equipment connected to the invited device.
  • the Invited Application cannot be used to perform invitations to connect to wireless access points different from the Own Access point.
  • FIG. 2 shows a general description of the full procedure followed by the present invention.
  • the owner of a wireless access point can share the access point identification data and its password with other wireless devices users, enabling a simple procedure to provide a PLMN traffic offloading.
  • the owner's access point identification data and its password are transferred between the owner of the access point and the invited person without the need of the owner to retrieve the password or providing the password to the invited person as plain text.
  • the invention automatically determines which is the Own Access Point, not relying on any user input, using the information from a reliable third party who knows the identity of the user and the identity of the fixed access where the wireless access point is connected to.
  • the owner of the access point can use the Inviting Application to share only the access point identification and password of his or her own access point, but not data of other access points.
  • the access point owner can retrieve his or her access point identification and password in the case they are lost, as they can be recorded in a trusted node in the telecommunications operator network.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Description

A method and a system for transferring access point passwords
Field of the art
The present invention generally relates to the field of wireless communications, in particular, in a first aspect, to a method for transferring access point passwords between devices.
A second aspect of the invention relates to a system arranged to implement the method of the first aspect. Prior State of the Art
The current procedure to provide local short to medium range connectivity to wireless devices is the installation of a wireless base station, which depending on the wireless technology is in some cases called Access Point, to which the wireless devices like mobile terminals or computers connect by means of a radio interface. A common example of this scenario is a Wi-Fi Access Point that radiates a Wi-Fi radio signal.
On the other hand, the connection to the wireless base station can be protected by means of some kind of access control and encryption, and the wireless device that requires to connect to the wireless base station needs to provide a string of characters or password in order that the wireless access point grants it the connection right, a password that must be manually entered by the user of the wireless device, or must be previously stored in it.
The length of this password depends on the wireless base station access security implementation, but typically consists of a string of 13 or more alphanumerical characters, which must not resemble any known word in order to improve the security of the encryption procedure. Some examples of common encryption procedures are the "Wired Equivalent Privacy" algorithm (WEP, IEEE 802.1 1 standard) and the "Wi-Fi Protected Access" algorithm (WPA, IEEE 802.1 1 i standard).
Local short to medium range connectivity from wireless base stations to wireless devices, for example by means of Wi-Fi Access Points, is used among other applications, to offload the Public Land Mobile Networks (PLMN), also called mobile networks, for example the Universal Mobile Terrestrial Service (UMTS) mobile network. In this scenario, part of the traffic received or transmitted by the wireless mobile device, which is usually called User Equipment (UE), whose source or destination should be the PLMN, is diverted to another network through the wireless base station, usually a Wi-Fi Access Point. This procedure is usually called Wi-Fi Offloading, because it enables to offload the traffic load of the PLMN by means of a Wi-Fi Access Point, and is widely used in home or small office scenarios, where the residents of the home or owner of the office usually connect their UE's to the Wi-Fi Access Point to get access to the Internet, e-mail or similar services, instead of receiving those services through the PLMN.
Wi-Fi Offloading in home or small office scenarios works well when it is the owner of the access point who connects to the wireless access point, because even though the procedure of introducing a password consisting in a long string of characters is cumbersome, it must be done only once because the wireless connection manager in the UE stores the password and makes the procedure automatic for the next occasions.
However, this procedure is not adequate to enable a simple access to the wireless access point to those UE's that belong to people who only visit occasionally the premises where the access point is installed, for example relatives, friends or customers. In this case, those occasional users must introduce the wireless access point password in their UE in order to be granted connectivity to it, and it usually happens that a) the access point owner does not remember the password, b) the access point owner does not know how to retrieve the stored password from his/her UE, c) the access point owner does not remember where it is the paper or electronic record of the password, d) the access point owner does not want to disclose the password, fearing that it could be distributed to some other people, e) the visiting person does not find polite to ask for the password.
There are some solutions that enable wireless connectivity to an Access Point in enterprise or public scenarios, based on the visitor accessing to an Internet web portal where he or she can register and request some specific login data and password, usually operative for a limited period of time, by means of an Authentication Node and a web server for the provision of an Internet web portal. One example of this solution is described in the patent application US 2006/0190991 . But this type of solution cannot be applied to a home or small office Access Point, which cannot afford the use of an Authentication Node and a web server for the provision of temporal login data and passwords, and the manual introduction of the login and password is still use cumbersome and prone to errors.
Other solutions for enterprise scenarios involve a first connection to an open and not protected wireless or wired network and the installation in the mobile terminal of a software application that communicates with an Authentication Node, including the installation in the mobile terminal of certificates and private and public keys, thus allowing or not the connection to the wireless network and granting different levels of access depending on the user profile. One example of this solution is the one described in patent application US 2007/0287450. This type of solution cannot be applied to a home or small office scenario, which cannot afford an authentication server and the provision of a specific mobile terminal software application for every home of small office. Furthermore, both solutions as they are described in patents US 2006/0190991 and US 2007/0287450 cannot be applied to a home or small office Access Point because they do not implement any way to identify which is the Access Point ID of the Access Point the visitor could connect to, because in this scenario there are many coexisting Access Points in the neighbourhood. Another limitation of both solutions is that they require some authentication procedure of the user terminal which will be allowed to connect to the wireless network, which can be implemented in an enterprise scenario but it is not applicable in a home or in a small office.
As a result of these limitations, many visitors that potentially could connect to the home or small office wireless access point with their UE, or with any other portable device that supports both a PLMN radio interface and a short range radio interface like Wi-Fi, do not connect to the local wireless access point and get their wireless connectivity through the PLMN, and thus there is no offloading or Wi-Fi Offloading of the PLMN.
Another problem with the current procedure for local wireless access point connectivity is the long passwords that are required, which are usually impossible to memorize, and it also happens that in many occasions the access point owner loses its record. If the access point owner loses the password, it will not be possible to connect any new wireless device to the wireless access point. The problem of password availability is solved with authentication protocols like the Extensible Authentication Protocol Method for Subscriber Identity Module, or EAP-SIM, where authentication and encryption is done with the aid of the Subscriber Identity Module (SIM) of the UE, but this procedure is only available for wireless devices that include a SIM card, and even in UE's that include a SIM card it is not commonly used.
Summary of the Invention The invention provides an alternative to the state of the art by providing a procedure for the transfer of the wireless access point identification and password between different devices.
To perform this procedure, the invention provides, in a first aspect, a method that, according to conventional techniques, comprises:
storing, a first wireless device of a first user, a password protecting a wireless access point of said first user;
installing an executable application to said first wireless device in order to control access to said wireless access point; and
authenticating, the wireless access point, the first wireless device by means of the password each time a connection is performed using the wireless access point.
On contrary to the known proposals, the method further comprises:
a) storing, the first user in said first wireless device, by means of the executable application, a list of wanted additional users provided with wireless device in order to permit them to have connectivity to the wireless access point;
b) automatically transmitting the first wireless device by means of the executable application, the list of wanted additional users having connectivity permission, an identification of the wireless access point of the first user and the password protecting it, to a node located in a Public Land Mobile Network (PLMN); c) providing, said node, to at least one additional second wireless device at least information about said executable application, and
d) further providing said node, the identification and the password automatically transmitted to at least one additional second wireless device, if the at least one additional second wireless device is within said list of wanted additional users.
The automatically transmission in step b) is performed by means of the PLMN and using its encryption capabilities, or is performed by using connection capabilities of the wireless access point of the first user and a fixed access line.
In an embodiment, the identification of the first user comprises an International Mobile Subscriber Identity (IMSI) or an Integrated Services Digital Network Number (MSISDN) which is automatically retrieved from a SIM or USI M card of the first wireless device of the first user.
In another embodiment, in order to perform the identification of the wireless access point of the first user, a reliable third party such as a telecommunication operator provides information related to the identity of the user and the fixed access line where the access point is connected to. Then, the identification of the wireless access point of the first user is provided to the node located in the PLMN, where the node records it and further identifies the fixed access line identity from which the connection has been performed.
The node, which in an embodiment is any of a computer device or any other device with storage and processing capabilities, then checks if the first wireless device corresponds to the same user of the fixed access line and it further performs a validation of the connectivity permission of the at least one additional second wireless device to the wireless access point of the first user before performing step c).
In another embodiment, said step b) further transmits to the node located in the PLMN at least the information about the executable application and/or directly the executable application.
The method, automatically connects, in another embodiment, the at least one additional second wireless device to the wireless access point of the first user when the at least one additional second wireless device is within the coverage area of the wireless access point of the first user.
Finally, the method of the present invention keeps encrypted in the at least one additional second wireless device the password of the wireless access point of the first user.
A second aspect of the present invention provides a system for transferring access point passwords, which according to conventional techniques comprises:
a first wireless device of a first user with a memory for storing a password protecting a wireless access point of the first user;
an executable application, installed in the first wireless device in order to control access to the wireless access point;
said wireless access point, adapted to authenticate the first wireless device by means of the password each time a connection is performed using the wireless access point;
On contrary to the conventional techniques, the system further comprises:
a plurality of second wireless device;
a node located in a Public Land Mobile Network (PLMN), and under the coverage of the wireless device and the wireless access point;
wherein the node is adapted to provide, following instructions from the first wireless device, an identification and the password of the wireless access point to any of said plurality of second wireless device, if any of the plurality of second wireless device is within a list of wanted additional users having connectivity permission to the wireless access point.
The node in the present invention is any of a computer device or any other device with storage and/or processing capabilities.
Any of the first or second wireless devices are any of a mobile phone, a portable computer, a tablet, a PDA or any other similar computing device.
Brief Description of the Drawings
The previous and other advantages and features will be more fully understood from the following detailed description of embodiments, with reference to the attached, which must be considered in an illustrative and non-limiting manner, in which:
Figure 1 is a representation of the Automatic identification of the Own Access Node process, according to an embodiment.
Figure 2 is a representation of the general description of the full procedure described the present invention, according to an embodiment.
Detailed Description of Several Embodiments
Embodiments of the present invention provide a method and a system for the transfer of local wireless access point identification and password between a device (inviting device) that stores the password to an inviting device to which wireless access point connectivity will be granted.
Password transfer is done through the PLMN, and the procedure enables an automatic retrieval of the password in the inviting wireless device without the user intervention, the secure transfer of the password and the wireless access point identification through the PLMN, the provision of the password and the wireless access point identification to the invited wireless device, and the automatic connection of the invited wireless device to the wireless access point it is invited to connect to.
Operation at the inviting device:
The owner of the home or small office wireless access point installs a software application, the Inviting Application, in a wireless device, the Inviting Device. This software application can also be pre-installed in the wireless device and thus the owner does not have to install it. This software application will be the same for any wireless device, i.e. it will not be necessary to have any adaptation depending on the wireless access point it will have to connect to. This software application does not have to be downloaded from the wireless access point the wireless device connects to. An example of this wireless device is a mobile terminal or User Equipment (UE) that supports both connectivity to the PLMN and local connectivity to a wireless access point, for example but not precluding any other implementation, an IEEE 802.1 1 Wi-Fi access point. Another example of a wireless device is a portable computer, a tablet or any other similar device.
A wireless device that includes PLMN and local wireless access point connectivity always includes with its Operating System (OS) a Wireless Connection Manager. The first time when the wireless device user wants to connect to a wireless access point, the user must manually introduce the password of that wireless access point. Then the Wireless Connection Manager stores a list of previously connected wireless access points, identified by means of their ID (for example, in the case of Wi- Fi, but not precluding any other kind of access points, the Service Set IDentifier or SSID), and the password of every wireless access point.
The owner of the access point can then use the Inviting Application installed in the inviting device to provide a list of mobile telephone numbers of people that he or she wants to invite to have connectivity to the access point. The owner of the access point can be safely identified by means of procedures later described in this invention. When the Inviting Application is run, it automatically communicates with the wireless device Wireless Connection Manager in the Operating System in order to retrieve the wireless access point password, without the user intervention. This process of automatically retrieving the stored passwords is already implemented in other software applications and is not a preferred embodiment of this invention.
It is possible that the Wireless Connection Manager stores many access points I Ds along with their passwords, and therefore it is necessary for the Inviting Application to determine which is the ID of the user's access point, the Own Access Point. There are many options to determine the access point ID and password to be shared, and this invention does not preclude any of them: i. The Inviting Application presents a list of access points IDs to the user, who selects which is his or her access point. This option is feasible but presents a drawback: the user intentionally or unintentionally can select an access point ID than does not correspond to his or her access point, thus inviting connection to an access point that does not belong to him or her.
ii. In a preferred embodiment of the invention, the Inviting Application automatically determines which is the Own Access Point, without any user intervention, thus precluding the possibility of sharing of the passwords of other access points.
The Inviting Application does not have any means of determining which is the user's Own Access Point, as all the access points ID's stored in the Operating Systems Wireless Connection Manager are undistinguishable from each other. In a preferred embodiment of this invention the Inviting Application is helped by a third party that has the knowledge of who is the owner of the wireless Inviting Device and the owner of the wireless access point, a third party who in many occasions will be a telecommunications operator.
The third party will install a node, the Invite Service Node, which can be a computer or any other device with memory and processing capabilities, in its network. The Invite Service Node stores the following data, or can connect to another telecommunication operator's nodes where the data is recorded: i. Identifiers of fixed access lines. For example, but not precluding any other identifier, the fixed phone numbers of its customers. This information can include also if the phone number has associated with it some fixed broadband service.
ii. Fixed access line owner identification (for example, but not precluding any other possibility, the name of the owner, passport number, fiscal identification, etc.) iii. Identifiers the owners of the mobile terminals or UE's. For example, but not precluding any other identifier, the mobile phone numbers of its customers, the International Mobile Subscriber Identity (IMSI) of every customer, or the Mobile Subscriber Integrated Services Digital Network Number (MSISDN) of the customers. In a preferred embodiment of this invention, the preferred identifiers are those that cannot be deduced or discovered by the user, for example the IMSI which is only known by the telecom operator, in order to avoid any fraudulent use of the Inviting Application.
iv. Customer mobile terminal information can include also if the customer has associated with it some previous subscription to an access point invite service, as an additional security measure to prevent unwanted connection invitations to his or her access point.
The data described in points ii) and iii) enables to determine that the owner of the access line and the owner of the mobile terminal are the same person, and thus he or she is entitled to perform inviting operations. The Automatic identification of the Own Access Point process is as follows. In a preferred embodiment of this invention, when the user runs the Inviting Application for the first time he or she is requested to be connected to the access point that is expected to be his or her Own Access Point, in order to check if it is really the Own Access Point. This process can be repeated lately in any other occasion in order to update the Own Access Point Information. The Inviting Application then connects to the access point which is supposed to be the Own Access Point, retrieving the connection password from the Operating System Wireless Connection Manager. The Inviting Application will manage the wireless connection with Access Point, using the Access Point password provided by the user, or retrieved from the Wireless Connection Manager in the Operating System, in the latter case without the user intervention. The password used by the Inviting Application to connect to the Access Point will be the password that Inviting Application will eventually transmit to the Invite Service Node when inviting, and in this way it is possible to ensure that the user will not use the Inviting Application to send erroneous or fraudulent passwords to the Invite Service Node.
Once wirelessly connected to the access point, the Inviting Application connects with the Invite Service Node, through the access node and the fixed access interface where the access node is connected to. Once connected to the Invite Service Node, the Inviting Application provides to the Invite Service Node the identifier of the owner of the mobile terminal where the Inviting Application is installed and run, for example the I MSI. This information is automatically retrieved from the SIM or USIM card installed in the UE, without any user information, avoiding error and a fraudulent introduction of this identifier.
The Invite Service Node records the identifier of the owner of the mobile terminal which is requesting own access point identification by means of the Inviting Application, and subsequently proceeds to identify the fixed access line identity from which the connection has come from, for example the fixed phone number. The identification of the access line identity is a procedure common in the telecommunications industry and implemented by different ways in every operator, and thus is out of the scope of this invention. Then the Invite Service Node checks if the associated customer to the fixed access line is the same customer than the one associated with the mobile terminal. The Invite Service Node can also check if the customer has also previously subscribed to an access point invite service. If the Invite Service Node determines that the same customer is associated with the fixed access line the connection has come from, and with the mobile terminal where the Inviting Application has been run, the Invite Service Node sends an indication through the fixed access line and the access point to the Inviting Application that the access point it has connected to is the Own Access Point. Then, the Inviting Application records that access point as the Own Access Point, the only one which could be shared with other parties by means of the Inviting Application. Figure 1 schematically illustrates the process.
Once the Inviting Application, with the help of the Invite Service Node, has determined which is the Own Access Point, it can also provide to the Invite Service Node the Own Access Node ID and the Own Access Node password. The Own Access Node password will be the one used by the Inviting Application to connect to the Own Access Node. The Invite Service Node can store this information and associate it with the fixed access line identification, the identification of the owner of the mobile terminal and the customer data.
This invention takes also into account the case when the owner of the Own Access Point changes the connection password or the Own Access Point identification of the access point itself. This happens for example when the owner replaces the access point by a new one, or when the owner connects to the access node by means of a computer and running a specific software application of the access node that changes locally the access point identification and / or its password. In this case, it is a process that has been done intentionally by the user, who installs a new access point discarding the old one, or who intentionally changes the identification and or the password of the access point. As it has been an intentional action, when the user then tries to connect to the access point, he or she will use the mobile terminal Wireless Connection Manager to select the appropriate access point and provide its connection password.
When the user uses the Wireless Connection Manager to select a new access point and provide the password, the Inviting Application cannot know if the new access point corresponds to a new Own Access Point that must be updated, or it is simply a third party access point the mobile terminal is connecting to. In order to solve this ambiguity, the Inviting Application must be always running in the Inviting Device as a background process, regardless it is being used by the Inviting Device user or not. If the always-running Inviting Application detects that the user has provided a connection password to a new access point by means of the Wireless Connection Manager, it will start the Automatic identification of the Own Access Node process that has already been described. It will start by asking the user if the new access point and password are those of his or her Own Access Node, and in the case of a positive answer from the user, it will proceed with all the steps of the Automatic identification of the Own Access Node process.
Once the Own Access Point has been determined, or updated, the owner of the Own Access Point can use the Inviting Application to provide a list of mobile telephone numbers that he or she wants to invite to have wireless connectivity to the access point. The Inviting Application will then automatically send the list of the invited numbers, along with the Own Access Point identification and access password to the Invite Service Node. This connection can be done through the Own Access Point and the fixed access line, or through the PLMN, using the encryption capabilities of the PLMN or adding any additional encryption layer.
Invite Service Node operation:
The Invite Service Node receives the invitation from the Inviting Application.
This invitation includes the following data:
The Own Access Point ID
The Own Access Point password. This password is not necessarily sent if the Invite Service Node has already stored it during the Own Access Point identification process.
The identification of the owner of the mobile terminal where the Inviting
Application is installed (e.g. IMSI or MSISDN)
A list of invited telephone numbers
The Invite Service Node has also previously recorded the following information: - Identifiers of fixed access lines, and the Own Access Point ID associated to every access line, and the customer identification associated to it.
Identification data of the owner of the mobile terminals.
Customer mobile terminal information can include also if the customer has associated with it some previous subscription to an access point invite service, as an additional security measure to prevent unwanted connection invitations to his or her access point.
The first action of the Invite Service Node is to check if the invitation has been generated from an Inviting Application installed in a mobile terminal whose identification, as it is sent by the Inviting Application, is the same than the identification the Invite Service Node has previously stored.
The Invite Service Node can then proceed in two ways: a) automatically send the access point identification and the access password to every invited mobile telephone number, without any further checking, b) in order to increase the security of the process, the Invite Service Node can check if this invitation is legitimate prior to sending the access point identification and password to the invited telephone numbers.
In a preferred embodiment of this invention, the Invite Service Node checks if the invitation is legitimate prior to sending the access point identification and password to the invited telephone numbers. The Invite Service Node stores, for every customer who has already used the Inviting Application to identify the Own Access Node, a set of data about the associated fixed access line identification and its customer identification, the associated mobile terminal identification and its customer identification, the Own Access Point identification, and optionally the Own Access Point password, and information about if the customer is subscribed to an access point invite service. In this embodiment of the invention, the Invite Service Node can perform any of the following checks before sending any access point data to the invited telephone numbers:
Check if the Inviting Application mobile terminal customer is subscribed to an access point invite service. If the customer is not subscribed to this service, the access point data will not be sent.
Check if the recorded Own Access Point ID in the Invite Service Node is the same than the Own Access Point ID sent by the Inviting Application. If they are not the same, the access point data will not be sent, and the Invite Service Node could request to the Inviting Application to perform the Own Access Point identification procedure again.
Check if the recorded Own Access Point password in the Invite Service Node, if it has been previously recorded, is the same than the Own Access Point password sent by the Inviting Application, in the case the Inviting Application sends the password during the inviting process. If they are not the same, the access point data will not be sent, and the Invite Service Node could request to the Inviting Application to perform the Own Access Point identification procedure again. Check if the customer data are the same for both the owner of the fixed access line associated to the Own Access Point, and the owner of the mobile terminal where the Inviting Application is installed.
If these checks are successful, the Invite Access Node can then use two procedures to send the access point data to the invited telephone numbers:
If the Invite Access Node has not stored previously the Own Access Node identification or the Own Access Node password, it will send the identification and / or the password sent by the Inviting Application during the inviting process.
If the Invite Access Node has stored previously the Own Access Node identification or the Own Access Node password, it will send the identification and / or the password that are stored in the Invite Service Node. This procedure enables the possibility that the Inviting Application sends the Own Access Point identification and password only once, during the Own Access Point identification process.
Using one of these afore described procedures the Invite Service Node will send the Own Access Node identification and password to the invited telephone numbers. The connection between the Invite Service Node and the invited devices will be done by means of the PLMN.
On the other hand, the Invite Service Node can also provide the Own Access Node password to the Inviting Device, in the case the customer forgets it. The customer can use the Inviting Application to request the password, a procedure that can be implemented in two ways:
The basic implementation is a request from the Inviting Application to the Operating System Wireless Connection Manager to provide the password, which will be graphically shown to the customer.
It is possible that the mobile terminal user changes by error the access point password recorded in the mobile terminal, which now will not match with the real access point password. It is also possible that the mobile terminal user deletes by error the access point data recorded in the Wireless Connection Manager. In a preferred embodiment of this invention, when the customer uses the Inviting Application to retrieve the password the Inviting Application connects with the Invite Service Node through the PLMN, because in these conditions it cannot connect to the Own Access Point, and it will provide to the Invite Service Node the fixed access line identification (i.e. the telephone number the Own Access Point is connected to), the identification of the owner of the mobile terminal, and if available the Own Access Node identification. The Invite Service Node will compare the data that is provided by the Inviting Application with its stored data, and if there is a match between the fixed access line identification, identification of the owner of the mobile terminal and the Own Access Point identification, it will retrieve the stored password to the Inviting Application through the PLMN.
The Inviting Application can manage the wireless connection to the Own Access Node by itself, making use of the retrieved password and Own Access
Node identification, or it can automatically provide these data to the Operating System Wireless Connection Manager.
Application operation at the invited device:
Every invited device must have previously installed in it a software application, the Invited Application, which can be the same software application than the Inviting Application but performing different actions when inviting than when being invited.
The Invited Application receives from the Invite Service Node and through the PLMN an access point invitation, which includes the access point identification of the access point the invited device is invited to connect to, and the access point password. The Invited Application stores these data, along with the data of other access points it is invited to connect to.
This Invited Application can automatically manage the wireless connection of the invited device to the wireless access point, not needing to use the connection capabilities of the invited device Operating System Wireless Connection Manager. The Invited Application must be always running in the invited device as a background process, regardless it is being used by the invited device user or not. If the always- running Invited Application detects that the invited device is within the coverage area of one of the access points it is invited to connect to, the Invited Application automatically manages the connection, making use of the password that has been provided by the Invite Service Node.
In a preferred embodiment of this invention, the Invited Application in the invited device stores all the passwords but never shows them to the invited device user, keeping them encrypted. In a preferred embodiment of this invention, the Invited Application cannot disclose the invited access points identifications and passwords with any other software application running in the invited device or running on any processing equipment connected to the invited device. In a preferred embodiment of this invention, the Invited Application cannot be used to perform invitations to connect to wireless access points different from the Own Access point.
Figure 2 shows a general description of the full procedure followed by the present invention.
Advantages of the Invention:
The main advantages of this present invention are as follows:
• The owner of a wireless access point can share the access point identification data and its password with other wireless devices users, enabling a simple procedure to provide a PLMN traffic offloading.
• The owner's access point identification data and its password are transferred between the owner of the access point and the invited person without the need of the owner to retrieve the password or providing the password to the invited person as plain text.
· The invention automatically determines which is the Own Access Point, not relying on any user input, using the information from a reliable third party who knows the identity of the user and the identity of the fixed access where the wireless access point is connected to.
• The owner of the access point can use the Inviting Application to share only the access point identification and password of his or her own access point, but not data of other access points.
• The invited person cannot have access to the invited access point password as plain text, and cannot share it with any other person or software application.
• The access point owner can retrieve his or her access point identification and password in the case they are lost, as they can be recorded in a trusted node in the telecommunications operator network.
ACRONYMS
IMSI International Mobile Subscriber Identity
MSISDN Mobile Subscriber Integrated Services Digital Network Number OS Operating System
PLMN Public Land Mobile Network
SIM Subscriber Identity Module
SSI D Service Set I Dentifier
UE User Equipment
USIM Universal Subscriber Identity Module

Claims

Claims
1.- A method for transferring access point passwords, comprising:
- storing, a first wireless device of a first user, a password protecting a wireless access point of said first user;
- installing an executable application to said first wireless device in order to control access to said wireless access point; and
- authenticating, said wireless access point, said first wireless device by means of said password each time a connection is performed using said wireless access point characterized in that it further comprises:
a) storing, said first user in said first wireless device, by means of said executable application, a list of wanted additional users provided with wireless device in order to permit them to have connectivity to said wireless access point;
b) automatically transmitting said first wireless device by means of said executable application, said list of wanted additional users having connectivity permission, an identification of the wireless access point of the first user and the password protecting it, to a node located in a Public Land Mobile Network (PLMN); c) providing, said node, to at least one additional second wireless device at least information about said executable application, and
d) further providing said node, said identification and the password automatically transmitted to at least one additional second wireless device, if said at least one additional second wireless device is within said list of wanted additional users.
2. - A method according to claim 1 , characterized in that the automatically transmission in said step b) is performed by means of the PLMN and using its encryption capabilities.
3. - A method according to claim 1 , characterized in that the automatically transmission in said step b) is performed by using connection capabilities of the wireless access point of said first user and/or a fixed access line.
4. - A method according to claim 1 , characterized in that said identification of the first user comprises an International Mobile Subscriber Identity (IMSI) or an Integrated
Services Digital Network Number (MSISDN).
5. - A method according to claim 4, characterized in that it comprises automatically retrieving said identification from a SIM or USIM card of the first wireless device of the first user.
6. - A method according to claim 1 , characterized in that, in order to perform the identification of the wireless access point of the first user, a reliable third party such as a telecommunication operator provides information related to the identity of the user and the fixed access line where the access point is connected to, said information being.
7. - A method according to claim 6, characterized in that it further comprises providing to said node located in the PLMN said identification of the wireless access point of the first user.
8. - A method according to claim 7, wherein said node located in the PLMN records said identification and further identifies the fixed access line identity from which the connection has been performed.
9. - A method according to claim 8, characterized in that said node located in the PLMN, comprises checking if said first user of said first wireless device corresponds to the same user of said fixed access tine.
10. - A method according to claim 8, characterized in that said node located in the PLMN further performs a validation of the connectivity permission of the at least one additional second wireless device to the wireless access point of the first user before performing said step d).
1 - A method according to claim 9 or 10, characterized in that said node located in the PLMN is a computer device or any other device with storage and processing capabilities.
12. - A method according to claim 1 , characterized in that it comprises in said step b) further transmitting to said node located in the PLMN at (east said information about said executable application.
13. - A method according to claim 12, characterized in that it comprises in said step b) further transmitting to said node located in the PLMN said executable application.
14. - A method according to claim 12 or 13, characterized in that it comprises automatically connecting the at least one additional second wireless device to the wireless access point of the first user when the at least one additional second wireless device is within the coverage area of the wireless access point of the first user.
15 - A method according to claim 14, characterized in that it further comprises keeping encrypted the password of the wireless access point of the first user in the at least one additional second wireless device.
16 - A system for transferring access point passwords, comprising: a first wireless device of a first user with a memory for storing a password protecting a wireless access point of said first user;
an executable application, installed in said first wireless device in order to control access to said wireless access point- said wireless access point, adapted to authenticate said first wireless device by means of said password each time a connection is performed using said wireless access point;
characterized in that it further comprises:
a plurality of second wireless device;
a node located in a Public Land Mobile Network (PL N), and under the coverage of said wireless device and said wireless access point;
wherein said node is adapted to provide, following instructions from said fist wireless device, an identification and the password of said wireless access point to any of said plurality of second wireless device, if any of said plurality of second wireless device is within a list of wanted additional users having connectivity permission to the wireless access point.
17. - A system according to claim 16, characterized in that said node is a computer device or any other device with storage and/or processing capabilities.
18, - A system according to claim 16, characterized in that said first wireless device and said plurality of second wireless device are any of a mobile phone, a portable computer, a tablet, a PDA or any other similar computing device.
PCT/EP2013/064530 2012-07-13 2013-07-10 A method and a system for transferring access point passwords Ceased WO2014009391A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ES201231109 2012-07-13
ESP201231109 2012-07-13

Publications (1)

Publication Number Publication Date
WO2014009391A1 true WO2014009391A1 (en) 2014-01-16

Family

ID=48790436

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2013/064530 Ceased WO2014009391A1 (en) 2012-07-13 2013-07-10 A method and a system for transferring access point passwords

Country Status (1)

Country Link
WO (1) WO2014009391A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104484917A (en) * 2014-11-17 2015-04-01 深圳市科荣实业有限公司 Safe box renting system
ITUB20155599A1 (en) * 2015-11-16 2017-05-16 Leonardo Pellinacci METHOD AND SYSTEM FOR THE AUTOMATIC RECOGNITION OF AN ELECTRONIC DEVICE FOR THE ACCESS TO A LOCAL NETWORK
DE102022110566B3 (en) 2022-04-29 2023-10-12 Deutsche Telekom Ag Guest access to a WiFi router

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060190991A1 (en) 2005-02-22 2006-08-24 Iyer Pradeep J System and method for decentralized trust-based service provisioning
US20060251256A1 (en) * 2005-04-04 2006-11-09 Nokia Corporation Administration of wireless local area networks
US20070287450A1 (en) 2006-04-24 2007-12-13 Bo-Chieh Yang Provisioned configuration for automatic wireless connection
US20080195741A1 (en) * 2007-02-13 2008-08-14 Devicescape Software, Inc. System and method for enabling wireless social networking
US20100087164A1 (en) * 2008-10-05 2010-04-08 Sony Ericsson Mobile Communications Ab Wlan set up using phone number identification apparatus and method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060190991A1 (en) 2005-02-22 2006-08-24 Iyer Pradeep J System and method for decentralized trust-based service provisioning
US20060251256A1 (en) * 2005-04-04 2006-11-09 Nokia Corporation Administration of wireless local area networks
US20070287450A1 (en) 2006-04-24 2007-12-13 Bo-Chieh Yang Provisioned configuration for automatic wireless connection
US20080195741A1 (en) * 2007-02-13 2008-08-14 Devicescape Software, Inc. System and method for enabling wireless social networking
US20100087164A1 (en) * 2008-10-05 2010-04-08 Sony Ericsson Mobile Communications Ab Wlan set up using phone number identification apparatus and method

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104484917A (en) * 2014-11-17 2015-04-01 深圳市科荣实业有限公司 Safe box renting system
ITUB20155599A1 (en) * 2015-11-16 2017-05-16 Leonardo Pellinacci METHOD AND SYSTEM FOR THE AUTOMATIC RECOGNITION OF AN ELECTRONIC DEVICE FOR THE ACCESS TO A LOCAL NETWORK
DE102022110566B3 (en) 2022-04-29 2023-10-12 Deutsche Telekom Ag Guest access to a WiFi router

Similar Documents

Publication Publication Date Title
US20240048985A1 (en) Secure password sharing for wireless networks
JP5813790B2 (en) Method and system for providing distributed wireless network services
US9531835B2 (en) System and method for enabling wireless social networking
US8925042B2 (en) Connecting devices to an existing secure wireless network
US8191124B2 (en) Systems and methods for acquiring network credentials
KR100494558B1 (en) The method and system for performing authentification to obtain access to public wireless LAN
CN108259164B (en) Identity authentication method and equipment of Internet of things equipment
US20130058274A1 (en) Method and system for accessing wireless networks
US9788202B2 (en) Method of accessing a WLAN access point
US20070178881A1 (en) Remotely controlling access to subscriber data over a wireless network for a mobile device
EP2060050A2 (en) Systems and methods for acquiring network credentials
KR100763131B1 (en) Network access and service registration method for public WLAN service
US10750363B2 (en) Methods and apparatuses for conditional WiFi roaming
KR100834270B1 (en) Mobile communication based virtual private network service providing method and system and mobile terminal for it
WO2014009391A1 (en) A method and a system for transferring access point passwords
JP2005354136A (en) Communication terminal, connection management server and communication system
US20090037979A1 (en) Method and System for Recovering Authentication in a Network
US20080117837A1 (en) Method for setting wireless lan communication system and wireless lan access point
KR100923909B1 (en) Method and apparatus for remote control of mobile communication terminal
EP4027675A1 (en) System and method for authentication of iot devices
JP7717665B2 (en) Authentication system, connected car, and authentication method
KR100790496B1 (en) Authentication method, system and recording medium for controlling mobile communication terminal using authentication key
KR100790495B1 (en) Authentication method, system, server and recording medium for controlling mobile communication terminal using encryption algorithm
FI116182B (en) Subscriber authentication
US11431713B2 (en) Methods, apparatus, and system for controlling access to a local network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13736884

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13736884

Country of ref document: EP

Kind code of ref document: A1