`
`
`
`
`Exhibit B
`
`
`
`Case 1:20-cv-07529 Document 1-2 Filed 09/14/20 Page 2 of 16
`I 1111111111111111 11111 111111111111111 1111111111 11111 111111111111111 IIII IIII
`US006891807B2
`
`(12) United States Patent
`Roskind et al.
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 6,891,807 B2
`May 10, 2005
`
`(54) TIME BASED WIRELESS ACCESS
`PROVISIONING
`
`(75)
`
`Inventors: James A. Roskind, Redwood City, CA
`(US); John D. Robinson, South Riding,
`VA(US)
`
`(73) Assignee: America Online, Incorporated, Dulles,
`VA(US)
`
`( *) Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 94 days.
`
`(21) Appl. No.: 10/341,847
`
`(22) Filed:
`
`Jan. 13,2003
`
`(65)
`
`Prior Publication Data
`
`US 2004/0165546 Al Aug. 26, 2004
`
`Int. Cl.7 ............................ H04L 12/26; H04Q 7/34
`(51)
`(52) U.S. Cl. ........................................ 370/255; 370/338
`(58) Field of Search ................................. 370/254, 255,
`370/338; 455/422, 435, 410, 411; 380/247
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`* 10/1995
`5/2000
`12/2000
`8/2001
`8/2001
`8/2001
`11/2001
`12/2001
`3/2002
`7/2002
`7/2002
`12/2001
`8/2003
`
`Rypinski .................... 370/346
`Cudak et al.
`............... 370/313
`Ellis ........................... 709 /201
`Dynarski et al.
`........... 370/356
`Lin et al. .................... 455/414
`Harris et al. ................ 370/338
`Gossman et al.
`........... 455/414
`Holmes et al.
`............. 455/445
`Curry et al.
`................ 370/352
`Miloslavsky ................ 370/400
`Doviak et al. .............. 455/556
`Kimura ...................... 380/247
`Cohen et al.
`............... 380/278
`
`5,461,627 A
`6,058,106 A
`6,167,428 A
`6,272,129 Bl
`6,275,693 Bl
`6,282,183 Bl
`6,317,594 Bl
`6,334,056 Bl
`6,359,880 Bl
`6,418,146 Bl
`6,418,324 Bl
`2001/0048744 Al *
`2003/0152235 Al *
`
`FOREIGN PATENT DOCUMENTS
`
`EP
`EP
`EP
`EP
`EP
`JP
`WO
`
`999 672
`1 081 895
`1 126 681
`1 191 763
`1 225 778
`2001-308866
`WO 01/22661
`
`5/2000
`3/2001
`8/2001
`3/2002
`7/2002
`11/2001
`3/2001
`
`........... H04L/12/28
`........... H04L/12/28
`........... H04L/29/06
`........... H04L/29/06
`............ H04Q/7/38
`........... H04L/12/28
`........... H04L/12/28
`
`OTHER PUBLICATIONS
`
`Microsoft Announces Wireless Provisioning Services; Geek(cid:173)
`Zone; Wi-Fi, posted Dec. 10, 2003 20:56:21 NZ.
`HP Spotlights Mobile Gear; Ina Fried; CNET News.com;
`Oct. 13, 2003.
`Wireless Provisioning Services Overview; The Cable Guy(cid:173)
`Dec. 2003; TechNet Newsletter; 2004 Microsoft Corpora(cid:173)
`tion.
`
`(Continued)
`
`Primary Examiner-Melvin Marcelo
`(74) Attorney, Agent, or Firm-Glenn Patent Group;
`Michael A Glenn
`
`(57)
`
`ABSTRACT
`
`A method and apparatus is provided for the time-based
`provisioning of wireless devices. A network access point
`monitors operation of wireless devices within a service
`region. When provisioning logic is activated at the network
`access point, the access point determines if the tracked
`parameter (such as power on or the onset of signal
`transmission) of the wireless device occurs within a desig(cid:173)
`nated time interval from the time of the provisioning acti(cid:173)
`vation. If the tracked device qualifies, the network access
`point proceeds with provisioning the device. In one system
`embodiment, the network access point tracks the power on
`time of wireless devices. When a wireless device to be
`authorized is powered on, the provisioning logic at the
`network access point notes the power on time. The user then
`activates the provisioning access at the network access
`point, and the network access point provisions the wireless
`device if it is recently powered on.
`
`EP
`
`814 623
`
`12/1997
`
`H04Q/7/22
`
`71 Claims, 7 Drawing Sheets
`
`48
`
`Communication
`Logic
`
`44
`
`Time Based
`Provisioning
`
`Activation
`
`Wireless
`Device
`
`39
`
`Connection
`
`
`
`Case 1:20-cv-07529 Document 1-2 Filed 09/14/20 Page 3 of 16
`
`US 6,891,807 B2
`Page 2
`
`OIBER PUBLICATIONS
`
`Sony Ericsson Mobile Communications; Sony Ericsson
`HBH-65 (Manual); Pub #LZT 1086746 RlA; 1st Ed. Aug.
`2003; Sony Ericsson Mobile Communications, AB.
`Security Issues for Wearable Computing and Bluetooth
`Technology; Catharina Candolin, undated.
`Privacy and Authentication for Wireless Local Area Net(cid:173)
`works; Ashar Aziz, and Whitfield Diffie; Sun Microsystems,
`Inc.; Jul. 26, 1993.
`Painting Your Home Blue [Bluetooth/sup TM/wireless Tech(cid:173)
`nology]; D. Cypher; Proceedings 2002 IEEE 4th Interna(cid:173)
`tional Workshop on Networked Appliancs; Jan. 15-16,
`2002.
`Wireless Home Networks Based on a Hierarchical Bluetooth
`Scatternet Architecture; W. Lilakiatsakun, A Seneviratne;
`Proceedings Ninth IEEE International Conference on Net(cid:173)
`works; Oct. 10-12, 2001.
`Bluetooth Wireless Technology in the Home; R. Sheperd;
`Electronics & Communication Engineering Journal; Oct.
`2001.
`Wireless Gateway for Wireless Home AV Network and Its
`Implementation; T. Saito, I. Imada, Y. Takabatke, and K.
`Teramoto, and K. Fujimoto; IEEE Transactions on consumer
`Electronics; Aug. 2001.
`
`A Wireless Home Network and Its Application Systems; H.
`Fujieda, Y. Horiike, T. Yamamoto, and T. Nomura; IEEE
`Transactions on Consumer Electronics; May 2000.
`Wireless Home Link; M. Nakagawa; IEICE Transactions on
`Communications; Dec. 1999.
`An Access Protocol for a Wireless Home Network; A.C.V.
`Gummalla, and J.O. Limb; WCNC. 1999 IEEE Wireless
`Communications and Networking Conference; Sep. 21-24,
`1999.
`Firewalls for Security in Wireless Networks; U. Murthy, 0.
`Bukhres, W. Winn, and E. Vanderdez; Proceedings of the
`Thirty-First Hawaii International Conference on System
`sciences; Jan. 6-9, 1998.
`Self-Securing Ad Hoc Wireless Networks; Haiyun Luo,
`Petros Aerfos, Jiejun Kng, Songwu Lu, and Lixia Zhang,
`undated.
`Wireless Networking for Control and Automation of
`Off-Road Equipment; by J.D. Will; An ASAE Meeting
`Presentation, undated.
`Intrusion Detection in Wireless Ad-Hoc Networks; Yong(cid:173)
`guang Zhang and Wenke Lee; Proceedings of the Sixth
`Annual International Conference on Mobile Computing and
`Networking; Aug. 6-11, 2000.
`* cited by examiner
`
`
`
`Case 1:20-cv-07529 Document 1-2 Filed 09/14/20 Page 4 of 16
`
`U.S. Patent
`
`May 10, 2005
`
`Sheet 1 of 7
`
`US 6,891,807 B2
`
`HM
`
`,,,, ,,, -- ------(cid:143)-- --------
`
`~
`
`14n
`
`...... __
`
`'
`
`-
`
`16
`
`)18
`
`'
`
`' '\
`\ HM·,
`
`\
`
`14a
`~::::::t========-1 14c
`,'16 (
`11/io
`
`I
`I
`
`/...
`
`,
`
`/
`
`/
`
`,
`
`/
`
`I
`
`I
`
`I
`I
`
`I
`
`I
`
`: 14f
`\ 14g
`
`\ \l4e
`
`\
`
`\
`
`'\
`
`'
`
`'
`
`'
`
`....
`
`.....
`
`-------- --
`
`I
`
`I
`
`I
`
`/
`
`17
`
`/
`
`/
`
`/
`
`Fig. 1
`
`
`
`Case 1:20-cv-07529 Document 1-2 Filed 09/14/20 Page 5 of 16
`
`24
`22
`
`48
`
`28
`
`34 32
`
`12
`
`520
`
`Transceiver
`
`Transceiver
`
`Communication
`Logic
`Device
`Identifier
`
`Power
`
`50/ I 26/ 27
`14
`Wireless
`Device
`
`d •
`r:JJ.
`•
`~
`~ ......
`~ = ......
`
`~
`~
`'-<
`
`'"""' ~=
`
`N
`0
`0
`Ul
`
`Network
`Access Point
`43a
`42 \ 43b r40
`
`44
`
`Time Based
`Provisioning
`
`Activation
`
`Access Control
`List
`
`c:::::J
`
`Network
`Functions
`
`4636 43n
`
`Fig. 2
`
`38
`Network
`Connection
`
`39
`
`'JJ. =(cid:173)~
`~ ....
`N
`0 ....,
`-..J
`
`e
`rJ'J.
`_,.a-...
`~
`
`'° i,-
`O'J
`Q
`-...,l
`~
`N
`
`
`
`Case 1:20-cv-07529 Document 1-2 Filed 09/14/20 Page 6 of 16
`
`U.S. Patent
`
`May 10, 2005
`
`Sheet 3 of 7
`
`US 6,891,807 B2
`
`Track Power On of Devices
`at Network Access Point
`
`Power On
`Wireless Device
`
`56
`
`52a
`
`54
`/
`
`j 5 8
`Activate Access
`(Press
`at
`Network Access Point Button)
`
`Time Based
`5
`7 Device
`Qualification
`
`62
`60
`Yesf
`
`64
`
`Initiate
`Provisioning
`
`Deny Access
`
`68
`
`Fig. 3
`
`
`
`Case 1:20-cv-07529 Document 1-2 Filed 09/14/20 Page 7 of 16
`
`U.S. Patent
`
`May 10, 2005
`
`Sheet 4 of 7
`
`US 6,891,807 B2
`
`Track Power On of Devices
`at Network Access Point
`
`54
`52b
`~
`
`58
`Activate Access
`at
`(Press
`Network Access Point Button)
`
`Power On
`Wireless Device
`
`56
`
`Time Based
`57 Device
`Qualification
`
`62
`60
`Yes/
`
`64
`
`Initiate
`Provisioning
`
`Deny Access
`
`68
`
`Fig. 4
`
`
`
`Case 1:20-cv-07529 Document 1-2 Filed 09/14/20 Page 8 of 16
`
`U.S. Patent
`
`May 10, 2005
`
`Sheet 5 of 7
`
`US 6,891,807 B2
`
`Acceptance
`Time Interval
`74
`76
`
`80
`
`70a
`
`J
`
`Provisioning
`5 8 Activation
`
`78 \gg
`Power On
`of
`Unaccepted
`Device
`
`82
`
`Time
`72~
`Fig. 5
`
`
`
`Case 1:20-cv-07529 Document 1-2 Filed 09/14/20 Page 9 of 16
`
`U.S. Patent
`
`May 10, 2005
`
`Sheet 6 of 7
`
`US 6,891,807 B2
`
`70b
`
`J
`
`7 4 Acceptance
`Time Interval
`
`Provisioning
`Activation
`58
`
`80
`
`76
`
`Device
`Activation
`56
`
`78 \88
`Power On
`of
`Unaccepted
`Device
`
`Time
`72~
`
`82
`Fig. 6
`
`
`
`Case 1:20-cv-07529 Document 1-2 Filed 09/14/20 Page 10 of 16
`
`92
`
`28
`
`2224
`
`48
`
`34 32
`
`12
`
`590
`
`d •
`r:JJ.
`•
`~
`~ ......
`~ = ......
`
`Transceiver
`
`94
`
`Transceiver
`
`Communication
`Logic
`Device
`Identifier
`
`Power
`
`so,/ 1 26
`14
`Wireless
`Device
`
`Network
`a
`Access Point
`43
`42, 43b 140
`
`~
`~
`'-<
`
`'"""' ~=
`
`N
`0
`0
`Ul
`
`44
`
`Access Control
`Time Based
`List
`Provisioning
`~ctivation 5 0 - ~~
`
`Network
`Functions
`
`57,62
`Time Based
`Qualification
`
`43n
`
`~6 36
`20F. 7
`1g.
`
`38
`Network
`Connection
`
`39
`
`'JJ. =(cid:173)~
`
`~
`-..J
`0 ....,
`-..J
`
`e
`rJ'J.
`O'I
`0'J
`'° i,-
`O'J
`Q
`-...,l
`~
`N
`
`
`
`Case 1:20-cv-07529 Document 1-2 Filed 09/14/20 Page 11 of 16
`
`US 6,891,807 B2
`
`1
`TIME BASED WIRELESS ACCESS
`PROVISIONING
`
`FIELD OF THE INVENTION
`
`The invention relates to the field of wireless connections
`between a wireless device and a network. More particularly,
`the invention relates to access provisioning between one or
`more wireless devices and an intranet access point.
`
`BACKGROUND OF THE INVENTION
`In local area networks, such as wireless home networks,
`one or more wireless devices, e.g. such as IEEE 802.llb
`devices, are linked to the network by a provisioning process
`through a network access point. When a user acquires a new
`wireless device, they need to securely tie it to their intranet,
`which comprises telling the intranet to accept wireless
`communications from the device, as well as provisioning the
`device with key material, such as for creating an encrypted
`connection. In conventional networks having one or more
`devices to be provisioned to a network access point, device
`identification information, such as a MAC address, is
`required to be communicated from the wireless device to the
`access point.
`Several methods have been described for wireless access
`provisioning to integrate wireless devices into a network.
`M. Cudak, B. Mueller, J. Kelton, and B. Classon, Network
`Protocol Method, Access Point Device and Peripheral
`Devices for Providing for an Efficient Centrally Coordinated
`Peer-to-Peer Wireless Communications Network, U.S. Pat.
`No. 6,058,106, disclose a "peer-to-peer wireless communi(cid:173)
`cations network wherein the access point device: (1) broad(cid:173)
`casts a block assignment that specifies a wireless source
`peripheral device and a wireless destination peripheral
`device; (2) receives, from the wireless destination peripheral
`device, sequence information; (3) determines whether the
`sequence information represents one of: a negative acknowl(cid:173)
`edgment and a positive acknowledgment with a sequence
`number; ( 4) forwards an acknowledgment to the wireless
`source peripheral based on the sequence information, and
`repeats steps (1)-(4) until N blocks of data, N a predeter(cid:173)
`mined integer, have been transferred from the wireless
`source peripheral to the wireless destination peripheral."
`J. Lin, P. Alfano, and S. Upp, Method and Apparatus for
`Performing Bearer Independent Wireless Application Ser(cid:173)
`vice Provisioning, U.S. Pat. No. 6,275,693 disclose a pro(cid:173)
`visioning system, in which a "mobile communication device
`contacts a provisioning proxy over the wireless bearer
`network, which in turns contacts a provisioning center over
`a public network. A provisioning tunnel is then established
`between the provisioning center and the mobile communi(cid:173)
`cation device. Once the provisioning tunnel is set up, the
`user of the mobile communication device can subscribe to,
`or unsubscribe from wireless application services."
`Wireless Device Registering Method in Wireless Home
`Network, PCT Patent Application Ser. No. WO 01/2266,
`describes the sending of an authentication key to a device for
`storage, when an identification code received from the
`device corresponds to a code stored in an access point.
`Secure Wireless LAN, European Pat. No. EP, 1081895,
`discloses wireless device use by a wireless device operator
`with an access point connected to a wired LAN in commu(cid:173)
`nication with the wireless device through air channel authen(cid:173)
`tication.
`C. Candolin, Security Issues for Wearable Computing and
`Bluetooth Technology, 23 Oct. 2000, Telecommunications
`
`2
`Software and Multimedia Laboratory, Helsinki University of
`Technology, P.B. 400, FIN-02015 HUT, Finland, describes
`Bluetooth Technology as "a short-range wireless cable
`replacement technology enabling restricted types of ad hoc
`5 networks to be formed. All the while, a need for connecting
`wearable devices, such as PDAs, mobile phones, and mp3-
`players, is rising. Such networks may be formed using
`Bluetooth technology, but issues such as security must be
`taken into consideration. Although an attempt to tackle
`10 security is made, the result is too weak to be used for
`anything else than for personal purposes."
`Other systems provide various details of the operation of
`wireless devices within a network, such as U.S. Pat. No.
`6,418,324, Apparatus and Method for Transparent Wireless
`15 Communication; U.S. Pat. No. 6,418,146, Integrated Com(cid:173)
`munication Center Functionality for WAP Devices; U.S. Pat.
`No. 6,359,880, Public Wireless/Cordless Internet Gateway;
`U.S. Pat. No. 6,334,056, Secure Gateway Processing for
`Handheld Device Markup Language; U.S. Pat. No. 6,317,
`20 594, System and Method for Providing Data to a Wireless
`Device Upon Detection of Activity of the Device on a
`Wireless Network; U.S. Pat. No. 6,282,183, Method for
`Authorizing Coupling between devices in a Capability
`Addressable Network; U.S. Pat. No. 6,272,129, Dynamic
`25 Allocation of Wireless Mobile Nodes Over An Internet
`Protocol (IP) Network; U.S. Pat. No. 6,167,428, Personal
`Computer Microprocessor Firewalls for Internet Distributed
`Processing; European Pat. No. 1225778, Wireless Repeater
`Using Identification of Call Originator; European Pat. No.
`30 EP 1191763, Access Authentication System for a Wireless
`Environment; European Pat. No. 1126681,ANetwork Portal
`System and Methods; European Pat. No. EP1081895,
`Secure Wireless Local Area Network; European Pat. No. EP
`999672, System and Method for Mapping Packet Data
`35 Functional Entities to Elements in a Communications Net(cid:173)
`work; European Pat. No. EP814623, Mobile Decision Meth(cid:173)
`odology for Accessing Multiple Wireless Data Networks;
`Privacy and Authentication for Wireless Local Area
`Networks, Ashar Aziz and Whitfield Diffie; Sun
`40 Microsystems, Inc., Jul. 26, 1993; Painting Your Home Blue
`(Bluetooth™ Wireless Technology),D. Cypher, Proceedings
`2002 IEEE 4th International Workshop on Networked
`Appliances, Jan. 15-16, 2002; Wireless Home Networks on
`a Hierarchical Bluetooth Scatternet Architecture, W.
`45 Lilakiatsakun, A Seneviratne, Proceedings Ninth IEEE
`International Conference on Networks; Oct. 10-12, 2001;
`Bluetooth Wireless Technology in the Home, R. Shephard,
`Electronics & Communication Engineering Journal; Octo(cid:173)
`ber 2001; Wireless Gateway for Wireless Home AV Network
`50 and It's Implementation, T. Saito, I. Imada, Y. Takabatke, K.
`Teramoto, and K. Fujimoto, IEEE Transactions on Con(cid:173)
`sumer Electronics, August 2001; A Wireless Home Network
`and its Applications Systems, H. Fujieda, Y. Horiike, T.
`Yamamoto, and T. Nomura, IEEE Transactions on Con-
`55 sumer Electronics, May 2000; Wireless Home Link, M.
`Nakagawa, IEICE Transactions on Communications,
`December 1999; An Access Protocol for a Wireless Home
`Network, A. C. V. Gummalla, and J. 0. Limb, WCNC 1999
`IEEE Wireless Communications and Networking Confer-
`60 ence; Sep. 21-24, 1999; Firewalls for Security in Wireless
`Networks, U. Murthy, 0. Bukres, W. Winn, and E.
`Vanderdez, Proceedings of the Thirty-First Hawaii Interna(cid:173)
`tional Conference on System Sciences, Jan. 6-9, 1998;
`Self-Securing Ad Hoc Wireless Networks, Haiyun Luo,
`65 Petros Aerfos, Jiejun Kng, Songwu Lu, and Lixia Zhang;
`Wireless Networking for Control and Automation of Off(cid:173)
`Road Equipment, J. D. Will; ASAE Meeting Presentation;
`
`
`
`Case 1:20-cv-07529 Document 1-2 Filed 09/14/20 Page 12 of 16
`
`US 6,891,807 B2
`
`4
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIG. 1 is a schematic plan view of a time based wireless
`access provisioning system;
`FIG. 2 is a functional block diagram of a time based
`wireless access provisioning system;
`FIG. 3 is a flow chart of a time based wireless access
`provisioning process;
`FIG. 4 is a flow chart of an alternate time based wireless
`access provisioning process;
`FIG. 5 shows a simplified timeline for a time based
`wireless access provisioning process;
`FIG. 6 shows a simplified timeline for an alternate time
`based wireless access provisioning process; and
`FIG. 7 shows the time-based acceptance and provisioning
`of a new wireless device within a time based wireless access
`provisioning system.
`
`DETAILED DESCRIPTION OF PREFERRED
`EMBODIMENTS
`
`3
`and Intrusion Detection in Wireless Ad-Hoc Networks,
`Yongguang Zhang and Wenke Lee, Proceeding of the Sixth
`Annual International Conference on Mobile Computing and
`Networking, Aug. 6-11, 2000.
`The disclosed prior art systems and methodologies thus 5
`provide basic provisioning for wireless devices to a network
`through an access point. However, for many networks, such
`provisioning schemes are often impractical, either for wire(cid:173)
`less devices which lack a user interface which is configured
`for communicating provisioning information, or for simple 10
`home-based intranets. For example, device identification
`information, such as a MAC address, is often required to be
`manually transcribed from the wireless device to the access
`point, since wireless devices often lack a user interface
`control to reveal such identifying information. For example, 15
`a wireless picture frame device typically lacks a control
`interface to read or extract identification information, such
`as a MAC address.
`While some wireless devices include a user interface for
`dedicated device functionality, e.g. such as a user control for 20
`a game box or a digital video recorder, a dedicated user
`interface is often incapable or cumbersome to be used to
`communicate device identification and to exchange provi(cid:173)
`sioning information. In addition, while some wireless
`devices provide a user interface control which can reveal 25
`such identifying information, provisioning procedures still
`require a user to be technically proficient to properly initiate
`and complete a provisioning process.
`It would therefore be advantageous to provide a network
`provisioning system, which does not require a user interface 30
`for the initiation of a provisioning process. The development
`of such a wireless access provisioning system would con(cid:173)
`stitute a major technological advance.
`Furthermore, it would be advantageous to provide a
`wireless access provisioning structure and process with 35
`minimal device requirements and/or user proficiency,
`whereby a wireless device is readily provisioned by the
`provisioning system, and whereby other devices within an
`access region are prevented from being provisioned by the
`provisioning system. The development of such a provision- 40
`ing system would constitute a further technological advance.
`As well, it would be advantageous that such a wireless
`access provisioning system be integrated with easily moni(cid:173)
`tored parameters of a wireless device, such as the time
`monitoring of power on and/or start of signal transmission. 45
`The development of such a provisioning system would
`constitute a further major technological advance. The devel(cid:173)
`opment of such a time-based wireless access provisioning
`system for provisioning secure encrypted communication
`would constitute a further technological advance.
`
`SUMMARY OF THE INVENTION
`A method and apparatus is provided for the time-based
`provisioning of wireless devices. A network access point
`monitors operation of wireless devices within a service
`region. When provisioning logic is activated at the network
`access point, the access point determines if the tracked
`parameter, such as the power on, of the wireless device
`occurs within a designated time interval from the time of the
`provisioning activation. If the tracked device qualifies, the
`network access point proceeds with provisioning the device.
`When a wireless device to be authorized is powered on, the
`provisioning logic at the network access point notes the
`power on time. The user then activates the provisioning
`access at the network access point, and the network access 65
`point provisions the wireless device if it is recently powered
`on.
`
`FIG. 1 is a schematic plan view 10 of a time based
`wireless access provisioning system 20. FIG. 2 is a func(cid:173)
`tional block diagram of a time based wireless access provi(cid:173)
`sioning system 20, comprising a network access point 12
`adapted to provide time-based provisioning with a wireless
`device 14.
`The network access point 12 shown in FIG. 2 comprises
`a transceiver 32 and antenna 34, which provides communi(cid:173)
`cation 16 to one or more wireless devices 14. The commu(cid:173)
`nications channel 16 typically comprises an input, i.e.
`reverse link, signal 28 from a wireless device 14 to the
`access point, as well as an output, i.e. forward link, signal
`30, from the access point 12 to the wireless device 14.
`As seen in FIG. 2, the network access point 12 typically
`comprises network logic and componentry 36, such as
`networking functions 40, thereby providing communica(cid:173)
`tions between one or more authorized wireless devices 14
`and a local network 17 (FIG. 1). The network access point
`12 shown in FIG. 2 also comprises a network connection 38
`to one or more networks 39, such as to wired devices within
`a LAN, and/or to other networks, such as the Internet. The
`network access point 12 shown in FIG. 2 comprises an
`access control list 42, which identifies wireless devices 14
`which have proper access to the local network 17 (FIG. 1),
`such as by storing accepted device identifications 50 as list
`elements 43a-43n.
`The wireless device 14 shown in FIG. 2 comprises a
`50 device transceiver 22 and antenna 24, which provides com(cid:173)
`munication 16 to the network access point 12, and in some
`embodiments to other wireless devices 14. The wireless
`device 14 comprises communication logic and componentry
`48, and comprises an associated device identifier 50, e.g.
`55 such as a unique MAC address, which is communicatable to
`the network access point 12, whereby the wireless device 14
`can be controllably provisioned into the network 17 by the
`network access point 12. The wireless device 14 also com(cid:173)
`prises power 26, e.g. wired or battery, and power activation
`60 27. In some embodiments of the time based wireless access
`provisioning system 20, the wireless device 14 is an IEEE
`802.11 WLAN and/or Bluetooth™ compliant device.
`The network access point 12 shown in FIG. 1 is located
`within a service area 18 for a network 17, such as a wireless
`local area network (WLAN) or a wireless personal area
`network (WPAN), and typically communicates 16 with a
`one or more wireless devices 14 which operate within the
`
`
`
`Case 1:20-cv-07529 Document 1-2 Filed 09/14/20 Page 13 of 16
`
`US 6,891,807 B2
`
`5
`service area 18, as well as to other wired devices connected
`to the network, and to connected 38 networks 39, such as the
`Internet.
`As seen in FIG. 1, the time based wireless access provi(cid:173)
`sioning system 20 can be used for a wide variety of wireless
`devices 14a-14n which are adapted to communicate with
`the network access point 12, such as but not limited to a
`desktop computer 14a, a portable laptop computer 14b, a
`network printer 14c, a digital video recorder 14d, a game
`box 14e, a portable phone 14/, a personal digital assistant
`(PDA) 14g, and/or a wireless picture frame 14h.
`The network access point 12 provides time-based provi(cid:173)
`sioning to ensure that only authorized wireless devices 14
`can operate within the local network 17, such as within a
`home HM, and to prevent unauthorized wireless devices 14, 15
`such as device 14n in FIG. 1, from gaining access to the
`network 17.
`In the time based wireless access provisioning system 20,
`the network access point 12 also comprises time based
`provisioning 44, which is activatible 46, such as manually
`by a user U. The time based wireless access provisioning
`system 20 securely integrates one or more wireless devices
`14 into the local area network 17. A properly timed inter(cid:173)
`action 57 (FIG. 3, FIG. 4) between a wireless device 14 to
`be provisioned and the network access point 12 acts to
`qualify the wireless device 14 to the network access point.
`Time-Based Provisioning Process.
`FIG. 3 is a flow chart of a time based wireless access
`provisioning process 52a. The network access point 12
`tracks 54 the power on time of wireless devices 14, whereby
`the powered wireless device begins transmission of a reverse
`link signal 28. When a wireless device 14 to be authorized
`is powered on 56, the provisioning logic 44 at the network
`access point 12 notes the power on time 82 (FIG. 5). The
`user U then activates 58 the provisioning access 44 at the
`network access point 12, typically by pressing an activation
`button or switch 46.
`In response to a properly timed interaction 57, the net(cid:173)
`work access point 12 provisions the wireless device 14
`automatically. As seen in FIG. 3, the network access point 12
`determines 60 if there is a recent power on of a wireless
`device 14, e.g. such as within 5 minutes. If the wireless
`device 14 was recently powered 56, such as within an
`acceptance time interval 74 (FIG. 5), the positive determi(cid:173)
`nation logic 62 allows the network access point 12 to initiate
`provisioning 64.
`As seen in FIG. 3, the time based wireless access provi(cid:173)
`sioning process 52a also prevents network access from
`devices 14 which are powered on 78 (FIG. 5) at an earlier
`time 88 (FIG. 5). If a wireless device 14 is powered on at a
`time 88 before the acceptance time interval 74 (FIG. 5), the
`negative determination logic 66 allows the network access
`point 12 to deny access 68 to the device, preventing provi(cid:173)
`sioning 64 into the network 17.
`FIG. 5 shows a simplified timeline 70a for a time based
`wireless access provisioning process 52a. The enhanced
`network access point 12 tracks power on 56 of wireless
`devices as a function of time 72. As seen in FIG. 5, the
`network access point 14 notes the start time 82 of the power
`on 56 of a wireless device 14 which is desired to be
`provisioned within the network 17. The user then activates
`provisioning logic 44 at the network access point 12, at time
`86. The provisioning logic 44 typically comprises an accep(cid:173)
`tance time interval 74, e.g. such as a 5 minute interval 74,
`having a start time 84 and an end time 86, within which
`desired devices 14 are accepted 62 (FIG. 3). As seen in FIG.
`5, the time interval 76 for the desired device 14 properly falls
`
`6
`within the acceptance interval 74, such that the provisioning
`logic 44 accepts 62 the wireless device 14, and initiates
`provisioning 64.
`As further seen in FIG. 5, the network access point 14 also
`5 notes the start time 88 of the power on 78 of a second
`wireless device 14, which is not necessarily desired to be
`provisioned by the network access point 12. When the user
`activates the provisioning logic 44 at the network access
`point 12, at time 86, the time interval 80 for the second
`10 device 14 falls outside the acceptance interval 74, i.e. failing
`66 time-based determination 60 (FIG. 3) such that the
`provisioning logic 44 denies 68 the second wireless device
`14, and prevents provisioning 64.
`Alternate Time-Based Provisioning Process.
`FIG. 4 is a flow chart of an alternate time based wireless
`access provisioning process 52b, in which a desired wireless
`device 14 to be provisioned is powered on after the provi(cid:173)
`sioning logic 44 is activated. As above, the network access
`point 12 tracks 54 the power on time of wireless devices 14,
`20 whereby the powered wireless device begins transmission of
`a reverse link signal 28. The user U then activates 58 the
`provisioning access 44 at the network access point 12,
`typically by pressing an activation button or switch 46.
`When a wireless device 14 to be authorized is powered on
`25 56, the provisioning logic 44 at the network access point 12
`notes the power on time 82 (FIG. 6).
`In response to a properly timed interaction 57, the net(cid:173)
`work access point 12 provisions the wireless device 14
`automatically. As seen in FIG. 4, the network access point 12
`30 determines 60 if there is a recent power on of a wireless
`device 14, after the provisioning logic 44 is activated 58. If
`the wireless device 14 was recently powered 56, such as
`within an acceptance time interval 74 (FIG. 6), the positive
`determination logic 62 allows the network access point 12 to
`35 initiate provisioning 64.
`As seen in FIG. 4, the alternate time based wireless access
`provisioning process 52b also prevents network access from
`devices 14 which are powered on 78 (FIG. 6) at an earlier
`time 88 (FIG. 6). If a wireless device 14 is powered on at a
`40 time 88 before ( or after) the acceptance time interval 74
`(FIG. 6), the negative determination logic 66 allows the
`network access point 12 to deny access 68 to the device 14,
`preventing provisioning 64 into the network 17.
`FIG. 6 shows a simplified timeline 70b for the alternate
`45 time based wireless access provisioning process 52b. The
`enhanced network access point 12 tracks power on 56 of
`wireless devices as a function of time 72. As seen in FIG. 6,
`the user activates provisioning logic 44 at the network
`access point 12, at time 84. The network access point 14
`50 notes the start time 82 of the power on 56 of a wireless
`device 14 which is desired to be provisioned within the
`network 17. If the power on 56 falls within the acceptance
`time interval 74, the desired device 14 is accepted 62 (FIG.
`4). As seen in FIG. 6, the time interval 76 for the desired
`55 device 14 properly falls within the acceptance interval 74,
`such that the provisioning logic 44 accepts 62 the wireless
`device 14, and initiates provisioning 64.
`As further seen in FIG. 6, the network access point 14 also
`notes the start time 88 of the power on 78 of a second
`60 wireless device 14, which is not necessarily desired to be
`provisioned by the network access point 12, such as from an
`unauthorized device 14, or from a desired device which is
`not powered on within the time interval 74. When the user
`then activates the provisioning logic 44 at the network
`65 access point 12, at time 86, the time interval 80 for the
`second device 14 falls outside the acceptance interval 74,
`and before the activation 58 of the provisioning logic 44,
`
`
`
`Case 1:20-cv-07529 Document 1-2 Filed 09/14/20 Page 14 of 16
`
`US 6,891,807 B2
`
`5
`
`10
`
`20
`
`7
`such that the provisioning logic 44 denies 68 the second
`wireless device 14, and prevents provisioning 64.
`Device Qualification.
`FIG. 7 provides a schematic view 90 of a time-based
`acceptance of a new wireless device 14 within a time based
`wireless access provisioning system 20.
`When the provisioning logic 44 time-qualifies 62 (FIG. 3,
`FIG. 4) a wireless device 14, the wireless access point 12
`accepts the time-based qualification 57, and initiates the
`provisioning process 64, which typically comprises commu(cid:173)
`nication 16 and secure provisioning of information between
`the wireless device 14 and the network access point 12, such
`as the exchange of key material, if an encryption protocol is
`to be used. Device parameters, such as the device identifier
`50, are typically sent 92 to the access point 12, wherein the
`device identifier 5