`
`
`
`
`Exhibit D
`
`
`
`Case 1:20-cv-07529 Document 1-4 Filed 09/14/20 Page 2 of 16
`I 1111111111111111 11111 1111111111 lllll 111111111111111 11111 lll111111111111111
`US007177285B2
`
`c12) United States Patent
`Roskind et al.
`
`(IO) Patent No.:
`(45) Date of Patent:
`
`US 7,177,285 B2
`*Feb.13,2007
`
`(54) TIME BASED WIRELESS ACCESS
`PROVISIONING
`
`(75)
`
`Inventors: James A. Roskind, Redwood City, CA
`(US); John D. Robinson, South Riding,
`VA (US)
`
`(73) Assignee: America Online, Incorporated, Dulles,
`VA (US)
`
`( *) Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 188 days.
`
`6,167,428 A
`6,272,129 Bl
`6,275,693 Bl
`
`12/2000 Ellis ........................... 709/201
`8/2001 Dynarski et al.
`........... 370/356
`8/2001 Lin et al. .................... 455/414
`
`(Continued)
`
`FOREIGN PATENT DOCUMENTS
`
`EP
`
`814 623
`
`12/1997
`
`(Continued)
`
`OTHER PUBLICATIONS
`
`Security Issues for Wearable Computing and Bluetooth Technology;
`Catharina Candolin, undated.
`
`This patent is subject to a terminal dis(cid:173)
`claimer.
`
`(Continued)
`
`(21) Appl. No.: 10/961,959
`
`(22) Filed:
`
`Oct. 8, 2004
`
`(65)
`
`Prior Publication Data
`
`US 2005/0043021 Al
`
`Feb. 24, 2005
`
`Related U.S. Application Data
`
`(63)
`
`Continuation of application No. 10/341,847, filed on
`Jan. 13, 2003, now Pat. No. 6,891,807.
`
`(51)
`
`(52)
`(58)
`
`(56)
`
`Int. Cl.
`H04L 12126
`(2006.01)
`H04Q 7134
`(2006.01)
`U.S. Cl. ....................................... 370/255; 370/338
`Field of Classification Search ................ 370/255,
`370/338
`See application file for complete search history.
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`5,461,627 A * 10/1995 Rypinski
`.................... 370/346
`6,058,106 A
`5/2000 Cudak et al.
`............... 370/313
`
`Primary Examiner-Melvin Marcelo
`(74) Attorney, Agent, or Firm-Michael A. Glenn; Glenn
`Patent Group
`
`(57)
`
`ABSTRACT
`
`A method and apparatus is provided for the time-based
`provisioning of wireless devices. A network access point
`monitors operation of wireless devices within a service
`region. When provisioning logic is activated at the network
`access point, the access point determines if the tracked
`parameter (such as power on or the onset of signal trans(cid:173)
`mission) of the wireless device occurs within a designated
`time interval from the time of the provisioning activation. If
`the tracked device qualifies, the network access point pro(cid:173)
`ceeds with provisioning the device. In one system embodi(cid:173)
`ment, the network access point tracks the power on time of
`wireless devices. When a wireless device to be authorized is
`powered on, the provisioning logic at the network access
`point notes the power on time. The user then activates the
`provisioning access at the network access point, and the
`network access point provisions the wireless device if it is
`recently powered on.
`
`62 Claims, 7 Drawing Sheets
`
`~------+-
`
`48
`
`~Tr-an~sc-e-iv-e~r
`
`16
`
`8
`
`12
`34 32
`-I----+------------~
`Transceiver
`
`30 94
`
`44
`
`Communication
`Logic
`Device
`Identifier
`
`Power
`
`26
`
`Wireless
`Device
`
`38
`Network
`Connection
`
`
`
`Case 1:20-cv-07529 Document 1-4 Filed 09/14/20 Page 3 of 16
`
`US 7,177,285 B2
`Page 2
`
`U.S. PATENT DOCUMENTS
`
`6,282,183 Bl
`6,317,594 Bl
`6,334,056 Bl
`6,359,880 Bl
`6,418,146 Bl
`6,418,324 Bl
`6,891,807 B2 *
`2001/0048744 Al*
`2003/0152235 Al*
`
`8/2001 Harris et al. ................ 370/338
`11/2001 Gossman et al.
`........... 455/414
`12/2001 Holmes et al.
`. ............ 455/445
`3/2002 Curry et al.
`................ 370/352
`7/2002 Miloslavsky ................ 370/400
`7/2002 Doviak et al. .............. 455/556
`5/2005 Roskind et al. ............. 370/255
`12/2001 Kimura ...................... 380/247
`8/2003 Cohen et al.
`............... 380/278
`
`FOREIGN PATENT DOCUMENTS
`
`EP
`EP
`EP
`EP
`EP
`JP
`WO
`
`999 672
`1 081 895
`1 126 681
`1 191 763
`1 225 778
`2001-308866
`WO 01/22661
`
`5/2000
`3/2001
`8/2001
`3/2002
`7/2002
`11/2001
`3/2001
`
`OTHER PUBLICATIONS
`
`Privacy and Authentication for Wireless Local Area Networks;
`Ashar Aziz, and Whitfield Diffie; Sun Microsystems, Inc.; Jul. 26,
`1993.
`Painting Your Home Blue [Bluetooth/sup TM/wireless Technology];
`D. Cypher; Proceedings 2002 IEEE 4th International Workshop on
`Networked Appliances; Jan. 15-16, 2002.
`Wireless Home Networks Based on a Hierarchical Bluetooth Scat(cid:173)
`ternet Architecture; W. Lilakiatsakun, A. Seneviratne; Proceedings
`Ninth IEEE International Conference on Networks; Oct. 10-12,
`2001.
`Bluetooth Wireless Technology in the Home; R. Sheperd; Electron(cid:173)
`ics & Communication Engineering Journal; Oct. 2001.
`
`Wireless Gateway for Wireless Home AV Network and Its Imple(cid:173)
`mentation; T. Saito, I. Imoda, Y. Takabatke, and K. Teramoto, and
`K. Fujimoto; IEEE Transactions on consumer Electronics; Aug.
`2001.
`A Wireless Home Network and Its Application Systems; H. Fujieda,
`Y. Horiike, T. Yamamoto, and T. Nomura; IEEE Transactions on
`Consumer Electronics; May 2000.
`Wireless Home Link; M. Nakagawa; IEICE Transactions on Com(cid:173)
`munications; Dec. 1999.
`An Access Protocol for a Wireless Home Network; A.C.V. Gum(cid:173)
`malla, and J.O. Limb; WCNC. 1999 IEEE Wireless Communica(cid:173)
`tions and Networking Conference; Sep. 21-24, 1999.
`Firewalls for Security in Wireless Networks; U. Murthy, 0. Bukhres,
`W. Winn, and E. Vanderdez; Proceedings of the Thirty-First Hawaii
`International Conference on System sciences; Jan. 6-9, 1998.
`Self-Securing Ad Hoc Wireless Networks; Haiyun Luo, Petros
`Aerfos, Jiejun Kng, Songwu Lu, and Lixia Zhang, undated.
`Wireless Networking for Control and Automation of Off-Road
`Equipment; by J.D. Will; An ASAE Meeting Presentation, undated.
`Intrusion Detection in Wireless Ad-Hoc Networks; Yongguang
`Zhang and Wenke Lee; Proceedings of the Sixth Annual Interna(cid:173)
`tional Conference on Mobile Computing and Networking; Aug.
`6-11, 2000.
`Microsoft Announces Wireless Provisioning Services; GeekZone;
`Wi-Fi, posted Dec. 10, 2003 20:56:21 NZ.
`HP Spotlights Mobile Gear; Ina Fried; CNET News.com; Oct. 13,
`2003.
`Wireless Provisioning Services Overview; The Cable Guy-Dec.
`2003; TechNet Newsletter; 2004 Microsoft Corporation.
`Sony Ericsson Mobile Communications; Sony Ericsson HBH-65
`(Manual); Pub #LZT 1086746 RlA; l'' Ed. Aug. 2003; Sony
`Ericsson Mobile Communications, AB.
`
`* cited by examiner
`
`
`
`Case 1:20-cv-07529 Document 1-4 Filed 09/14/20 Page 4 of 16
`
`U.S. Patent
`
`Feb. 13, 2007
`
`Sheet 1 of 7
`
`US 7,177,285 B2
`
`HM
`
`16
`
`'
`
`'
`
`'
`'
`HM ,
`
`\
`
`I
`
`I
`
`I
`
`I
`I
`I
`I
`I
`
`I
`
`I
`
`I
`
`14a
`
`14c
`
`17
`
`I
`
`I
`
`/
`
`/
`
`______ .. -
`
`/
`
`/ -/ Fig. 1
`
`/
`
`/
`
`/
`
`I
`
`I
`
`I
`
`I
`I
`
`I
`
`1
`
`~ 14f
`\14g
`' \l4e
`
`\
`
`\
`
`'
`
`'
`
`'
`
`'
`
`'
`
`
`
`Case 1:20-cv-07529 Document 1-4 Filed 09/14/20 Page 5 of 16
`
`2224
`
`48
`
`34 32
`
`12
`
`520
`
`e •
`
`00
`•
`~
`~
`~
`
`~ = ~
`
`Transceiver
`
`30
`
`Transceiver
`
`Communication
`Logic
`Device
`Identifier
`
`Power
`
`50/ I 261 27
`14
`Wireless
`Device
`
`Network
`a
`Access Point
`43
`42 \ 43b r40
`
`"f'j
`('D
`?'
`....
`
`'-"~
`N
`0
`0
`-....J
`
`44
`
`Time Based
`Provisioning
`
`Activation
`
`Access Control
`List
`
`c=:::i . • .
`
`Network
`Functions
`
`('D
`('D
`
`rJJ =(cid:173)
`.....
`N
`0 ....
`
`-....J
`
`Ll6 36
`
`43n
`
`Fig. 2
`
`38
`Network
`Connection
`
`39
`
`d r.,;_
`
`'-"--...l
`"'""'
`--...l
`--...l
`'N
`00
`
`UI = N
`
`
`
`Case 1:20-cv-07529 Document 1-4 Filed 09/14/20 Page 6 of 16
`
`U.S. Patent
`
`Feb.13,2007
`
`Sheet 3 of 7
`
`US 7,177,285 B2
`
`Track Power On of Devices
`at Network Access Point
`
`Power On
`Wireless Device
`
`56
`
`54
`52a
`./
`
`Activate Access
`at
`Network Access Point
`
`58
`j (Press
`Button)
`
`Time Based
`5
`7 Device
`Qualification
`
`There Recent
`Power On of
`
`62
`60
`Yes/
`
`64
`
`Deny Access
`
`68
`
`Initiate
`Provisioning
`
`Fig. 3
`
`
`
`Case 1:20-cv-07529 Document 1-4 Filed 09/14/20 Page 7 of 16
`
`U.S. Patent
`
`Feb.13,2007
`
`Sheet 4 of 7
`
`US 7,177,285 B2
`
`Track Power On of Devices
`at Network Access Point
`
`54
`52b
`J
`
`j 5 8
`Activate Access
`(Press
`at
`NetworkAccess Point Button)
`
`Power On
`Wireless Device
`
`56
`
`Time Based
`57 Device
`Qualification
`
`62
`60
`Yes/
`
`There Recent
`Power On of
`Wireless Device
`
`64
`
`Deny Access
`
`68
`
`Initiate
`Provisioning
`
`Fig. 4
`
`
`
`Case 1:20-cv-07529 Document 1-4 Filed 09/14/20 Page 8 of 16
`
`U.S. Patent
`
`Feb. 13, 2007
`
`Sheet 5 of 7
`
`US 7,177,285 B2
`
`Acceptance
`Time Interval
`74
`76
`
`80
`
`70a
`
`J
`
`Provisioning
`5 8 Activation
`
`78 \ss
`
`Power On
`of
`Unaccepted
`Device
`
`82
`
`Time
`72~
`Fig. 5
`
`
`
`Case 1:20-cv-07529 Document 1-4 Filed 09/14/20 Page 9 of 16
`
`U.S. Patent
`
`Feb.13,2007
`
`Sheet 6 of 7
`
`US 7,177,285 B2
`
`70b
`
`J
`
`7 4 Acceptance
`Time Interval
`
`Provisioning
`Activation
`58
`
`80
`
`Device
`Activation
`56
`
`78 \ss
`
`Power On
`of
`Unaccepted
`Device
`
`Time
`72~
`
`82
`Fig. 6
`
`
`
`Case 1:20-cv-07529 Document 1-4 Filed 09/14/20 Page 10 of 16
`
`92
`
`16
`
`24
`22
`
`48
`
`590
`
`34 32
`
`12
`
`e •
`
`00
`•
`~
`~
`~
`
`~ = ~
`
`Transceiver
`
`30
`
`'94
`
`Transceiver
`
`Communication
`Logic
`Device
`Identifier
`
`Power
`
`44
`
`Time Based
`Provisioning
`~ctivation
`
`Network
`a
`Access Point 43
`42 \ 43b r40
`
`"f'j
`('D
`
`?' ....
`
`~
`'-"
`N
`0
`0
`-....J
`
`Access Control
`List
`-
`(cid:141) c:::i r'
`. . .
`
`I
`
`'
`
`50
`
`Network
`Functions
`
`('D
`
`-....J
`
`rJJ =(cid:173)
`('D ....
`0 ....
`
`-....J
`
`50/ j 26/ 27
`14
`Wireless
`Device
`
`57,62
`Time Based
`Qualification
`
`~6 36 J 43n
`20
`-Fig. 7
`
`38
`Network
`Connection
`
`39
`
`d r.,;_
`
`'-"--...l
`""'"'
`--...l
`--...l
`'N
`00
`
`UI = N
`
`
`
`Case 1:20-cv-07529 Document 1-4 Filed 09/14/20 Page 11 of 16
`
`US 7,177,285 B2
`
`1
`TIME BASED WIRELESS ACCESS
`PROVISIONING
`
`CROSS-REFERENCE TO RELATED
`APPLICATION
`
`This application is a continuation of U.S. Ser. No. 10/341,
`847, filed Jan. 13, 2003, now U.S. Pat. No. 6,891,807 B2,
`which is incorporated herein in its entirety by this reference
`thereto.
`
`FIELD OF THE INVENTION
`
`The invention relates to the field of wireless connections
`between a wireless device and a network. More particularly,
`the invention relates to access provisioning between one or
`more wireless devices and an intranet access point.
`
`BACKGROUND OF THE INVENTION
`
`In local area networks, such as wireless home networks,
`one or more wireless devices, e.g. such as IEEE 802.11 b
`devices, are linked to the network by a provisioning process
`through a network access point. When a user acquires a new
`wireless device, they need to securely tie it to their intranet,
`which comprises telling the intranet to accept wireless
`communications from the device, as well as provisioning the
`device with key material, such as for creating an encrypted
`connection. In conventional networks having one or more
`devices to be provisioned to a network access point, device
`identification information, such as a MAC address, is
`required to be communicated from the wireless device to the
`access point.
`Several methods have been described for wireless access
`provisioning to integrate wireless devices into a network.
`M. Cudak, B. Mueller, J. Kelton, andB. Classon, Network
`Protocol Method, Access Point Device and Peripheral
`Devices for Providing for an Efficient Centrally Coordinated
`Peer-to-Peer Wireless Communications Network, U.S. Pat.
`No. 6,058,106, discloses a "peer-to-peer wireless commu(cid:173)
`nications network wherein the access point device: (1)
`broadcasts a block assignment that specifies a wireless
`source peripheral device and a wireless destination periph(cid:173)
`eral device; (2) receives, from the wireless destination
`peripheral device, sequence information; (3) determines
`whether the sequence information represents one of: a
`negative acknowledgment and a positive acknowledgment
`with a sequence number; (4) forwards an acknowledgment
`to the wireless source peripheral based on the sequence
`information, and repeats steps (1)-(4) until N blocks of data,
`N a predetermined integer, have been transferred from the
`wireless source peripheral to the wireless destination periph(cid:173)
`eral."
`J. Lin, P. Alfano, and S. Upp, Method and Apparatus for
`Performing Bearer Independent Wireless Application Ser(cid:173)
`vice Provisioning, U.S. Pat. No. 6,275,693 disclose a pro(cid:173)
`visioning system, in which a "mobile communication device
`contacts a provisioning proxy over the wireless bearer
`network, which in turns contacts a provisioning center over
`a public network. A provisioning tunnel is then established
`between the provisioning center and the mobile communi(cid:173)
`cation device. Once the provisioning tunnel is set up, the
`user of the mobile communication device can subscribe to,
`or unsubscribe from wireless application services."
`Wireless Device Registering Method in Wireless Home
`Network, PCT Patent Application No. WO 01/2266,
`describes the sending of an authentication key to a device for
`
`2
`storage, when an identification code received from the
`device corresponds to a code stored in an access point.
`Secure Wireless LAN, European Pat. No. EP, 1081895,
`discloses wireless device use by a wireless device operator
`5 with an access point connected to a wired LAN in commu(cid:173)
`nication with the wireless device through air channel authen(cid:173)
`tication.
`C. Candolin, Security Issues for Wearable Computing and
`Bluetooth Technology, 23 Oct. 2000, Telecommunications
`10 Software and Multimedia Laboratory, Helsinki University of
`Technology, P.B. 400, FIN-02015 HUT, Finland, describes
`Bluetooth Technology as "a short-range wireless cable
`replacement technology enabling restricted types of ad hoc
`networks to be formed. All the while, a need for connecting
`15 wearable devices, such as PDAs, mobile phones, and mp3-
`players, is rising. Such networks may be formed using
`Bluetooth technology, but issues such as security must be
`taken into consideration. Although an attempt to tackle
`security is made, the result is too weak to be used for
`20 anything else than for personal purposes."
`Other systems provide various details of the operation of
`wireless devices within a network, such as U.S. Pat. No.
`6,418,324, Apparatus and Method for Transparent Wireless
`Communication; U.S. Pat. No. 6,418,146, Integrated Com-
`25 munication Center Functionality for WAP Devices; U.S. Pat.
`No. 6,359,880, Public Wireless/Cordless Internet Gateway;
`U.S. Pat. No. 6,334,056, Secure Gateway Processing for
`Handheld Device Marknp Language; U.S. Pat. No. 6,317,
`594, System and Method for Providing Data to a Wireless
`30 Device Upon Detection of Activity of the Device on a
`Wireless Network; U.S. Pat. No. 6,282,183, Method for
`Authorizing Coupling between devices in a Capability
`Addressable Network; U.S. Pat. No. 6,272,129, Dynamic
`Allocation of Wireless Mobile Nodes Over An Internet
`35 Protocol (IP) Network; U.S. Pat. No. 6,167,428, Personal
`Computer Microprocessor Firewalls for Internet Distributed
`Processing; European Pat. No. 1225778, Wireless Repeater
`Using Identification of Call Originator; European Pat. No.
`EP 1191763, Access Authentication System for a Wireless
`40 Environment; European Pat. No. 1126681, A Network Portal
`System and Methods; European Pat. No. EP1081895,
`Secure Wireless Local Area Network; European Pat. No. EP
`999672, System and Method for Mapping Packet Data
`Functional Entities to Elements in a Communications Net-
`45 work; European Pat. No. EP814623, Mobile Decision Meth(cid:173)
`odology for Accessing Multiple Wireless Data Networks;
`Privacy and Authentication for Wireless Local Area Net(cid:173)
`works, Ashar Aziz and Whitfield Diffie; Sun Microsystems,
`Inc., Jul. 26, 1993; Painting Your Home Blue (Bluetooth™
`50 Wireless Technology), D. Cypher, Proceedings 2002 IEEE
`4'h International Workshop on Networked Appliances, Jan.
`15-16, 2002; Wireless Home Networks on a Hierarchical
`Bluetooth Scatternet Architecture, W. Lilakiatsakun, A.
`Seneviratne, Proceedings Ninth IEEE International Confer-
`55 ence on Networks; Oct. 10---12, 2001; Bluetooth Wireless
`Technology in the Home, R. Shephard, Electronics & Com(cid:173)
`munication Engineering Journal; October 2001; Wireless
`Gateway for Wireless Home AV Network and It's Implemen(cid:173)
`tation, T. Saito, I. Imada, Y. Takabatke, K. Teramoto, and K.
`60 Fujimoto, IEEE Transactions on Consumer Electronics,
`August 2001; A Wireless Home Network and its Applications
`Systems, H. Fujieda, Y. Horiike, T. Yamamoto, and T.
`Nomura, IEEE Transactions on Consumer Electronics, May
`2000; Wireless Home Link, M. Nakagawa, IEICE Transac-
`65 tions on Communications, December 1999; An Access Pro(cid:173)
`tocol for a Wireless Home Network, A. C. V. Gummalla, and
`J. 0. Limb, WCNC 1999 IEEE Wireless Communications
`
`
`
`Case 1:20-cv-07529 Document 1-4 Filed 09/14/20 Page 12 of 16
`
`US 7,177,285 B2
`
`4
`occurs within a designated time interval from the time of the
`provisioning activation. If the tracked device qualifies, the
`network access point proceeds with provisioning the device.
`When a wireless device to be authorized is powered on, the
`provisioning logic at the network access point notes the
`power on time. The user then activates the provisioning
`access at the network access point, and the network access
`point provisions the wireless device if it is recently powered
`on.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIG. 1 is a schematic plan view of a time based wireless
`access provisioning system;
`FIG. 2 is a functional block diagram of a time based
`wireless access provisioning system;
`FIG. 3 is a flow chart of a time based wireless access
`provisioning process;
`FIG. 4 is a flow chart of an alternate time based wireless
`access provisioning process;
`FIG. 5 shows a simplified timeline for a time based
`wireless access provisioning process;
`FIG. 6 shows a simplified timeline for an alternate time
`based wireless access provisioning process; and
`FIG. 7 shows the time-based acceptance and provisioning
`of a new wireless device within a time based wireless access
`provisioning system.
`
`DETAILED DESCRIPTION OF PREFERRED
`EMBODIMENTS
`
`FIG. 1 is a schematic plan view 10 of a time based
`wireless access provisioning system 20. FIG. 2 is a func(cid:173)
`tional block diagram of a time based wireless access provi(cid:173)
`sioning system 20, comprising a network access point 12
`adapted to provide time-based provisioning with a wireless
`device 14.
`The network access point 12 shown in FIG. 2 comprises
`a transceiver 32 and antenna 34, which provides communi(cid:173)
`cation 16 to one or more wireless devices 14. The commu(cid:173)
`nications channel 16 typically comprises an input, i.e.
`reverse link, signal 28 from a wireless device 14 to the
`access point, as well as an output, i.e. forward link, signal
`30, from the access point 12 to the wireless device 14.
`As seen in FIG. 2, the network access point 12 typically
`comprises network logic & componentry 36, such as net(cid:173)
`working functions 40, thereby providing communications
`between one or more authorized wireless devices 14 and a
`local network 17 (FIG. 1). The network access point 12
`shown in FIG. 1 also comprises a network connection 38 to
`one or more networks 39, such as to wired devices within a
`LAN, and/or to other networks, such as the Internet. The
`network access point 12 shown in FIG. 2 comprises an
`access control list 42, which identifies wireless devices 14
`which have proper access to the local network 17 (FIG. 1),
`such as by storing accepted device identifications 50 as list
`elements 43a-43n.
`The wireless device 14 shown in FIG. 2 comprises a
`device transceiver 22 and antenna 24, which provides com-
`60 munication 16 to the network access point 12, and in some
`embodiments to other wireless devices 14. The wireless
`device 14 comprises communication logic and componentry
`48, and comprises an associated device identifier 50, e.g.
`such as a unique MAC address, which is communicatable to
`the network access point 12, whereby the wireless device 14
`can be controllably provisioned into the network 17 by the
`network access point 12. The wireless device 14 also com-
`
`3
`and Networking Conference; Sep. 21-24, 1999; Firewalls
`for Security in Wireless Networks, V. Murthy, 0. Bukres, W.
`Winn, and E. Vanderdez, Proceedings of the Thirty-First
`Hawaii International Conference on System Sciences, Jan.
`6-9, 1998; Self-Securinq Ad Hoc Wireless Networks, Haiyun 5
`Luo, Petros Aerfos, Jiejun Kng, Songwu Lu, and Lixia
`Zhang; Wireless Networking for Control and Automation of
`Off-Road Equipment, J. D. Will; ASAE Meeting Presenta(cid:173)
`tion; and Intrusion Detection in Wireless Ad-Hoc Networks,
`Yongguang Zhang and Wenke Lee, Proceeding of the Sixth 10
`Annual International Conference on Mobile Computing and
`Networking, Aug. 6-11, 2000.
`The disclosed prior art systems and methodologies thus
`provide basic provisioning for wireless devices to a network
`through an access point. However, for many networks, such 15
`provisioning schemes are often impractical, either for wire(cid:173)
`less devices which lack a user interface which is configured
`for communicating provisioning information, or for simple
`home-based intranets. For example, device identification
`information, such as a MAC address, is often required to be 20
`manually transcribed from the wireless device to the access
`point, since wireless devices often lack a user interface
`control to reveal such identifying information. For example,
`a wireless picture frame device typically lacks a control
`interface read or extract identification information, such as 25
`a MAC address.
`While some wireless devices include a user interface for
`dedicated device functionality, e.g. such as a user control for
`a game box or a digital video recorder, a dedicated user
`interface is often incapable or cumbersome to be used to 30
`communicate device identification and to exchange provi(cid:173)
`sioning information. In addition, while some wireless
`devices provide a user interface control which can reveal
`such identifying information, provisioning procedures still
`require a user to be technically proficient to properly initiate 35
`and complete a provisioning process.
`It would therefore be advantageous to provide a network
`provisioning system, which does not require a user interface
`for the initiation of a provisioning process. The development
`of such a wireless access provisioning system would con- 40
`stitute a major technological advance.
`Furthermore, it would be advantageous to provide a
`wireless access provisioning structure and process with
`minimal device requirements and/or user proficiency,
`whereby a wireless device is readily provisioned by the 45
`provisioning system, and whereby other devices within an
`access region are prevented from being provisioned by the
`provisioning system. The development of such a provision(cid:173)
`ing system would constitute a further technological advance.
`As well, it would be advantageous that such a wireless 50
`access provisioning system be integrated with easily moni(cid:173)
`tored parameters of a wireless device, such as the time
`monitoring of power on and/or start of signal transmission.
`The development of such a provisioning system would
`constitute a further major technological advance. The <level- 55
`opment of such a time-based wireless access provisioning
`system for provisioning secure encrypted communication
`would constitute a further technological advance.
`
`SUMMARY OF THE INVENTION
`
`A method and apparatus is provided for the time-based
`provisioning of wireless devices. A network access point
`monitors operation of wireless devices within a service
`region. When provisioning logic is activated at the network 65
`access point, the access point determines if the tracked
`parameter, such as the power on, of the wireless device
`
`
`
`Case 1:20-cv-07529 Document 1-4 Filed 09/14/20 Page 13 of 16
`
`US 7,177,285 B2
`
`5
`
`5
`prises power 26, e.g. wired or battery, and power activation
`26. In some embodiments of the time based wireless access
`provisioning system 20, the wireless device is an IEEE
`802.11 WLAN and/or Bluetooth™ compliant device.
`The network access point 12 shown in FIG. 1 is located
`within a service area 18 for a network 17, such as a wireless
`local area network (WLAN) or a wireless personal area
`network (WPAN), and typically communicates 16 with a
`one or more wireless devices 14 which operate within the
`service area 18, as well as to other wired devices connected
`to the network, and to connected networks, such as the
`Internet.
`As seen in FIG. 1, the time based wireless access provi(cid:173)
`sioning system 20 can be used for a wide variety of wireless
`devices 14a-14n which are adapted to communicate with
`the network access point 12, such as but not limited to a
`desktop computer 14a, a portable laptop computer 14b, a
`network printer 14c, a digital video recorder 14d, a game
`box 14e, a portable phone 14{, a personal digital assistant
`(PDA) 14g, and/or a wireless picture frame 14h.
`The network access point 12 provides time-based provi(cid:173)
`sioning to ensure that only authorized wireless devices 14
`can operate within the local network 17, such as within a
`home HM, and to prevent unauthorized wireless devices 14,
`such as device 14n in FIG. 1, from gaining access to the
`network 17.
`In the time based wireless access provisioning system 20,
`the network access point 12 also comprises time based
`provisioning 44, which is activatible 46, such as manually
`by a user U. The time based wireless access provisioning
`system 20 securely integrates one or more wireless devices
`14 into the local area network 17. A properly timed inter(cid:173)
`action 57 (FIG. 3, FIG. 4) between a wireless device 14 to
`be provisioned and the network access point 12 acts to
`qualify the wireless device 14 to the network access point. 35
`Time-Based Provisioning Process. FIG. 3 is a flow chart
`of a time based wireless access provisioning process 52a.
`The network access point 12 tracks 54 the power on time of
`wireless devices 14, whereby the powered wireless device
`begins transmission of a reverse link signal 28. When a
`wireless device 14 to be authorized is powered on 56, the
`provisioning logic 44 at the network access point 12 notes
`the power on time 82 (FIG. 5). The user U then activates 58
`the provisioning access 44 at the network access point 12,
`typically by pressing an activation button or switch 46.
`In response to a properly timed interaction 57, the net(cid:173)
`work access point 12 provisions the wireless device 14
`automatically. As seen in FIG. 3, the network access point 12
`determines 60 if there is a recent power on of a wireless
`device 14, e.g. such as within 5 minutes. If the wireless
`device 14 was recently powered 56, such as within an
`acceptance time interval 74 (FIG. 5), the positive determi(cid:173)
`nation logic 62 allows the network access point 12 to initiate
`provisioning 64.
`As seen in FIG. 3, the time based wireless access provi(cid:173)
`sioning process 52a also prevents network access from
`devices 14 which are powered on 78 (FIG. 5) at an earlier
`time 88 (FIG. 5). If a wireless device 14 is powered on at a
`time 88 before the acceptance time interval 74 (FIG. 5), the
`negative determination logic 66 allows the network access
`point 12 to deny access 68 to the device, preventing provi(cid:173)
`sioning 64 into the network 17.
`FIG. 5 shows a simplified timeline 70a for a time based
`wireless access provisioning process 52a. The enhanced
`network access point 12 tracks power on 56 of wireless
`devices as a function of time 72. As seen in FIG. 5, the
`network access point 14 notes the start time 82 of the power
`
`6
`on 56 of a wireless device 14 which is desired to be
`provisioned within the network 17. The user then activates
`provisioning logic 44 at the network access point 12, at time
`86. The provisioning logic 44 typically comprises an accep-
`tance time interval 74, e.g. such as a 5 minute interval 74,
`having a start time 84 and an end time 86, within which
`desired devices 14 are accepted 62 (FIG. 3). As seen in FIG.
`5, the time interval 76 for the desired device 14 properly falls
`within the acceptance interval 74, such that the provisioning
`10 logic 44 accepts 62 the wireless device 14, and initiates
`provisioning 64.
`As further seen in FIG. 5, the network access point 14 also
`notes the start time 88 of the power on 78 of a second
`wireless device 14, which is not necessarily desired to be
`15 provisioned by the network access point 12. When the user
`activates the provisioning logic 44 at the network access
`point 12, at time 86, the time interval 80 for the second
`device 14 falls outside the acceptance interval 74, i.e. failing
`66 time-based determination 60 (FIG. 3) such that the
`20 provisioning logic 44 denies 68 the second wireless device
`14, and prevents provisioning 64.
`Alternate Time-Based Provisioning Process. FIG. 4 is a
`flow chart of an alternate time based wireless access provi(cid:173)
`sioning process 52b, in which a desired wireless device 14
`25 to be provisioned is powered on after the provisioning logic
`44 is activated. As above, the network access point 12 tracks
`54 the power on time of wireless devices 14, whereby the
`powered wireless device begins transmission of a reverse
`link signal 28. The user U then activates 58 the provisioning
`30 access 44 at the network access point 12, typically by
`pressing an activation button or switch 46. When a wireless
`device 14 to be authorized is powered on 56, the provision(cid:173)
`ing logic 44 at the network access point 12 notes the power
`on time 82 (FIG. 6).
`In response to a properly timed interaction 57, the net-
`work access point 12 provisions the wireless device 14
`automatically. As seen in FIG. 4, the network access point 12
`determines 60 if there is a recent power on of a wireless
`device 14, after the provisioning logic 44 is activated 58. If
`40 the wireless device 14 was recently powered 56, such as
`within an acceptance time interval 74 (FIG. 6), the positive
`determination logic 62 allows the network access point 12 to
`initiate provisioning 64.
`As seen in FIG. 4, the alternate time based wireless access
`45 provisioning process 52b also prevents network access from
`devices 14 which are powered on 78 (FIG. 6) at an earlier
`time 88 (FIG. 6). If a wireless device 14 is powered on at a
`time 88 before ( or after) the acceptance time interval 7 4
`(FIG. 6), the negative determination logic 66 allows the
`50 network access point 12 to deny access 68 to the device 14,
`preventing provisioning 64 into the network 17.
`FIG. 6 shows a simplified timeline 70b for the alternate
`time based wireless access provisioning process 52b. The
`enhanced network access point 12 tracks power on 56 of
`55 wireless devices as a function of time 72. As seen in FIG. 6,
`the user activates provisioning logic 44 at the network
`access point 12, at time 84. The network access point 14
`notes the start time 82 of the power on 56 of a wireless
`device 14 which is desired to be provisioned within the
`60 network 17. If the power on 56 falls within the acceptance
`time interval 74, the desired device 14 is accepted 62 (FIG.
`4). As seen in FIG. 6, the time interval 76 for the desired
`device 14 properly falls within the acceptance interval 74,
`such that the provisioning logic 44 accepts 62 the wireless
`65 device 14, and initiates provisioning 64.
`As further seen in FIG. 6, the network access point 14 also
`notes the start time 88 of the power on 78 of a second
`
`
`
`Case 1:20-cv-07529 Document 1-4 Filed 09/14/20 Page 14 of 16
`
`US 7,177,285 B2
`
`7
`wireless device 14, which is not necessarily desired to be
`provisioned by the network access point 12, such as from an
`unauthorized device 14, or from a desired device which is
`not powered on within the time interval 74. When the user
`then activates the provisioning logic 44 at the network
`access point 12, at time 86, the time interval 80 for the
`second device 14 falls outside the acceptance interval 74,
`and before the activation 58 of the provisioning logic 44,
`such that the provisioning logic 44 denies 66 the second
`wireless device 14, and prevents provisioning 64.
`Device Qualification. FIG. 7 provides a schematic view
`90 of a time-based acceptance of a new wireless device 14
`within a time based wireless access provisioning system 20.
`When a\the provisioning logic 44 time-qualifies 62 (FIG.
`3, FIG. 4) a wireless device 14,