1. Field of the Technology
The present disclosure relates generally to mobile communication devices which communicate with wireless communication networks such as wireless local area networks (WLANs), and more particularly to secure provisioning procedures for mobile communication devices which operate in WLANs.
2. Description of the Related Art
In wireless communication networks, such as wireless local area networks (WLANs) which operate in accordance with 802.11-based standards, secure provisioning of information “over-the-air” for mobile communication devices has not been adequately addressed. Provisioning information may be or include various sensitive information, such as authentication keys, passwords, or network identifiers. If such sensitive information is sent over-the-air by the WLAN in a provisioning procedure, it may be exposed and vulnerable to outside users.
For example, network identifiers may be utilized by mobile communication devices to identify the appropriate WLAN to connect with and obtain services. For 802.11-based WLANs, the network identifiers are called extended service set identifiers (ESSIDs). After a mobile device is manufactured and sold, the ESSID of the WLAN of the mobile device needs to be “provisioned” or saved in memory of the mobile device. Typically, the ESSID is entered in by the end user through a keyboard of the mobile device. It is desirable, however, to minimize data entry steps for provisioning a mobile device. Thus, it would be more desirable to have the WLAN itself provision the mobile device with the ESSID, but the mobile device needs the ESSID of the WLAN in order to initially connect with its WLAN. If the ESSID is sent over-the-air by the WLAN in a provisioning procedure, it is exposed and vulnerable to outside users who may gain access to the private WLAN.
Accordingly, what are needed are methods and apparatus for securely provisioning mobile communication devices in WLANs.