1. Field of the Invention
The invention relates to methods of controlling a transceiver to remotely interrogate wireless devices on demand in some prescribed operational area so as to identify the presence of said device, whether it is friend or foe, and subsequently disabling the device based on its disposition or enticing it to transmit to facilitate its location.
2. Description of Related Art
The widespread use of wireless devices in criminal and terrorist activities has made it desirable for law enforcement officials to be able to identify and subsequently suppress, ring, locate, or when necessary even disable clandestine wireless devices. Such devices may be concealed in containers or on persons, may be connected to detonators or other activators, or may be being used for purposes of terrorism, unauthorized intelligence collection. In some cases, the wireless device may even have been inadvertently enabled in a secure environment by legitimate subscribers. Law enforcement officials further need to be able to identify and quarantine wireless devices in emergency situations or in situations where use of wireless devices is prohibited, such as prisons, hospitals or baggage screening areas and to determine the identifying information of a wireless device prior to locating and intercepting the wireless device and collecting either voice or data from the wireless device.
Wireless devices operate as described in wireless communications standards such as CDMA, GSM, or UTMS. All of these standards prescribe specific conditions under which a wireless device registers for service with a providing system. Examples of such conditions include: upon power up of the wireless device; after some prescribed period of time determined by system parameters regularly broadcast by beacons contained in cell towers belonging to the providing system; or when movement of a wireless device requires re-registration. Re-registration is required when a wireless device moves from its current registration area to another registration area so as to facilitate the orderly routing of all incoming calls. Once a wireless device has registered or reregistered itself with a beacon, it begins interacting with the beacon. Until the wireless device again reregisters itself, it will interact with no other beacon. A wireless device is said to be monitoring the beacon it is currently interacting with.
The wireless standards further prescribe that a wireless device register (or re-register) with the system when the wireless device detects a beacon in its registration area that is “better” than the beacon the wireless device is currently monitoring. The “better” beacon has either greater signal strength or better quality compared to the beacon which the wireless device is currently monitoring. The wireless device obtains the thresholds for making such determinations from parameter settings in the beacon currently being monitored. For example, all beacons broadcast one or more messages that include parameters for determining when a wireless device monitoring the beacon is to register with the “better” beacon.
Enticing a Wireless Device to Register with a Baiting Beacon
The key to dealing with wireless devices that pose a security risk in an area of interest to the law enforcement personnel (termed herein an operational area) is to entice such a device to reregister with a baiting beacon that is under the control of the law enforcement personnel. A baiting beacon is a counterfeit beacon, i.e., a beacon that appears to the wireless device to belong to the network with which the wireless device interacts but is in fact not one of the network's beacons. A known method for making a wireless device register with a baiting beacon is to generate a baiting beacon that is like one in the current registration area but differs from it in two respects:                it has a power level which is greater than the power level of the strongest beacon that is detected in the operational area by more than the strongest beacon's threshold amount; and        it has broadcast settings that indicate that it is in a different registration area.        
In response to this combination of greater power and different registration area, the wireless devices in the operational area will automatically re-register with the baiting beacon.
The technique of proffering a baiting beacon has been further refined in prior art to include a directional antenna so as to focus the baiting beacon's signal in a direction (where a wireless device of interest is presumed to be located). Directional focusing the baiting beacon both reduces both the required power consumption and the amount of interference with wireless devices that are not of interest. Such interference is termed in the following collateral interference. The obvious limitations of this technique are that it presumes some knowledge of where a device of interest is located and that it limits but does not eliminate collateral interference: any wireless device that is located within the directional beam will be affected, even if the device is outside the operational area.
Merely offering a baiting beacon whose signal in the operational area is stronger than that of any other beacon in the operational area has the intrinsic and fundamental limitation that collateral interference cannot be limited to the operational area. Because the baiting beacon's signal must be greater than that of the strongest beacon in the operational area, and that in turn means that the signal will reach far beyond the operational area. Merely offering a stronger baiting beacon further means that the minimum power level for the beacon must be a level which is just above the threshold of the strongest legitimate beacon in the operational area. The need for such high power levels makes it difficult to design portable baiting beacons that are both light in weight and have sufficient power to operate in close proximity to a legitimate beacon. Finally, the parameters received by the wireless devices from the legitimate beacon dictate how long the wireless device must detect the stronger signal before attempting to reregister, and that in turn determines how quickly a wireless device can be made to register with the baiting beacon.
Using baiting beacons to manipulate wireless devices in CDMA networks has an additional problem. In CDMA, a single frequency channel is code division multiplexed among a number of code channels. The code channels include common channels which all of the wireless devices interacting with a beacon interact with and traffic channels which carry data for specific calls and are encoded such that the traffic channel can only be interacted with by the wireless devices which are participating in the specific call. These traffic channels are the CDMA version of what is generally termed “dedicated channels”. Because the code division multiplexing spreads the bits which carry the information for a particular multiplexed channel across the entire spectrum of the frequency channel, an attempt by a baiting beacon to baiting a message on one of the multiplexed channels may result in overriding information on others of the multiplexed channels. If the overridden information on the other channels is representations of voice data, the result may be noticeable degradation of service; if the overridden information is control data, the result may be dropped calls. In either case, the effects render surreptitious manipulation of target wireless devices difficult. It is an object of the techniques described in the portion of this application which begins with the section, Minimizing collateral damage by using override beacons to override control messages in CDMA wireless systems and FIG. 12 to provide a solution to these problems.