WLANs are now in common use in both large and small businesses, as public Internet access points, and in home environments. Millions of access points and mobile units are now deployed. Enterprises commonly deploy wireless access points on one or more sub-networks often at multiple geographic locations. There is a growing trend toward employing WLAN technology for public Internet access points used by travelers or other mobile users. In a WLAN, one or more base stations or Access Points (AP) bridge between a wired network and radio frequency or infrared connections to one or more mobile stations or Mobile Units (MU). The MUs can be any of a wide variety of devices including, laptop computers, personal digital assistants, wireless bar code scanners, wireless point of sale systems or payment terminals, and many other specialized devices. Most WLAN systems used in business and public access environments adhere to one or more of the IEEE 802.11 family of specifications.
Since access points use a simple bridging protocol they can be added to any wired protocol compatible network without any centralized control or intervention and once added are difficult to detect. For example, an IEEE 802.11 compliant access point can be made operational by simply connecting it to a wired Ethernet and applying power. In some cases well-intentioned individuals, who do not realize the potential problems they may be creating, add unauthorized access points to wired LANS. In other cases, a malicious attacker or hacker adds the access point to the wired LAN to gain unauthorized access. These unauthorized and unmanaged access points are known as rouge access points. In yet other cases, an access point on another network or sub-network associates with an organization's mobile units. These cases can include situations were a hacker attempts to deliberately spoof the mobile units into associating with a malicious access point. Unauthorized access points attached to other networks are referred to as foreign access points. To prevent these problems, a means is required to allow network administrators to control which access points a mobile unit associates with.
Present IEEE 802.11 WLAN standards are designed to facilitate the roaming of mobile units between multiple access points, which may be connected to one or more wired LANs. As a mobile unit travels from the coverage area of one access point to another it will associate with the new access points using the Extended Service Set (ESS) protocols. The new access point the mobile unit associates with can be on the same sub-network or another sub-network. The standard IEEE 802.11 protocols provide no capabilities for external management of the roaming process. In addition, the IEEE 802.11 standards provide no means for a mobile unit to authenticate an access point.
Several methods including the RADIUS protocols and the Extensible Authentication Protocol (EAP, RFC 2284) provide capabilities to authenticate end-to-end connections. Likewise, Virtual Private Networks (VPN) create secure tunnels through public networks. A related scheme using a proxy server and address translation is disclosed in EP 11113641 to Moles and Herle. None of these protocols allows a mobile unit to determine if it is connected to the desired access point and therefore the correct network or sub-network.
Mobile unit radio drivers typically provide the capabilities to set a preferred Basic Service Set Identifier (BSSID) or exclusive BSSID. In practice, the BSSID is equal to the MAC address of the access point for the association. Thus, the radio drivers provide the ability to instruct the mobile unit to prefer a particular single access point association or to exclusively use a particular single access point association. This limited capability does not allow for the external management of the multiple access point associations possible for a roaming mobile unit, and supported by the ESS protocols.
Access control lists are commonly used to manage the access of users and client programs to network services and data. Numerous examples of access control list management environments can be found include, those sold by Baltimore Technologies, IBM's Tivoli Division, and the capabilities built into Microsoft's Windows 2000 operating system. Yet none of these technologies provides the ability to manage the dynamic roaming and access point associations required in a WLAN environment. Further, these technologies do not provide a means for the mobile unit to authenticate the access point or any other common network infrastructure.
Other prior art describes various schemes to facilitate the handoffs between access points when a mobile unit roams. Yet none of these systems address the management or authentication of the associations between the mobile units and the access points. Examples of such systems are disclosed in WO 0215472 to Singhal, et. al., U.S. Pat. No. 5,594,731 to Reissner, U.S. Pat. No. 3,212,806 to Natarajan, and U.S. Pat. No. 6,188,681 to Vesuna
Several schemes have been proposed to provide for mutual authentication between access points and mobile units. Two such schemes are disclosed in EP 1178644 to Jorma, et. al., and US 20001 0048744 to Kimura. Both of these schemes assume that each access point and each mobile unit has access to the required security keys. Further, these schemes assume that suitable modifications can be made to the access points to accommodate these protocols.