In recent years, the development of wireless mobile communications has been changing continuously, and new technologies, e.g., the 3G in cellular communication, Local Multipoint Distribution Services (LMDS) and Microwave Multipoint Distribution Systems (MMDS) in a broadband wireless access, the Authentication and Privacy Infrastructure of a Wireless Local Area Network (WLAN) and the IEEE 802.11b, 802.11a, 802.11g, have been emerging constantly to make the world seem smaller and smaller due to the huge wireless network. New concepts and products of network terminals, human oriented, personalized and intelligent mobile computing, a convenient and rapid wireless access, wireless interconnecting, etc., spreading all over the world have stepped gradually into business and daily life of people. Various portable consumer electronic products, e.g., mobile phones, Personal Digital Assistants (PDA), notebook computers, digital cameras, etc., have increasingly become part of daily life of people. With an increasing number of these peripheral devices, one of focuses to which people have paid attention is how to share a variety of devices and their information easily and inexpensively within limited and varying office and household environments in a small scope. A Wireless Personal Area Network (WPAN) is an emerging wireless communication network technology to address a small radius of activity, abundant types of services, a specific group oriented and implementation of wireless and seamless connection.
The WPAN is a wireless network comparable to but smaller in coverage than a wide area network and a local area network and currently has become one of crucial components in a communication network, and also it acts as a predominant technology of 4G wireless communication and control and is capable of seamless connection to various air interfaces of 2G and 3G mobile communication. It provides seamless connection which provides abundant types of services and is oriented to a specific group in a Personal Operating Space (POS). The POS refers to only a small coverage space around a person and with a typical range of 10 m in which communication occurs in an Ad Hoc manner. The POS is limited to only the person, particularly a device held by the person, and moves with the moving user. The WPAN enables devices in the POS to communicate but also allows these devices to communicate with other devices entering the POS. The WPAN can come into being spontaneously as needed for the user without further intervention from the user and interoperate with a deployed or separate network. The WPAN can also enable an authenticated and secured operation mode by allowing rapid connection to a permitted personal device while rejecting connection to another non-permitted device. The WPAN is largely intended to provide a personal user with services of convenient and rapid data transmission between consumer electronic devices, etc.
A device has to be connected to a coordinator in the WPAN for an access to the WPAN. The coordinator in the WPAN refers to a means capable of accessing the device to the WPAN and performing a routing function for the device, and typically the coordinator per se also performs some terminal functions. At present, there are three general WPAN access methods particularly as follows:
In a first access method, the device has an access to the WPAN and acquires a network address in an insecure mode and then communicates with another device in the WPAN or after acquiring a secure service key from the WPAN, the device communicates securely with another device in the WPAN.
In a second access method, the device operates securely on an association process using a pre-shared session key, and if the coordinator can perform a de-securing operation successfully, then the coordinator enables an access of the device to the WPAN so that the device has an access to the WPAN and acquires a network address in a secure mode.
In a third access method, the device has an access to the WPAN and acquires a network address in an insecure mode and then is subject to authentication with the WPAN administrator, and if authentication is passed, then an access of the device to the WPAN is enabled; otherwise, the device is removed from the WPAN.
The first access method accommodates those WPANs for which no security or only secure communication is required and typically is an optional access mode during network deployment of the WPAN. In the second access method, the pre-shared session key is required between the device and the coordinator. However, the pre-shared session is not refreshable and thus prone to an attack, thus resulting in low security. For the third access method, each device for an access to the WPAN has to be authenticated with the WPAN administrator, thus resulting in considerable communication traffic and low efficiency; and moreover, any device may initiate a DoS attack by accessing the WPAN and acquiring a network address in an insecure mode, thus ending up with a failure of authentication with the WPAN administrator.