The present invention refers to the field of device registration in a wireless network wherein wireless communication devices shall be allowed to participate to the network in a secure and easy-to-use way.
In the field of wireless multi-hop ad-hoc networks the registration process describes how new devices are allowed to participate to a network. This process contains four roles: a wireless communication device that wishes to participate to the network (“requesting node”), a node connected to the network that decides whether to allow the “requesting node” to participate to the network or not (“allowing node”), a “user” who, in some registration variants, sanctions the registration, and a possible “attacker” being able to interfere and to read messages exchanged between the “requesting node” and the “allowing node” during the authentication and registration process. The problems involved with the registration process arise from its requirements that stem from different areas, namely the technical area, the human usage area, and the economic area.
An ideal registration process has to fulfill the following requirements:                Security: For achieving security of registration, the following requirements have to be fulfilled. First, the registering device and the device a user wants to be registered have to be identical. Thereby, the user specifies a device to be a “requesting node”. When the registration process is finished and a new device can now participate to the network, it must be the device specified by the user and not another device. This requirement is important because the membership to a network might be associated with certain rights such as knowing sensitive data or being able to use certain resources. Second, the network the “requesting node” wants to be registered to and the network it is registered to have to be identical. The user thereby specifies the network the “requesting node” shall participate to. When the registration process is finished, the “requesting node” shall participate in the specified network, not another one. This requirement is important because other members of the network might also have certain rights on the new device. Third, masking attacks have to be precluded. While a “requesting node” might later on be connected to the current network and the node itself might be specified by the user, an attack might be possible where an attacker between the “requesting node” and the network relays the messages between these parties, thus being able to interfere and to read the communication. Fourth, an attacker must not be able to mask after the registration process as one of the participating nodes in the network.        Ease of use: In order to also allow users without special computer skills to do the registration (thus broaden the market for corresponding devices), a user interface for controlling the registration process has to be easy to use. This means that user actions to be executed should be easy to understand, easy to remember, and easy to execute.        Support of multiple networks: The registration process should be able to cope with the existence of multiple networks, e.g. in case a node is currently in a network A and wants to register with a network B.        Low probability of an unwanted registration: Especially in case of multiple networks, there might be the situation that the device is in a network A and suddenly comes also into the range of another network B (e.g. when a user carrying a mobile device is walking in a train). In these situations the registration process should not automatically start, thus either automatically entering network B or putting a burden on the user to cancel a registration.        Minimal additional hardware means: In order to have lower production costs, hardware means that are needed for the registration process and that would not be a part of the device without the registration should be minimal.        Self-contained devices: Finally, in order to allow also wireless ad-hoc networks of devices without the user interactions means of PCs or PDAs, said registration should be done using existing means in these devices themselves. This means that the devices should be self-contained in terms of registration.        