Short range wireless systems typically involve devices that have a communications range of one hundred meters or less. To provide communications over long distances, these short range systems often interface with other networks. For example, short range networks may interface with cellular networks, wireline telecommunications networks, and the Internet.
Wireless personal area networks (PANs) and wireless local area networks (LANs) are each types of short range wireless systems. PANs and WLANs typically have the common feature of operating in unlicensed portions of the radio spectrum, usually either in the 2.4 GHz Industrial, Scientific, and Medical (ISM) band or the 5 GHz Unlicensed-National Information Infrastructure (U-NII) band. Examples of wireless local area network technology include the IEEE 802.11 WLAN Standard and the HiperLAN Standard. A well known example of wireless personal area network technology is the Bluetooth Standard.
Bluetooth defines a short-range radio network, originally intended as a cable replacement. It can be used to create ad hoc networks of up to eight devices, where one device is referred to as a master device. The other devices are referred to as slave devices. The slave devices can communicate with the master device and with each other via the master device. The Bluetooth Special Interest Group, Specification Of The Bluetooth System, Volumes 1 and 2, Core and Profiles: Version 1.1, Feb. 22, 2001, describes the principles of Bluetooth device operation and communication protocols. This document is incorporated herein by reference in its entirety. The devices operate in the 2.4 GHz radio band reserved for general use by Industrial, Scientific, and Medical (ISM) applications. Bluetooth devices are designed to find other Bluetooth devices within their communications range and to discover what services they offer.
In many communications applications, portable terminal devices communicate with one or more fixed access points. Often, such portable terminal devices can pass in and out of the communications ranges of several access points during a single communications session. The maintenance of such a single communications session requires the terminal devices and access points to support what is known as access point roaming.
Access point roaming occurs when a terminal device performs one or more “handovers.” During a handover, an existing communications link with a first access point is terminated, while a new communications link with a second access point is established.
Establishing a new link requires various processes to be performed. For example, in Bluetooth networks, devices perform a process known as paging. Paging establishes an unsecured connection between two devices (e.g., a terminal device and an access point). In addition, when certain security features are desired, terminal devices and access points perform a process known as authentication. Authentication is a process where two devices verify that they both have the same secret key. This secret key can then be used to effect security features, such as link encryption.
A successful authentication process requires that both devices know each other's address. For instance in the case of access point roaming a terminal device must know the new access point's address and the new access point must know the terminal device's address. If this condition is not met, then a process known as pairing must also be performed. Pairing is a procedure where two devices exchange information, such as personal identification numbers (PINs) to establish a common secret key.
Fast access point roaming is desirable. Therefore, it is advantageous to minimize the latencies involved with each handover. Unfortunately, performance of both pairing and authentication is time consuming. In addition, the combination of these processes places large demands on network bandwidth as well as on terminal device and access point processing capacity.
In order to solve some problems associated with access point roaming, the Bluetooth Special Interest Group (“the Bluetooth SIG”) has defined a concept known as group keys (also called service access keys). According to this concept, a network of access points maintains a database that can store a terminal's common link key (i.e., its Group Key). These group keys are indexed by the unique address associated with each terminal device.
Each access point in the network can query a group key for a terminal from this database. Alternatively, access points in close proximity can exchange group keys during events such as handovers. The group key concept is attractive because it reduces the complexity involved in maintaining a key database because each terminal has only one link key.
Nevertheless, group keys do not alleviate problems associated with access point roaming. For instance, despite the existence of group keys, a terminal device cannot engage in authentication with a new access point, because the terminal device does not know the new access point's address. Therefore, both pairing and authentication must be performed.
Maintaining a database of access point addresses in each terminal device is one approach to solve this problem. Since typical access point roaming network environments involve an extremely large number of access points, this approach would require each terminal device to have excessively large memory capabilities to store an address for each access point. Accordingly, maintaining such a database is impractical. Therefore, despite the existences of group keys, both pairing and authentication processes need to be performed for each handover.
The Bluetooth SIG has also proposed a concept known as anonymity mode. Anonymity mode is geared to preventing location tracking of terminal devices. In particular, anonymity mode enables a terminal device to initiate another device to change its address. However, anonymity mode has not been proposed for use with access point roaming.
Accordingly, what is needed are techniques for making access point roaming more efficient.