The present invention relates to permitting access to a network. In particular, the present invention relates to permitting access to a network by sharing access credentials over a communication system.
Devices can access, and communicate with, a network via an access point of the network. The network may be a Local Area Network (LAN), such as a LAN of a business to which employees of the business can connect. Alternatively, the network may be a Wide Area Network (WAN), such as the Internet. The access point can be a wireless access point such that devices can communicate with the access point wirelessly (e.g. using a WiFi connection, or some other wireless connection as is known in the art).
In order for a device to communicate with an access point, the device may be required to use a particular set of access credentials for accessing the network via the access point. When a device uses the correct set of access credentials for a particular access point then the device is permitted to access the network via the access point, and will thereby use the correct protocol in communicating over the network via the access point. By requiring the device to have the correct access credentials, it can be ensured that only particular devices (i.e. those using the correct access credentials) can access the network via the access point. Limiting access to the network via the access point in this way can be useful, e.g. to prevent unwanted users accessing a particular network via a particular access point.
A wireless access point is uniquely identifiable ‘over the air’ by two of its properties: (i) a user-specified Service Set Identifier (SSID) which is a name of the wireless network set by the user, and (ii) a wireless interface Media Access Control (MAC) address that is a unique 48 bit value assigned to the access point by the manufacturer of the access point. The SSID and the MAC address act as identifiers of the access point.
Access credentials for accessing a wireless network via an access point may include an encryption method (such as Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), or Wi-Fi Protected Access version 2 (WPA2)) and an encryption algorithm (such as Temporary Key Integrity Protocol (TKIP), or Advanced Encryption Standard (AES)) to be used when communicating with the access point. The access credentials may also include a network key (or “access key”) which must be verified in order for a device to be permitted to access the network via the access point. The length of the network key may be dependent on the chosen encryption method. For a device to be able to gain access to the network via the access point, the access credentials have to be available to the device. The access credentials required to access the network via the access point may be specific to the particular access point used.
The access credentials are used to limit the number of devices that connect to a network via a particular access point. However, in order for some devices to be permitted to connect to the network via the particular access point, those devices should be provided with the required access credentials for accessing the network via the particular access point.
In some communication systems, users are associated with user terminals and the users can communicate with each other by transmitting and receiving messages over the communication system between the user terminals. One example of a communication system is a peer to peer (P2P) communication system such as the Skype™ communication system, in which messages may be sent between user terminals without being sent via a central server, as is known in the art. A first user may be associated with other users in the communication system who are friends, or “contacts” of the first user. This allows the first user to conveniently communicate with his contacts in the communication system. Some information may be stored in the communication system about each of the users in the communication system, such as their name and a username in the communication system. Other more personal information such as a user's hobbies, their contact details, the user's photos, etc may also be stored in the communication system. This information may be grouped together and stored as a “profile” of the user in the communication system.
A user's profile may be divided into two parts to be utilized differently in the communication system. A first part may be public, meaning that the information in the first part of the profile is made available for all of the users of the communication system to see. For example, the first part of the profile may include a user's name and a username in the communication system which would allow other users in the communication system to search for a particular person in the communication system who is not yet a contact. A second part of the user's profile may be private, meaning that the information in the second part of the profile is only made available to authorized contacts of the user. For example, the information in the second part of the profile may be information that the user would want to share with his contacts but not with users in the communication system who are not his contacts. For example, the second part of the profile may include the user's contact details, the user's hobbies and the user's photos. The information in the profile may be retrieved by a communication client executing on a user terminal of another user in the communication system. In some communication systems, private profile details can only be retrieved directly from another user terminal, and this allows the source terminal to control which of the contacts is allowed to see which attributes of a private profile.
The inventors have realised that the system of sharing private profile details to a limited number of other users (e.g. only to contacts) in a communication system creates a framework that allows controlled sharing of information to take place. One piece of information that can be shared in this way is information needed to gain access to networks, such as access credentials.
According to a first aspect of the invention there is provided a method of permitting access to a network by sharing access credentials over a communication system between first and second communication clients executed at respective first and second user terminals of respective first and second users of the communication system, said access credentials being for accessing the network, the method comprising: the first communication client causing the access credentials to be stored in a first store of the first user terminal or of the communication system; the first user authorising the second user to access the access credentials stored in the first store; the second communication client accessing said first store and retrieving said access credentials on the basis of the second user's authorisation to access the access credentials stored in the first store; the second communication client storing the retrieved access credentials in a second store at the second user terminal; and the second communication client using the access credentials stored in the second store to access the network, without conveying the retrieved access credentials to the second user in a form which is comprehensible to the second user.
According to a second aspect of the invention there is provided a communication system for permitting access to a network, the communication system comprising: a first communication client for execution at a first user terminal of a first user of the communication system; a second communication client for execution at a second user terminal of a second user of the communication system; a first store for storing access credentials for accessing the network; and a second store at the second user terminal for storing the access credentials, wherein the first communication client is configured to cause the access credentials to be stored in the first store, and to receive an input from the first user authorising the second user to access the access credentials stored in the first store, and wherein the second communication client is configured to access said first store and retrieve said access credentials on the basis of the second user's authorisation to access the access credentials stored in the first store; to store the retrieved access credentials in the second store, and to use the access credentials stored in the second store to access the network, without conveying the retrieved access credentials to the second user in a form which is comprehensible to the second user.
The first store may be implemented at the first user terminal or at a server of the communication system.
According to a third aspect of the invention there is provided a method of accessing a network using a communication client executed at a user terminal of a user of a communication system, wherein access credentials for accessing the network are stored in a first store of a further user terminal or of the communication system by a further communication client executed at the further user terminal of a further user of the communication system who has authorised said user to access the access credentials stored in the first store, the method comprising: the communication client accessing said first store and retrieving said access credentials on the basis of the user's authorisation to access the access credentials stored in the first store; the communication client storing the retrieved access credentials in a second store at the user terminal; and the communication client using the access credentials stored in the second store to access the network, without conveying the retrieved access credentials to the second user in a form which is comprehensible to the second user.
According to a fourth aspect of the invention there is provided a computer program product comprising computer readable instructions for execution by computer processing means at a user terminal of a user of a communication system for accessing a network, the instructions comprising instructions for implementing a communication client for carrying out the method according to the third aspect of the invention.
According to a fifth aspect of the invention there is provided a user terminal for accessing a network, the user terminal comprising means for executing a communication client of a user of a communication system, wherein access credentials for accessing the network are stored in a first store of a further user terminal or of the communication system by a further communication client executed at the further user terminal of a further user of the communication system who has authorised said user to access the access credentials stored in the first store, the user terminal comprising: retrieving means for accessing said first store and retrieving said access credentials in accordance with execution of the communication client on the basis of the user's authorisation to access the access credentials stored in the first store; a second store for storing the retrieved access credentials; and accessing means for accessing the network using the access credentials stored in the second store in accordance with the execution of the communication client, without conveying the retrieved access credentials to the second user in a form which is comprehensible to the second user.
According to a sixth aspect of the invention there is provided a method of permitting access to a network by storing access credentials in a communication system for use by a user of first and second communication clients executed at respective first and second user terminals of the communication system, said access credentials being for accessing the network, the method comprising: the first communication client causing the access credentials to be stored in a first store of the communication system, wherein the user is authorised to access the access credentials stored in the first store; the second communication client accessing said first store and retrieving said access credentials on the basis of the user's authorisation to access the access credentials stored in the first store; the second communication client storing the retrieved access credentials in a second store at the second user terminal; and the second communication client using the access credentials stored in the second store to access the network, without conveying the retrieved access credentials to the user in a form which is comprehensible to the user.
In preferred embodiments said step of the first user authorising the second user comprises the first user identifying the second user. Preferably only communication clients of identified users can retrieve the access credentials stored in the store. The store is preferably implemented locally on the first user terminal along with other data used by the first communication client. Storing credentials locally at the first user terminal removes dependence on central servers, and also allows the credentials be used by the user who is sharing them. Alternatively, the store may be implemented as a server in the communication system, but in this case the server on the network would not be accessible until a terminal has successfully associated itself with an access point of the network. The first user may identify the second user by including the second user as a contact in the communication system. In this sense the first user may indicate in a user interface of the first communication client that any of his contacts in the communication system is authorised to access the access credentials stored in the store. Alternatively, the first user may select a sub-set of his contacts and indicate in the user interface that only the sub-set of his contacts in the communication system are authorised to access the access credentials stored in the store. In this way, the first user can limit the users in the communication system who can use the access credentials that he stores in the store to being his contacts or to being a sub-set of his contacts. The use of the user interface of the first communication client provides a user-friendly way for the first user to indicate which users are permitted to have access to the access credentials that he stores in the store.
In preferred embodiments access credentials are shared between clients of users of a communication system (e.g. a P2P communication system), while keeping the access credentials (and identifiers of the access point) hidden from the users, to whom the access credentials are provided (e.g. the second user). Therefore, preferred embodiments make it easy for the second user to gain access to allowed networks (on the basis that the first user has provided the access credentials and authorised the second user to access the access credentials), avoiding the need for the second user to enter long and cryptic network keys before connection can be established with the network, but without disclosing the access credentials to the second user.
For the owner of a network, preferred embodiments allow access to the network to be provided to specified users by pre-sharing the credentials in a form that keeps the credentials reasonably safe from 3rd parties. This is because only the communication clients of users who have been authorised by the first user can gain access to the access credentials for accessing the network.
Furthermore, the access credentials are not conveyed to the second user in a form which he understands and so the second user will not pass on the access credentials to further users in the communication system. In particular, the access credentials are not conveyed to the second user in a form which is comprehensible without knowing the Media Access Control (MAC) address and the Service Set Identifier (SSID) of the network for which the access credentials apply.
Some embodiments allow for central management of access to the access credentials for a large number of users (e.g. enterprise network users) without the users needing to enter the credentials themselves, and/or without creating a burden on an IT support team in the enterprise. For example, by authorising communication clients of all of the users in a group (e.g. an enterprise) to access the access credentials, it can be ensured that the users in the group can access the network using the access credentials but the access credentials are not provided to other users outside of the group. One way of implementing this is for a first user (e.g. a network manager) to create a contact list in the communication system of the users in the group and then to provide the access credentials in the communication system in a form in which only the clients of the users in the contact list can access them (e.g. by including the access credentials in a specific part of a profile accessible only by clients of users included in the contact list).
For a better understanding of the present invention and to show how the same may be put into effect, reference will now be made, by way of example, to the following drawings in which:
Preferred embodiments of the invention will now be described by way of example only.
Note that in alternative embodiments, the user terminal 104 can connect to the network 106 via additional intermediate networks not shown in
The user terminal 104 executes a communication client 108, provided by a software provider associated with the communication system. The communication client 108 is a software program executed on a local processor in the user terminal 104. The client 108 performs the processing required at the user terminal 104 in order for the user terminal 104 to transmit and receive data over the communication system. As is known in the art, the client 108 may be authenticated to communicate over the communication system through the presentation of digital certificates (e.g. to prove that User A 102 is a genuine subscriber of the communication system—described in more detail in WO 2005/009019).
The user terminal 112 corresponds to the user terminal 104. The user terminal 112 executes, on a local processor, a communication client 114 which corresponds to the communication client 108. The client 114 performs the processing required to allow the user 110 to communicate over the network 106 in the same way that the client 108 performs the processing required to allow the user 102 to communicate over the network 106.
The user terminal 112 is implemented in the same way as user terminal 104 as described above, wherein the user terminal 112 may have corresponding elements to those described herein in relation to user terminal 104.
The network 120 may be a Local Area Network (LAN), such as an intranet of a business. Alternatively, the network 120 may be a Wide Area Network (WAN) such as the Internet. It should be appreciated that the network 120 may be different to network 106 as shown in
The user 102 may be associated with other users in the communication system who are friends, or “contacts” of the first user. In the preferred embodiment described herein, users A and B (102 and 110) are contacts of each other in the communication system. Some information may be stored in the communication system about each of the users in the communication system, such as their name and a username in the communication system, and other more personal information such as their hobbies, their contact details, the user's photos, etc. This information may be stored as a profile of a user in the communication system. The profile of each user is stored at that user's respective user terminal. In addition, the profiles of both users A and B (102 and 110) may be stored in the database 118 on the server 116 of the communication system. Using the database 118 on the central server 116 significantly simplifies enterprise-level sharing, because this allows backup information of users to be centrally updated with credentials shared by the enterprise. A system has to be present to allow access to only data of the users who belong to the enterprise. In the case of the Skype communication system, the Skype Manager provides such system. Whilst it can be useful to use the database 118 in the server 116 to store the private profiles of the users, in a truly peer-to-peer (P2P) network the central database 118 is not required for credential sharing to work according to the system described herein.
As described above, the profile for the user A (102) may be divided into two parts to be utilized differently in the communication system. A first part of user A's profile is public, meaning that the information in the first part of the profile is made available for all of the users of the communication system to see. For example, the first part of the profile may include the user 102's name (“User A”) and a username in the communication system (which may be unique in the communication system to thereby uniquely identify the user 102). The user's username may not be the same as the user's name (“User A”) because the username is required to be unique in order to uniquely identify the user 102 in the communication system whereas there may be more than one user in the communication system with the same name (“User A”). The User A can share the credentials to himself too, for example when running the client on a first devices to enter network credentials, the user A can allow the credentials to be accessed from other devices where User A signs in. This assumes that private profile attributes are synchronized between instances, for example using a central server. The public information in the public part of user A's profile would allow another user in the communication system (who is not yet a contact of User A) to search for User A in the communication system. A second part of User A's profile is private, meaning that the information in the second part of the profile is only made available to authorized contacts of the user 102. For example, the information in the second part of the profile may be information that the user would want to share with his contacts but not with other users in the communication system. For example, the second part of the profile may include the user's contact details, the user's hobbies and the user's photos. The information in the profile may be retrieved by the communication client 114 executing on user terminal 112.
The system of sharing private profile details to a limited number of other users (e.g. only to contacts) creates a framework that allows controlled sharing of information to take place. One piece of information that can be shared this way is information needed to gain access to networks, such as access credentials. For example, the user 102 can store access credentials for accessing the network 120 via the access point 122 in the database 118. In this way, the first user 102 can provide access credentials in the private part of his profile in the communication system. The information in the profile of user 102 (including the access credentials) is stored in a database (e.g. in memory 226) of the user terminal 104 and may also be stored in the database 118 (or “store”) of the server 116. The client 114 of the second user 110 can access the access credentials from the memory 226 or database 118. Since the second user 110 is a contact of the first user 102, the client 114 is authorised to access the access credentials from the private part of the user 102's profile in the store. The credentials can only be accessed while both users are online, so the credentials should be pre-fetched and stored locally on second users terminal to be available for use later.
As described above, the wireless access point 122 is uniquely identifiable ‘over the air’ by two of its properties: (i) a user-specified Service Set Identifier (SSID) which is a name of the wireless network 120 set by the owner of the network, and (ii) a wireless interface Media Access Control (MAC) address that is a unique 48 bit value assigned to the access point 122 by the manufacturer of the access point 122. The SSID and the MAC address act as identifiers of the access point 122.
The access credentials for accessing a wireless network via an access point may include an encryption method (such as WEP, WPA, or WPA2) and an encryption algorithm (such as TKIP or AES) to be used when communicating with the access point 122. The access credentials may also include a network key (or “access key”) which must be verified in order for a user terminal to be permitted to access the network 120 via the access point 122. The length of the network key may be dependent on the chosen encryption method. For a user terminal to be able to gain access to the network 120 via the access point 122, the access credentials have to be available to the user terminal. The access credentials required to access the network 120 via the access point 122 may be specific to the particular access point 122 used.
The access credentials are shared between clients in the communication system such that User B can access the network 120 via the access point 122, but User B does not become aware of the access credentials. Therefore, User B cannot provide the access credentials to other users in the communication system. This is achieved by the operation of the clients 108 and 114, as described below.
With reference to
In step S304 the user 102 enters data about the wireless network 120 at a user interface of the client 108 on the user terminal 104. The data entered by the user 102 in step S304 includes at least some of the access credentials required to access the network 120 via the access point 122. For example, the user 104 may enter at least one of the network key, the encryption method and encryption algorithm required to access the network 120 via the access point 122.
Following step S304 the client 108 has all of the data required to access the network 120 via the access point 122, including the relevant SSID, MAC address and access credentials (encryption method, encryption algorithm and network key). Although in the preferred embodiments, the client 108 scans for wireless network within range to assist the user 102 by determining the SSID and MAC addresses, in alternative embodiments, the user 102 may input all of the data to the client 108 required to access the network 120 via the access point 122, including the SSID and MAC address, which may or may not have been determined by the client 108 in step S302.
The access credentials have a validity period associated with them. In this sense the access credentials expire after a predetermined time period, such that following the predetermined time period, the access credentials can no longer be used to provide access to the network. For consumer users, having a validity period is not mandatory, and may default to ‘forever’ (which is equivalent to having no validity period). For business user, having a finite validity period enables access to the network to be limited to those users acquiring the access credentials within the validity period. When the validity period of one set of access credentials expires a new set of access credentials may be used having a subsequent validity period. The validity periods of the old and new sets of access credentials may be contiguous, or there may be a time gap between the validity periods. Another option is for the validity periods of the old and new sets of access credentials to overlap. This would result in multiple sets of access credentials being valid for an access point at a given point in time when new access keys (i.e. new access credentials) are distributed while old access keys (i.e. old access credentials) are still in force.
In step S306 the access credentials and the SSID and the MAC address of the access point 122 are stored at the user terminal 104 and/or in the database 118 on the server 116 of the communication system. The access credentials and the SSID and the MAC address of the access point 122 are stored in a private part of the user 102's profile in the communication system. In this way, only communication clients of those users in the communication system who are contacts of the user 102 can access the access credentials, SSID and MAC address stored at the user terminal 104 and/or in the database 118 by the user 102. In a general sense, a client of any user of the communication system is able to store data about wireless networks into the user's private profile.
In step S308 the user 102 indicates which users of the communication system are permitted to access the stored access credentials from the private part of his profile. In this way, the user 102 identifies users whose communication clients can access the access credentials stored in the private part of the user 102's profile. The first user 102 may indicate that clients of all of his contacts can access the access credentials from the private part of his profile. Alternatively the user 102 may identify a sub-set of his contacts whose clients can access the access credentials from the private part of user 102's profile. For example, the user interface 402 of the client 108 shown in
Following step S308 clients of users on the “authorised users” list can access the access credentials stored in the private part of the user 102's profile on the database 118 of the server 116.
In step S310, when the client 114 has network connectivity and is online, the client 114 accesses the communication system and retrieves any access credentials that it can (e.g. from the user terminal 104 if the user terminal 104 is also online or from the database 118). For example, the client retrieves access credentials stored on the profiles of any of the user 110's contacts stored in the communication system (e.g. on database 118). More generally, the client 114 can retrieve any access credentials that it is permitted to access in the communication system. Therefore, as part of step S312 the client 114 retrieves the access credentials stored on user 102's profile during step S306. The client 114 is able to retrieve the access credentials from user 102's profile because in step S308 the user 102 had indicated that the client 114 of the user 110 is permitted to access those access credentials. It should be noted that the client 114 may access the user 110's profile as well as other users in the communication system to retrieve stored access credentials.
In step S312 the access credentials retrieved in step S310 are stored locally at the user terminal 112. This allows the client 114 at the user terminal 112 to access the access credentials at a subsequent point in time, even if the user terminal 112 no longer has connectivity to the network 106.
In step S314, at some subsequent time, the client 114 of the second user 110 checks for available access points within range of the user terminal 112. The client 114 may perform the check of step S310 in response to the user 110 indicating via the user interface of the client 114 that the user 110 would like to access the network 120. Alternatively, when the client 114 is initialised (e.g. on start-up or on wakeup from sleep), the client 114 will do a scan for wireless networks in range (i.e. perform the check of step S314). If the client 114 finds during step S314 that there are access points within range of the user terminal 112 then the client determines the SSID and MAC addresses of the discovered access points. For example, the SSID and MAC address of the access point 122 may be transmitted from the access point 122 to the user terminal 112 wirelessly.
The client 114 can then determine whether any of the access credentials stored locally at the user terminal 112 in step S312 can be used to access the network 120 via any of the access points that were found in step S314. In order to do this, the client 114 can use the SSID and MAC addresses of the access points found in step S314 and see whether any of these identifiers match the SSID and MAC addresses of the access points for which access credentials have been stored locally in step S312. If a match is found then the client 114 may be able to access the network 120 via the access point with the matching identifiers. When a match is found then, in step S316, the client 114 can access the network via the access point using the retrieved access credentials.
If a match is found for a particular access point then the client 114 may connect to the network 120 via the matching access point automatically (e.g. if the access credentials are retrieved from the user 110's own profile B then the client 114 may connect to the network automatically via the matching access point). In this way, the user 110 need not be made aware of the process through which the client 114 goes in order to connect to the network 120 via the matching access point. Alternatively, when a match is found then the client may request instruction from the user 110 before accessing the network 120 via the matching access point (e.g. if the matching access credentials are retrieved from a profile in the communication system which is not user 110's, then the client 114 prompts the user 110 to determine whether the user 110 wants to connect to the matching network). If user 110 indicates that he has a desire to connect to the matching network then the client 114 connects to the matching network using the retrieved access credentials.
As an example, in step S314 the client 114 determines that the access point 122 is within range and receives the SSID and MAC address of the access point 122 from the access point 122. The client 114 retrieves the access credentials and the corresponding SSID and MAC address which have been previously stored locally at the user terminal 112 in step S312. The client determines that the SSID and MAC address of the retrieved access credentials match the SSID and MAC address of the access point 122 that was found in step S314. Then the client 114 will use the user interface of the client 114 to ask the user 110 whether he would like to connect to network 120 using the access credentials retrieved from user 102's profile. If the user 110 indicates that he would like to connect to network 120 using the access credentials retrieved from user 102's profile (e.g. by clicking on a “yes” button on the user interface of the client 114 displayed on the user terminal 112) then the client 114 connects to the network 120 via the access point 122 using the access credentials that were stored in step S306.
In this way, the access credentials can be shared by user 102 over the communication system to particular users of the communication system (e.g. to the contacts of user 102 or to a sub-set of the contacts of user 102) in a controlled manner to thereby control which users are able to access the network 120 via the access point 122. In this way, the method described above allows the sharing of access credentials to a limited number of other users in the communication system using the private profile of user 102 in the communication system.
Furthermore, the shared access credentials are never shown to the second user 110 in a manner which he can understand (e.g. they are not shown to the user 110 in plain text form). One way to achieve this is to not display the access credentials to the user 110. Another way to achieve this is to encrypt the access credentials so that even if they are displayed to the user 110, the user 110 would not understand them. This is to make it harder for User B 110 to re-distribute the shared access credentials of user 102 (User A) to users that the user 102 (User A) does not want to share the access credentials with. In other words, by preventing the access credentials from being conveyed to the user 110 in a form which is intended to be understood by the user 110, the user 110 cannot pass on the access credentials to other users in the communication system to whom the user 102 may not have wished the access credentials to be provided to. This improves the security of the system for sharing access credentials.
As described above, the access credentials are stored at the user terminal 104 (and may also be stored in the central database 118 on the server 116 to be used as backup and synchronization storage) along with other private profile fields of the user 102's profile. This allows the user 102 to access the stored access credentials from different devices connected to the communication system. In this way, the stored access credentials are synchronized across different devices and instances of a particular user (e.g. User A 102). This allows all of user A's devices to access all of the wireless networks he knows by managing the list of access credentials on any of those devices.
For business users a feature can be provided on the server side of the communication system to manage a company-wide list of access points and corresponding access credentials. This may allow access credentials for many access points to be changed in one go. The business (or “enterprise”) could populate a contact list of all its users with an ‘enterprise network’ account, or add the shared access credentials to an account that is stored in all contact lists anyway, for example IT support desk. In this way the access credentials can be provided to all users of the communication system associated with the business, e.g. to allow the users to access a network associated with the business e.g. a LAN of the business. Any user using a system can create an ‘IT support’ account, and share network credentials over this account. However, a special system has to be available for allowing a user to populate other user's contact lists in a controlled manner, so that only users who have authorized such action are affected. For example, the Skype communication system has Skype Manager that can be used for this.
In summary of the above, when user A enters access credentials for accessing the network, these access credentials are stored on the device 104 locally (although a copy may be made and stored on the server 116 for backup). In some embodiments, only a subset of the stored access credentials might be shared with other users of the communication system, and each of the other users might see a different subset of access credentials (if the UI of the client 108 permits this more complicated management structure).
Once user A has indicated which users are allowed to receive the stored access credentials, other clients of the indicated users will be able to retrieve the access credentials (where the other clients must be online for this to happen). The clients of the other users can then use the access credentials that they have received to access the shared networks at some subsequent point in time. To access the network, the access credentials are stored on the other user terminals (of the other users) because the network for accessing the server 116 will not be accessible without the access credentials being available to the user terminal.
The method of sharing access credentials between the users 102 and 110 (or between different devices of the same user, e.g. user 102) described above in relation to
An extra level of security in relation to the access credentials is provided by encrypting the access credentials that are stored in the communication system (e.g. on database 118). This allows the access credentials to be kept secret from 3rd parties who are not able to decrypt the encrypted access credentials. However, to be able to gain access to the network 120, the access credentials have to be available in unencrypted form. Any reasonably strong encryption algorithm could be used to encrypt the access credentials, but the tricky part is what encryption key to use, and how to make the encryption key available to users who need to use the access credentials to access the network 120 (but not to those users who are not permitted to retrieve the access credentials).
The inventor has realized that the objective of hiding the access credentials until they can actually be used can be achieved by using properties of the access point 122 (such as the SSID and MAC address of the access point) to derive the encryption key for encrypting the access credentials for accessing the network 120 via the access point 122. In other words, the access credentials associated with the access point 122 are encrypted in such a way that knowledge of some property of the access point 122 is required in order to decrypt the access credentials. In this way, only those clients (or users) who can determine the required property of the access point 122 will have the ability to decrypt the encrypted access credentials. Preferably the property of the access point is a property that is determined by communicating with the access point 122 itself. For example, the property can be an identifier, or some identifiers, of the access point 122, such as the SSID and the MAC address of the access point 122. A client can determine the SSID and MAC address of the access point 122 by communicating with the access point 122 itself, such that if the client is within range of the access point 122 then the client knows the SSID and the MAC address of the access point 122 for which the access credentials apply.
With reference to
The client 108 has access to the access credentials required for accessing the network 120 via the access point 122. This may be because the user 102 has input the access credentials into the user terminal 104 (e.g. via a user interface of the client 108) for use by the client 108. Alternatively, the client 108 may retrieve the access credentials from a memory on the user terminal 104 (or on the communication system).
In step S502 the first client 108 determines the SSID and the MAC address of the access point 122. In order to determine the SSID and MAC address of the access point 122 the client 108 may receive the SSID and MAC address from the access point 122 over a wireless connection. Alternatively, the SSID and MAC address of the access point 122 may be stored in memory at the user terminal 104 or on the communication system such that the client 108 can retrieve the SSID and MAC address of the access point 122 from the appropriate memory. Alternatively, the user 102 may input the SSID and MAC address into a user interface of the client 108 on the user terminal 104. It will be appreciated that the client 108 may determine the SSID and MAC address of the access point 122 in one of many different ways, such that following step S502 the client has access to the SSID and MAC address of the access point 122.
In step S504 an encryption key is derived from the SSID and MAC address of the access point 122. For example, the encryption key may be generated using a one-way hash function that takes the SSID and the MAC address of the access point 122 as the input parameters. For example, the SSID and MAC address of the access point 122 can be fed into the MD5 digest function, as is known in the art, such that:
ENCRYPTION_KEY=MD5(SSID∥MAC).
As the hash function is non-reversible, the access credentials cannot be decrypted without knowing the SSID and MAC address of the access point 122 (assuming the size of the hash function is large enough to make a brute-force scanning of the entire key space computationally unfeasible). The encryption key can then be used to encrypt the network access credentials before distributing them, as described in more detail below.
When the encrypted access credentials are subsequently decrypted it is useful to have some simple mechanism for determining whether the decryption operation has been successful. Therefore, for determining whether the decryption operation was successful, the decrypted data should contain something that would allow a simple validation of the decryption result. One possible way of achieving this is to include a constant, or checksum of data in the plaintext data (with the access credentials) that could be used to validate the result of the decryption. In other words, some sort of check data may be included with the access credentials prior to encryption of the access credentials, such that it can be determined whether a decryption operation on the access credentials has been successful by determining whether the check data has been decrypted correctly. In step S506 suitable check data is derived to be included with the access credentials before encryption.
If the check data is simply included in the plaintext data of the access credentials then that may disadvantageously allow a 3rd party attempting a brute-force scan of key space to more easily validate a decryption result. A more secure option for the check data is to also derive the check data from one or both of the identifiers of the access point 122 used as the encryption key generation input parameters. For example, the check data might be the result of a message digest function applied to the MAC address of the access point 122 and an arbitrarily chosen constant, e.g. the check data (CHECK) may be given by:
CHECK=MD5(MAC∥“Salt”).
In this example the word “Salt” has been used as an arbitrary constant, although in other examples, any other constant may be used. It may be necessary that the constant is predetermined such that the clients in the communication system can determine what the constant will be that is used to generate the check data. In the example above, the MAC address of the access point 122 is used to generate the check data, but in other examples, other properties of the access point 122 may be used instead (or as well as) the MAC address, such as the SSID of the access point 122. As would be apparent to a person skilled in the art, other functions may be used to determine the encryption key and the check data, with the message digest function (MD5) described above being just one example of a suitable function.
In step S508 the access credentials and the check data are grouped together and encrypted by the client 108 using the encryption key that was derived in step S504. A person skilled in the art would be aware of a suitable encryption method for encrypting the access credentials and the check data using the encryption key.
The encrypted access credentials and check data can then be provided from the client 108 to the client 114 over the communication system. The first client 108 may simply transmit the encrypted access credentials and check data over the communication system to the second client 114. Alternatively, the encrypted access credentials and check data can then be provided from the client 108 to the client 114 over the communication system as described above, whereby the first client 108 stores the encrypted access credentials and check data at the user terminal 104 (or on the database 118) in the private profile of the user 102 on the communication system. The user 102 authorises the client 114 of the second user 110 to access the encrypted access credentials and check data. The client 114 can then retrieve the encrypted access credentials and check data from user terminal 104 (or the database 118) as described above.
When the second user terminal 112 is able to communicate with the access point 122 then, in step S512, the client 114 can determine the SSID and MAC address of the access point 122. This may be achieved by the access point transmitting the SSID and MAC address of the access point 122 to the client 114 over a wireless connection. The client 114 can only receive the SSID and MAC address of the access point 122 over the wireless connection from the access point 122 when the access point 122 is within range of the user terminal 112, such that the client 114 can communicate with the access point 122.
In step S514 the client 114 uses the SSID and the MAC address of the access point 122 to derive a decryption key (DECRYPTION_KEY) for decrypting the encrypted access credentials and check data which were encrypted using the encryption key. The decryption key is derived using the same function (e.g. the message digest function, MD5) as was used to derive the encryption key. For example, the decryption key (DECRYPTION_KEY) may be given by:
DECRYPTION_KEY=MD5(SSID∥MAC).
In step S516 the decryption key is used to decrypt the encrypted access credentials and the check data according to a decryption function which corresponds to the encryption function used to encrypt the access credentials and check data in step S508.
In step S518 the client 114 determines whether the decryption operation has been successful by determining whether the check data is validly decrypted. For example, the client 114 may determine what the check data should be, for example by performing the same derivation as in step S506 (e.g. CHECK=MD5(MAC∥“Salt”)) and then comparing the result of that derivation with the decrypted check data resulting from the decryption in step S516. If the comparison indicates that the decryption operation has been successful then the client 114 can use the decrypted access credentials to access the network 120 via the access point 122, as shown in step S520. As described above, the client 114 may automatically connect to the network 120 following a positive outcome to step S518. Alternatively, before accessing the network 120 in step S520, the client 114 may prompt the user 110 (e.g. via a user interface of the client 114) to indicate whether he would like to access the network 120.
However, if it is determined in step S518 that the decrypted check data is not valid then in step S522 it is determined that the decrypted access credentials cannot be validly used to access the network 120 via the access point 122. In this case, the client 114 might not attempt to access the network 120 via the access point 122 using the decrypted access credentials.
The client 114 may retrieve as many sets of access credentials as it can from the communication system (e.g. from the profiles of the contacts of user 110, as described above). Furthermore, in step S512, the client 114 may also determine the SSID and MAC address of as many access points as it can currently communicate with. The client 114 can then determine whether any of the retrieved sets of access credentials are valid in relation to any of the access points that it can currently communicate with by performing steps S514 to S522 for each pairing of a set of access credentials with an access point. The client 114 may, or may not, stop determining whether other pairings of a set of access credentials with an access point are valid after finding that one set of retrieved access credentials can be validly used to access a network via one of the access points with which the client 114 can currently communicate.
In this sense, in order to use the access credentials, the software (i.e. the client 114) repeats the decryption key generation method for all access points that are within a usable range. If the encrypted credentials are for one of the networks within range, then the decryption operation will reveal credentials for that particular access point.
In summary, for the client 108 to share the access credentials for the access point 122, identified by the SSID and MAC address of the access point 122, the client 108 will perform following functions:
Here, the access credentials comprise the network key (NWK_KEY) for validly accessing the network 120 via the access point 122, as well as the encryption method (METHOD) and the encryption algorithm (ALGORITHM) to be used when communicating with the access point 122. The function called ENCRYPT is any encryption function that is suitable for encrypting the data using the encryption key. The SHARED_DATA may include further attributes, either in encrypted or non-encrypted form, most notably expiration time of the access credentials.
In order to use the access credentials, the client 114 will perform the following functions for each access point within range:
The function called DECRYPT is a decryption function that is suitable for decrypting the data using the decryption key, whereby the DECRYPT function corresponds to the ENCRYPT function used to encrypt the access credentials and check data. It can be seen that if the check data in the encrypted data is correctly decrypted (e.g. when it is decrypted it gives the same result as the result of the function MD5(MAC∥“Salt”)) then the client 114 takes the decrypted encrypting method (METHOD) encrypting algorithm (ALGORITHM) and network key (NWK_KEY) from the decrypted data for use in accessing the relevant network using the relevant access point. In other words, if any of the access points within range of the user terminal 112 results in valid network access credentials then a network can be accessed from that access point with those access credentials.
The methods described above can be implemented in software (e.g. the in the clients described above), or in hardware. More generally, the methods described above can be implemented in a computer program product comprising computer readable instructions for execution by computer processing means (e.g. a CPU) at a node of the communication system (e.g. the user terminal 104 or the user terminal 112).
While this invention has been particularly shown and described with reference to preferred embodiments, it will be understood to those skilled in the art that various changes in form and detail may be made without departing from the scope of the invention as defined by the appendant claims.