CN117956542A - System and method for de-authentication or de-association of connections - Google Patents

Abstract

The present disclosure relates to a system and method for de-authentication or disassociation of a connection. Systems and methods may advantageously provide for de-authentication/disassociation frames. The method includes providing, by a first device, a disassociation frame or a deauthentication frame on a first primary control channel in response to an indication of a change from the first primary control channel to a second primary control channel and receiving, by the first device, a data frame from a second network device on the first primary control channel, the second primary control channel, or a secondary channel. The method also includes providing, by the first device, another disassociation frame or deauthentication frame on the first primary control channel, the second primary control channel, and/or the secondary channel associated with the data frame.

Description

System and method for de-authentication or de-association of connections

Cross reference to related applications

The present application claims rights and priority to the indian provisional application No. 202221061746 of the application No. 2022, 10, 30, the entire disclosure of which is hereby incorporated by reference.

Technical Field

The present disclosure relates generally to systems and methods of communication between an Access Point (AP) and a client device, such as a Station (STA), or between other communication devices. In some embodiments, the present disclosure relates generally to systems and methods for de-authentication or disassociation of a connection.

Background

The market for wireless communication devices has grown by orders of magnitude over the past decades, stimulated by the use of portable devices and increased connectivity and data transfer between the various devices. Digital switching technology has facilitated the large-scale deployment of inexpensive, easy-to-use wireless communication networks. Moreover, improvements in digital and Radio Frequency (RF) circuit fabrication, as well as advances in circuit integration and other aspects, have made wireless devices smaller, cheaper, and more reliable. Wireless communications may operate in accordance with various standards, such as IEEE 802.11x, bluetooth, global system for mobile communications (GSM), code Division Multiple Access (CDMA). With the development of higher data throughput and other changes, update standards are continually being developed and adopted, such as from IEEE 802.11n to IEEE 802.11 ac.

Authentication and association under the 802.11 standard provides a method of providing different levels of access for client devices in a network. The connection between the AP and the STA typically must be authenticated and associated with the AP before exchanging data packets using the connection. Each client device and AP maintains an authentication state and association state with each other client device and AP that is sharing the connection. When a connection needs to be canceled or canceled, the connection must typically be de-authenticated and de-associated. Protocols for authenticating/de-authenticating connections and associating/de-associating connections increase communication overhead.

Authentication refers to the procedure of how a client device accesses a network. Authentication provides identification to ensure that clients are allowed to access the network. Association refers to a procedure by which an authenticated client device becomes associated with an AP. Association allows the network to determine where to send data intended for the client device (e.g., by the AP with which the client device is associated). Typically, a client device is associated with only a single AP.

Disclosure of Invention

In one aspect, the present disclosure provides an apparatus comprising: circuitry configured to provide a disassociation frame or a deauthentication frame on a first primary control channel in response to an indication of a change from the first primary control channel to a second primary control channel, and to provide another disassociation frame or a deauthentication frame on the first primary control channel, the second primary control channel, or the secondary channel in response to receiving a data frame from another device on the first primary control channel, the second primary control channel, or the secondary channel.

In another aspect, the present disclosure provides an apparatus comprising: circuitry configured to provide a disassociation frame or a deauthentication frame on a first primary control channel in response to an indication of an operation of the device to change from the first primary control channel to a second primary control channel, wherein the circuitry is to: 1) Configured to provide another disassociation frame or disassociation frame on at least one of the first primary control channel, the second primary control channel, or the secondary channel in response to receiving the disassociation frame or disassociation frame on the at least one of the first primary control channel, the second primary control channel, or the secondary channel; or 2) configured to provide the other disassociation frame or disassociation frame on each of the first primary control channel, the second primary control channel, or the secondary channel in response to receiving the disassociation or disassociation frame on any of the first primary control channel, the second primary control channel, or the secondary channel.

In another aspect, the present disclosure provides a method comprising: providing, by a first device, a disassociation frame or a deauthentication frame on a first primary control channel in response to an indication of a change from the first primary control channel to a second primary control channel; receiving, by the first device, a data frame from a second device on a secondary channel of the first primary control channel, the second primary control channel, or a plurality of secondary channels, wherein the first primary control channel, the second primary control channel, and the plurality of secondary channels are at least part of a bandwidth channel; and providing, by the first device, another disassociation frame or deauthentication frame on at least one of the first primary control channel, the second primary control channel, and the plurality of secondary channels.

Drawings

Various objects, aspects, features and advantages of the present disclosure will become more apparent and better understood by referring to the detailed description in conjunction with the accompanying drawings in which like reference characters identify corresponding elements throughout. In the drawings, like reference numbers generally indicate identical, functionally similar, and/or structurally similar elements.

Fig. 1A is a block diagram depicting a network environment including one or more access points in communication with one or more devices or stations, in accordance with some embodiments.

FIGS. 1B and 1C are block diagrams depicting computing devices that may be used in connection with the methods and systems described herein, according to some embodiments.

Fig. 2A is a block diagram depicting a network including an Access Point (AP) and a Station (STA) in accordance with some embodiments.

Fig. 2B is a more detailed block diagram of an AP configured for a disassociation/deauthentication operation according to some embodiments.

Fig. 3 is a block diagram of a wider bandwidth including subbands used in the network illustrated in fig. 2A, according to some embodiments.

Fig. 4 is a block diagram showing a disassociation/deauthentication operation for use in the network illustrated in fig. 2A.

Fig. 5 is a block diagram showing a disassociation/deauthentication operation for use in the network illustrated in fig. 2A, according to some embodiments.

Fig. 6 is a flow diagram illustrating an example disassociation/deauthentication operation for the network illustrated in fig. 2A, according to some embodiments.

The details of various embodiments of the methods and systems are set forth in the accompanying drawings and the description below.

Detailed Description

The following IEEE standards, including any draft versions of such standards, are incorporated herein by reference in their entirety and made part of this disclosure for all purposes: wiFi alliance standards and IEEE 802.11 standards, including but not limited to IEEE 802.11a ^TM、IEEE 802.11b^TM、IEEE 802.11g^TM、IEEE P802.11n^TM; the IEEE p802.11ac ^TM standard. Although the present disclosure may refer to aspects of these standards, the present disclosure is in no way limited by these standards.

For reading the following description of the various embodiments, the following description of the sections of the specification and their respective contents may be helpful:

Section a describes a network environment and computing environment that may be used to implement embodiments described herein; and

Section B describes embodiments of deauthentication and disassociation protocols and methods and apparatus using access protocols.

Various embodiments disclosed herein relate to protocols for de-authenticating or disassociating a connection or point-to-point connection on a network. The connection may be on a wider bandwidth sub-band. The connection may be a wireless connection to or from a client device (e.g., STA) or AP or may be between other types of communication devices. The client device or AP may be implemented in a device that includes one or more Integrated Circuits (ICs) packaged in an IC package. In some embodiments, the AP is configured to provide de-authentication or disassociation such that transmission of unnecessary frames is prevented. In some embodiments, the AP is configured to avoid a deadlock situation in which the client device remains connected on a previously used primary sub-band or channel of the AP without a valid data connection because the AP is no longer available on the previously used primary sub-band or channel.

A channel may refer to any portion of the electromagnetic spectrum used to communicate data. The portions may have different bandwidths and may be combined to form a wider bandwidth or channel. In some embodiments, the channel may have a 5MHz spacing around the center frequency and may occupy a frequency band of at least 20 MHz.

In some embodiments, disassociation may refer to a procedure in which a client device is no longer associated with an AP. In some embodiments, disassociation prevents the AP from continuing to attempt to transmit data to the client device after the connection is canceled. In some embodiments, disassociation generally involves sending a disassociation frame or message from the AP to the client device or from the client device to the AP. The client device may disassociate from the AP while still maintaining authentication on the network. In some embodiments, de-authentication may refer to a procedure that does not allow any further services to be provided to the client device. In some embodiments, de-authentication generally involves sending a de-authentication frame or message from the AP to the client device or from the client device to the AP.

According to some example network operations, an AP may be forced to change its primary control channel to one of the sub-band channels within the same wider bandwidth (e.g., 40/80/160/320MHz sub-band or channel). When this occurs, the AP sends a broadcast de-authentication/disassociation frame to disconnect all client devices connected to the AP in the original primary control channel so that the client devices can reconnect to the AP on the new primary control channel. However, if the client device is in sleep mode when the AP transmits the deauthentication/disassociation frame, the client device does not receive the deauthentication/disassociation frame and considers that the association with the AP is still valid on the original primary channel when the client device wakes up (e.g., leaves sleep mode). When this occurs, the client device continues to send data frames (e.g., uplink data traffic) over the associated wider bandwidth. When the AP sees these data frames from the client device due to its wider bandwidth reception and Receiver Address (RA) matching, the AP sends an ACK/BlockACK frame on the sub-band channel on which the data frame was received, then sends a de-authentication frame only on its current primary control channel (e.g., the new primary control channel). Although STAs and APs may listen over an entire wider bandwidth (e.g., 40/80/160/320MHZ bandwidth), management frames including, but not limited to, beacons, probe responses, deauthentication/disassociation frames are only filtered out at the physical layer of the STA if the frames are transmitted on the wider bandwidth primary control channel (e.g., 20MHZ sub-band) and all other management frames received at the STA and transmitted in non-primary control channels are typically filtered out at the physical layer of the STA.

As described under IEEE 802.11 specification section 11.3.4.1, a deauthentication frame (a level 3 frame received from a non-associated station) may be sent for reason 7. Other client devices receive these ACK/BlockACK frames from the AP because they are received on the associated primary channel and the client device assumes that the AP is still available nearby, but the AP is no longer available on the associated primary control channel. The dormant client device typically does not receive subsequent de-authentication frames from the AP because the AP only transmits de-authentication frames on its current primary control channel, which does not overlap with the original primary control channel. This transmission sequence may last for a long time (e.g., not end) and may result in a deadlock situation in which the client device remains connected on the AP's previous or original primary control channel, without a truly valid data connection, because the AP is no longer available on the associated primary control channel. This situation can lead to potential security issues, making the device under test vulnerable to denial of service attacks (DOS), and wasting communication overhead.

In some embodiments, a primary control channel may refer to a channel in the bandwidth (e.g., wider bandwidth) of a larger channel that includes a secondary bandwidth channel or secondary channel. In some embodiments, the primary control channel uses the upper half or the lower half of the bandwidth of the wider channel, and the secondary channel uses the remaining half of the bandwidth of the wider channel. In some embodiments, the bandwidths of the primary and secondary bandwidth channels are unequal, and the primary control channel occupies one subband and one or more secondary channels occupy the remaining subbands in the wider bandwidth. In some embodiments, the secondary channel has more or less bandwidth than the primary control channel. In some embodiments, the primary control channel is used for client devices supporting only a smaller channel bandwidth (e.g., 20 MHz), while the primary control channel and the secondary channel may be used for client devices supporting wider channel capabilities. In some embodiments, there are multiple secondary bandwidth channels and a single primary bandwidth channel, each having the same bandwidth. In some embodiments, the terms primary and secondary do not imply a particular priority and are interchangeable with the first and second, and vice versa.

In some embodiments, the primary control channel is a common operating channel for All Stations (STAs) that are members of a Basic Service Set (BSS). For example, in a 20MHz, 40MHz, 80MHz, 160MHz or 80+80MHz, 320MHz bandwidth BSS, the primary control channel is a 20MHz channel. In some embodiments, the primary control channel is used to transmit all management frames, while the secondary channel is a contiguous channel of the primary control channel. The secondary channel may be combined with the primary channel to form another primary channel of the next broader bandwidth. The primary control channel may refer to any channel used to send and receive management frames including, but not limited to, beacon frames, probe request/response frames, authentication request/response frames, association request/response frames, de-authentication frames, de-association frames, and the like.

Sleep mode may refer to an operational mode in which devices communicating on a network typically reduce their communication to conserve power. In some embodiments, the sleep mode may involve the device being unable to receive or transmit data for a portion of the predetermined period of time. As used herein, a frame refers to a digital data transmission unit. For example, a frame may refer to a container of a single network packet. A data frame may refer to a frame containing data. A de-authentication frame may refer to a frame (e.g., a management frame) sent by an AP or client device to terminate a connection in a network. In some embodiments, the de-authentication frame is used as a notification that no acknowledgement message is required. As used herein, a disassociation frame is a frame (e.g., a management frame) sent by an AP or client device that terminates a connection in a network and terminates an association between two devices (AP and client device). Once the client device associates to the AP, the client device or AP may terminate the association at any time by sending a disassociation frame. The disassociation frame may have the same or similar frame format as the deauthentication frame.

An ACK frame may refer to an acknowledgement message acknowledging receipt of a frame, and a block ACK frame may refer to an acknowledgement message acknowledging receipt of multiple frames. The broadcast deauthentication/disassociation frame may refer to a deauthentication frame or a disassociation frame that is desired to be received and processed by each client device connected to the AP. In some embodiments, the broadcast de-authentication frame or de-association frame has a hexadecimal MAC address FF-FF-FF-FF-FF-FF. The de-authentication/de-association may refer to de-authentication, de-association, or both, and the de-authentication/de-association frame may refer to a de-authentication frame, a de-association frame, or both. The de-authentication or disassociation frame may refer to a data frame (e.g., a level 2 frame or a level 3 frame), respectively, that has been received from an unauthenticated or disassociated device. The de-authentication or de-association frame may be provided from a device previously authenticated and/or associated but having been de-associated using a de-association procedure or de-authenticated using a de-authentication procedure.

The client device may send a disassociation frame because the client device is roaming away from the current AP to another AP. An AP or client device that receives a deauthentication frame or a disassociation frame may send an acknowledgement message in response to receipt of this frame. In some embodiments, a STA may disassociate from one AP and associate to a new AP while maintaining authentication with the same network. In some embodiments, the deauthentication frame and the disassociation frame may be an 802.11 management frame as defined by the 802.11 standard and may include a reason code indicating a reason for the deauthentication or disassociation. Example reason codes for the deauthentication frame include (but are not limited to): 1. unspecified reason; 2. the previous authentication is no longer valid; 3. since the transmitting STA is leaving (or has left) the BSS, the authentication is de-authenticated; 4. disassociation due to inactivity; 5. disassociating because the AP cannot handle all currently associated STAs; 6. a level 2 frame received from an unauthenticated STA; 7. a level 3 frame received from the disassociated STA; 8. disassociating because the transmitting STA is leaving (or has left) the BSS; 9. requesting the (re) associated STA to not respond to the authentication of the STA; 10. disassociating because the information in the power function is unacceptable; 11. disassociating because the information in the supported channel elements is not acceptable; 12. disassociation due to BSS transition management; 13. invalid elements, i.e., elements defined in the present standard, whose contents do not conform to the specification in clause 9; 14. message Integrity Code (MIC) failure; 15.4 handshake timeout; 16. group key handshake times out; the elements in the 17.4-way handshake are different from the (re) association request/probe response/beacon frames; 18. invalidating the group password; 19. invalidating the paired password; 20. invalidation AKMP;21. version RSNE, unsupported; 22. invalidating RSNE capability; ieee 802.1x authentication fails; 24. the cipher suite is rejected due to the security policy; 25. since TDLS direct link disassembly for TDLS peer STAs cannot be reached via TDLS direct links; 26. the direct link of the TDLS is disassembled due to unspecified reasons; 27. disassociating because termination of the session is requested by the SSP; 28. disassociation due to lack of SSP roaming agreements; 29. the requested service is denied due to SSP cipher suite or AKM requirements; 30. the requested service is not authorized at this location; ts is deleted because the QoS AP lacks sufficient bandwidth for this QoS STA due to a change in BSS service characteristics or operation mode (e.g., HT BSS changes from a 40MHz channel to a 20MHz channel); 32. disassociation due to unspecified QoS related reasons; 33. disassociation because the QoS AP lacks sufficient bandwidth for this QoS STA; 34. since too many frames need to be acknowledged, but not due to AP transmissions and/or poor channel conditions; 35. since the STA is transmitting outside the limitations of its TXOP, disassociation; 36. requesting that the STA is leaving the BSS (or resetting); 37. requesting the STA to no longer use the stream or session; 38. requesting the STA to receive a frame using a mechanism that has not completed the setup; 39. request from peer STA due to timeout; 46. in the disassociation frame: disassociating because authorized access restrictions are reached; 47. in the disassociation frame: disassociation due to external service requirements; 48. invalid FT action frame count; 49. invalidating a Pairwise Master Key Identifier (PMKID); 50. invalid MDE;51. invalidating the FTE;52. grid peering is canceled for unknown reasons; 53. the mesh STA has reached the supported maximum number of peer mesh STAs; 54. the received information violates a mesh configuration policy configured in a mesh STA configuration file; 55. the mesh STA has received a mesh peer close frame requesting to close the mesh peer; 56. the mesh STA has retransmitted the dot11MeshMaxRetries mesh peer open frame without receiving the mesh peer acknowledgement frame; 57. the acknowledgement timer of the mesh peer example expires; 58. the mesh STA fails to unpack the GTK or the value in the unpacked content is not matched; 59. the mesh STA receives inconsistent information about mesh parameters between mesh peer management frames; 60. mesh STAs cannot conduct authenticated mesh peer-to-peer exchanges because they fail to select a pairing cipher suite or group cipher suite; 61. the mesh STA does not have proxy information for this external destination; 62. the mesh STA does not have forwarding information for this destination; 63. the mesh STA determines that the link to the next hop of the active path in its forwarding information is no longer available; 64. since the MAC address of the STA already exists in the mesh BSS, a de-authentication frame is transmitted; 65. the mesh STA performs channel switching to meet the supervision requirement; 66. the mesh STA performs channel switching for unspecified reasons; 67. failure of transmission link establishment in the alternate channel; and 68. The alternate channel is occupied. The disassociation frame can have a similar structure and a similar reason code.

The systems and methods may advantageously provide a de-authentication/de-association frame on other channels than the current primary control channel. In some embodiments, the AP is configured to overcome the deadlock situation by copying and transmitting the de-authentication and/or disassociation frames on all sub-band channels in the wider bandwidth or on sub-band channels that receive level 3 frames from the unassociated client device so that the client device can receive the de-authentication and/or disassociation frames overlapping the primary channel and take appropriate action. In some embodiments, this operation overcomes the drawbacks associated with conventional APs. In some embodiments, the client device recovers from a deadlock situation by taking some subsequent action to disconnect/reconnect/roam to obtain a valid data connection quickly (e.g., as soon as possible). In some embodiments, the AP and client device may operate as per section 11.3.4.1 under the 802.11 standard with modifications that require the transmission of deauthentication and/or disassociation frames with applicable reason codes on all sub-band channels in a wider bandwidth or in sub-band channels that receive level 2/3 frames from non-associated clients. In some embodiments, the AP is configured to provide unicast or broadcast deauthentication and/or disassociation frames that may be replicated and transmitted across all sub-band channels in a wider bandwidth or on sub-band channels that receive level 2/3 frames from non-associated client devices.

Some embodiments relate to a method. The method includes providing, by a first device, a disassociation frame or a deauthentication frame on a first primary control channel in response to an indication of a change from the first primary control channel to a second primary control channel. The method also includes receiving, by the first device, a data frame from a second device on the first primary control channel, the second primary control channel, or a secondary channel. The method also includes providing, by the first device, another disassociation frame or deauthentication frame on the first primary control channel, the second primary control channel, or the secondary channel associated with the data frame.

In some embodiments, the further disassociation frame is provided as a broadcast frame. In some embodiments, the first device and the second device operate according to an 802.11 protocol. In some embodiments, the further de-authentication frame is provided as a broadcast frame. In some embodiments, the first device and the second device operate according to an 802.11e protocol.

In some embodiments, the data frame is provided in a wider band including the first primary control channel, the second primary control channel, or the secondary channel associated with the data frame. In some embodiments, the data frame is a level 3 frame. In some embodiments, the data frame is a level 2 frame.

In some embodiments, the method further includes providing an acknowledgement frame from the first device to the second device in response to the data frame on one of the first primary control channel, the second primary control channel, or the secondary channel associated with receipt of the data frame.

Some embodiments relate to an apparatus. The device includes circuitry configured to provide a disassociation frame or a deauthentication frame on a first primary control channel in response to an indication that operation of the device changes from the first primary control channel to a second primary control channel. The circuitry is to: 1) Configured to provide a deauthentication frame or a disassociation frame on one of the first primary control channel, the second primary control channel, or the secondary channel in response to receiving the deauthentication frame or the disassociation frame on the one of the first primary control channel, the second primary control channel, or the secondary channel, wherein the one of the first primary control channel, the second primary control channel, or the secondary channel is associated with receipt of the deauthentication or disassociation frame; or 2) configured to provide the other disassociation frame or disassociation frame on each of the first primary control channel, the second primary control channel, or the secondary channel in response to receiving the disassociation or disassociation frame on any of the first primary control channel, the second primary control channel, or the secondary channel.

In some embodiments, the device is an AP that provides communications according to the 802.11 protocol. In some embodiments, the further de-association frame or de-authentication frame is provided with an indication that the de-authentication or de-association frame has been received. In some embodiments, the circuitry is configured to provide the other disassociation frame or deauthentication frame on one of the first primary control channel, the second primary control channel, or the secondary channel in response to receiving the deauthentication or deauthentication frame on the other of the first primary control channel, the second primary control channel, or the secondary channel. In some embodiments, the circuitry is configured to perform both operations 1 and 2 above.

In some embodiments, the circuitry is configured to provide the further disassociation frame or disassociation frame on each of the first primary control channel, the second primary control channel, or the secondary channel in response to receiving the disassociation or disassociation frame on any of the first primary control channel, the second primary control channel, or the secondary channel.

In some embodiments, the circuitry is part of a media access layer or a physical layer. In some embodiments, the apparatus is an AP for an 802.11 standard wireless network.

Some embodiments relate to a method. The method includes providing, by a first device, a disassociation frame or a deauthentication frame on a first primary control channel in response to an indication of a change from the first primary control channel to a second primary control channel. The method also includes receiving, by the first device, a data frame from a second network device on a secondary channel of the first primary control channel, the second primary control channel, or a plurality of secondary channels. The first primary control channel, the second primary control channel, and the secondary channel are part of a wider bandwidth channel. The method further includes providing, by the first device, another disassociation frame or deauthentication frame on the first primary control channel, the second primary control channel, and the secondary channel.

In some embodiments, the first primary control channel, the second primary control channel, and the secondary channel form an entire wider bandwidth channel. In some embodiments, the disassociation frame or the deauthentication frame is provided in response to receiving the data frame, and the data frame is an unauthenticated data frame. In some embodiments, the first primary control channel is a 20MHz bandwidth channel.

Some embodiments relate to a device including circuitry configured to provide a disassociation frame or a deauthentication frame on a first primary control channel in response to an indication of a change from the first primary control channel to a second primary control channel. The circuitry is also configured to provide another disassociation frame or deauthentication frame on the first primary control channel, the second primary control channel, or the secondary channel in response to receiving a data frame from another device on the first primary control channel, the second primary control channel, or the secondary channel.

In some embodiments, the further disassociation frame or the deauthentication frame is provided as a broadcast frame. In some embodiments, the circuitry is configured to provide the disassociation frame or the deauthentication frame in accordance with an 802.11 protocol. In some embodiments, the circuitry is configured to provide the other deauthentication frame as a broadcast frame. In some embodiments, the circuitry is configured to provide the disassociation frame or the deauthentication frame in accordance with an 802.11e protocol. In some embodiments, the data frame is provided in a wider band including the first primary control channel, the second primary control channel, or the secondary channel associated with the data frame. In some embodiments, the circuitry is configured to provide an acknowledgement frame on one of the first primary control channel, the second primary control channel, or the secondary channel in response to the data frame. In some embodiments, the data frame is a level 3 frame. In some embodiments, wherein the data frame is a level 2 frame.

A. computing and network environment

Before discussing particular embodiments of the present solution, it may be helpful to describe aspects of the operating environment and related associated components (e.g., hardware elements) in connection with the methods and systems described herein. Referring to fig. 1A, an embodiment of a network environment is depicted. Briefly, a network environment includes a wireless communication system including one or more Access Points (APs) or network devices 106, one or more client devices (e.g., STAs) or wireless communication devices 102, and network hardware components or network hardware 192. The wireless communication device 102 may include, for example, a laptop computer, a tablet computer, a personal computer, and/or a cellular telephone device. Details of embodiments of each station or wireless communication device 102 and AP or network device 106 are described in more detail with reference to fig. 1B and 1C. In one embodiment, the network environment may be an ad hoc network environment, an infrastructure wireless network environment, a subnet environment, and the like. The network device 106 or AP may be operably coupled to the network hardware 192 via a local area network connection. In some embodiments, the network device 106 is a 5G base station. Network hardware 192, which may include routers, gateways, switches, bridges, modems, system controllers, appliances, and the like, may provide local area network connectivity for the communication system. Each of the network devices 106 or APs may have an associated antenna or antenna array to communicate with wireless communication devices in its area. The wireless communication device 102 may register with a particular network device 106 or AP to receive services from the communication system (e.g., via SU-MIMO or MU-MIMO configuration). For direct connections (e.g., point-to-point communications), some wireless communication devices may communicate directly via an allocation channel and a communication protocol. Some wireless communication devices 102 may be mobile or relatively stationary with respect to the network device 106 or the AP.

In some embodiments, the network device 106 or AP includes a device or module (including a combination of hardware and software) that allows the wireless communication device 102 to connect to a wired network using wireless fidelity (WiFi) or other standards. The network device 106 or AP may sometimes be referred to as a Wireless Access Point (WAP). The network device 106 or AP may be implemented (e.g., configured, designed, and/or constructed) for operation in a Wireless Local Area Network (WLAN). In some embodiments, the network device 106 or the AP may connect to the router as a standalone device (e.g., via a wired network). In other embodiments, the network device 106 or AP may be a component of a router. The network device 106 or AP may provide multiple devices with access to the network. The network device 106 or AP may, for example, connect to a wired ethernet connection and provide wireless connectivity for other devices 102 using a radio frequency link to utilize the wired connection. The network device 106 or AP may be implemented to support standards for sending and receiving data using one or more radio frequencies. The standard and the frequencies used by it may be defined by IEEE (e.g., IEEE 802.11 standard). The network device 106 or AP may be configured and/or used to support public internet hotspots and/or extend the Wi-Fi signal range of the network over the network.

In some embodiments, the access point or network device 106 may be used for a wireless network (e.g., in a home, in a car, or in a building) (e.g., IEEE 802.11, bluetooth, zigBee, any other type of radio-frequency based network protocol, and/or variants thereof). Each of the wireless communication devices 102 may include a built-in radio and/or be coupled to a radio. Such wireless communication devices 102 and/or access points or network devices 106 may operate in accordance with various aspects of the disclosure as presented herein to enhance performance, reduce cost and/or size, and/or enhance broadband applications. Each wireless communication device 102 may have the capability to act as a client node seeking access to resources, such as data and connections of networking nodes, such as servers, via one or more access points or network devices 106.

The network connection may include any type and/or form of network and may include any of the following: point-to-point networks, broadcast networks, telecommunications networks, data communication networks, computer networks. The network topology may be a bus, star, or ring network topology. The network may be any such network topology capable of supporting the operations described herein as known to those of ordinary skill in the art. In some embodiments, different types of data may be transmitted via different protocols. In other embodiments, the same type of data may be transmitted via different protocols.

The communication device 102 and access point or network device 106 may be deployed as and/or executed on any type and form of computing device, such as a computer, network device, or appliance capable of communicating over any type and form of network and performing the operations described herein. Fig. 1B and 1C depict block diagrams of a computing device 100 that may be used to practice embodiments of a wireless communication device 102 or a network device 106. As shown in fig. 1B and 1C, each computing device 100 includes a processor 121 (e.g., a central processing unit) and a main memory unit 122. As shown in fig. 1B, computing device 100 may include storage 128, mounting device 116, network interface 118, I/O controller 123, display devices 124 a-124 n, keyboard 126, and pointing device 127, such as a mouse. The storage 128 may include an operating system and/or software. As shown in fig. 1C, each computing device 100 may also include additional optional elements, such as a memory port 103, a bridge 170, one or more input/output devices 130 a-130 n, and a cache memory 140 in communication with a central processing unit or processor 121.

Central processing unit or processor 121 is any logic circuitry that responds to and processes instructions fetched from main memory unit 122. In many embodiments, the central processing unit or processor 121 is provided by a microprocessor unit, such as: those manufactured by intel corporation of santa clara, california; those manufactured by International Business machines corporation of white Place, N.Y.; or those manufactured by advanced microdevice corporation of senyverer, california. The computing device 100 may be based on any of these processors, or any other processor capable of operating as described herein.

Main memory unit 122 may be one or more memory chips capable of storing data and allowing any storage location to be directly accessed by microprocessor or processor 121, such as Static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), ferroelectric RAM (FRAM), NAND flash, NOR flash, and Solid State Drive (SSD), of any type or variation. Main memory unit 122 may be based on any of the memory chips described above, or any other available memory chip capable of operating as described herein. In the embodiment shown in FIG. 1B, processor 121 communicates with a main memory unit 122 via a system bus 150 (described in more detail below). FIG. 1C depicts an embodiment of computing device 100 in which the processor communicates directly with main memory unit 122 via memory port 103. For example, in FIG. 1C, the main memory unit 122 may be a DRDRAM.

Fig. 1C depicts an embodiment in which the primary processor 121 communicates directly with the cache memory 140 via a secondary bus (sometimes referred to as a back-side bus). In other embodiments, the main processor 121 communicates with cache memory 140 using a system bus 150. Cache memory 140 typically has a faster response time than main memory unit 122 and is provided by, for example, SRAM, BSRAM, or EDRAM. In the embodiment shown in FIG. 1C, the processor 121 communicates with various I/O devices 130 via a local system bus, such as system bus 150. Various buses may be used to connect the central processing unit or processor 121 to any I/O device 130, such as a VESA VL bus, an ISA bus, an EISA bus, a Micro Channel Architecture (MCA) bus, a PCI-X bus, a PCI-Express bus, or a NuBus. For embodiments in which the I/O device is a video display 124, the processor 121 may use an Advanced Graphics Port (AGP) to communicate with the display 124. FIG. 1C depicts an embodiment of a computer or computer system 100 in which a host processor 121 may communicate directly with I/O device 130b, e.g., via HYPERTRANSPORT, RAPIDIO or INFINIBAND communication techniques. FIG. 1C also depicts an embodiment in which a local bus and direct communication are mixed: the processor 121 communicates with I/O device 130a using a local interconnect bus while communicating directly with I/O device 130 b.

A wide variety of I/O devices 130 a-130 n may be present in computing device 100. The input device comprises a keyboard, a mouse, a touch pad, a track ball, a microphone, a dial, a touch pad, a touch screen and a drawing board. The output device includes a video display, a speaker, an inkjet printer, a laser printer, a projector, and a dye sublimation printer. The I/O devices may be controlled by an I/O controller 123, as shown in FIG. 1B. The I/O controller may control one or more I/O devices, such as a keyboard 126 and a pointing device 127, such as a mouse or light pen. In addition, the I/O devices may also provide storage and/or installation media for the computing device 100. In still other embodiments, computing device 100 may provide a USB connection (not shown) to receive a handheld USB storage device, such as a device of the USB flash drive family manufactured by Twintech Industry, inc.

Referring again to FIG. 1B, the computing device 100 may support any suitable mounting device 116, such as a disk drive, CD-ROM drive, CD-R/RW drive, DVD-ROM drive, flash drive, tape drives of various formats, USB devices, hard drives, network interfaces, or any other device suitable for installing software and programs. Computing device 100 may further include a storage device, such as one or more hard drives or redundant arrays of independent disks, for storing an operating system and other related software, as well as for storing application software programs, such as any program or software 120 for implementing (e.g., configured and/or designed for) the systems and methods described herein. Optionally, any mounting device 116 may also be used as a storage device. Additionally, the operating system and software may run from a bootable medium.

Furthermore, computing device 100 may include a network interface 118 to interface with a network through various connections including, but not limited to, standard telephone lines, LAN or WAN links (e.g., 802.11, T1, T3, 56kb, X.25, SNA, DECNET), broadband connections (e.g., ISDN, frame Relay, ATM, gigabit Ethernet, ethernet over SONET), wireless connections, or some combination of any or all of the above. The connection may be established using various communication protocols, such as TCP/IP, IPX, SPX, netBIOS, ethernet, ARCNET, SONET, SDH, fiber distributed data interface (FDDI)、RS232、IEEE 802.11、IEEE 802.11a、IEEE 802.11b、IEEE 802.11g、IEEE 802.11n、IEEE 802.11ac、IEEE 802.11ad、CDMA、GSM、WiMax, and direct asynchronous connection. In one embodiment, the computing device 100 communicates with other computing devices 100' via any type and/or form of gateway or tunneling protocol, such as Secure Socket Layer (SSL) or Transport Layer Security (TLS). The network interface 118 may comprise a built-in network adapter, network interface card, PCMCIA network card, card bus network adapter, wireless network adapter, USB network adapter, modem, or any other device suitable for interfacing the computing device 100 to any type of network capable of communicating and performing the operations described herein.

In some embodiments, the computing device 100 may include or be connected to one or more display devices 124 a-124 n. Thus, any I/O device 130 a-130 n and/or I/O controller 123 may include any type and/or form of suitable hardware, software, or combination of hardware and software to support, enable, or provide for the connection and use of display devices 124 a-124 n by computing device 100. For example, computing device 100 may include any type and/or form of video adapter, video card, driver, and/or library to interface, communicate, connect, or otherwise use display devices 124 a-124 n. In one embodiment, the video adapter may include a plurality of connectors to interface to the display devices 124 a-124 n. In other embodiments, computing device 100 may include multiple video adapters, with each video adapter connected to display devices 124 a-124 n. In some embodiments, any portion of the operating system of computing device 100 may be configured for use with multiple display devices 124 a-124 n. In other embodiments, I/O device 130 may be a bridge between system bus 150 and an external communication bus (e.g., a USB bus, an Apple Desktop bus, an RS-232 serial connection, a SCSI bus, a FireWire 800 bus, an Ethernet bus, an AppleTalk bus, a gigabit Ethernet bus, an asynchronous transfer mode bus, a fibre channel bus, a fiber optic bus, a serial attached Small computer System interface bus, a USB connection, or an HDMI bus).

The computing device 100 of the kind depicted in fig. 1B and 1C may operate under the control of an operating system that controls the scheduling of tasks and access to system resources. The computing device 100 may run any operating system, such as any version of the microsoft WINDOWS operating system, different versions of the Unix and Linux operating systems, any version of the MAC OS for Macintosh computers, any embedded operating system, any real-time operating system, any open source operating system, any proprietary operating system, any operating system for mobile computing devices, or any other operating system capable of running on a computing device and performing the operations described herein. Typical operating systems include (but are not limited to): android manufactured by google corporation; WINDOWS 7, 8, and 10 manufactured by microsoft corporation of redmond, washington; MAC OS manufactured by apple computer of cupertino, california; webOS manufactured by RESEARCH IN Motion (RIM); OS/2 manufactured by International Business machines corporation of Armonk, N.Y.; and freely available operating system Linux or any type and/or form of Unix operating system issued by Caldera company in salt lake city, utah, etc.

The computer system or computing device 100 may be any workstation, telephone, desktop computer, laptop or notebook computer, server, handheld computer, mobile telephone or other portable telecommunications device, media playback device, gaming system, mobile computing device, or any other type and/or form of computing, telecommunications, or media device capable of communicating. In some embodiments, computing device 100 may have different processors, operating systems, and input devices consistent with the device. For example, in one embodiment, computing device 100 is a smart phone, mobile device, tablet, or personal digital assistant. Moreover, computing device 100 may be any workstation, desktop, laptop or notebook computer, server, handheld computer, mobile telephone, any other computer, or other form of computing or telecommunications device capable of communicating and having sufficient processor power and memory capacity to perform the operations described herein.

The aspects of the operating environment and components described above will become apparent in the context of the systems and methods disclosed herein.

B. Client device and AP communication

Disclosed herein are systems and methods that may be used in any communication system including, but not limited to, wi-Fi networks. The systems and methods may be used with an AP in a communication network in which there are level 3 frames or level 2 frames received from non-associated or unauthenticated (e.g., previously associated or previously authenticated) client devices or STAs during wider bandwidth reception. Although disassociation and deauthentication frames and protocols under the 802.11 standard are described herein, the systems and methods may be used with other disassociation and deauthentication messages and protocols, including but not limited to such protocols used in other networks (cellular networks) and point-to-point communications. The systems and methods may be used with only a disassociation protocol, only a deauthentication protocol, or both.

Referring to fig. 2A, a wireless communication network or system 200 includes client devices or STAs 202, 204, 206, and 208 and APs 212, 214, and 216. STAs 202, 204, 206 and 208 and APs 212, 214 and 216 may be used in the system discussed with reference to fig. 1A-C. Any number of STAs 202, 204, 206 and 208 and APs 212, 214 and 216 may be used in the network or system 200. As used herein, a station or STA is any device for communicating in the communication system 200 and includes, but is not limited to, a fixed, portable, or mobile laptop, desktop personal computer, personal digital assistant, workstation, wearable device, smart phone, or Wi-Fi phone. As used herein, an access point or AP refers to a device for communicatively coupling one or more non-AP devices (e.g., client devices or STAs) to a network. More specifically, the AP may enable non-AP devices to connect and communicate with the network. In some embodiments, the AP is a Wireless Access Point (WAP) configured to enable wireless communications between non-AP devices. APs include, but are not limited to, mobile, portable, or fixed hotspots, routers, bridges, or other communication devices. The AP may provide services to STAs, e.g., act as a point of attachment to another network. The STAs 202, 204, 206 and 208 and APs 212, 214 and 216 may each include a wireless transceiver and various modules for communicating via a connection. A module may be a software (e.g., firmware) and/or hardware component. In some embodiments, each of STAs 202, 204, and 206 and APs 212, 214, and 216 includes IEEE 802.11 compliant Media Access Control (MAC) layer circuitry and a Physical (PHY) layer interface to wireless media and may be part of a larger device or system. In some embodiments, each of STAs 202, 204, 206 and 208 and APs 212, 214 and 216 operate in accordance with standards other than IEEE 802.11.

After authentication and association, a connection for wireless communication may be established between at least one of the STAs 202, 204, 206, and 208 and the APs 212, 214, and 216. For example, STA 202 has a connection 218 to AP 212. STAs 202, 204, 206, and 208 each include circuitry (e.g., a processor or processing circuit 230), and APs 212, 214, and 216 each include circuitry (e.g., processing circuit 220) for establishing and canceling connection 218 and communicating data across the connection. In some embodiments, connection 218 is a wireless connection formed using association and authorization operations and canceled using disassociation and deauthentication operations.

Referring to fig. 2B, the AP 212 is configured for dynamic subband operation and adaptive disassociation and/or deauthentication operation according to some embodiments. In some embodiments, AP 212 includes a network interface 210, processing circuitry 230, a processor 234, memory 236, a channel switch module 238, a disassociation/deauthentication module 240, and a transmitter 242. Processing circuitry 230 is any circuitry or component capable of performing logic and communication processing.

In some embodiments, the processing circuit 230 is implemented as a field programmable gate array, application specific integrated circuit, hardware, software executing processor, or state machine. In some embodiments, the processing circuitry 230 is part of a layer (e.g., MAC layer, network layer, PHY layer) of an IEEE 802.11 standard device. In some embodiments, the processing circuitry 230 may be configured to perform communication operations, frame construction and processing, association operations, authorization operations, connection establishment, disassociation operations, and deauthentication operations. In some embodiments, instructions for processing circuitry 230 are stored in a non-transitory medium such as memory 236. Processing circuitry 220 of STA202 is similar to processing circuitry 230.

Memory 236 may be one or more devices (e.g., RAM, ROM, flash memory, hard disk memory) for storing data and/or computer code for completing and/or facilitating the various processes described herein. Memory 236 may be or include non-transitory volatile memory, non-volatile memory, and non-transitory computer storage media. Memory 216 may include database components, object code components, script components, or any other type of information structure for supporting the various activities and information structures described herein. The memory 236 may be communicatively coupled to the processor 234 and include computer code or instructions for performing one or more processes described herein. The processor 234 may be implemented as one or more Application Specific Integrated Circuits (ASICs), field Programmable Gate Arrays (FPGAs), a group of processing components, a software executing processor, a state machine, or other suitable electronic processing components. As such, the AP or network device 106 is configured to run various modules and/or programs and store the associated data in a database of memory 236. The modules (e.g., 238 and 242) may be implemented in AP software (e.g., MAC layer or PHY layer software) or STA software (e.g., MAC layer or PHY layer software).

In some embodiments, the network interface 210 is structured and used to establish connections with other computing systems and devices, such as the wireless communication device 102, the network hardware 192, other access points, or the network device 106 (fig. 1A-C), via a network, such as a WAN connection, a LAN connection, a WLAN connection, etc. Network interface 210 contains program logic that facilitates the connection of AP 212 to a network connection. For example, the network interface 210 may include any combination of wireless network transceivers (e.g., cellular modem, bluetooth transceiver, wi-Fi transceiver, transmitter 242, etc.) and/or wired network transceivers (e.g., ethernet transceivers). In some arrangements, the network interface 210 includes hardware (e.g., processors, memory, etc.) and machine readable media sufficient to support communication over multiple channels of data communication. As used herein, a network interface or network interface circuit is any circuit or circuitry (with or without software) configured to establish a connection with other computing systems. The network interface 210 may include the physical layer circuitry necessary to communicate with a data link layer standard, such as ethernet or Wi-Fi. The circuit may prepare and control the flow of data over the network.

In some embodiments, processing circuitry 230 or AP 212 includes a channel switching module 238 (sometimes referred to as a "channel switching circuit"). Channel switching module 238 may be configured to communicatively couple with one or more client devices, such as non-AP devices 102 or STAs 202, 204, 206, and 208 (fig. 2A), and may be configured to allocate one or more devices 102 on one of a primary bandwidth channel or a secondary bandwidth channel. In particular, channel switching module 238 may be configured to perform dynamic subband operations. For example, channel switching module 238 may be configured to determine network traffic for device 102. Accordingly, channel switching module 238 may utilize a channel switching protocol to improve network traffic (e.g., uplink traffic and downlink traffic) from AP 212 to device 102. That is, the device 102 may split between different portions of the 320MHz spectrum on different channels. Channel switching protocols include moving between primary and secondary channels. In particular, channel switching module 238 enables AP 212 to dynamically switch device 102 between channels based on, for example, actual network traffic and/or expected network traffic. For example, the channel switching module 238 may be configured to switch the device 102 (fig. 1) (or the AP 212) from a primary bandwidth channel to operate on a secondary bandwidth channel. In particular, channel switching module 238 may determine whether device 102 or AP 212 should switch channels based on (i) bandwidth availability and (ii) quality of service requirements. As used herein, a channel switching circuit or unit is any circuit or circuitry (with or without software) configured to designate one or more devices to communicate over a channel or portion of a channel, including but not limited to a primary control channel. As used herein, a channel switching circuit or unit is any circuit or circuitry (with or without software) configured to designate one or more devices to communicate over a channel or portion of a channel.

In various embodiments, processing circuit 230 or AP 212 includes a transmitter 242 (sometimes referred to as a "transmitter circuit"). The transmitter 242 provides transmission to a network connection (e.g., device 102, network hardware 192) via the network interface 210 using various network protocols. In some embodiments, the transmitter 242 may also be configured to perform channel sounding. Channel sounding may include transmitting (e.g., by transmitter 242) a Null Data Packet Announcement (NDPA) frame followed by a Null Data Packet (NDP), or an initial control frame exchange. Transmitter 242 is any circuitry for communicating radio frequency data, such as data in frames. In some embodiments, the transmitter 242 provides a disassociation and/or deauthentication frame and an acknowledgement thereof.

In some embodiments, processing circuit 230 or AP 212 includes a disassociation/deauthentication module 240. The disassociation/deauthentication module 240 is configured to cause the transmitter 242 to provide disassociation and/or deauthentication frames and acknowledgements thereof. In some embodiments, the disassociation/deauthentication module 240 provides only one of a disassociation frame or a deauthentication frame. In some embodiments, the disassociation/deauthentication module 240 is configured to provide the disassociation and/or deauthentication frames in response to conditions when an AP is required to change its primary channel to a sub-band channel within a wider bandwidth. In some embodiments, the disassociation/deauthentication module 240 is provided in a client device, such as STAs 202, 204, 206, 208 (fig. 2A).

In some embodiments, the disassociation/disassociation module 240 is configured to copy or copy the disassociation and/or disassociation frames for transmission on all sub-band channels in a wider bandwidth or on sub-band channels that receive level 3 frames from a non-associated client such that STAs 204, 206, and 208 can receive the disassociation and/or disassociation frames overlapping their primary channels and take appropriate action. In some embodiments, the disassociation/disassociation module 240 is configured to copy or copy the disassociation and/or disassociation frames on the sub-band channels that receive the level 2 frames from the unassociated STAs so that the STAs can receive the disassociation and/or disassociation frames overlapping their primary channels and take appropriate action. As used herein, a level 3 frame refers to a frame that will be accepted after association and authentication has been completed. The 3 rd level frame includes a data frame, a management frame, and a control frame. As used herein, a level 2 frame refers to a frame that will be accepted after authentication has been completed. The level 2 frame includes a management frame and a control frame. Modules 238 and 240 may be implemented in AP software (e.g., MAC and PHY layer software). In some embodiments, the disassociation/deauthentication module 240 may advantageously prevent deadlock situations associated with conventional APs.

Referring to fig. 3, in some embodiments, AP 212 may communicate with STA 204 using channel 300. The channel 300 includes a primary control sub-band 302 (e.g., 20 MHz), a secondary sub-band 304 (e.g., 20 MHz), a secondary sub-band 306 (e.g., 20 MHz), a secondary sub-band 308 (e.g., 20 MHz), a secondary sub-band 310 (e.g., 20 MHz), a secondary sub-band 312 (e.g., 20 MHz), a secondary sub-band 314 (e.g., 20 MHz), and a secondary sub-band 316 (e.g., 20 MHz). Any of the secondary subbands 304-316 may be primary control subbands, and the primary control subband 302 may be changed to a secondary subband. Channel 300 may also be allocated as a single wider bandwidth 340 (e.g., 160 MHz), a wider bandwidth 330 (e.g., 80 MHz), and a wider bandwidth 332 (e.g., 80 MHz). Channel 300 may also be allocated as a wider bandwidth 320 (e.g., 40 MHz), a wider bandwidth 322 (e.g., 40 MHz), a wider bandwidth 324 (e.g., 40 MHz), and a wider bandwidth 326 (e.g., 40 MHz). Communications may occur over any of the subbands 302 to 316 or the wider bandwidths 320 to 340. Subbands 302-316 and wider bandwidths 320-340 may be referred to as channels, subbands, bandwidths, or bandwidth channels.

In some embodiments, channel 300 is an IEEE 802.11 wider bandwidth channel of an infrastructure configured for BSS operation. In some embodiments, the subbands 302-316 and the wider bandwidths 320-340 are divided into two categories: primary control channels (e.g., common operating channels of All Stations (STAs) that are members of the BSS) and secondary channels. For example, in 20MHz, 40MHz, 80MHz, 160MHz or 80+80MHz and 320MHz bandwidth BSS, the primary control channel is a 20MHz channel. In some embodiments, the primary control channel is used to transmit all management frames including, but not limited to, beacon frames, probe request/response frames, association request/response frames, deauthentication frames, disassociation frames, and the like. In some embodiments, the primary channel may be a core frequency segment of a BSS or AP. The secondary channel/sub-band channel (SC) comprises adjacent channels to the primary channel. In a wider bandwidth example, although the STA 208 and AP 212 may listen over the entire wider bandwidth (e.g., 40/80/160/320MHz bandwidth), management frames such as beacons, probe responses, deauthentication/disassociation frames, etc., are only received at the STA 208 if the frames are transmitted on the wider bandwidth primary 20MHz control channel and all other management frames transmitted in the non-primary channel are filtered at the PHY level at the station, as described in IEEE 802.11 standard section 23.3.20. For example, section 23.3.20 describes a PHY reception procedure in which the PHY should not issue a PHY-rxstart.indication primitive in response to a physical layer protocol data unit (PPDU) that does not overlap with the primary channel. The PHY-rxstart.indication primitive informs the MAC layer that a data packet is now arriving and can be used to reconfigure the physical media related layer for the new rate and modulation scheme.

Referring to fig. 4, in some embodiments, the AP 212 may communicate with the STA 208 using a bandwidth or channel 300. The STA 208 provides uplink data 350 to the AP 212 via the sub-band 302, which sub-band 302 is the primary control channel of the STA 208 and the AP 212 in some embodiments. When the AP 212 is forced or elected to change the primary control channel from sub-band 302 to another sub-band (e.g., sub-band 304), the AP 212 sends a broadcast de-authentication/disassociation frame 348 to disconnect all client devices (including STA 208) connected to the AP 212 on the current primary channel (sub-band 302) so that the client devices can reconnect to the AP 212 on the new primary channel (e.g., sub-band 304). The AP 212 may be forced to change the primary control channel due to interference on the channel. The indication of the change may be generated internally by the AP 212 or received from other APs or devices, such as STAs 202, 204, 206 and 208 (fig. 2A). The indication may be processed in the MAC layer. Various channel selection algorithms may be used to select a new primary control channel or to indicate a change is required or is about to change. In some embodiments, AP 212 selects a new channel based on the number of BSS identities on the channel, the received signal strength indication, the non-Wi-Fi utilization, and/or the channel overlap and bonding parameters.

If STA208 is in sleep mode when AP 212 transmits a deauthentication/disassociation frame 348 on subband 302, then STA208 considers the association with AP 212 to be still valid on the associated primary channel (e.g., subband 302) and continues to transmit uplink data traffic (e.g., uplink data 354, 356, and 358 on respective subbands 304, 306, and 308) on the associated wider bandwidth when STA208 wakes up from sleep mode. Whenever the AP 212 receives a view of uplink data 354, 356 and 358 (e.g., in the form of data frames) due to its wider bandwidth reception and Receiver Address (RA) matching, the AP 212 sends an ACK/BlockACK frame (acknowledgement and block acknowledgement message) on the sub-band channel on which the data frame was received, and then sends a de-authentication/de-association frame 352 on its current primary control channel (sub-band 304) only for reason 7 (level 3 frame received from the non-associated station), as described in the IEEE 802.11 specification. Section 11.3.4 authentication and de-authentication specification: "11.3.4.1 Total … if STA A in the infrastructure BSS receives a level 2 or level 3 frame from STA B that is not authenticated by STA A (i.e., the state of STA B is state 1), then STA A will discard the frame. If the frame has an individual address in the address 1 field, then STA a's MLME should send a deauthentication frame … reason code name to STA B, meaning 7invalid_class3_frame, a level 3 frame received from a non-associated STA. The client devices that received these ACK/BlockACK messages from AP 212 on the associated primary channel assume that AP 212 is still available nearby, but is no longer available on the associated primary control channel. The STA208 does not receive a subsequent de-authentication/disassociation frame from the AP 212 because the frame is transmitted only on the current primary control channel (sub-band 304) that does not overlap the primary control channel of the STA 208. This order may lead to a deadlock situation.

Referring to fig. 5, in some embodiments, the AP 212 and/or STA 208 may use systems and methods to avoid deadlock situations. In some embodiments, the AP 212 may communicate with the STA 208 using the channel 300. The STA 208 provides uplink data 402 to the AP 212 via the sub-band 302, which sub-band 302 is the primary control channel of the STA 208. The primary control channel of AP 212 is subband 302. When the AP 212 is forced to change the primary control channel from sub-band 302 to another sub-band (e.g., sub-band 304), the AP 212 sends a de-authentication/disassociation frame 400 (e.g., as a broadcast de-authentication/disassociation frame) to disconnect all client devices (including STA 208) connected to the AP 212 on the current primary channel (sub-band 302) so that the client devices can reconnect to the AP 212 on the new primary channel (e.g., sub-band 304). If the STA 208 is in sleep mode when the AP 212 transmits the deauthentication/disassociation frame 400 on the sub-band 302, the STA 208 considers the association with the AP 212 to be still valid on the associated primary control channel (e.g., sub-band 302) and continues to transmit uplink data traffic (e.g., uplink data 406, 410, and 414 on the respective sub-bands 304, 306, and 308) on the associated wider bandwidth when the STA 208 wakes up from sleep mode. In some embodiments, whenever AP 212 receives uplink data 406, 410, and 414 (e.g., in the form of data frames) due to its wider bandwidth reception and Receiver Address (RA) match, AP 212 sends ACK/BlockACK frames (acknowledgement and block acknowledgement messages) and sends de-authentication/de-association frames 400, 404, 408, and 412 (e.g., as broadcast de-authentication/de-association frames) on the sub-band channels on which the data frames were received, which frames may be duplicates of each other provided by de-association/de-authentication module 240 (fig. 2B). In some embodiments, the deauthentication/disassociation frames 400, 404, 408, and 412 are sent on all sub-band channels (e.g., sub-bands 302-316 in the wider bandwidth 340 (fig. 3)) or on sub-band channels (e.g., sub-bands associated with the uplink data 402, 406, 410, and 414) that receive level 2 or level 3 frames from clients that are not now associated. In some embodiments, the deauthentication/disassociation frames 400, 404, 408, and 412 are transmitted by the RA of the STA that transmitted the deauthentication or disassociation data using a unicast address directed to the STA. In some embodiments, the provision of the deauthentication/disassociation frames 400, 404, 408, and 412 allows all client devices to receive the deauthentication and/or disassociation frames on subbands that overlap with their primary channels (e.g., subbands 302, 304, 306, and 308) and take appropriate actions (e.g., follow the disconnect/reconnect/roam actions as soon as possible to obtain a new valid data connection). The deauthentication/disassociation frames 400, 404, 408, and 412 are one or more of a deauthentication frame, or both a deauthentication frame and a deauthentication frame.

Referring to fig. 6, a flow 600 is used for a connection between a STA602 and an AP 604 over a wider bandwidth (e.g., 80MHz wide bandwidth). In some embodiments, STA602 (e.g., at least one of STAs 202, 204, and 206) and AP 604 (e.g., at least one of APs 212, 214, and 216) exchange frame 610 using a primary control subband aligned at channel 36 having a20 MHz bandwidth in a wider channel having a 80MHz bandwidth. In some embodiments, frame 610 comprises a level 3 frame comprising a data frame and an acknowledgement frame. In operation 620, the primary control sub-band of the ap 604 moves from the channel 36 to the channel 40 having a20 MHz bandwidth in the wider channel having an 80MHz bandwidth in the 5GHz band. In some embodiments, the AP 212 may use the same wide bandwidth, but a different 20MHz primary control sub-band. The AP 604 de-authenticates and/or de-associates all client devices including the STA602 by sending a broadcast de-authentication/de-association frame 612 on the primary control sub-band aligned at channel number 36 in the 20MHz sub-band in the 5GHz band. The STA602 may not receive the deauthentication/disassociation frame 612 (e.g., due to being in sleep mode) and may send a wideband data message 614 (e.g., a level 2 or level 3 frame) and receive an acknowledgement message from the AP 212 when the STA602 wakes up from sleep mode. In response to the data message 614, the AP 604 transmits a broadcast de-authentication/disassociation frame 618 (e.g., to indicate 7. Level 3 frames received from the disassociated STA or to indicate 6. Level 2 frames received from the un-authenticated STA) on all subbands on which level 3 or level 2 frames were received from the un-authenticated or unassociated STA.

A client device, such as STA602, receives one of the deauthentication/disassociation frames 616 on its primary subband and senses that the connection is lost and attempts to reestablish the connection aligned to 40 in 80MHZ wide bandwidth. Advantageously, the AP 604 may reduce the time to reestablish the connection by using the broadcast de-authentication/disassociation frame 616 on all subbands receiving the level 3 frame. If the broadcast deauthentication/disassociation frame 616 on all subbands receiving the level 3 or level 2 frame is not used, the STA602 and AP 604 may continue to send and receive wideband data messages 614 and receive acknowledgement messages, which may result in delays and wasted communication bandwidth.

In some embodiments, broadcast deauthentication/disassociation frame 616 is a unicast frame. Unicast frames refer to frames sent to a particular device identified by the RA. In some embodiments, RA is determined from the RA of the source address or acknowledgement message of the data message 614. In some embodiments, unicast frames are sent on all subbands that send data messages or frames.

It should be noted that certain paragraphs of the present disclosure may refer to terms related to subsets of frames, responses, and devices, such as "first" and "second", for the purpose of identifying or distinguishing one from another or otherwise. These terms are not intended to be associated with an entity (e.g., a first device and a second device) only in time or in order, although in some cases, such entities may include such a relationship. Nor do these terms limit the number of possible entities (e.g., STAs, APs, beamformers, and/or beamformed receivers) that may operate within a system or environment. It should be understood that the above-described system may provide a plurality of any or each of the components and that these components may be provided on separate machines or, in some embodiments, on multiple machines in a distributed system. Further, the bit field positions may be changed and multi-bit words may be used. Additionally, the systems and methods described above may be provided as one or more computer-readable programs or executable instructions embodied on or in one or more articles of manufacture, such as a floppy disk, hard disk, CD-ROM, flash memory card, PROM, RAM, ROM, or magnetic tape. The program may be implemented in any programming language, such as LISP, PERL, C, C ++, c#, or in any bytecode language, such as JAVA. The software program or executable instructions may be stored as object code on or in one or more articles of manufacture. Circuitry may refer to any electronic circuit or circuitry.

While the foregoing written description of the methods and systems enables one of ordinary skill in the art to make and use the same, one of ordinary skill in the art will understand and appreciate the existence of variations, combinations, and equivalents of the specific embodiments, methods, and examples herein. For example, the specific values of bandwidth, channel, and sub-band discussed above are exemplary. Thus, the present methods and systems should not be limited by the embodiments, methods, and examples described above, but rather by all embodiments and methods within the scope and spirit of the present disclosure.

Claims (20)

1. An apparatus, comprising:

Circuitry configured to provide a disassociation frame or a deauthentication frame on a first primary control channel in response to an indication of a change from the first primary control channel to a second primary control channel, and to provide another disassociation frame or a deauthentication frame on the first primary control channel, the second primary control channel, or the secondary channel in response to receiving a data frame from another device on the first primary control channel, the second primary control channel, or the secondary channel.

2. The device of claim 1, wherein the other disassociation frame or disassociation frame is provided as a disassociation/disassociation frame.

3. The device of claim 1, wherein the circuitry is configured to provide the disassociation frame or deauthentication frame in accordance with an 802.11 protocol.

4. The device of claim 1, wherein the circuitry is configured to provide the other de-authentication frame as a de-authentication/de-association frame.

5. The device of claim 1, wherein the circuitry is configured to provide the disassociation frame or deauthentication frame in accordance with an 802.11e protocol.

6. The apparatus of claim 1, wherein the data frame is provided in a first channel comprising the first primary control channel, the second primary control channel, or the secondary channel associated with the data frame.

7. The device of claim 1, wherein the circuitry is configured to provide an acknowledgement frame on one of the first primary control channel, the second primary control channel, or the secondary channel in response to the data frame.

8. The apparatus of claim 1, wherein the data frame is a level 3 frame.

9. The apparatus of claim 1, wherein the data frame is a level 2 frame.

10. An apparatus, comprising:

Circuitry configured to provide a disassociation frame or a deauthentication frame on a first primary control channel in response to an indication of an operation of the device to change from the first primary control channel to a second primary control channel, wherein the circuitry is to: 1) Configured to provide another disassociation frame or disassociation frame on at least one of the first primary control channel, the second primary control channel, or the secondary channel in response to receiving the disassociation frame or disassociation frame on the at least one of the first primary control channel, the second primary control channel, or the secondary channel; or 2) configured to provide the other disassociation frame or disassociation frame on each of the first primary control channel, the second primary control channel, or the secondary channel in response to receiving the disassociation or disassociation frame on any of the first primary control channel, the second primary control channel, or the secondary channel.

11. The device of claim 10, wherein the device is an access point configured to provide communication according to an 802.11 protocol.

12. The device of claim 10, wherein the circuitry is configured to provide an indication to the other disassociation frame or disassociation frame that the disassociation or disassociation frame has been received.

13. The device of claim 10, wherein the circuitry is configured to provide the other of the de-association frame or the de-authentication frame on one of the first primary control channel, the second primary control channel, or the secondary channel in response to receiving the de-authentication or de-association frame on the other of the first primary control channel, the second primary control channel, or the secondary channel.

14. The device of claim 10, wherein the circuitry is configured to provide the other disassociation frame or disassociation frame on each of the first primary control channel, the second primary control channel, or the secondary channel in response to receiving the disassociation or disassociation frame on any of the first primary control channel, the second primary control channel, or the secondary channel.

15. The apparatus of claim 10, wherein the circuitry is part of a media access layer or a physical layer, wherein the apparatus is an access point of an 802.11 standard wireless network.

16. The apparatus of claim 10, wherein the data frame is a level 3 frame or a level 2 frame.

17. A method, comprising:

Providing, by a first device, a disassociation frame or a deauthentication frame on a first primary control channel in response to an indication of a change from the first primary control channel to a second primary control channel;

Receiving, by the first device, a data frame from a second device on a secondary channel of the first primary control channel, the second primary control channel, or a plurality of secondary channels, wherein the first primary control channel, the second primary control channel, and the plurality of secondary channels are at least part of a bandwidth channel; and

Another disassociation frame or deauthentication frame is provided by the first device on at least one of the first primary control channel, the second primary control channel, and the plurality of secondary channels.

18. The method of claim 17, wherein the first primary control channel, the second primary control channel, and the secondary channel form the first channel.

19. The method of claim 17, wherein the other disassociation frame or disassociation frame is provided in response to receiving the data frame, the data frame being a disassociation or disassociation data frame.

20. The method of claim 17, wherein the other disassociation frame or deauthentication frame is provided as a broadcast disassociation frame or deauthentication frame.