US9270692B2 - Method and apparatus for setting secure connection in wireless communications system - Google Patents

Method and apparatus for setting secure connection in wireless communications system Download PDF

Info

Publication number
US9270692B2
US9270692B2 US14/033,516 US201314033516A US9270692B2 US 9270692 B2 US9270692 B2 US 9270692B2 US 201314033516 A US201314033516 A US 201314033516A US 9270692 B2 US9270692 B2 US 9270692B2
Authority
US
United States
Prior art keywords
packet
port
protocol
checking result
protocol type
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US14/033,516
Other versions
US20140130163A1 (en
Inventor
Shao-Wei Chen
Shun-Yong Huang
Chao-Chun Wang
Yu-Che Tsai
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
MediaTek Inc
Original Assignee
MediaTek Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by MediaTek Inc filed Critical MediaTek Inc
Priority to US14/033,516 priority Critical patent/US9270692B2/en
Assigned to MEDIATEK INC. reassignment MEDIATEK INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: CHEN, Shao-wei, HUANG, SHUN-YONG, TSAI, YU-CHE, WANG, Chao-chun
Priority to TW102140303A priority patent/TWI477181B/en
Publication of US20140130163A1 publication Critical patent/US20140130163A1/en
Application granted granted Critical
Publication of US9270692B2 publication Critical patent/US9270692B2/en
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/128Anti-malware arrangements, e.g. protection against SMS fraud or mobile malware

Definitions

  • the present invention relates to a method and apparatus utilized in a wireless communications system, and more particularly, to a method and apparatus of setting a secure connection in a wireless communication system.
  • Wireless Fidelity (Wi-Fi) Display specification is a standard for a Wi-Fi technology and used in a latency-aware application for streaming in a short distance, such as a wireless local area network (WLAN).
  • Wi-Fi Display application a connection is established between a source device and a sink device.
  • the source device encodes video contents into encoded video bit streams and sends the encoded video bit streams to the sink device.
  • the sink device further decodes the received video bit streams and recovers to the video contents. Therefore, a user can watch the video contents on a suitable display of the sink device for the user's purpose than a display of the source device.
  • a user shares a video from a notebook computer to a large screen television so that more people can comfortably watch the video on the television together.
  • the notebook computer is the source device and the television is the sink device (assuming the television supports Wi-Fi Display specifications), and the source device transmits video contents to the sink device for playback on a display of the sink device.
  • malwares may attack through the connection
  • security of the connection is important.
  • a standard firewall is not useful for an embedded system with restricted computing resources including memory and processor, so that the standard firewall cannot avoid the attack. Therefore, how to set up a secure connection becomes a goal.
  • the present invention therefore provides a method and an apparatus for setting a secure connection in a wireless communications system, to resist the attack from the malwares and keep secure.
  • a method of setting a secure connection in a wireless communications system comprises setting a protocol information to a terminal in the wireless communication system; and checking a packet received in the terminal according to the protocol information; wherein the packet comprises a protocol type, a source port, and a destination port.
  • a communication apparatus for a wireless communications system comprises a processing means; a storage unit; a program code, stored in the storage unit, wherein the program code instructs the processing means to execute the following steps: setting a protocol information to a terminal in the wireless communication system; and checking a packet received in the terminal according to the protocol information; wherein the packet comprises a protocol type, a source port, and a destination port.
  • FIG. 1 is a schematic diagram of a wireless communications system according to an example of the present invention.
  • FIG. 2 is a flowchart of a process according to an example of the present invention.
  • FIG. 3 is a flowchart of a process according to an example of the present invention.
  • FIG. 1 is a schematic diagram of a wireless communications system 10 according to an example of the present invention.
  • the wireless communications system 10 comprises a first communication apparatus 100 and a second communication apparatus 102 .
  • the first communication apparatus 100 and the second communication apparatus 102 are terminals in the wireless communications system 10 and simply utilized for illustrating the structure of the wireless communications system 10 .
  • the first communication apparatus 100 and the second communication apparatus 102 can communicate with each other by a wireless technique, such as Wireless Fidelity (Wi-Fi) or Bluetooth.
  • Wi-Fi Wireless Fidelity
  • the first communication apparatus 100 may be a source device and the second communication apparatus 102 may be a sink device.
  • the first communication apparatus 100 may include a processor 104 such as a microprocessor or Application Specific Integrated Circuit (ASIC), a storage unit 106 and a communication interfacing module 108 .
  • the storage unit 106 may be any data storage device that can store a program code 110 , accessed and executed by the processor 104 . Examples of the storage unit 106 include but are not limited to read-only memory (ROM), flash memory, random-access memory (RAM), CD-ROM/DVD-ROM, magnetic tape, hard disk and optical data storage device.
  • the communication interfacing module 108 is preferably a transceiver and is used to transmit and receive signals (e.g., messages or packets) according to processing results of the processor 104 .
  • the second communication apparatus 100 may also include a processor 112 , a storage unit 114 and a communication interfacing module 116 , which are similar with those included in the first communication apparatus.
  • the storage unit 114 can store a program code 118 and be accessed and executed by the processor 112 .
  • FIG. 2 is a flowchart of a process 20 according to an example of the present invention.
  • the process 20 is utilized in the wireless communications system 10 shown in FIG. 1 , for setting a secure connection.
  • the process 20 can be utilized in the first communication apparatus 100 , such as a source device, and may be compiled into the program code 110 .
  • the process 20 includes the following steps:
  • Step 200 Start.
  • Step 202 Set a protocol information according to an application.
  • Step 204 Check if a protocol type of a received packet is user datagram protocol (UDP)? If yes, go to step 206 ; if not, go to step 208 .
  • UDP user datagram protocol
  • Step 206 Drop the received packet and go to step 220 .
  • Step 208 Check if the protocol type of the received packet is transmission control protocol (TCP)? If yes, go to step 212 ; if not, go to step 210 .
  • TCP transmission control protocol
  • Step 210 Forward the received packet to a host and go to step 220 .
  • Step 212 Check if the destination port of the received packet is a control port? If yes, go to step 210 ; if not, go to step 214 .
  • Step 214 Check if the destination port of the received packet is a user input back channel (UIBC) port? If yes, go to step 210 ; if not, go to step 216 .
  • UIBC user input back channel
  • Step 216 Check if the source port of the received packet is an Inter-Integrated Circuit (I2C) port? If yes, go to step 210 ; if not, go to step 218 .
  • I2C Inter-Integrated Circuit
  • Step 218 Check if the source port of the received packet is a high-bandwidth digital content protection (HDCP) port? If yes, go to step 210 ; if not, go to step 206 .
  • HDCP high-bandwidth digital content protection
  • Step 220 End.
  • the first communication apparatus 100 sets the protocol information according to the application and checks the received packet according to the protocol information. If the information of the received packet does not match to the protocol information, drop the received packet; otherwise, forward the received packet to the host. Since malwares is not able to know the legal protocol information of the application in the first communication apparatus 100 , the first communication apparatus 100 can resist the attack from the malwares and keep secure.
  • the protocol information includes the control port and combinations of the UIBC port, the I2C port or the HDCP port. Besides, in the steps 214 , 216 and 218 , the UIBC port, the I2C port and the HDCP port are determined via the control port.
  • the process 20 is an example of the present invention, and those skilled in the art should readily make combinations, modifications and/or alterations on the abovementioned description and examples.
  • the information about the control port in the protocol information is broadcast from the second communication apparatus 102 connected to the first communication apparatus 100 and scanned by the first communication apparatus 100 in the air.
  • ports other than the UIBC port, the I2C port and the HDCP port in the protocol information can also be determined and negotiated via the control port.
  • the connection is built for the point-to-point transmissions, but not limited herein.
  • FIG. 3 is a flowchart of a process 30 according to an example of the present invention.
  • the process 30 is utilized in the wireless communications system 10 shown in FIG. 1 , for setting a secure connection.
  • the process 30 can be utilized in the second communication apparatus 102 , such as a sink device, and may be compiled into the program code 118 .
  • the process 30 includes the following steps:
  • Step 300 Start.
  • Step 302 Set a protocol information according to an application.
  • Step 304 Check if a protocol type of a received packet is UDP? If yes, go to step 306 ; if not, go to step 310 .
  • Step 306 Check if the destination port of the received packet is a video or audio port? If yes, go to step 312 ; if not, go to step 308 .
  • Step 308 Drop the received packet and go to step 322 .
  • Step 310 Check if the protocol type of the received packet is TCP? If yes, go to step 314 ; if not, go to step 312 .
  • Step 312 Forward the received packet to a host and go to step 322 .
  • Step 314 Check if the source port of the received packet is a control port? If yes, go to step 312 ; if not, go to step 316 .
  • Step 316 Check if the source port of the received packet is a UIBC port? If yes, go to step 312 ; if not, go to step 318 .
  • Step 318 Check if the destination port of the received packet is an I2C port? If yes, go to step 312 ; if not, go to step 320 .
  • Step 320 Check if the destination port of the received packet is a HDCP port? If yes, go to step 312 ; if not, go to step 308 .
  • Step 322 End.
  • the second communication apparatus 102 sets the protocol information according to the application and checks the received packet according to the protocol information. If the information of the received packet does not match to the protocol information, drop the received packet; otherwise, forward the received packet to the host. Since malwares is not able to know the legal protocol information of the application in the source device (i.e. the first communication apparatus 100 ), the source device can resist the attack from the malwares and keep secure.
  • the steps of the process 30 are similar with those of the process 20 .
  • the difference between the process 20 and the process 30 is that the second communication apparatus 102 further checks if the destination port is a video or audio port when the protocol type of the received frame is UDP. In other words, if the destination port is a video or audio port, the second communication apparatus 102 forwards the received packet to a host. If the destination port is not a video or audio port, the second communication apparatus 102 drops the received packet.
  • the detail explanation is similar as that in the process 20 , so that no more explanation is described herein.
  • the first communication apparatus 100 or the second communication apparatus 102 sets the protocol information according to the application and checks the received packet according to the protocol information. Further, the first communication apparatus 100 or the second communication apparatus 102 drops or forwards the received packet according to the checking result. Since malwares is not able to know the legal protocol information of the application in the first communication apparatus 100 or the second communication apparatus 102 , the first communication apparatus 100 or the second communication apparatus 102 can resist the attack from the malwares and keep secure.
  • the present invention provides a method and an apparatus for setting a secure connection, to resist the attack from the malwares and keep secure.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A method of setting a secure connection in a wireless communications system is disclosed. The method comprises setting a protocol information to a terminal; and checking a packet received in the terminal according to the protocol information; wherein the packet comprises a protocol type, a source port, and a destination port.

Description

CROSS REFERENCE TO RELATED APPLICATIONS
This application claims the benefit of U.S. Provisional Application No. 61/722,787, filed on Nov. 6, 2012, entitled “Method for protecting a communications device from receiving unsolicited data”, the contents of which are incorporated herein in their entirety.
BACKGROUND
The present invention relates to a method and apparatus utilized in a wireless communications system, and more particularly, to a method and apparatus of setting a secure connection in a wireless communication system.
Wireless Fidelity (Wi-Fi) Display specification is a standard for a Wi-Fi technology and used in a latency-aware application for streaming in a short distance, such as a wireless local area network (WLAN). In the Wi-Fi Display application, a connection is established between a source device and a sink device. The source device encodes video contents into encoded video bit streams and sends the encoded video bit streams to the sink device. The sink device further decodes the received video bit streams and recovers to the video contents. Therefore, a user can watch the video contents on a suitable display of the sink device for the user's purpose than a display of the source device. For example, a user shares a video from a notebook computer to a large screen television so that more people can comfortably watch the video on the television together. In this example, the notebook computer is the source device and the television is the sink device (assuming the television supports Wi-Fi Display specifications), and the source device transmits video contents to the sink device for playback on a display of the sink device.
Since malwares may attack through the connection, security of the connection is important. However, a standard firewall is not useful for an embedded system with restricted computing resources including memory and processor, so that the standard firewall cannot avoid the attack. Therefore, how to set up a secure connection becomes a goal.
SUMMARY
The present invention therefore provides a method and an apparatus for setting a secure connection in a wireless communications system, to resist the attack from the malwares and keep secure.
A method of setting a secure connection in a wireless communications system is disclosed. The method comprises setting a protocol information to a terminal in the wireless communication system; and checking a packet received in the terminal according to the protocol information; wherein the packet comprises a protocol type, a source port, and a destination port.
A communication apparatus for a wireless communications system is disclosed. The communication apparatus comprises a processing means; a storage unit; a program code, stored in the storage unit, wherein the program code instructs the processing means to execute the following steps: setting a protocol information to a terminal in the wireless communication system; and checking a packet received in the terminal according to the protocol information; wherein the packet comprises a protocol type, a source port, and a destination port.
These and other objectives of the present invention will no doubt become obvious to those of ordinary skill in the art after reading the following detailed description of the preferred embodiment that is illustrated in the various figures and drawings.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 is a schematic diagram of a wireless communications system according to an example of the present invention.
FIG. 2 is a flowchart of a process according to an example of the present invention.
FIG. 3 is a flowchart of a process according to an example of the present invention.
DETAILED DESCRIPTION
Please refer to FIG. 1, which is a schematic diagram of a wireless communications system 10 according to an example of the present invention. The wireless communications system 10 comprises a first communication apparatus 100 and a second communication apparatus 102. The first communication apparatus 100 and the second communication apparatus 102 are terminals in the wireless communications system 10 and simply utilized for illustrating the structure of the wireless communications system 10. Practically, the first communication apparatus 100 and the second communication apparatus 102 can communicate with each other by a wireless technique, such as Wireless Fidelity (Wi-Fi) or Bluetooth. For example, in a Wi-Fi system, the first communication apparatus 100 may be a source device and the second communication apparatus 102 may be a sink device. Besides, the first communication apparatus 100 may include a processor 104 such as a microprocessor or Application Specific Integrated Circuit (ASIC), a storage unit 106 and a communication interfacing module 108. The storage unit 106 may be any data storage device that can store a program code 110, accessed and executed by the processor 104. Examples of the storage unit 106 include but are not limited to read-only memory (ROM), flash memory, random-access memory (RAM), CD-ROM/DVD-ROM, magnetic tape, hard disk and optical data storage device. The communication interfacing module 108 is preferably a transceiver and is used to transmit and receive signals (e.g., messages or packets) according to processing results of the processor 104. Further, the second communication apparatus 100 may also include a processor 112, a storage unit 114 and a communication interfacing module 116, which are similar with those included in the first communication apparatus. The storage unit 114 can store a program code 118 and be accessed and executed by the processor 112.
Please refer to FIG. 2, which is a flowchart of a process 20 according to an example of the present invention. The process 20 is utilized in the wireless communications system 10 shown in FIG. 1, for setting a secure connection. The process 20 can be utilized in the first communication apparatus 100, such as a source device, and may be compiled into the program code 110. The process 20 includes the following steps:
Step 200: Start.
Step 202: Set a protocol information according to an application.
Step 204: Check if a protocol type of a received packet is user datagram protocol (UDP)? If yes, go to step 206; if not, go to step 208.
Step 206: Drop the received packet and go to step 220.
Step 208: Check if the protocol type of the received packet is transmission control protocol (TCP)? If yes, go to step 212; if not, go to step 210.
Step 210: Forward the received packet to a host and go to step 220.
Step 212: Check if the destination port of the received packet is a control port? If yes, go to step 210; if not, go to step 214.
Step 214: Check if the destination port of the received packet is a user input back channel (UIBC) port? If yes, go to step 210; if not, go to step 216.
Step 216: Check if the source port of the received packet is an Inter-Integrated Circuit (I2C) port? If yes, go to step 210; if not, go to step 218.
Step 218: Check if the source port of the received packet is a high-bandwidth digital content protection (HDCP) port? If yes, go to step 210; if not, go to step 206.
Step 220: End.
According to the process 20, the first communication apparatus 100 sets the protocol information according to the application and checks the received packet according to the protocol information. If the information of the received packet does not match to the protocol information, drop the received packet; otherwise, forward the received packet to the host. Since malwares is not able to know the legal protocol information of the application in the first communication apparatus 100, the first communication apparatus 100 can resist the attack from the malwares and keep secure.
In the process 20, in the step 202, the protocol information includes the control port and combinations of the UIBC port, the I2C port or the HDCP port. Besides, in the steps 214, 216 and 218, the UIBC port, the I2C port and the HDCP port are determined via the control port.
Note that, the process 20 is an example of the present invention, and those skilled in the art should readily make combinations, modifications and/or alterations on the abovementioned description and examples. For example, the information about the control port in the protocol information is broadcast from the second communication apparatus 102 connected to the first communication apparatus 100 and scanned by the first communication apparatus 100 in the air. Besides, ports other than the UIBC port, the I2C port and the HDCP port in the protocol information can also be determined and negotiated via the control port. Moreover, the connection is built for the point-to-point transmissions, but not limited herein.
Please refer to FIG. 3, which is a flowchart of a process 30 according to an example of the present invention. The process 30 is utilized in the wireless communications system 10 shown in FIG. 1, for setting a secure connection. The process 30 can be utilized in the second communication apparatus 102, such as a sink device, and may be compiled into the program code 118. The process 30 includes the following steps:
Step 300: Start.
Step 302: Set a protocol information according to an application.
Step 304: Check if a protocol type of a received packet is UDP? If yes, go to step 306; if not, go to step 310.
Step 306: Check if the destination port of the received packet is a video or audio port? If yes, go to step 312; if not, go to step 308.
Step 308: Drop the received packet and go to step 322.
Step 310: Check if the protocol type of the received packet is TCP? If yes, go to step 314; if not, go to step 312.
Step 312: Forward the received packet to a host and go to step 322.
Step 314: Check if the source port of the received packet is a control port? If yes, go to step 312; if not, go to step 316.
Step 316: Check if the source port of the received packet is a UIBC port? If yes, go to step 312; if not, go to step 318.
Step 318: Check if the destination port of the received packet is an I2C port? If yes, go to step 312; if not, go to step 320.
Step 320: Check if the destination port of the received packet is a HDCP port? If yes, go to step 312; if not, go to step 308.
Step 322: End.
According to the process 30, the second communication apparatus 102 sets the protocol information according to the application and checks the received packet according to the protocol information. If the information of the received packet does not match to the protocol information, drop the received packet; otherwise, forward the received packet to the host. Since malwares is not able to know the legal protocol information of the application in the source device (i.e. the first communication apparatus 100), the source device can resist the attack from the malwares and keep secure.
Note that, the steps of the process 30 are similar with those of the process 20. The difference between the process 20 and the process 30 is that the second communication apparatus 102 further checks if the destination port is a video or audio port when the protocol type of the received frame is UDP. In other words, if the destination port is a video or audio port, the second communication apparatus 102 forwards the received packet to a host. If the destination port is not a video or audio port, the second communication apparatus 102 drops the received packet. Besides, the detail explanation is similar as that in the process 20, so that no more explanation is described herein.
In the present invention, the first communication apparatus 100 or the second communication apparatus 102 sets the protocol information according to the application and checks the received packet according to the protocol information. Further, the first communication apparatus 100 or the second communication apparatus 102 drops or forwards the received packet according to the checking result. Since malwares is not able to know the legal protocol information of the application in the first communication apparatus 100 or the second communication apparatus 102, the first communication apparatus 100 or the second communication apparatus 102 can resist the attack from the malwares and keep secure.
To sum up, the present invention provides a method and an apparatus for setting a secure connection, to resist the attack from the malwares and keep secure.
Those skilled in the art will readily observe that numerous modifications and alterations of the device and method may be made while retaining the teachings of the invention. Accordingly, the above disclosure should be construed as limited only by the metes and bounds of the appended claims.

Claims (22)

What is claimed is:
1. A method of setting a secure connection in a wireless communications system, the method comprising:
setting a protocol information to a terminal in the wireless communication system;
checking a protocol type of a packet received in the terminal;
checking a source port or a destination port of the packet according to the protocol information when the protocol type of the packet is transmission control protocol (TCP); and
dropping the packet when the protocol type of the packet is user datagram protocol (UDP).
2. The method of claim 1, wherein the terminal is a source device or a sink device.
3. The method of claim 2, further comprising checking if the destination port of the packet is a video or an audio port when the protocol type of the packet is user datagram protocol.
4. The method of claim 3, further comprising:
dropping the packet when the destination port of the packet received in the sink is not a video or an audio port; and
forwarding the packet to a host when the destination port of the packet received in the sink is a video or an audio port.
5. The method of claim 1, further comprising forwarding the packet to a host in the wireless system when the protocol type of the packet is neither user datagram protocol nor transmission control protocol.
6. The method of claim 1, further comprising:
dropping the packet if the source port or the destination port of the packet is not comprised in the protocol information when the protocol type of the packet is TCP; and
forwarding the packet if the source port or the destination port of the packet is comprised in the protocol information when the protocol type of the packet is TCP.
7. The method of claim 1, wherein the protocol information comprises a control port and combinations of a user input back channel (UIBC) port, an Inter-Integrated Circuit (I2C) port or a high-bandwidth digital content protection (HDCP) port.
8. A communication apparatus for a wireless communications system, comprising:
a processor;
a storage unit;
a program code, stored in the storage unit, wherein the program code instructs the processor to execute the following steps:
setting a protocol information to a terminal in the wireless communication system;
checking a protocol type of a packet received in the terminal;
checking a source port or a destination port of the packet according to the protocol information when the protocol type of the packet is transmission control protocol (TCP); and
dropping the packet when the protocol type of the packet is user datagram protocol.
9. The communication apparatus of claim 8, wherein the terminal is a source device or a sink device.
10. The communication apparatus of claim 9, wherein the steps further comprise:
checking if the destination port of the packet is a video or an audio port when the protocol type of the packet is user datagram protocol.
11. The communication apparatus of claim 10, wherein the steps further comprise:
dropping the packet when the destination port of the packet is not a video or an audio port; and
forwarding the packet to a host in the wireless system when the destination port of the packet is a video or an audio port.
12. The communication apparatus of claim 8, wherein the steps further comprise:
forwarding the packet to a host in the wireless system when the protocol type of the packet is neither user datagram protocol nor transmission control protocol.
13. The communication apparatus of claim 8, wherein the steps further comprise:
dropping the packet if the source port or the destination port of the packet is not comprised in the protocol information when the protocol type of the packet is TCP; and
forwarding the packet if the source port or the destination port of the packet is comprised in the protocol information when the protocol type of the packet is TCP.
14. The communication apparatus of claim 8, wherein the protocol information comprises a control port and combinations of a user input back channel (UIBC) port, an inter-integrated circuit (I2C) port and a high-bandwidth digital content protection (HDCP) port.
15. A method of setting a secure connection in a wireless communications system, the method comprising:
setting a protocol information to a terminal in the wireless communication system;
checking a packet received in the terminal according to the protocol information and generating at least a checking result; and
dropping or forwarding the packet according to the at least a checking result;
wherein the packet comprises a protocol type, a source port, and a destination port.
16. The method of claim 15, further comprising:
forwarding the packet if a first checking result of the at least a checking result indicates that the protocol type of the packet is neither UDP nor transmission control protocol (TCP);
dropping the packet if the first checking result indicates that the protocol type of the packet is user datagram protocol (UDP) when the terminal is a source device;
dropping the packet if the first checking result indicates that the protocol type of the packet is UDP and a second checking result of the at least a checking result indicates that the destination port of the packet received in the terminal is not a video or an audio port when the terminal is a sink device;
forwarding the packet if the first checking result indicates that the protocol type of the packet is UDP and the second checking result indicates that the destination port of the packet received in the sink is a video or an audio port when the terminal is the sink device; and
checking the source port or the destination port of the packet according to the protocol information and generating at least a protocol information checking result when the first checking result indicates that the protocol type of the packet is TCP.
17. The method of claim 16, further comprising:
dropping the packet if the at least a protocol information checking result indicates that the source port or the destination port of the packet is not comprised in the protocol information when the first checking result indicates that the protocol type of the packet is TCP; and
forwarding the packet if the at least a protocol information checking result indicates that the source port or the destination port of the packet is comprised in the protocol information when the first checking result indicates that the protocol type of the packet is TCP.
18. The method of claim 15, wherein the protocol information comprises a control port and combinations of a user input back channel (UIBC) port, an Inter-Integrated Circuit (I2C) port or a high-bandwidth digital content protection (HDCP) port.
19. A communication apparatus for a wireless communications system, comprising:
a processor;
a storage unit;
a program code, stored in the storage unit, wherein the program code instructs the processor to execute the following steps:
setting a protocol information to a terminal in the wireless communication system;
checking a packet received in the terminal according to the protocol information and generating at least a checking result; and
dropping or forwarding the packet according to the at least a checking result;
wherein the packet comprises a protocol type, a source port, and a destination port.
20. The communication apparatus of claim 19, wherein the steps further comprise:
forwarding the packet if a first checking result of the at least a checking result indicates that the protocol type of the packet is neither UDP nor transmission control protocol (TCP);
dropping the packet if the first checking result indicates that the protocol type of the packet is user datagram protocol (UDP) when the terminal is a source device;
dropping the packet if the first checking result indicates that the protocol type of the packet is UDP and a second checking result of the at least a checking result indicates that the destination port of the packet received in the terminal is not a video or an audio port when the terminal is a sink device;
forwarding the packet if the first checking result indicates that the protocol type of the packet is UDP and the second checking result indicates that the destination port of the packet received in the sink is a video or an audio port when the terminal is the sink device; and
checking the source port or the destination port of the packet according to the protocol information and generating at least a protocol information checking result when the first checking result indicates that the protocol type of the packet is TCP.
21. The communication apparatus of claim 20, wherein the steps further comprise:
dropping the packet if the at least a protocol information checking result indicates that the source port or the destination port of the packet is not comprised in the protocol information when the first checking result indicates that the protocol type of the packet is TCP; and
forwarding the packet if the at least a protocol information checking result indicates that the source port or the destination port of the packet is comprised in the protocol information when the first checking result indicates that the protocol type of the packet is TCP.
22. The communication apparatus of claim 19, wherein the protocol information comprises a control port and combinations of a user input back channel (UIBC) port, an Inter-Integrated Circuit (I2C) port or a high-bandwidth digital content protection (HDCP) port.
US14/033,516 2012-11-06 2013-09-22 Method and apparatus for setting secure connection in wireless communications system Active 2033-10-03 US9270692B2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US14/033,516 US9270692B2 (en) 2012-11-06 2013-09-22 Method and apparatus for setting secure connection in wireless communications system
TW102140303A TWI477181B (en) 2012-11-06 2013-11-06 Method and apparatus for setting secure connection in wireless communications system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201261722787P 2012-11-06 2012-11-06
US14/033,516 US9270692B2 (en) 2012-11-06 2013-09-22 Method and apparatus for setting secure connection in wireless communications system

Publications (2)

Publication Number Publication Date
US20140130163A1 US20140130163A1 (en) 2014-05-08
US9270692B2 true US9270692B2 (en) 2016-02-23

Family

ID=50623656

Family Applications (1)

Application Number Title Priority Date Filing Date
US14/033,516 Active 2033-10-03 US9270692B2 (en) 2012-11-06 2013-09-22 Method and apparatus for setting secure connection in wireless communications system

Country Status (2)

Country Link
US (1) US9270692B2 (en)
TW (1) TWI477181B (en)

Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050022017A1 (en) * 2003-06-24 2005-01-27 Maufer Thomas A. Data structures and state tracking for network protocol processing
US20050188194A1 (en) * 2003-10-07 2005-08-25 Koolspan, Inc. Automatic hardware-enabled virtual private network system
US20080117958A1 (en) * 2003-06-30 2008-05-22 Research In Motion Limited Methods And Apparatus For Processing Radio Modem Commands During Network Data Sessions
US20080201751A1 (en) * 2006-04-18 2008-08-21 Sherjil Ahmed Wireless Media Transmission Systems and Methods
US20110110375A1 (en) * 2008-06-30 2011-05-12 France Telecom Method of receiving a data packet in an ipv6 domain, an associated device and an associated home gateway
US20110231654A1 (en) 2010-03-16 2011-09-22 Gurudas Somadder Method, system and apparatus providing secure infrastructure
US20120127881A1 (en) 2006-08-22 2012-05-24 Embarq Holdings Company, Llc System and method for using centralized network performance tables to manage network communications
US20120173877A1 (en) * 2011-01-05 2012-07-05 Ramesh Pendakur Method and apparatus for building a hardware root of trust and providing protected content processing within an open computing platform
US20120230235A1 (en) 2011-03-04 2012-09-13 Interdigital Patent Holdings, Inc. Generic packet filtering
US20120257680A1 (en) 2011-04-06 2012-10-11 Nexus Electronics Limited Digital video transmission
US20130002949A1 (en) * 2011-01-21 2013-01-03 Qualcomm Incorporated User input back channel for wireless displays
US20130179605A1 (en) * 2012-01-06 2013-07-11 Qualcomm Incorporated Bi-directional tunneling via user input back channel for wireless displays
US20130246565A1 (en) * 2011-09-19 2013-09-19 Qualcomn Incorporated Sending human input device commands over internet protocol
US20140019590A1 (en) * 2011-03-21 2014-01-16 Unwired Planet, Llc Method and system for providing media optimization
US8649297B2 (en) * 2010-03-26 2014-02-11 Cisco Technology, Inc. System and method for simplifying secure network setup

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI450548B (en) * 2010-08-12 2014-08-21 Pixart Imaging Inc Security connection establishing method and related wireless system

Patent Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050022017A1 (en) * 2003-06-24 2005-01-27 Maufer Thomas A. Data structures and state tracking for network protocol processing
US20080117958A1 (en) * 2003-06-30 2008-05-22 Research In Motion Limited Methods And Apparatus For Processing Radio Modem Commands During Network Data Sessions
US20050188194A1 (en) * 2003-10-07 2005-08-25 Koolspan, Inc. Automatic hardware-enabled virtual private network system
US20080201751A1 (en) * 2006-04-18 2008-08-21 Sherjil Ahmed Wireless Media Transmission Systems and Methods
US20120127881A1 (en) 2006-08-22 2012-05-24 Embarq Holdings Company, Llc System and method for using centralized network performance tables to manage network communications
US20110110375A1 (en) * 2008-06-30 2011-05-12 France Telecom Method of receiving a data packet in an ipv6 domain, an associated device and an associated home gateway
US20110231654A1 (en) 2010-03-16 2011-09-22 Gurudas Somadder Method, system and apparatus providing secure infrastructure
US8649297B2 (en) * 2010-03-26 2014-02-11 Cisco Technology, Inc. System and method for simplifying secure network setup
US20120173877A1 (en) * 2011-01-05 2012-07-05 Ramesh Pendakur Method and apparatus for building a hardware root of trust and providing protected content processing within an open computing platform
US20130002949A1 (en) * 2011-01-21 2013-01-03 Qualcomm Incorporated User input back channel for wireless displays
US20120230235A1 (en) 2011-03-04 2012-09-13 Interdigital Patent Holdings, Inc. Generic packet filtering
US20140019590A1 (en) * 2011-03-21 2014-01-16 Unwired Planet, Llc Method and system for providing media optimization
US20120257680A1 (en) 2011-04-06 2012-10-11 Nexus Electronics Limited Digital video transmission
US20130246565A1 (en) * 2011-09-19 2013-09-19 Qualcomn Incorporated Sending human input device commands over internet protocol
US20130179605A1 (en) * 2012-01-06 2013-07-11 Qualcomm Incorporated Bi-directional tunneling via user input back channel for wireless displays

Also Published As

Publication number Publication date
TW201419916A (en) 2014-05-16
TWI477181B (en) 2015-03-11
US20140130163A1 (en) 2014-05-08

Similar Documents

Publication Publication Date Title
EP2801210B1 (en) Bi-directional tunneling via user input back channel for wireless displays
US10869081B2 (en) Image processing device, image reproduction device, and image reproduction system
RU2567378C2 (en) User input back channel for wireless displays
US9652192B2 (en) Connectionless transport for user input control for wireless display devices
EP3087716B1 (en) Remote rendering for efficient use of wireless bandwidth for wireless docking
US9986579B2 (en) Split miracast transmission over multiple frequency bands
US10979900B2 (en) Information processing device and information processing method
US7792998B2 (en) System and method for providing real-time streaming service between terminals
US20150350288A1 (en) Media agnostic display for wi-fi display
KR101604296B1 (en) Minimal cognitive mode for wireless display devices
US10034047B2 (en) Method and apparatus for outputting supplementary content from WFD
US9826572B2 (en) Wireless enhanced projector
US20220308822A1 (en) Wierless screen mirroring method and device based on ip network connection
WO2015176648A1 (en) Method and device for transmitting data in intelligent terminal to television terminal
CN114221909B (en) Data transmission method, device, terminal and storage medium
US20150020136A1 (en) Multimedia stream transmission method and system based on terahertz wireless communication
US9270692B2 (en) Method and apparatus for setting secure connection in wireless communications system
US20110252439A1 (en) Method for providing multimedia streaming service and related wireless packet relay apparatus and wireless set-top box
US20150189231A1 (en) Video conferencing system
WO2018054349A1 (en) Data sending and receiving methods, and apparatuses and systems thereof
US20140184614A1 (en) Method and Apparatus for Image Capture in Transmitter of Wireless Communications System
US20110286390A1 (en) Wireless image transmitting apparatus and method for transmitting data thereof
US11917237B2 (en) Move stream content from point to point over the existing IP gateway
CN105913626A (en) Device for mirroring from source-end display screen to destination-end display screen
EP3785443A1 (en) System and method for rendering stitched video media stream on a display device

Legal Events

Date Code Title Description
AS Assignment

Owner name: MEDIATEK INC., TAIWAN

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:CHEN, SHAO-WEI;HUANG, SHUN-YONG;WANG, CHAO-CHUN;AND OTHERS;REEL/FRAME:031255/0429

Effective date: 20130826

STCF Information on status: patent grant

Free format text: PATENTED CASE

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 4

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 8