WO2003094440A1 - Auto-detection of wireless network accessibility - Google Patents

Auto-detection of wireless network accessibility Download PDF

Info

Publication number
WO2003094440A1
WO2003094440A1 PCT/IB2003/001558 IB0301558W WO03094440A1 WO 2003094440 A1 WO2003094440 A1 WO 2003094440A1 IB 0301558 W IB0301558 W IB 0301558W WO 03094440 A1 WO03094440 A1 WO 03094440A1
Authority
WO
WIPO (PCT)
Prior art keywords
network
ssid
key
user
security
Prior art date
Application number
PCT/IB2003/001558
Other languages
French (fr)
Inventor
Tom Chiu
Original Assignee
Koninklijke Philips Electronics N.V.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics N.V. filed Critical Koninklijke Philips Electronics N.V.
Priority to KR10-2004-7017496A priority Critical patent/KR20040104679A/en
Priority to EP03715210A priority patent/EP1502389A1/en
Priority to AU2003219399A priority patent/AU2003219399A1/en
Priority to JP2004502554A priority patent/JP2005524342A/en
Publication of WO2003094440A1 publication Critical patent/WO2003094440A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0492Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload by using a location-limited connection, e.g. near-field communication or limited proximity of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/16Discovering, processing access restriction or access information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W28/00Network traffic management; Network resource management
    • H04W28/16Central resource management; Negotiation of resources or communication parameters, e.g. negotiating bandwidth or QoS [Quality of Service]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W40/00Communication routing or communication path finding
    • H04W40/24Connectivity information management, e.g. connectivity discovery or connectivity update
    • H04W40/246Connectivity information discovery

Definitions

  • This invention relates to the field of wireless communication devices, and in particular to a system and method for determining accessibility to wireless networks.
  • Wireless networks are becoming increasingly popular for providing communications among portable devices, such as Personal Data Assistants (PDAs), palmtop computers, laptop computers, and the like.
  • Enterprises such as coffee shops and airlines, are currently providing wireless access points at their locales, to attract customers who desire to 'keep in touch' via e-mail and Internet access while away from their office or home network environment.
  • methods and systems are available for establishing temporary computer networks for conferences, business meetings, etc., wherein computer devices establish an ad-hoc network and communicate with each other on a peer-to-peer basis.
  • Microsoft XP advanced computer systems
  • Microsoft XP includes tools that ease the task of configuring the device to communicate with each network.
  • the device will be configured to connect to a select computer network with minimal intervention by the user.
  • Microsoft XP includes a "Zero-Config" application for 802.1 lb wireless networks that automatically configures a device for communications to a select network with "zero" intervention by the user.
  • the user is provided a list of networks that are currently available to the portable device, typically based on a pilot signal that is transmitted by the network to identify the network.
  • each network has an associated Sub-System Identifier (SSID), which is typically an easy-to-recognize name that identifies the particular network.
  • SSID Sub-System Identifier
  • the received SSIDs are displayed, and the user selects one network from among the available networks. This simple configuration process, however, is effective only for non-secured networks; additional configuration processes must be invoked to connect to a secured network.
  • the 802.1 lb protocol includes a Sub-System-Identifier (SSID) that is used to identify each network, and each SSID has an associated Wired Equivalent Privacy (WEP) property that indicates whether a secure key is required to access the identified network, and identifies the type (size) of key required.
  • SSID Sub-System-Identifier
  • WEP Wired Equivalent Privacy
  • An authorized user of the network is issued a security key, typically by the administrator of the network, and this security key is used to encrypt and decrypt information that is communicated via the wireless network. It is not uncommon for a mobile user to have access to dozens of different wireless networks, some or all of which may require a unique security key.
  • the configuration data required for secured networks such as an identification of the particular key that is used by each network
  • most users store the relevant associations that they use in a data structure that is commonly termed a "network profile”.
  • network profile When the user encounters an accessible network, the user searches the network profiles for the identifier of that network, and thereby the corresponding configuration parameters, and if the identifier is in a network profile, the user instructs the system to apply these corresponding configuration parameters, such as the use of the appropriate security key for this network.
  • a security protocol is required for a network, and the user has a network profile that corresponds to the identifier of the network and identifies the appropriate security key, the system is further configured to identify that key or that profile to the user.
  • the system is configured to determine whether a network within range of the device requires encryption, and if so, at what level. If encryption is required, the system accesses a network profile to determine whether the user possesses a key for use in the particular network, by searching for an entry in the network profiles that corresponds to an identification of the network.
  • the system displays a network identifier, the level of encryption required, and, if available, an identification of the appropriate security key, or the network profile, for the identified network.
  • the system can be configured to display only those networks that the user can actually access: non-secure networks and secure networks for which an appropriate key is available. If a secure network is selected, the system configures the device to effect the required security, using the identified key.
  • Fig. 1 illustrates an example block diagram of a multi-network environment.
  • Fig. 2 illustrates an example block diagram of an access determination system in accordance with this invention.
  • Fig. 3 illustrates an example flow diagram of an access determination system in accordance with this invention.
  • Fig. 4 illustrates an example flow diagram of a network selection process in accordance with this invention.
  • FIG. 5 illustrates an example flow diagram of a network search process in accordance with this invention.
  • the same reference numerals indicate similar or corresponding features or functions.
  • Fig. 1 illustrates an example block diagram of a multi-network environment 100. Illustrated in Fig. 1 are four networks NetA, NetB, NetC, and NetD, and a user device 150. In this example, the device 150 is within the range of NetA, NetB, and NetC, and not within the range of NetD.
  • a conventional network access system such as a Windows XP system that includes a "Zero-config" application
  • the access system in the user device 150 informs the user that NetA, NetB, and NetC are available for use, because they are each in range of the user device 150.
  • the conventional system displays the Sub-System Identifier
  • SSID security ID of each of the networks NetA, NetB, and NetC
  • the user has the option of clicking upon one of these identifiers to configure the system to communicate with the selected network.
  • the user must first provide the appropriate security parameters for configuring the device 150, such as an identification of the security key that is used for encrypting and decrypting communications to and from the selected network. If the user has saved the security parameters in a network profile, the user searches the profile for the identifier of the selected network and its corresponding parameters, and applies these parameters to effect the configuration of the device 150 for securely communicating with the selected network.
  • the conventional access system configures the device 150 to subsequently transmit and receive information to the selected network.
  • the selected network is a secure network, such as an 802.1 lb network with an enabled WEP
  • the device 150 is configured to subsequently encrypt and decrypt the information transmitted to, and received from, the selected network, using the appropriate security key, as discussed above.
  • the user mistakenly selects a secure network for which the user does not have a proper key the user device 150 does not properly encrypt or decrypt the information transmitted to, and received from, the selected network, and communication does not occur. Because an improper or missing key precludes communication with the network, the network is, generally, unable to notify the user that a problem exists. As such, the only feedback that the user receives is a lack of communication with the selected network, with no indication that the source of the problem is a missing or improper security key.
  • the user device 150 includes an access system 200, discussed below, that is configured to determine whether each encountered network is secure, and, if so, to determine whether the user is authorized to access the secured network.
  • the appropriate key is provided to the encryption/decryption processes for subsequent communication with the secured network.
  • the secured network is not included in the list of networks available to the user.
  • Fig. 2 illustrates an example block diagram of an access determination system 200 in accordance with this invention.
  • the system 200 is presented herein using the paradigm of an 802.11 b network, although the principles of this invention are applicable to other networks as well.
  • a receiver 210 receives transmissions from transmitters in the vicinity of the receiver 210.
  • a network detector 220 is configured to detect transmissions from newly encountered networks; for example, by detecting new pilot signals from a network. As in a conventional detector, the detector 220 is configured to provide an identifier, nominally the SSID, of the network to a controller 250. In accordance with this invention, the detector 220 is also configured to provide an indication of whether the network is secure. In the paradigm of an 802.1 lb network, the indication of security is provided by the Wired Equivalent Privacy (WEP) flag.
  • WEP Wired Equivalent Privacy
  • the controller 250 operates as a conventional wireless network access device, and informs the user that a new, and accessible, network has been encountered, via the display device 270. If the user selects this network, the controller 250 activates a conventional configurer 280 to communicate with this network.
  • the controller 250 informs the user of this fact, thereby warning the user not to connect to the network without the appropriate security key.
  • the controller 250 is also configured to determine whether the user is authorized to access the network, and, if so, to identify the appropriate key 240 for this network.
  • the controller 250 accesses a set of network profiles 230 that contains an identification of all of the secured networks to which the user has access.
  • a profile 230 may be created and manually updated by the user each time the user is granted access to a network, and/or it may be updated automatically by the applications that the user uses to create or obtain the key to each network, and/or it may be updated automatically by the controller 250, as discussed below.
  • each network profile 230 contains an SSID, and a corresponding identifier of the location of the security key 240 for this SSID, such as the file name of the key.
  • This file name, or the name of the network profile 230, is displayed with the SSID, to aid the user in appropriately configuring the user's device for communication with each network.
  • the controller 250 when the user selects a particular SSID, the controller 250 automatically transfers the identification of the appropriate security key 240 to the configurer 280.
  • the configurer 280 communicates this identification to an encryption/decryption device 290, for subsequent encryption and decryption of communications to and from the selected wireless network.
  • the system 200 of this invention reliably effects communication with secured networks to which the user has access. If the network profile 230 indicates that there is no key associated with the selected network, or if there is no network profile 230 corresponding to the selected network, the controller 250 warns the user, and allows the user to specify the appropriate key and/or appropriate network profile identifier. If the user specifies a key, the controller 250 creates or updates a network profile 230 with this association, and proceeds to activate the configurer 280, as detailed above.
  • the controller 250 may be configured to minimize the distractions to a user by not displaying the SSID of encountered networks to which the user does not have access. As wireless networks become more prolific, this option provides an effective filtering between available networks and accessible networks.
  • Fig. 3 illustrates an example flow diagram of an access determination system in accordance with this invention.
  • the flow is illustrated as a continuous loop 310-360, although the system could be configured as an on-demand process.
  • a network is detected, typically via receipt of a pilot signal that is transmitted from the network.
  • the system may be configured to transmit a "prompt" signal, to which a network is configured to respond.
  • the identifier of the network determined from the detected transmission of the network, is compared to prior identifiers of detected networks, to determine if this network has already been detected. If the network has already been detected, the process returns to 310 to detect other transmissions.
  • the system is configured to determine whether the newly detected network is secured, at 330. If it is not secured, the process operates consistent with conventional network detection systems by merely notifying the user that the network is accessible, at 360. If, at 330, the network is determined to be secured, the identifier of the network is compared to entries in the network profile, at 340, to determine if the user has recorded the configuration parameters, and in particular the security parameters, necessary to establish communication with this network.
  • the configuration parameters such as the name of the file that contains the security key, are determined from the contents of the network profile, at 350, and the user is notified that this network is accessible, at 360. If, at 340, the network identifier is not found in the network profile, either of two options can be used. As illustrated by the solid arrow from 340, the process may be configured to report the fact that the network is within range of the receiving device, but not accessible due to the lack of appropriate configuration information, at 360.
  • the process may be configured to foreshorten the loop 310-360 by branching directly back to 310, thereby effectively ignoring each inaccessible network, by not reporting the presence of such networks to the user. Because inaccessible networks are either reported as such, or not reported, the likelihood of a user mistakenly attempting to connect with an inaccessible network is minimized. Similarly, because accessible networks are identified as being either unsecured or secured, the likelihood of a user mistakenly attempting to connect to an accessible secured network without first configuring the system for secure communications with the secured network is also minimized.
  • Fig. 4 illustrates an example flow diagram of a network selection process in accordance with this invention.
  • the user selects the network to which to connect, typically by selecting the network identifier from a list of accessible networks, such as provided by block 360 of Fig. 3. If, based on the determinations discussed above with regard to Fig. 3, the network identifier corresponds to a secured network, at 420, then the security configurations are applied, at 430, based on the parameters that were determined for the selected network at 350 in Fig. 3. Thereafter, or concurrently, the communication parameters required for configuring the device to communicate with the selected network are applied, at 440.
  • Fig. 5 illustrates an example flow diagram of a network search process in accordance with this invention.
  • most networks periodically transmit pilot signals that announce the network's presence in an area. If the network is secured, this pilot signal will generally be communicated using an unsecured transmission scheme, so that any device in the vicinity of the network is able to determine the network identifier that is associated with this secured network.
  • the process of Fig. 5 allows a user device to search for each network to which the user has permitted access.
  • the process of Fig. 5 sequentially determines whether each of the networks that are contained in the user's profile is currently accessible, via the loop 510-550. If, at 520, the particular network has already been detected, the loop sequences to the next network in the network profile, via 550. If the currently evaluated network has not yet been detected, at 520, the characteristics of the network in the network profile are assessed to determine whether this network is a secured network, at 530. If the network is not a secured network, it is ignored, and the loop sequences to the next network, via 550. If, at 530, it is a secured network, the user's device is configured with the configuration parameters associated with this network, and specifically, configured to provide the appropriate security processing of the received transmissions, at 540.
  • the process of Fig. 5 is invoked, the above described access determination process of Fig. 3 is also invoked.
  • the process of Fig. 3 will be able to detect the pilot signal from this secured network. If necessary, a pause may be introduced to the process of Fig. 5, at 545, to allow the process of Fig. 3 sufficient time to detect the secured network, if it is present. Thereafter, the loop of Fig. 5 sequences to the next network, via 550.
  • the process of Fig. 5 terminates, the user device is configured for communicating with non-secured networks, thereby allowing the process of Fig. 3 to detect the non-secured networks.

Abstract

A method and system identifies the particular security protocol required to access each network that a user of a portable device encounters. If a security protocol is required for a network, and the user has the appropriate security key, the system is further configured to identify that key. The system is configured to determine whether a network within range of the device requires encryption, and if so, at what level. If encryption is required, the system accesses a network profile to determine whether the user possesses a key for use in the particular network. The system displays a network identifier, the level of encryption required, and, if available, an identification of the appropriate security key for the identified network. Optionally, the system can be configured to display only those networks that the user can actually access: non-secure networks and secure networks for which an appropriate key is available. If a secure network is selected, the system configures the device to effect the required security, using the identified key.

Description

Auto-detection of wireless network accessibility
This invention relates to the field of wireless communication devices, and in particular to a system and method for determining accessibility to wireless networks.
Wireless networks are becoming increasingly popular for providing communications among portable devices, such as Personal Data Assistants (PDAs), palmtop computers, laptop computers, and the like. Enterprises, such as coffee shops and airlines, are currently providing wireless access points at their locales, to attract customers who desire to 'keep in touch' via e-mail and Internet access while away from their office or home network environment. Additionally, methods and systems are available for establishing temporary computer networks for conferences, business meetings, etc., wherein computer devices establish an ad-hoc network and communicate with each other on a peer-to-peer basis.
With the continued proliferation of wireless networks, a user of a portable device is likely to encounter multiple networks on a regular basis. To facilitate the communications with such networks, advanced computer systems, such as Microsoft XP, include tools that ease the task of configuring the device to communicate with each network. Ideally, the device will be configured to connect to a select computer network with minimal intervention by the user. Microsoft XP, for example, includes a "Zero-Config" application for 802.1 lb wireless networks that automatically configures a device for communications to a select network with "zero" intervention by the user. The user is provided a list of networks that are currently available to the portable device, typically based on a pilot signal that is transmitted by the network to identify the network. In the 802.1 lb protocol, each network has an associated Sub-System Identifier (SSID), which is typically an easy-to-recognize name that identifies the particular network. The received SSIDs are displayed, and the user selects one network from among the available networks. This simple configuration process, however, is effective only for non-secured networks; additional configuration processes must be invoked to connect to a secured network.
To assure that only authorized users access particular networks, security processes are provided in most wireless network protocols. For example, the 802.1 lb protocol includes a Sub-System-Identifier (SSID) that is used to identify each network, and each SSID has an associated Wired Equivalent Privacy (WEP) property that indicates whether a secure key is required to access the identified network, and identifies the type (size) of key required. An authorized user of the network is issued a security key, typically by the administrator of the network, and this security key is used to encrypt and decrypt information that is communicated via the wireless network. It is not uncommon for a mobile user to have access to dozens of different wireless networks, some or all of which may require a unique security key. Generally, to avoid having to remember the configuration data required for secured networks, such as an identification of the particular key that is used by each network, most users store the relevant associations that they use in a data structure that is commonly termed a "network profile". When the user encounters an accessible network, the user searches the network profiles for the identifier of that network, and thereby the corresponding configuration parameters, and if the identifier is in a network profile, the user instructs the system to apply these corresponding configuration parameters, such as the use of the appropriate security key for this network. If the user fails to configure the system to use the proper key for communicating with a particular network, or configures the system to use a key for communicating with a network that does not use a key, communications with the network will fail, often without any indication of the problem to the user, other than a lack of communications .
It is an object of this invention to simplify the process of configuring a device for communications via a wireless network. It is a further object of this invention to facilitate the selection of keys for configuring a device for communications via a secure wireless network.
These objects, and others, are achieved by providing a method and system that identifies the particular security protocol required to access each network that a user of a portable device encounters. If a security protocol is required for a network, and the user has a network profile that corresponds to the identifier of the network and identifies the appropriate security key, the system is further configured to identify that key or that profile to the user. The system is configured to determine whether a network within range of the device requires encryption, and if so, at what level. If encryption is required, the system accesses a network profile to determine whether the user possesses a key for use in the particular network, by searching for an entry in the network profiles that corresponds to an identification of the network. The system displays a network identifier, the level of encryption required, and, if available, an identification of the appropriate security key, or the network profile, for the identified network. Optionally, the system can be configured to display only those networks that the user can actually access: non-secure networks and secure networks for which an appropriate key is available. If a secure network is selected, the system configures the device to effect the required security, using the identified key.
The invention is explained in further detail, and by way of example, with reference to the accompanying drawings wherein:
Fig. 1 illustrates an example block diagram of a multi-network environment. Fig. 2 illustrates an example block diagram of an access determination system in accordance with this invention.
Fig. 3 illustrates an example flow diagram of an access determination system in accordance with this invention.
Fig. 4 illustrates an example flow diagram of a network selection process in accordance with this invention.
Fig. 5 illustrates an example flow diagram of a network search process in accordance with this invention. Throughout the drawings, the same reference numerals indicate similar or corresponding features or functions.
Fig. 1 illustrates an example block diagram of a multi-network environment 100. Illustrated in Fig. 1 are four networks NetA, NetB, NetC, and NetD, and a user device 150. In this example, the device 150 is within the range of NetA, NetB, and NetC, and not within the range of NetD. In a conventional network access system, such as a Windows XP system that includes a "Zero-config" application, the access system in the user device 150 informs the user that NetA, NetB, and NetC are available for use, because they are each in range of the user device 150. The conventional system displays the Sub-System Identifier
(SSID) of each of the networks NetA, NetB, and NetC, and the user has the option of clicking upon one of these identifiers to configure the system to communicate with the selected network. However, if the selected network is secured, the user must first provide the appropriate security parameters for configuring the device 150, such as an identification of the security key that is used for encrypting and decrypting communications to and from the selected network. If the user has saved the security parameters in a network profile, the user searches the profile for the identifier of the selected network and its corresponding parameters, and applies these parameters to effect the configuration of the device 150 for securely communicating with the selected network.
When the user selects a particular network, the conventional access system configures the device 150 to subsequently transmit and receive information to the selected network. If the selected network is a secure network, such as an 802.1 lb network with an enabled WEP, the device 150 is configured to subsequently encrypt and decrypt the information transmitted to, and received from, the selected network, using the appropriate security key, as discussed above. If the user mistakenly selects a secure network for which the user does not have a proper key, the user device 150 does not properly encrypt or decrypt the information transmitted to, and received from, the selected network, and communication does not occur. Because an improper or missing key precludes communication with the network, the network is, generally, unable to notify the user that a problem exists. As such, the only feedback that the user receives is a lack of communication with the selected network, with no indication that the source of the problem is a missing or improper security key.
In a preferred embodiment of this invention, the user device 150 includes an access system 200, discussed below, that is configured to determine whether each encountered network is secure, and, if so, to determine whether the user is authorized to access the secured network. In accordance with a further aspect of this invention, if the user is authorized to access the secured network, the appropriate key is provided to the encryption/decryption processes for subsequent communication with the secured network. In accordance with a further aspect of this invention, if a network is secure, and the user does not have access rights to this network, the secured network is not included in the list of networks available to the user.
Fig. 2 illustrates an example block diagram of an access determination system 200 in accordance with this invention. For ease of understanding, the system 200 is presented herein using the paradigm of an 802.11 b network, although the principles of this invention are applicable to other networks as well.
A receiver 210 receives transmissions from transmitters in the vicinity of the receiver 210. A network detector 220 is configured to detect transmissions from newly encountered networks; for example, by detecting new pilot signals from a network. As in a conventional detector, the detector 220 is configured to provide an identifier, nominally the SSID, of the network to a controller 250. In accordance with this invention, the detector 220 is also configured to provide an indication of whether the network is secure. In the paradigm of an 802.1 lb network, the indication of security is provided by the Wired Equivalent Privacy (WEP) flag.
If the indicator indicates that the network is not secured, the controller 250 operates as a conventional wireless network access device, and informs the user that a new, and accessible, network has been encountered, via the display device 270. If the user selects this network, the controller 250 activates a conventional configurer 280 to communicate with this network.
If, on the other hand, the indicator indicates that the network is secured, the controller 250 informs the user of this fact, thereby warning the user not to connect to the network without the appropriate security key.
In a preferred embodiment of this invention, the controller 250 is also configured to determine whether the user is authorized to access the network, and, if so, to identify the appropriate key 240 for this network. In a straightforward embodiment of this aspect of the invention, the controller 250 accesses a set of network profiles 230 that contains an identification of all of the secured networks to which the user has access. Such a profile 230 may be created and manually updated by the user each time the user is granted access to a network, and/or it may be updated automatically by the applications that the user uses to create or obtain the key to each network, and/or it may be updated automatically by the controller 250, as discussed below.
Preferably, each network profile 230 contains an SSID, and a corresponding identifier of the location of the security key 240 for this SSID, such as the file name of the key. This file name, or the name of the network profile 230, is displayed with the SSID, to aid the user in appropriately configuring the user's device for communication with each network.
In accordance with another aspect of this invention, when the user selects a particular SSID, the controller 250 automatically transfers the identification of the appropriate security key 240 to the configurer 280. The configurer 280 communicates this identification to an encryption/decryption device 290, for subsequent encryption and decryption of communications to and from the selected wireless network. In this manner, the system 200 of this invention reliably effects communication with secured networks to which the user has access. If the network profile 230 indicates that there is no key associated with the selected network, or if there is no network profile 230 corresponding to the selected network, the controller 250 warns the user, and allows the user to specify the appropriate key and/or appropriate network profile identifier. If the user specifies a key, the controller 250 creates or updates a network profile 230 with this association, and proceeds to activate the configurer 280, as detailed above.
In accordance with another aspect of this invention, the controller 250 may be configured to minimize the distractions to a user by not displaying the SSID of encountered networks to which the user does not have access. As wireless networks become more prolific, this option provides an effective filtering between available networks and accessible networks.
The flow diagrams of Figs. 3-5 are provided to further present aspects of a preferred embodiment.
Fig. 3 illustrates an example flow diagram of an access determination system in accordance with this invention. The flow is illustrated as a continuous loop 310-360, although the system could be configured as an on-demand process. At 310, a network is detected, typically via receipt of a pilot signal that is transmitted from the network. Alternatively, the system may be configured to transmit a "prompt" signal, to which a network is configured to respond. At 320, the identifier of the network, determined from the detected transmission of the network, is compared to prior identifiers of detected networks, to determine if this network has already been detected. If the network has already been detected, the process returns to 310 to detect other transmissions.
In accordance with this invention, the system is configured to determine whether the newly detected network is secured, at 330. If it is not secured, the process operates consistent with conventional network detection systems by merely notifying the user that the network is accessible, at 360. If, at 330, the network is determined to be secured, the identifier of the network is compared to entries in the network profile, at 340, to determine if the user has recorded the configuration parameters, and in particular the security parameters, necessary to establish communication with this network.
If, at 340, the network identifier is found in the network profile, the configuration parameters, such as the name of the file that contains the security key, are determined from the contents of the network profile, at 350, and the user is notified that this network is accessible, at 360. If, at 340, the network identifier is not found in the network profile, either of two options can be used. As illustrated by the solid arrow from 340, the process may be configured to report the fact that the network is within range of the receiving device, but not accessible due to the lack of appropriate configuration information, at 360. Alternatively, as illustrated by the dashed arrow from 340, the process may be configured to foreshorten the loop 310-360 by branching directly back to 310, thereby effectively ignoring each inaccessible network, by not reporting the presence of such networks to the user. Because inaccessible networks are either reported as such, or not reported, the likelihood of a user mistakenly attempting to connect with an inaccessible network is minimized. Similarly, because accessible networks are identified as being either unsecured or secured, the likelihood of a user mistakenly attempting to connect to an accessible secured network without first configuring the system for secure communications with the secured network is also minimized.
Fig. 4 illustrates an example flow diagram of a network selection process in accordance with this invention. At 410, the user selects the network to which to connect, typically by selecting the network identifier from a list of accessible networks, such as provided by block 360 of Fig. 3. If, based on the determinations discussed above with regard to Fig. 3, the network identifier corresponds to a secured network, at 420, then the security configurations are applied, at 430, based on the parameters that were determined for the selected network at 350 in Fig. 3. Thereafter, or concurrently, the communication parameters required for configuring the device to communicate with the selected network are applied, at 440. If, at 420, the network is not a secured network, the system is configured to bypass the block 430, and operates as a convention network configuration system, by applying the aforementioned communication parameters, at 440. By automatically configuring the system for communicating with accessible secured networks, the likelihood of a user mistakenly attempting to access a secure network without the appropriate security configuration is minimized. Fig. 5 illustrates an example flow diagram of a network search process in accordance with this invention. As noted above, most networks periodically transmit pilot signals that announce the network's presence in an area. If the network is secured, this pilot signal will generally be communicated using an unsecured transmission scheme, so that any device in the vicinity of the network is able to determine the network identifier that is associated with this secured network. Other secured networks assume that only devices that are configured for use in the network need to be informed of the presence of the network. The process of Fig. 5 allows a user device to search for each network to which the user has permitted access. The process of Fig. 5 sequentially determines whether each of the networks that are contained in the user's profile is currently accessible, via the loop 510-550. If, at 520, the particular network has already been detected, the loop sequences to the next network in the network profile, via 550. If the currently evaluated network has not yet been detected, at 520, the characteristics of the network in the network profile are assessed to determine whether this network is a secured network, at 530. If the network is not a secured network, it is ignored, and the loop sequences to the next network, via 550. If, at 530, it is a secured network, the user's device is configured with the configuration parameters associated with this network, and specifically, configured to provide the appropriate security processing of the received transmissions, at 540.
While the process of Fig. 5 is invoked, the above described access determination process of Fig. 3 is also invoked. Thus, when the device is configured for the currently evaluated secured network at 540 in Fig. 5, the process of Fig. 3 will be able to detect the pilot signal from this secured network. If necessary, a pause may be introduced to the process of Fig. 5, at 545, to allow the process of Fig. 3 sufficient time to detect the secured network, if it is present. Thereafter, the loop of Fig. 5 sequences to the next network, via 550. Not illustrated, when the process of Fig. 5 terminates, the user device is configured for communicating with non-secured networks, thereby allowing the process of Fig. 3 to detect the non-secured networks. The foregoing merely illustrates the principles of the invention. It will thus be appreciated that those skilled in the art will be able to devise various arrangements which, although not explicitly described or shown herein, embody the principles of the invention and are thus within the spirit and scope of the following claims.

Claims

CLAIMS:
1. An access determination system (200) comprising: a detector (220) that is configured to detect a network within a vicinity of a user device (150), the network having a network identifier (SSID) and a security indicator (WEP), and a controller (250), operably coupled to the detector (220), that is configured to receive the network identifier (SSID) and the security indicator (WEP), and thereupon facilitate a configuration of the user device (150) for communication via the network, based on the network identifier (SSID) and the security indicator (WEP).
2. The system (200) of claim 1, further including a user interface device (270); wherein the controller (250) facilitates the configuration by communicating one or more messages via the user interface device (270) based on the network identifier (SSID) and the security indicator (WEP).
3. The system (200) of claim 1, further including a configurer (280) that is configured to configure the user device (150) for communication via the network; wherein the controller (250) facilitates the configuration by controlling the configurer (280) based on the network identifier (SSID) and the security indicator (WEP).
4. The system (200) of claim 3, wherein the configurer (280) is further configured to enable an encryption and decryption of communications via the network, based on the security indicator (WEP).
5. The system (200) of claim 4, wherein the encryption and decryption includes the use of a security key (240), and the controller (250) is further configured to facilitate a determination of the security key (240) for the network.
6. The system (200) of claim 1 , further including network profiles (230) that are configured to contain one or more network identifications and associated key identifications; wherein the controller (250) is configured to facilitate the configuration of the user device (150) based on a correspondence between the network identifier (SSID) and one of the one or more network identifications and associated key identifications.
7. The system (200) of claim 6, wherein the associated key identifications include an identification of a security key (240) that is associated with the network identifier (SSID).
8. The system (200) of claim 7, further including a cryptographic device (290); wherein the controller (250) is further configured to facilitate the configuration of the user device (150) by effecting communication of the identification of the security key (240) to the cryptographic device (290).
9. The system (200) of claim 6, wherein the controller (250) is further configured to inhibit the configuration of the user device (150) if the correspondence between the network identifier (SSID) and the one or more network identifications does not exist.
10. A user device (150) that is configurable for communication to a select network of a plurality of networks, each network of the plurality of networks being identified by a network identifier (SSID), the user device (150) comprising: a receiver (210) that is configured to receive transmissions from devices within the plurality of networks, a detector (220), operably coupled to the receiver (210), that is configured to identify each network of the plurality of the network from which the transmissions were received, based on a received network identifier (SSID) from each network, and a controller (250), operably coupled to the detector (220), that is configured to: provide a notification of each network from which the transmissions were received, detect a user selection of the select network, based on the notification, and facilitate a configuration of the user device (150) to effect communication with the select network; wherein the detector (220) is further configured to identify a security indicator (WEP) that is associated with each network, and the controller (250) facilitates the configuration based also on the security indicator (WEP).
11. The user device ( 150) of claim 10, wherein the notification of each network includes the security indicator (WEP).
12. The user device (150) of claim 10, wherein the controller (250) is further configured to determine a security key (240) associated with each network, based on a stored association of the received network identifier (SSID) and an identification of the security key (240).
13. The user device ( 150) of claim 12, wherein the notification of each network includes the identification of its associated security key (240).
14. The user device (150) of claim 12, further including a cryptographic device (290) that is configured to encrypt and decrypt communications to and from the select network; wherein the controller (250) is further configured to communicate the identification of the select network's associated security key (240) to the cryptographic device (290).
15. A method of determining accessibility for communications to a network, comprising: detecting (310) a transmission from a device associated with the network, determining a network identifier (SSID) associated with the network, determining a security indicator (WEP) associated with the network, determining (330, 340) the accessibility for communications to the network based on the network identifier (SSID), the security indicator (WEP), and a plurality of network profiles (230).
16. The method of claim 15, wherein the plurality of network profiles (230) includes one or more network identifications and associated key identifications; and determining (330, 340) the accessibility includes determining a correspondence between the network identifier (SSID) and one of the one or more network identifications and associated key identifications.
17. The method of claim 16, further including providing (430) an identification of a security key (240) to a cryptographic process, the identification of the security key (240) corresponding to the associated key identifications of the one or more network identifications that corresponds to the network identifier (SSID).
18. The method of claim 15, further including providing (360) a notification of the network identifier (SSID) based on the accessibility to the network.
PCT/IB2003/001558 2002-04-30 2003-04-22 Auto-detection of wireless network accessibility WO2003094440A1 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
KR10-2004-7017496A KR20040104679A (en) 2002-04-30 2003-04-22 Auto-detection of wireless network accessibility
EP03715210A EP1502389A1 (en) 2002-04-30 2003-04-22 Auto-detection of wireless network accessibility
AU2003219399A AU2003219399A1 (en) 2002-04-30 2003-04-22 Auto-detection of wireless network accessibility
JP2004502554A JP2005524342A (en) 2002-04-30 2003-04-22 Automatic detection of wireless network accessibility

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US37718902P 2002-04-30 2002-04-30
US60/377,189 2002-04-30
US10/151,360 2002-05-20
US10/151,360 US20030204748A1 (en) 2002-04-30 2002-05-20 Auto-detection of wireless network accessibility

Publications (1)

Publication Number Publication Date
WO2003094440A1 true WO2003094440A1 (en) 2003-11-13

Family

ID=29254064

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2003/001558 WO2003094440A1 (en) 2002-04-30 2003-04-22 Auto-detection of wireless network accessibility

Country Status (8)

Country Link
US (1) US20030204748A1 (en)
EP (1) EP1502389A1 (en)
JP (1) JP2005524342A (en)
KR (1) KR20040104679A (en)
CN (1) CN1650579A (en)
AU (1) AU2003219399A1 (en)
TW (1) TW200402222A (en)
WO (1) WO2003094440A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1560369A2 (en) * 2004-01-29 2005-08-03 NTT DoCoMo, Inc. Communication system, communication terminal, and communication program
US8024806B2 (en) 2006-10-17 2011-09-20 Intel Corporation Method, apparatus and system for enabling a secure location-aware platform

Families Citing this family (60)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7474888B1 (en) * 2002-02-25 2009-01-06 Palm, Inc. Method for bypassing passkey exchange and authentication procedures
JP2004096146A (en) * 2002-08-29 2004-03-25 Sony Corp Communication apparatus, communication control method and program, and recording medium
US7698550B2 (en) * 2002-11-27 2010-04-13 Microsoft Corporation Native wi-fi architecture for 802.11 networks
JP4095424B2 (en) * 2002-12-09 2008-06-04 キヤノン株式会社 Wireless network construction method and wireless network communication apparatus
AU2003297433A1 (en) * 2002-12-24 2004-07-22 Samrat Vasisht Method, system and device for automatically configuring a communications network
US9003048B2 (en) * 2003-04-01 2015-04-07 Microsoft Technology Licensing, Llc Network zones
KR20050015818A (en) * 2003-08-07 2005-02-21 삼성전자주식회사 Networking apparatus and method avaiable for use under non-security
DE10346007A1 (en) * 2003-10-02 2005-04-28 Siemens Ag Communication device and method for setting a security configuration of a communication device
US7505596B2 (en) * 2003-12-05 2009-03-17 Microsoft Corporation Automatic detection of wireless network type
JP4033302B2 (en) * 2004-05-07 2008-01-16 株式会社ソニー・コンピュータエンタテインメント Wireless communication terminal device, wireless interface device, and wireless network participation method
DE602005018213D1 (en) * 2004-05-24 2010-01-21 Computer Ass Think Inc SYSTEM AND METHOD FOR AUTOMATIC CONFIGURATION OF A MOBILE DEVICE
WO2006012044A1 (en) * 2004-06-28 2006-02-02 Japan Communications, Inc. Methods and systems for encrypting, transmitting, and storing electronic information and files
US20060026268A1 (en) * 2004-06-28 2006-02-02 Sanda Frank S Systems and methods for enhancing and optimizing a user's experience on an electronic device
WO2006012058A1 (en) * 2004-06-28 2006-02-02 Japan Communications, Inc. Systems and methods for mutual authentication of network
US7596226B2 (en) * 2004-07-19 2009-09-29 Nokia Corporation Mobile terminal, method and computer program product for storing and retrieving network parameters
EP1810439A4 (en) * 2004-10-14 2010-08-18 Novatel Wireless Inc System and method for provisioning a wireless device to only be able to access network services within a specific location
EP1808033B1 (en) * 2004-10-14 2016-04-13 Novatel Wireless, Inc Method and apparatus for routing voice traffic over a residential gateway
US7447502B2 (en) * 2005-01-14 2008-11-04 Research In Motion Limited Scheme for providing regulatory compliance in performing network selection in a foreign country
US20060230278A1 (en) * 2005-03-30 2006-10-12 Morris Robert P Methods,systems, and computer program products for determining a trust indication associated with access to a communication network
US20060230279A1 (en) * 2005-03-30 2006-10-12 Morris Robert P Methods, systems, and computer program products for establishing trusted access to a communication network
US20060229100A1 (en) * 2005-04-11 2006-10-12 Joseph Born Wireless detector and adapter
US20060265737A1 (en) * 2005-05-23 2006-11-23 Morris Robert P Methods, systems, and computer program products for providing trusted access to a communicaiton network based on location
US8576846B2 (en) 2005-10-05 2013-11-05 Qualcomm Incorporated Peer-to-peer communication in ad hoc wireless network
US7330450B1 (en) * 2005-10-07 2008-02-12 Cisco Technology, Inc. Wireless network detection device
CN1953446B (en) * 2005-10-21 2010-09-29 联想(北京)有限公司 A communication system and method
US7602281B2 (en) 2006-01-26 2009-10-13 The United States Of America As Represented By The Secretary Of The Army System and method for tactical distributed event warning notification for individual entities, and computer program product therefor
US7764185B1 (en) 2006-01-26 2010-07-27 The United States Of America As Represented By The Secretary Of The Army System, user warning and positioning device for use therein, and computer program product therefor, for tactical distributed event warning notification for individual entities
US7598850B2 (en) * 2006-01-26 2009-10-06 The United States Of America As Represented By The Secretary Of The Army System and method for centralized event warning notification for individual entities, and computer program product therefor
US20070204323A1 (en) * 2006-02-24 2007-08-30 Rockwell Automation Technologies, Inc. Auto-detection capabilities for out of the box experience
US8392560B2 (en) * 2006-04-28 2013-03-05 Microsoft Corporation Offering and provisioning secured wireless virtual private network services
US9378343B1 (en) * 2006-06-16 2016-06-28 Nokia Corporation Automatic detection of required network key type
US20080046879A1 (en) * 2006-08-15 2008-02-21 Michael Hostetler Network device having selected functionality
US8903365B2 (en) 2006-08-18 2014-12-02 Ca, Inc. Mobile device management
US8667596B2 (en) 2006-09-06 2014-03-04 Devicescape Software, Inc. Systems and methods for network curation
US8549588B2 (en) * 2006-09-06 2013-10-01 Devicescape Software, Inc. Systems and methods for obtaining network access
US8554830B2 (en) * 2006-09-06 2013-10-08 Devicescape Software, Inc. Systems and methods for wireless network selection
US9326138B2 (en) * 2006-09-06 2016-04-26 Devicescape Software, Inc. Systems and methods for determining location over a network
US8196188B2 (en) * 2006-09-06 2012-06-05 Devicescape Software, Inc. Systems and methods for providing network credentials
US8191124B2 (en) * 2006-09-06 2012-05-29 Devicescape Software, Inc. Systems and methods for acquiring network credentials
US8743778B2 (en) 2006-09-06 2014-06-03 Devicescape Software, Inc. Systems and methods for obtaining network credentials
US8194589B2 (en) * 2006-09-06 2012-06-05 Devicescape Software, Inc. Systems and methods for wireless network selection based on attributes stored in a network database
EP2346211A3 (en) * 2006-11-21 2011-10-26 Research in Motion Limited Displaying a list of connection profiles of wireless local area networks
US20090019170A1 (en) * 2007-07-09 2009-01-15 Felix Immanuel Wyss System and method for secure communication configuration
WO2009034624A1 (en) * 2007-09-12 2009-03-19 Panasonic Corporation Wireless terminal device, wireless connection method, and program
US8069230B2 (en) * 2007-10-31 2011-11-29 Affinegy, Inc. System and method of configuring a network
US8965394B2 (en) * 2008-06-19 2015-02-24 John L. Rogitz Disabling wireless telephone use while in vehicle
US20100263022A1 (en) * 2008-10-13 2010-10-14 Devicescape Software, Inc. Systems and Methods for Enhanced Smartclient Support
US8353007B2 (en) 2008-10-13 2013-01-08 Devicescape Software, Inc. Systems and methods for identifying a network
KR101644090B1 (en) * 2010-01-29 2016-08-11 삼성전자주식회사 Method for connecting wireless communications, wireless communications station and wireless communications system
JP5182316B2 (en) 2010-03-30 2013-04-17 ブラザー工業株式会社 Wireless communication device
US20120238301A1 (en) * 2010-07-22 2012-09-20 Shipsin Llc Systems and methods for networked radio systems and coordinated broadcasting
US8560833B2 (en) * 2010-10-29 2013-10-15 Aruba Networks, Inc. Automatic secure client access
JP5628227B2 (en) 2011-02-17 2014-11-19 パナソニック株式会社 Network connection apparatus and method
US8762876B2 (en) * 2012-06-21 2014-06-24 Google Inc. Secure data entry via a virtual keyboard
US9571464B2 (en) * 2014-08-11 2017-02-14 Intel Corporation Network-enabled device provisioning
WO2016187850A1 (en) * 2015-05-27 2016-12-01 华为技术有限公司 Device configuration method, apparatus and system in wireless communication network
JP2017011407A (en) * 2015-06-18 2017-01-12 日本電気株式会社 Wireless communication terminal, control method, and program of the same
US11696216B2 (en) * 2016-02-18 2023-07-04 Comcast Cable Communications, Llc SSID broadcast management to support priority of broadcast
US10673901B2 (en) 2017-12-27 2020-06-02 Cisco Technology, Inc. Cryptographic security audit using network service zone locking
CN108566656B (en) 2018-04-13 2021-04-30 上海连尚网络科技有限公司 Method and equipment for detecting security of wireless network

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1161031A2 (en) * 2000-06-01 2001-12-05 Sharp Kabushiki Kaisha Access point device and authentication method thereof
US20020007407A1 (en) * 2000-07-12 2002-01-17 Klein John Raymond Auto configuration of portable computers for use in wireless local area networks
EP1241838A2 (en) * 2001-03-13 2002-09-18 Microsoft Corporation System and method for wireless connecting a computing device without configuration and computing device therefore

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1161031A2 (en) * 2000-06-01 2001-12-05 Sharp Kabushiki Kaisha Access point device and authentication method thereof
US20020007407A1 (en) * 2000-07-12 2002-01-17 Klein John Raymond Auto configuration of portable computers for use in wireless local area networks
EP1241838A2 (en) * 2001-03-13 2002-09-18 Microsoft Corporation System and method for wireless connecting a computing device without configuration and computing device therefore

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1560369A2 (en) * 2004-01-29 2005-08-03 NTT DoCoMo, Inc. Communication system, communication terminal, and communication program
EP1560369A3 (en) * 2004-01-29 2007-11-14 NTT DoCoMo, Inc. Communication system, communication terminal, and communication program
US8024806B2 (en) 2006-10-17 2011-09-20 Intel Corporation Method, apparatus and system for enabling a secure location-aware platform
US8393000B2 (en) 2006-10-17 2013-03-05 Intel Corporation Method, apparatus, and system for enabling a secure location-aware platform

Also Published As

Publication number Publication date
CN1650579A (en) 2005-08-03
KR20040104679A (en) 2004-12-10
JP2005524342A (en) 2005-08-11
TW200402222A (en) 2004-02-01
US20030204748A1 (en) 2003-10-30
EP1502389A1 (en) 2005-02-02
AU2003219399A1 (en) 2003-11-17

Similar Documents

Publication Publication Date Title
US20030204748A1 (en) Auto-detection of wireless network accessibility
KR102458883B1 (en) Techniques for enabling computing devices to identify when they are in proximity to one another
US9092969B2 (en) Method and system for invoking a security function of a device based on proximity to another device
US20050253714A1 (en) Location-based anti-theft and security system and method
EP4032248B1 (en) End-to-end encryption with distributed key management in a tracking device environment
CN104919467B (en) Control the method and network drive system of the access to network drive
US20050260973A1 (en) Wireless manager and method for managing wireless devices
US20100100930A1 (en) Hosted vulnerability management for wireless devices
CN101779416B (en) Communication apparatus, control method thereof, and computer program
US10051675B2 (en) Automatic secure connection over untrusted wireless networks
KR20030084613A (en) Gateway, communication terminal equipment, and communication control program
JP2012186516A (en) Wireless lan device setting system
US9503965B2 (en) Set-top box setup via near field communication
EP3162126B1 (en) Dynamic wireless network access point selection
US10383031B2 (en) Zone-based network device monitoring using a distributed wireless network
JP4303905B2 (en) Wireless communication system switching device
US20190007839A1 (en) Systems and methods for controlling mobile device use
US20190037524A1 (en) Network Device Navigation Using A Distributed Wireless Network
US9949232B1 (en) Network device loss prevention using a distributed wireless network
CN107644163B (en) Method and device for reminding user of notifying message under multiple users
US10104638B1 (en) Network device location detection and monitoring using a distributed wireless network
KR101591053B1 (en) Remote control method and system using push service
KR101178494B1 (en) Wireless communtcation divice monitoring system for using agent
WO2019227389A1 (en) Interaction method for wireless door lock, and door lock system
JP6671773B2 (en) Communication system and program

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PH PL PT RO RU SC SD SE SG SK SL TJ TM TN TR TT TZ UA UG UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2004502554

Country of ref document: JP

WWE Wipo information: entry into national phase

Ref document number: 2003715210

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 20038096749

Country of ref document: CN

Ref document number: 1020047017496

Country of ref document: KR

WWP Wipo information: published in national office

Ref document number: 1020047017496

Country of ref document: KR

WWP Wipo information: published in national office

Ref document number: 2003715210

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 2003715210

Country of ref document: EP