Method and system for securing wireless communications
Abstract
A method and system for securing wireless communications is disclosed. In one embodiment, different security policies are used based on the distance between a receiver and a transmitter, whereby data in the wireless communications can only be demodulated if received in particular trust zones. In another embodiment, a plurality of bit stream fragments are transmitted by a plurality of transmitters to a receiver located in an area where transmission patterns radiated by the transmitters intersect. Alternatively, the receiver performs a function on packet data units (PDUs) transmitted by the transmitters. In yet another embodiment, primary modulation points of a modulation constellation are split into clusters of proximate secondary modulation points which can be demodulated only by a receiver that is within range of the transmitter. In yet another embodiment, a main waveform is transmitted which overlays a QPSK signal with hierarchical modulation (HM) having encoded descrambling information.
Claims
exact text as granted — not AI-modified1 . In a wireless communication system including a plurality of wireless transmit/receive units (WTRUs) used to transmit and receive wireless communications, a method for securing the wireless communications comprising:
establishing a plurality of non-overlapping trust zones associated with a particular one of the WTRUs; and the particular WTRU transmitting a wireless communication signal including modulated data such that the wireless communication signal can be demodulated if received in a first one of the trust zones but cannot be demodulated if received in a second one of the trust zones.
2 . The method of claim 1 wherein the first trust zone covers an area which extends from the particular WTRU to a first distance from the particular WTRU.
3 . The method of claim 2 wherein the second trust zone covers an area which extends from the first distance to a second distance that is further away from the particular WTRU than the first distance.
4 . The method of claim 1 wherein the wireless communication signal is scrambled and can be descrambled in the second trust zone if a scrambling sequence is determined.
5 . The method of claim 4 wherein the scrambling sequence is provided if a user associated with a receiver located in the second trust zone is authenticated.
6 . The method of claim 1 wherein a security level associated with the wireless communication signal is a function of the distance of a device that receives the wireless communication signal from the particular WTRU.
7 . The method of claim 1 wherein a security level associated with the wireless communication signal is a function of a signal-to-noise ratio (SNR) per information bit of the wireless communication signal.
8 . The method of claim 1 wherein a security level associated with the wireless communication signal is a function of the power level of the wireless communication signal.
9 . The method of claim 1 wherein a security level associated with the wireless communication signal is a function of a code rate associated with the wireless communication signal.
10 . The method of claim 1 wherein a security level associated with the wireless communication signal is a function of a normalized security proximity radius (NSPR) associated with each of the trust zones.
11 . In a wireless communication system including a plurality of wireless transmit/receive units (WTRUs) used to transmit and receive wireless communications, a method for securing the wireless communications comprising:
establishing a plurality of non-overlapping trust zones associated with a particular one of the WTRUs; and associating different security levels with each of the trust zones, wherein a communication device that receives a wireless communication signal transmitted by the particular WTRU is required to operate in accordance with a security policy associated with the trust zone in which the device is located.
12 . The method of claim 11 wherein a first one of the trust zones covers an area which extends from the particular WTRU to a first distance from the particular WTRU.
13 . The method of claim 12 wherein a second one of the trust zones covers an area which extends from the first distance to a second distance that is further away from the particular WTRU than the first distance.
14 . The method of claim 11 wherein the wireless communication signal transmitted by the particular WTRU includes modulated data such that the security policy of the first trust zone allows the wireless communication signal to be demodulated if the communication device is located in the first trust zone, but the security policy of the second trust zone does not allow the wireless communication signal to be demodulated if the communication device is located in the second trust zone.
15 . The method of claim 14 wherein the wireless communication signal is scrambled and can be descrambled in the second trust zone if a scrambling sequence is determined.
16 . The method of claim 15 wherein the scrambling sequence is provided to the communication device if a user associated with the communication device is authenticated when located in the second trust zone.
17 . The method of claim 11 wherein a security level associated with the wireless communication signal is a function of the distance of the communication device from the particular WTRU.
18 . The method of claim 11 wherein a security level associated with the wireless communication signal is a function of a signal-to-noise ratio (SNR) per information bit of the wireless communication signal.
19 . The method of claim 11 wherein a security level associated with the wireless communication signal is a function of the power level of the wireless communication signal.
20 . The method of claim 11 wherein a security level associated with the wireless communication signal is a function of a code rate associated with the wireless communication signal.
21 . The method of claim 11 wherein a security level associated with the wireless communication signal is a function of a normalized security proximity radius (NSPR) associated with each of the trust zones.
22 . In a wireless communication system including a plurality of access points (APs) and at least one wireless transmit/receive unit, a method of securing wireless communications comprising:
each of the APs transmitting a fragment of a bit stream to the WTRU, wherein the WTRU is located in an area where a transmission pattern radiated from each of the APs intersect; and the WTRU reassembling the fragments into the bit stream.
23 . The method of claim 22 wherein it is not possible to receive all of the fragments at a location outside of the area where the AP transmission patterns intersect.
24 . The method of claim 22 wherein each of the bit stream fragments is incorporated in a respective packet data unit (PDU), and the WTRU reassembles the respective PDUs into a service data unit (SDU).
25 . The method of claim 22 wherein the WTRU reports the location of the WTRU to each of the APs and the APs transmit a sequence of messages at varying effective coding rates which request a positive acknowledgement (ACK) or a negative acknowledgement (NACK) from the WTRU, such that the APs can determine whether the location of the WTRU is correct.
26 . The method of claim 25 wherein the APs determine whether the WTRU can decode transmissions sent by the APs.
27 . The method of claim 25 wherein the APs verify the authenticity of the WTRU by sending a challenge question via a plurality of packet data units (PDUs) to the WTRU such that the challenge question would be decipherable by the WTRU and answered by the WTRU only if the WTRU is located at the location reported by the WTRU.
28 . A wireless communication system for securing wireless communications, the system comprising:
a receiver; and a wireless transmit/receive unit (WTRU) configured to establish a plurality of non-overlapping trust zones by transmitting a wireless communication signal that includes modulated data such that the wireless communication signal can be demodulated by the receiver if the receiver is located in a first one of the trust zones but cannot be demodulated if the receiver is located in a second one of the trust zones.
29 . The system of claim 28 wherein the first trust zone covers an area which extends from the WTRU to a first distance from the WTRU.
30 . The system of claim 29 wherein the second trust zone covers an area which extends from the first distance to a second distance that is further away from the particular WTRU than the first distance.
31 . The system of claim 28 wherein the wireless communication signal is scrambled and can be descrambled in the second trust zone if a scrambling sequence is determined.
32 . The system of claim 31 wherein the scrambling sequence is provided to the receiver if a user associated with a receiver located in the second trust zone is authenticated.
33 . The system of claim 28 wherein a security level associated with the wireless communication signal is a function of the distance of the receiver from the WTRU.
34 . The system of claim 28 wherein a security level associated with the wireless communication signal is a function of the Doppler spread of the wireless communication signal.
35 . The system of claim 28 wherein a security level associated with the wireless communication signal is a function of a signal-to-noise ratio (SNR) per information bit of the wireless communication signal.
36 . The system of claim 28 wherein a security level associated with the wireless communication signal is a function of the power level of the wireless communication signal.
37 . The system of claim 28 wherein a security level associated with the wireless communication signal is a function of a code rate associated with the wireless communication signal.
38 . The system of claim 28 wherein a security level associated with the wireless communication signal is a function of a normalized security proximity radius (NSPR) associated with each of the trust zones.
39 . A wireless communication system for securing wireless communications, the system comprising:
a wireless transmit/receive unit (WTRU); a first access point (AP) for transmitting a first portion of a bit stream to the WTRU; and a second AP for transmitting a second portion of the bit stream to the WTRU, wherein the WTRU is located in an area where a transmission pattern radiated from each of the first and second APs intersect, and the WTRU reassembles the first and second portions into the bit stream.
40 . The system of claim 39 wherein it is not possible to receive both of the portions of the bit stream at a location outside of the area where transmission patterns of the first and second APs intersect.
41 . The system of claim 39 wherein the first portion of the bit stream is incorporated in a first packet data unit (PDU), the second portion of the bit stream is incorporated in a second PDU and the WTRU reassembles the first and second PDUs into a service data unit (SDU).
42 . The system of claim 39 wherein the WTRU reports the location of the WTRU to each of the APs and the APs transmit a sequence of messages at varying effective coding rates which request a positive acknowledgement (ACK) or a negative acknowledgement (NACK) from the WTRU, such that the APs can determine whether the location of the WTRU is correct.
43 . The system of claim 42 wherein the APs determine whether the WTRU can decode transmissions sent by the APs.
44 . The system of claim 42 wherein the APs verify the authenticity of the WTRU by sending a challenge question via a plurality of packet data units (PDUs) to the WTRU such that the challenge question would be decipherable by the WTRU and answered by the WTRU only if the WTRU is located at the location reported by the WTRU.
45 . A wireless communication system for securing wireless communications, the system comprising:
a wireless transmit/receive unit (WTRU); a first access point (AP) for transmitting a first packet data unit (PDU) to the WTRU; and a second AP for transmitting a second PDU to the WTRU, wherein the WTRU is located in an area where a transmission pattern radiated from each of the first and second APs intersect, and the WTRU performs a function on the first and second PDUs to derive a service data unit (SDU).
46 . The system of claim 45 wherein it is not possible to receive both of the first and second PDUs at a location outside of the area where transmission patterns of the first and second APs intersect.
47 . The system of claim 45 wherein the function is an exclusive-or (XOR) function.
48 . The system of claim 45 wherein the WTRU reports the location of the WTRU to each of the APs and the APs transmit a sequence of messages at varying effective coding rates which request a positive acknowledgement (ACK) or a negative acknowledgement (NACK) from the WTRU, such that the APs can determine whether the location of the WTRU is correct.
49 . The system of claim 48 wherein the APs determine whether the WTRU can decode transmissions sent by the APs.
50 . The system of claim 48 wherein the APs verify the authenticity of the WTRU by sending a challenge question via a plurality of packet data units (PDUs) to the WTRU such that the challenge question would be decipherable by the WTRU and answered by the WTRU only if the WTRU is located at the location reported by the WTRU.
51 . In a wireless communication system in which a transmitter sends wireless communications to a receiver, wherein the wireless communications include a sequence of symbols represented by a plurality of primary modulation points of a modulation constellation, a method for securing the wireless communications comprising:
(a) replacing each primary modulation point with a cluster of secondary modulation points located in close proximity to one another; (b) the receiver discriminating between the secondary modulation points in the cluster; and (c) the receiver demodulating the secondary modulation points to decipher the symbols.
52 . The method of claim 51 wherein there are four primary modulation points in the modulation constellation, each of which is defined by two data bits.
53 . The method of claim 52 wherein there are a total of eight secondary modulation points in the modulation constellation, two in each cluster, each of which is defined by three data bits.
54 . The method of claim 51 wherein each primary modulation point is generated by phase-shift keying (PSK).
55 . The method of claim 51 wherein each primary modulation point is generated by frequency-shift keying (FSK).
56 . The method of claim 51 wherein each primary modulation point is generated by quadrature amplitude modulation (QAM).
57 . The method of claim 51 wherein each secondary modulation point is generated by phase-shift keying (PSK).
58 . The method of claim 51 wherein each secondary modulation point is generated by frequency-shift keying (FSK).
59 . The method of claim 51 wherein each secondary modulation point is generated by quadrature amplitude modulation (QAM).
60 . A wireless communication system for securing wireless communications, the system comprising:
(a) a receiver; and (a) a transmitter for transmitting to the receiver wireless communications which include a sequence of symbols represented by a plurality of primary modulation points of a modulation constellation, wherein the transmitter replaces each primary modulation point with a cluster of secondary modulation points located in close proximity to one another, the receiver discriminates between the secondary modulation points in the cluster, and the receiver demodulates the secondary modulation points to decipher the symbols.
61 . The system of claim 60 wherein there are four primary modulation points in the modulation constellation, each of which is defined by two data bits.
62 . The system of claim 61 wherein there are a total of eight secondary modulation points in the modulation constellation, two in each cluster, each of which is defined by three data bits.
63 . The system of claim 60 wherein each primary modulation point is generated by phase-shift keying (PSK).
64 . The system of claim 60 wherein each primary modulation point is generated by frequency-shift keying (FSK).
65 . The system of claim 60 wherein each primary modulation point is generated by quadrature amplitude modulation (QAM).
66 . The system of claim 60 wherein each secondary modulation point is generated by phase-shift keying (PSK).
67 . The system of claim 60 wherein each secondary modulation point is generated by frequency-shift keying (FSK).
68 . The system of claim 60 wherein each secondary modulation point is generated by quadrature amplitude modulation (QAM).
69 . In a wireless communication system including a transmitter and a receiver, the transmitter being configured to transmit wireless communications to the receiver, a method for securing the wireless communications comprising:
(a) the transmitter transmitting a main waveform which overlays a quadrature phase shift keying (QPSK) signal with hierarchical modulation (HM); (b) the transmitter modulating scrambled data in the main waveform; (c) the transmitter encoding descrambling information in the HM; and (d) the receiver extracting the descrambling information in the HM and demodulating the scrambled data when the distance between the receiver and the transmitter does not exceed a particular threshold.
70 . The method of claim 69 wherein the HM is biphase shift keying (BPSK) HM.
71 . The method of claim 69 further comprising:
(e) the transmitter varying power allocated to the HM waveform to adjust the particular threshold.
72 . A wireless communication system for securing wireless communications comprising:
a receiver; and a transmitter configured to transmit a main waveform which overlays a quadrature phase shift keying (QPSK) signal with hierarchical modulation (HM), modulates scrambled data in the main waveform and encodes descrambling information in the HM, wherein the receiver extracts the descrambling information in the HM and demodulates the scrambled data when the receiver is in the vicinity of the transmitter.
73 . The system of claim 72 wherein the HM is biphase shift keying (BPSK) HM.
74 . The system of claim 72 wherein the transmitter varies power allocated to the HM waveform.
75 . A wireless communication system for securing wireless communications, the system comprising:
a transmitter comprising:
a first protocol stack unit for generating an information stream;
a channel encoder for encoding the information stream for error protection;
a rate matching unit for rate matching the information stream;
a multi-layer secure bit (MLSB) scrambler for scrambling channel symbols; and
a first physical channel processing unit for transmitting wireless communications including the scrambled channel symbols over a wireless channel; and
a receiver comprising:
a second physical channel processing unit for receiving the wireless communications;
a MLSB descrambler for descrambling the channel symbols of the wireless communications;
a rate de-matching unit for de-matching the rate of the wireless communications;
a channel decoder for decoding the information stream; and
a second protocol stack unit for processing the decoded information stream.
76 . The system of claim 75 wherein if the receiver is informed through auxiliary means that the receiver should be able to successfully demodulate the information stream, but is in fact unable to do so after a sufficiently large number of attempts, the receiver assumes that the wireless channel is being tampered with.
77 . In a transmitter, a first integrated circuit (IC) for securing wireless communications transmitted over a wireless channel, the first IC comprising:
a first protocol stack unit for generating an information stream; a channel encoder for encoding the information stream for error protection; a rate matching unit; a multi-layer secure bit (MLSB) scrambler for scrambling channel symbols; and a first physical channel processing unit.
78 . In a receiver which communicates with the transmitter of claim 77 , a second integrated circuit (IC) for securing wireless communications received over a wireless channel, the second IC comprising:
a second physical channel processing unit for receiving the wireless communications; a MLSB descrambler for descrambling channel symbols of the wireless communications; a rate de-matching unit for rate matching an information stream in the wireless communications; a channel decoder for decoding the information stream; and a second protocol stack unit for processing the decoded information stream.
79 . The second IC of claim 78 wherein if the receiver is informed through auxiliary means that the receiver should be able to successfully demodulate the information stream, but is in fact unable to do so after a sufficiently large number of attempts, the receiver assumes that the wireless channel is being tampered with.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.