WO2017078657A1 - Apparatus, system and method of cellular-assisted establishing of a secured wlan connection between a ue and a wlan ap - Google Patents
Apparatus, system and method of cellular-assisted establishing of a secured wlan connection between a ue and a wlan ap Download PDFInfo
- Publication number
- WO2017078657A1 WO2017078657A1 PCT/US2015/000349 US2015000349W WO2017078657A1 WO 2017078657 A1 WO2017078657 A1 WO 2017078657A1 US 2015000349 W US2015000349 W US 2015000349W WO 2017078657 A1 WO2017078657 A1 WO 2017078657A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- wlan
- message
- ciphering
- cellular
- node
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/30—Security of mobile devices; Security of mobile applications
- H04W12/35—Protecting application or service provisioning, e.g. securing SIM application provisioning
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/02—Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
- H04W84/10—Small scale networks; Flat hierarchical networks
- H04W84/12—WLAN [Wireless Local Area Networks]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/02—Terminal devices
- H04W88/06—Terminal devices adapted for operation in multiple networks or having at least two operational modes, e.g. multi-mode terminals
Definitions
- Some embodiments described herein generally relate to cellular-assisted establishing of a secured Wireless Local Area Network (WLAN) connection between a User Equipment (UE) and a WLAN Access Point (AP).
- WLAN Wireless Local Area Network
- a wireless communication device e.g., a mobile device, may be configured to utilize multiple wireless communication technologies.
- a User Equipment (UE) device may be configured to utilize a cellular connection, e.g., a Universal Mobile Telecommunications System (UMTS) cellular connection or a Long Term Evolution (LTE) connection, as well as a wireless-local-area- network (WLAN) connection, e.g., a Wireless-Fidelity (WiFi) connection.
- a cellular connection e.g., a Universal Mobile Telecommunications System (UMTS) cellular connection or a Long Term Evolution (LTE) connection
- UMTS Universal Mobile Telecommunications System
- LTE Long Term Evolution
- WLAN wireless-local-area- network
- WiFi Wireless-Fidelity
- FIG. 1 is a schematic block diagram illustration of a system, in accordance with some demonstrative embodiments.
- Fig. 2 is a schematic illustration of a procedure of setting security parameters of a Wireless Local Area Network (WLAN) connection.
- WLAN Wireless Local Area Network
- FIG. 3 is a schematic illustration of operations and communications between a wireless station, a cellular manager, and a WLAN Access Point (AP), in accordance with some demonstrative embodiments.
- AP WLAN Access Point
- FIG. 4 is a schematic illustration of operations and communications between a wireless station, a cellular manager, and first and second WLAN APs, in accordance with some demonstrative embodiments.
- FIG. 5 is a schematic illustration of operations and communications of cellular- assisted establishment of secure WLAN connections in a non-collocated implementation, in accordance with some demonstrative embodiments.
- Fig. 6 is a schematic illustration of elements of a User Equipment (UE), in accordance with some demonstrative embodiments.
- UE User Equipment
- FIG. 7 is a schematic flow-chart illustration of a method of establishing a secured WLAN connection between a UE and a WLAN AP, in accordance with some demonstrative embodiments.
- FIG. 8 is a schematic flow-chart illustration of a method of providing cellular- assisted cryptographic information to a UE and a WLAN AP, in accordance with some demonstrative embodiments.
- FIG. 9 is a schematic flow-chart illustration of a method of establishing a secured WLAN connection between a WLAN AP and a UE, in accordance with some demonstrative embodiments.
- Fig. 10 is a schematic illustration of a product, in accordance with some demonstrative embodiments.
- Discussions herein utilizing terms such as, for example, “processing”, “computing”, “calculating”, “determining”, “establishing”, “analyzing”, “checking”, or the like, may refer to operation(s) and/or process(es) of a computer, a computing platform, a computing system, or other electronic computing device, that manipulate and/or transform data represented as physical (e.g., electronic) quantities within the computer's registers and/or memories into other data similarly represented as physical quantities within the computer's registers and/or memories or other information storage medium that may store instructions to perform operations and/or processes.
- processing may refer to operation(s) and/or process(es) of a computer, a computing platform, a computing system, or other electronic computing device, that manipulate and/or transform data represented as physical (e.g., electronic) quantities within the computer's registers and/or memories into other data similarly represented as physical quantities within the computer's registers and/or memories or other information storage medium that may store instructions to perform operations and/or processes.
- plural and “a plurality”, as used herein, include, for example, “multiple” or “two or more”.
- a plurality of items includes two or more items.
- references to "one embodiment,” “an embodiment,” “demonstrative embodiment,” “various embodiments,” etc., indicate that the embodiment(s) so described may include a particular feature, structure, or characteristic, but not every embodiment necessarily includes the particular feature, structure, or characteristic. Further, repeated use of the phrase “in one embodiment” does not necessarily refer to the same embodiment, although it may.
- Some embodiments may be used in conjunction with various devices and systems, for example, a Personal Computer (PC), a desktop computer, a mobile computer, a laptop computer, a notebook computer, a tablet computer, a Smartphone device, a server computer, a handheld computer, a handheld device, a Personal Digital Assistant (PDA) device, a handheld PDA device, an on-board device, an off-board device, an Internet of Things (IoT) device, a sensor device, a wearable device, a hybrid device, a vehicular device, a non- vehicular device, a mobile or portable device, a consumer device, a non-mobile or nonportable device, a wireless communication station, a wireless communication device, a wireless Access Point (AP), a wired or wireless router, a wired or wireless modem, a video device, an audio device, an audio-video (A/V) device, a wired or wireless network, a wireless area network, a cellular network, a cellular node, a cellular
- PC
- Some embodiments may be used in conjunction with devices and/or networks operating in accordance with existing 3rd Generation Partnership Project (3GPP) and/or Long Term Evolution (LTE) specifications (including 3GPP TS 36.300 ( "TS 36.300 Evolved Universal Terrestrial Radio Access (E-UTRA) and Evolved Universal Terrestrial Radio Access Network (E-UTRAN); Overall description; Stage 2, version 11.7.0 Release 11 ", September 2013); 3GPP TS 36.331 (ETSI TS 136 331; V12.3.0 (2014-09); LTE; Evolved Universal Terrestrial Radio Access (E-UTRA); Radio Resource Control (RRC); Protocol specification (3GPP TS 36.331 version 12.3.0 Release 12); and/or 3GPP TS 36.463 (3GPP TS 36.463 V0.2.0 (2015-10) Technical Specification; 3rd Generation Partnership Project; Technical Specification Group Radio Access Network; Evolved Universal Terrestrial Radio Access Network (E-UTRAN) and Wireless LAN (WLAN); X
- Some embodiments may be used in conjunction with one or more types of wireless communication signals and/or systems, for example, Radio Frequency (RF), Frequency- Division Multiplexing (FDM), Orthogonal FDM (OFDM), Single Carrier Frequency Division Multiple Access (SC-FDMA), Time-Division Multiplexing (TDM), Time-Division Multiple Access (TDM A), Extended TDMA (E-TDMA), General Packet Radio Service (GPRS), extended GPRS, Code-Division Multiple Access (CDMA), Wideband CDMA (WCDMA), CDMA 2000, single-carrier CDMA, multi-carrier CDMA, Multi-Carrier Modulation (MDM), Discrete Multi-Tone (DMT), Bluetooth®, Global Positioning System (GPS), Wireless Fidelity (Wi-Fi), Wi-Max, ZigBeeTM, Ultra-Wideband (UWB), Global System for Mobile communication (GSM), second generation (2G), 2.5G, 3G, 3.5G, 4G, Fifth Generation (5G)
- wireless device includes, for example, a device capable of wireless communication, a communication device capable of wireless communication, a communication station capable of wireless communication, a portable or non-portable device capable of wireless communication, or the like.
- a wireless device may be or may include a peripheral that is integrated with a computer, or a peripheral that is attached to a computer.
- the term “wireless device” may optionally include a wireless service.
- the term "communicating" as used herein with respect to a communication signal includes transmitting the communication signal and/or receiving the communication signal.
- a communication unit which is capable of communicating a communication signal, may include a transmitter to transmit the communication signal to at least one other communication unit, and/or a communication receiver to receive the communication signal from at least one other communication unit.
- the verb communicating may be used to refer to the action of transmitting or the action of receiving.
- the phrase "communicating a signal” may refer to the action of transmitting the signal by a first device, and may not necessarily include the action of receiving the signal by a second device.
- the phrase “communicating a signal” may refer to the action of receiving the signal by a first device, and may not necessarily include the action of transmitting the signal by a second device.
- circuitry may refer to, be part of, or include, an Application Specific Integrated Circuit (ASIC), an integrated circuit, an electronic circuit, a processor (shared, dedicated, or group), and/or memory (shared, dedicated, or group), that execute one or more software or firmware programs, a combinational logic circuit, and/or other suitable hardware components that provide the described functionality.
- ASIC Application Specific Integrated Circuit
- the circuitry may be implemented in, or functions associated with the circuitry may be implemented by, one or more software or firmware modules.
- circuitry may include logic, at least partially operable in hardware.
- logic may refer, for example, to computing logic embedded in circuitry of a computing apparatus and/or computing logic stored in a memory of a computing apparatus.
- the logic may be accessible by a processor of the computing apparatus to execute the computing logic to perform computing functions and/or operations.
- logic may be embedded in various types of memory and/or firmware, e.g., silicon blocks of various chips and/or processors.
- Logic may be included in, and/or implemented as part of, various circuitry, e.g. radio circuitry, receiver circuitry, control circuitry, transmitter circuitry, transceiver circuitry, processor circuitry, and/or the like.
- logic may be embedded in volatile memory and/or non-volatile memory, including random access memory, read only memory, programmable memory, magnetic memory, flash memory, persistent memory, and the like.
- Logic may be executed by one or more processors using memory, e.g., registers, stuck, buffers, and/or the like, coupled to the one or more processors, e.g., as necessary to execute the logic.
- the term "antenna”, as used herein, may include any suitable configuration, structure and/or arrangement of one or more antenna elements, components, units, assemblies and/or arrays.
- the antenna may implement transmit and receive functionalities using separate transmit and receive antenna elements.
- the antenna may implement transmit and receive functionalities using common and/or integrated transmit/receive elements.
- the antenna may include, for example, a phased array antenna, a single element antenna, a dipole antenna, a set of switched beam antennas, and/or the like.
- the term "cell”, as used herein, may include a combination of network resources, for example, downlink and optionally uplink resources.
- the resources may be controlled and/or allocated, for example, by a node (also referred to as a "base station"), or the like.
- the linking between a carrier frequency of the downlink resources and a carrier frequency of the uplink resources may be indicated in system information transmitted on the downlink resources.
- UMTS Universal Mobile Telecommunications System
- GSM Global System for Mobile communications
- 3G cellular network a 4G cellular network
- 4G cellular network a 4.5G network
- 5G cellular network a WiMAX cellular network
- WLAN Termination (WT) node Some demonstrative embodiments are described herein with respect to a WLAN Termination (WT) node. However, other embodiments may be implemented in any other WLAN controller, WLAN access device, WLAN Access Point (AP), WLAN access controller (AC), and/or WLAN access manager, node, and/or interface.
- WLAN controller Wireless Local Area Network
- AP WLAN Access Point
- AC WLAN access controller
- WLAN access manager node, and/or interface.
- HetNet Heterogeneous Network
- the HetNet may utilize a deployment of a mix of technologies, frequencies, cell sizes and/or network architectures, e.g., including cellular, millimeter wave ("mmWave” or "mmW"), and/or the like.
- the HetNet may include a radio access network having layers of different-sized cells ranging from large macrocells to small cells, for example, picocells and femtocells.
- Other embodiments may be used in conjunction with any other suitable wireless communication network.
- Other embodiments may be used in conjunction with any other suitable wireless communication network.
- FIG. 1 schematically illustrates a block diagram of a system 100, in accordance with some demonstrative embodiments.
- system 100 may include one or more wireless communication devices capable of communicating content, data, information and/or signals via one or more wireless mediums (WM) 108.
- system 100 may include at least one User Equipment (UE) 102 capable of communicating with one or more wireless communication networks, e.g., as described below.
- UE User Equipment
- Wireless mediums 108 may include, for example, a radio channel, a cellular channel, an RF channel, a WiFi channel, an IR channel, and the like.
- One or more elements of system 100 may optionally be capable of communicating over any suitable wired communication links.
- system 100 may include at least one cellular manager 104 to manage communication of a cellular network, e.g., as described below.
- cellular manager 104 may include, may operate as, and/or may perform the functionality of, an Evolved Node B (eNB).
- eNB Evolved Node B
- cellular manager 104 may be configured to perform radio resource management (RRM), radio bearer control, radio admission control (access control), connection mobility management, resource scheduling between UEs and eNB radios, e.g., Dynamic allocation of resources to UEs in both uplink and downlink, header compression, link encryption of user data streams, packet routing of user data towards a destination, e.g., another eNB or an Evolved Packet Core (EPC), scheduling and/or transmitting paging messages, e.g., incoming calls and/or connection requests, broadcast information coordination, measurement reporting, and/or any other operations, communications, and/or functionality.
- RRM radio resource management
- radio bearer control radio admission control
- access control access control
- connection mobility management resource scheduling between UEs and eNB radios, e.g., Dyna
- cellular manager 104 may include any other functionality and/or may perform the functionality of any other cellular node, network controller, base station or any other node or network device.
- cellular manager 104 may be part of a UMTS. According to this example, cellular manager 104 may perform the functionality of a Radio Network Controller (RNC), which may control a plurality of Node B devices 157.
- RNC Radio Network Controller
- the node B may be configured to communicate directly with UEs, e.g., including UE 102, for example, using a Wideband Code Division Multiple Access (WCDMA) and/or Time Division Synchronous Code Division Multiple Access (TD-SCDMA) air interface technology.
- WCDMA Wideband Code Division Multiple Access
- TD-SCDMA Time Division Synchronous Code Division Multiple Access
- the RNC may include, for example, a UMTS RNC configured to control the Node B devices 157.
- system 100 may include a WLAN Termination (WT) node 106, which may be configured to terminate a WLAN network interface, e.g., as described herein.
- WT WLAN Termination
- a WT node to terminate a WLAN network interface.
- additional or alternative termination node may be used to terminate a network interface of any other non-cellular RAT network, for example, a Bluetooth network, a millimeter wave (mmWave) network, and/or any other network, e.g., in addition to or instead of the WLAN network.
- a Bluetooth network for example, a Bluetooth network, a millimeter wave (mmWave) network, and/or any other network, e.g., in addition to or instead of the WLAN network.
- mmWave millimeter wave
- WT node 106 may be configured to manage access to a non-cellular network 107, for example, a WLAN, e.g., a Service Set (SS), a Basic Service Set (BSS), and Extended Service Set, a Homogenous Extended Service Set (HESS), and the like.
- a WLAN e.g., a Service Set (SS), a Basic Service Set (BSS), and Extended Service Set, a Homogenous Extended Service Set (HESS), and the like.
- SS Service Set
- BSS Basic Service Set
- HESS Homogenous Extended Service Set
- one or more functionalities of WT node 106 may be implemented, for example, in the form of, or as part of, a WLAN access device, for example, as part of a WLAN Access Point (AP), or a WLAN Access Controller (AC), as part of another device, or as a standalone device.
- a WLAN access device for example, as part of a WLAN Access Point (AP), or a WLAN Access Controller (AC), as part of another device, or as a standalone device.
- AP WLAN Access Point
- AC WLAN Access Controller
- WT node 106 may perform any other functionality and/or may perform at least part of the functionality of any other device capable of controlling and/or managing WLAN radio access to one or more wired networks.
- WT bode 106 may include, operate as, and/or perform the functionality of, an AP, e.g., configured to communicate directly with UE 102 via a WLAN link.
- an AP e.g., configured to communicate directly with UE 102 via a WLAN link.
- WT bode 106 may include, operate as, and/or perform the functionality of, an AC.
- WT node 106 may control a plurality of AP devices, e.g., including Lightweight Access Point (LAP) devices 158.
- LAP Lightweight Access Point
- UE 102 may include, for example, a Mobile Device (MD), a Station (STA), a mobile computer, a laptop computer, a notebook computer, a tablet computer, an UltrabookTM computer, an Internet of Things (IoT) device, a wearable device, a sensor device, a mobile internet device, a handheld computer, a handheld device, a storage device, a PDA device, a handheld PDA device, an on-board device, an off-board device, a hybrid device (e.g., combining cellular phone functionalities with PDA device functionalities), a consumer device, a vehicular device, a non-vehicular device, a mobile or portable device, a mobile phone, a cellular telephone, a PCS device, a mobile or portable GPS device, a DVB device, a relatively small computing device, a non-desktop computer, a "Carry Small Live Large” (CSLL) device, an Ultra Mobile Device (UMD), an Ultra Mobile PC
- system 100 may include at least one WLAN AP 119.
- WT node 106 may include, may operate as, and/or may perform one or more functionalities of WLAN AP 119, e.g., as described below.
- WLAN AP 119 and WT node 106 may be implemented as two separate and/or independent units, elements, device and/or entities of system 100, e.g., as described below.
- UE 102, cellular manager 104, WT node 106, and/or WLAN AP 119 may include one or more communication interfaces to perform communication between UE 102, cellular manager 104, WT node 106, WLAN AP 119, and/or with one or more other wireless communication devices, e.g., as described below.
- Some demonstrative embodiments include an interface 199 (also referred to as “the access device interface”, “the horizontal interface”, “the “Xw interface”, “the X2-W interface” or “the cellular/WLAN interface”), which may include circuitry and/or logic configured to interface, e.g., directly or indirectly, between a cellular network element, e.g., cellular manager 104, and a WLAN element, e.g., WT node 106, as described in detail below.
- a cellular network element e.g., cellular manager 104
- a WLAN element e.g., WT node 106
- interface 199 may be implemented to interface between an eNB and a WT node, e.g., as described below.
- the cellular /WLAN interface 199 may be implemented to directly interface between any other cellular device and any other WLAN device.
- the cellular/WLAN interface 199 may be implemented to directly interface between an eNB and a WLAN AP or WLAN AC, e.g., WLAN AP 119.
- the cellular/WLAN interface 199 may be implemented to directly interface between a UMTS RNC and a WT node.
- the cellularAVLAN interface 199 may be implemented to directly interface between a UMTS RNC and a WLAN AP or AC, e.g., WLAN AP 119.
- interface 199 may be utilized to enhance and/or increase the efficiency of interworking, integration and/or management of the cellular and WLAN radio access technologies.
- interface 199 may be configured to perform and/or support one or more aggregation operations and/or functionalities, for example, to transfer traffic, e.g., in addition to transferring control plane information.
- interface 199 may be utilized to improve efficiency of resource management, to provide efficient load balancing, and/or to improve mobility between Radio Access Technology (RAT) networks.
- RAT Radio Access Technology
- cellular manager 104 may include an interface ("Core Network (CN) interface") 146, e.g., a vertical interface, including circuitry and/or logic configured to communicate with one or more elements of a CN 183, e.g., an Evolved Packet Core (EPC).
- CN Core Network
- EPC Evolved Packet Core
- CN interface 146 may include an SI vertical interface configured to communicate between cellular manager 104 and a Serving Gateway (S-GW) 185 according to an SI protocol, e.g., if cellular manager 104 performs the functionality of an eNB.
- S-GW 187 may interface between cellular manager 104 and a Packet Data Network (PDN) Gateway (P-GW) 187.
- PDN Packet Data Network
- P-GW Packet Data Network Gateway
- CN interface 146 may include any other vertical interface with one or more elements of CN 183.
- cellular manger 104 may perform the functionality of an RNC, e.g., in a UMTS system.
- CN interface 146 may include an Interface Unit Circuit Switch (Iu-CS) interface and/or an Interface Unit Packet Switch (Iu-PS) interface, to interface between the RNC and one or more packet- switched or circuit-switched CN elements.
- Iu-CS Interface Unit Circuit Switch
- Iu-PS Interface Unit Packet Switch
- cellular manager 104 may include an interface including circuitry and/or logic to communicate user plane traffic, directly or indirectly, between CN 183 and UE 102.
- cellular manager 104 may communicate the user plane traffic directly with UE 102, for example, if cellular manager 104 performs the functionality of an eNB.
- cellular manager 104 may include an air interface, for example, a cellular transceiver (TRx) 167, including circuitry and/or logic configured to communicate with UE 102 via a cellular link.
- TRx cellular transceiver
- cellular manager 104 may communicate the user plane traffic with UE 102 via Node B 157, e.g., if cellular manager 104 performs the functionality of an RNC.
- cellular manager 104 may include a Node B interface 161 to communicate between the RNC and Node B 157.
- Node B interface 161 may include an Interface Unit b (Iub).
- cellular manager 104 may include a WT node interface 169 (also referred to as "WLAN interface” or “WLAN control interface”) including circuitry and/or logic configured to communicate with WT node 106 and/or with one or more WLAN stations (ST As), e.g., as described below.
- WT node interface 169 may include an AP interface, e.g., if WT node 106 performs the functionality of an AP.
- interface 169 may include an AC interface, e.g., if WT node 106 performs the functionality of an AC.
- interface 169 may include any other non-cellular RAT interface to communicate with a node of a non-cellular RAT network.
- WT node 106 may include a cell manager interface ("the cellular interface") 192 including circuitry and/or logic configured to communicate with cellular manager 104.
- interface 192 may include an eNB interface, e.g., if cellular manager 104 performs the functionality of an eNB.
- interface 192 may include a RNC interface, e.g., if cellular manager 104 performs the functionality of a RNC.
- interfaces 169 and 192 may be configured to communicate between cellular manager 104 and WT node 106 via a direct link of interface 199.
- interface 199 may include a Point to Point (P2P) link, e.g., as described below.
- P2P Point to Point
- interface 199 may be implemented by any wired and/or wireless link, e.g., using any suitable, Physical Layer (PHY) components and/or protocols.
- WT node 106 may include a network interface 196 including circuitry and/or logic configured to communicate network traffic with a wired network 177, e.g., the Internet and/or any other network.
- WT node 106 may include a WLAN interface 193 including circuitry and/or logic configured to communicate the network traffic and/or any other traffic with UE 102 via a WLAN, directly or indirectly.
- WT node 106 may communicate directly with UE 102 via WLAN link, for example, if WT node 106 includes, operates as, or performs the functionality of, a WLAN AP 119.
- WLAN interface 193 may include a WLAN radio 194 including circuitry and/or logic configured to communicate the network traffic and/or any other traffic directly with UE 102, e.g., via a WLAN link between WT node 106 and UE 102, for example, if WT node 106 includes, operates as, or performs the functionality of, a WLAN AP 119.
- WT node 106 may indirectly communicate with UE 102, for example, if WT node 106 performs the functionality of an AC, or if WT node 106 is an entity, which is separate from the WLAN AC or WLAN AP.
- WLAN interface 193 may include, for example, an AP interface, e.g., a LAP interface 159, to communicate the network traffic and/or any other traffic with WLAN AP 119 and/or LAP 158.
- WLAN interface 193 may include any other additional or alternative interfaces to directly and/or indirectly communicate via the WLAN.
- UE 102 may include a non-cellular RAT transceiver (TRx), for example, a WLAN TRx 163, including circuitry and/or logic configured to communicate with a WLAN device, e.g., with WLAN AP 119, WT node 106 and/or with LAP 158, via the WLAN link.
- TRx non-cellular RAT transceiver
- a WLAN device e.g., with WLAN AP 119, WT node 106 and/or with LAP 158
- the UE may include any additional or alternative non-cellular RAT TRx, e.g., a Bluetooth TRx and/or any other TRx, to communicate over any additional or alternative non-cellular RAT network.
- UE 102 may include a cellular transceiver (TRx) 165 including circuitry and/or logic configured to communicate with a cellular network, for example, via a cellular device, e.g., cellular manager 104 and/or Node B 157, via the cellular link.
- TRx cellular transceiver
- WLAN AP 119 may include a network interface 121 including circuitry and/or logic configured to communicate with at least one network node.
- network interface 121 may include a WT node interface to communicate with WT node 106.
- network interface 121 may include cellular manager interface to communicate with cellular manager 104, e.g., via interface 199, for example, if WLAN AP 119 implemented by and/or collocated with WT node 106.
- WLAN AP 119 may include a WLAN TRx 122 including circuitry and/or logic configured to communicate traffic with UE 102, e.g., via a WLAN link between WLAN AP 119 and UE 102.
- WLAN TRx 163, cellular TRx 165, cellular TRx 167, WLAN TRx 122, and/or WLAN radio 194 may include one or more wireless transmitters, receivers and/or transceivers including circuitry and/or logic to process, encode, decode, send and/or receive wireless communication signals, RF signals, frames, blocks, transmission streams, packets, messages, data items, and/or data.
- WLAN TRx 167, WLAN TRx 122, and/or WLAN radio 194 may include one or more wireless receivers (Rx) including circuitry and/or logic to receive wireless communication signals, RF signals, frames, blocks, transmission streams, packets, messages, data items, and/or data; and/or one or more wireless transmitters (Tx) including circuitry and/or logic to send wireless communication signals, RF signals, frames, blocks, transmission streams, packets, messages, data items, and/or data.
- Rx wireless receivers
- Tx wireless transmitters
- WLAN TRx 167, WLAN TRx 122, and/or WLAN radio 194 may include circuitry; logic; Radio Frequency (RF) elements, circuitry and/or logic; baseband elements, circuitry and/or logic; modulation elements, circuitry and/or logic; demodulation elements, circuitry and/or logic; amplifiers; analog to digital and/or digital to analog converters; filters; and/or the like.
- RF Radio Frequency
- cellular TRx 167 and/or cellular TRx 165 may include a multiple input multiple output (MIMO) transmitters receivers system (not shown), which may be capable of performing antenna beamforming methods, if desired.
- cellular TRx 167 and/or cellular TRx 165 may include any other transmitters and/or receivers.
- cellular TRx 167 and/or cellular TRx 165 may include LTE, WCDMA and/or TD-SCDMA modulator and/or demodulator circuitry (not shown) configured to modulate and/or demodulate downlink signals to be communicated over downlink channels, e.g., between cellular manager 104 and UE 102, and/or uplink signals to be communicated over uplink channels, e.g., between UE 102 and cellular manager 104.
- cellular TRx 167 and/or cellular TRx 165 may include any other modulators and/or demodulators.
- cellular TRx 167 and/or cellular TRx 165 may include a turbo decoder and/or a turbo encoder (not shown) including circuitry and/or logic for encoding and/or decoding data bits into data symbols, if desired.
- cellular TRx 167 and/or cellular TRx 165 may include OFDM and/or SC- FDMA modulators and/or demodulators (not shown) configured to communicate OFDM signals over downlink (DL) channels, and/or SC-FDMA signals over uplink (UL) channels.
- UE 102 may establish a WLAN link with WLAN AP 119.
- WLAN TRx 163 may perform the functionality of one or more STAs, e.g., one or more WiFi STAs, WLAN STAs, and/or DMG STAs.
- the WLAN link may include an uplink and/or a downlink.
- the WLAN downlink may include, for example, a unidirectional link from the WLAN AP 119 to the one or more STAs.
- the uplink may include, for example, a unidirectional link from a STA to the WLAN AP 119.
- WT node 106 may be configured to operate as, and/or perform one or more functionalities of, functionality of WLAN AP 119, for example, in a collocated LTE/WLAN aggregation implementation.
- WT node 106 may be configured to control and/or communicate with one or more WLAN APs 119, e.g., a plurality of WLAN APs 119, for example, as described below.
- UE 102, cellular manager 104, WLAN AP 119, and/or WT node 106 may include, or may be associated with, one or more antennas.
- WLAN TRx 163 and/or cellular TRx 165 may be associated with at least two antennas, e.g., antennas 112 and 114, or any other number of antennas, e.g., one antenna or more than two antennas;
- cellular TRx 167 may be associated with at least two antennas, e.g., antennas 132 and 134, or any other number of antennas, e.g., one antenna or more than two antennas;
- WLAN radio 194 may be associated with one or more antennas 135; and/or WLAN TRx 122 may be associated with one or more antennas 124.
- antennas 112, 114, 132, 134, 135 and/or 124 may include any type of antennas suitable for transmitting and/or receiving wireless communication signals, blocks, frames, transmission streams, packets, messages and/or data.
- antennas 112, 114, 132, 134, 124, and/or 135 may include any suitable configuration, structure and/or arrangement of one or more antenna elements, components, units, assemblies and/or arrays.
- antennas 112, 114, 132, 134, 124, and/or 135 may include a phased array antenna, a dipole antenna, a single element antenna, a set of switched beam antennas, and/or the like.
- antennas 112, 114, 132, 134, 124, and/or 135 may implement transmit and receive functionalities using separate transmit and receive antenna elements. In some embodiments, antennas 112, 114, 132, 134, 124, and/or 135 may implement transmit and receive functionalities using common and/or integrated transmit/receive elements.
- cellular manager 104 may include at least one controller component 182
- UE 102 may include at least one controller component 197
- WLAN AP 119 may include at least one controller component 123
- WT node 106 may include at least one controller component 149.
- Controllers 182, 197, 123, and/or 149 may be configured to trigger one or more communications, to generate and/or trigger communication of one or more messages and/or transmissions, and/or to perform one or more functionalities, operations and/or procedures, e.g., as described below.
- controllers 182, 197, 123, and/or 149 may include circuitry and/or logic, e.g., one or more processors including circuitry and/or logic, memory circuitry and/or logic, Media-Access Control (MAC) circuitry and/or logic, Physical Layer (PHY) circuitry and/or logic, and/or any other circuitry and/or logic, configured to perform the functionality of controllers 182, 197, 123, and/or 149, respectively. Additionally or alternatively, one or more functionalities of controllers 182, 197, and/or 149 may be implemented by logic, which may be executed by a machine and/or one or more processors, e.g., as described below.
- MAC Media-Access Control
- PHY Physical Layer
- controller 182 may include circuitry and/or logic, for example, one or more processors including circuitry and/or logic, configured to cause, request and/or trigger cellular manager 104 to perform one or more operations, communications and/or functionalities, e.g., as described herein.
- controller 197 may include circuitry and/or logic, for example, one or more processors including circuitry and/or logic, configured to cause, request and/or trigger UE 102 to perform one or more operations, communications and/or functionalities, e.g., as described herein.
- controller 123 may include circuitry and/or logic, for example, one or more processors including circuitry and/or logic, configured to cause, request and/or trigger WLAN AP 119 to perform one or more operations, communications and/or functionalities, e.g., as described herein.
- controller 149 may include circuitry and/or logic, for example, one or more processors including circuitry and/or logic, configured to cause, request and/or trigger WT node 106 to perform one or more operations, communications and/or functionalities, e.g., as described herein.
- cellular manager 104 may include a message processor 144 configured to generate, process and/or access one or messages communicated by cellular manager 104.
- message processor 144 may be configured to generate one or more messages to be transmitted by cellular manager 104, and/or message processor 144 may be configured to access and/or to process one or more messages received by cellular manager 104, e.g., as described below.
- UE 102 may include a message processor 198 configured to generate, process and/or access one or messages communicated by UE 102.
- message processor 198 may be configured to generate one or more messages to be transmitted by UE 102, and/or message processor 198 may be configured to access and/or to process one or more messages received by UE 102, e.g., as described below.
- WLAN AP 119 may include a message processor 125 configured to generate, process and/or access one or messages communicated by WLAN AP 119.
- message processor 125 may be configured to generate one or more messages to be transmitted by WLAN AP 119, and/or message processor 125 may be configured to access and/or to process one or more messages received by WLAN AP 119, e.g., as described below.
- WT node 106 may include a message processor 150 configured to generate, process and/or access one or messages communicated by WT node 106.
- message processor 150 may be configured to generate one or more messages to be transmitted by WT node 106, and/or message processor 150 may be configured to access and/or to process one or more messages received by WT node 106, e.g., as described below.
- message processors 144, 198, 125, and/or 150 may include circuitry, e.g., processor circuitry, memory circuitry, Media-Access Control (MAC) circuitry, Physical Layer (PHY) circuitry, and/or any other circuitry, configured to perform the functionality of message processors 144, 198, 125, and/or 150. Additionally or alternatively, one or more functionalities of message processors 144, 198, 125, and/or 150 may be implemented by logic, which may be executed by a machine and/or one or more processors, e.g., as described below.
- MAC Media-Access Control
- PHY Physical Layer
- At least part of the functionality of message processor 144 may be implemented as part of cellular TRx 167 and/or WT node interface 169; at least part of the functionality of message processor 198 may be implemented as part of cellular TRx 165 and/or WLAN TRx 163; at least part of the functionality of message processor 125 may be implemented as part of WLAN TRx 122; and/or at least part of the functionality of message processor 150 may be implemented as part of interface 192 and/or interface 193.
- At least part of the functionality of message processor 144 may be implemented as part of controller 182
- at least part of the functionality of message processor 198 may be implemented as part of controller 197
- at least part of the functionality of message processor 125 may be implemented as part of controller 123
- at least part of the functionality of message processor 150 may be implemented as part of controller 149.
- At least part of the functionality of message processor 144 may be implemented as part of any other element of cellular manager 104, at least part of the functionality of message processor 198 may be implemented as part of any other element of UE 102, at least part of the functionality of message processor 125 may be implemented as part of any other element of WLAN AP 119, and/or at least part of the functionality of message processor 150 may be implemented as part of any other element of WT node 106.
- controller 197, and/or message processor 198 may be implemented by an integrated circuit, for example, a chip, e.g., a System on Chip (SoC).
- SoC System on Chip
- the chip or SoC may be configured to perform one or more functionalities of cellular transceiver 165 and/or WLAN TRx 163.
- the chip or SoC may include one or more elements of controller 197, message processor 198, and/or one or more elements of cellular transceiver 165 and/or WLAN TRx 163.
- controller 197, message processor 198, cellular transceiver 163, and WLAN TRx 163 may be implemented as part of the chip or SoC.
- controller 197, message processor 198, cellular transceiver 165 and/or WLAN TRx 163 may be implemented by one or more additional or alternative elements of UE 102.
- controller 182 and/or message processor 144 may be implemented by an integrated circuit, for example, a chip, e.g., a System on Chip (SoC).
- SoC System on Chip
- the chip or SoC may be configured to perform one or more functionalities of cellular transceiver 167 and/or WT node interface 169.
- the chip or SoC may include one or more elements of controller 182, message processor 144, and/or one or more elements of cellular transceiver 167 and/or WT node interface 169.
- controller 182, message processor 144, cellular transceiver 167, and WT node interface 169 may be implemented as part of the chip or SoC.
- controller 182, message processor 144, cellular transceiver 167 and/or WT node interface 169 may be implemented by one or more additional or alternative elements of cellular manager 104.
- controller 149 and/or message processor 150 may be implemented by an integrated circuit, for example, a chip, e.g., a System on Chip (SoC).
- SoC System on Chip
- the chip or SoC may be configured to perform one or more functionalities of WLAN interface 193 and/or cellular manager interface 192.
- the chip or SoC may include one or more elements of controller 149, message processor 150, and/or one or more elements of WLAN interface 193 and/or cellular manager interface 192.
- controller 149, message processor 150, WLAN interface 193, and cellular manager interface 192 may be implemented as part of the chip or SoC.
- controller 149, message processor 150, WLAN interface 193 and/or cellular manager interface 192 may be implemented by one or more additional or alternative elements of WT node 106.
- controller 123 and/or message processor 125 may be implemented by an integrated circuit, for example, a chip, e.g., a System on Chip (SoC).
- SoC System on Chip
- the chip or SoC may be configured to perform one or more functionalities of network interface 121 and/or WLAN TRx 122.
- the chip or SoC may include one or more elements of controller 123, message processor 125, and/or one or more elements of WLAN TRx 122 and/or network interface 1212.
- controller 123, message processor 125, WLAN TRx 122, and network interface 121 may be implemented as part of the chip or SoC.
- controller 123, message processor 125, WLAN TRx 122, and/or network interface 121 may be implemented by one or more additional or alternative elements of WLAN AP 119.
- cellular manager 104, WT node 106, WLAN AP 119, and/or UE 102 may also include, for example, one or more of a processor, an input unit, an output unit, a memory unit, and/or a storage unit.
- cellular manager 104 may include a processor 173 and/or a memory 174
- WT node 106 may include a processor 175 and/or a memory 176
- WLAN AP may include a processor 129 and/or a memory 127
- UE 102 may include a memory 151, a processor 152, an input unit 153, an output unit 154, and/or a storage unit 155.
- UE 102, cellular manager 104, WLAN AP 119, and/or WT node 106 may optionally include other suitable hardware components and/or software components.
- some or all of the components of one or more of UE 102, cellular manager 104, WLAN AP 119, and/or WT node 106 may be enclosed in a common housing or packaging, and may be interconnected or operably associated using one or more wired or wireless links.
- components of one or more of UE 102, cellular manager 104, WLAN AP 119, and/or WT node 106 may be distributed among multiple or separate devices.
- processors 173, 175, 129, and/or 152 may include, for example, a Central Processing Unit (CPU), a Digital Signal Processor (DSP), one or more processor cores, a single-core processor, a dual-core processor, a multiple-core processor, a microprocessor, a host processor, a controller, a plurality of processors or controllers, a chip, a microchip, one or more circuits, circuitry, a logic unit, an Integrated Circuit (IC), an Application-Specific IC (ASIC), or any other suitable multi-purpose or specific processor or controller.
- CPU Central Processing Unit
- DSP Digital Signal Processor
- processor 173 may execute instructions, for example, of an Operating System (OS) of cellular manager 104 and/or of one or more suitable applications; processor 175 may execute instructions of an OS of WT node 106 and/or of one or more suitable applications; processor 129 may execute instructions of an OS of WLAN AP 119 and/or of one or more suitable applications; and/or processor 152 may execute instructions of an OS of UE 102 and/or of one or more suitable applications.
- OS Operating System
- input unit 153 may include, for example, a keyboard, a keypad, a mouse, a touch-screen, a touch-pad, a track-ball, a stylus, a microphone, or other suitable pointing device or input device.
- Output unit 154 includes, for example, a monitor, a screen, a touch-screen, a flat panel display, a Light Emitting Diode (LED) display unit, a Liquid Crystal Display (LCD) display unit, a plasma display unit, one or more audio speakers or earphones, or other suitable output devices.
- LED Light Emitting Diode
- LCD Liquid Crystal Display
- memory unit 174, 176 and/or 151 may include, for example, a Random Access Memory (RAM), a Read Only Memory (ROM), a Dynamic RAM (DRAM), a Synchronous DRAM (SD-RAM), a flash memory, a volatile memory, a non-volatile memory, a cache memory, a buffer, a short term memory unit, a long term memory unit, or other suitable memory units.
- Storage unit 155 includes, for example, a hard disk drive, a floppy disk drive, a Compact Disk (CD) drive, a CD-ROM drive, a DVD drive, or other suitable removable or non-removable storage units.
- memory unit 174 may store data processed by cellular manager 104; memory unit 151 may store data processed by UE 102; memory unit 127 may store data processed by WLAN AP 119; and/or memory unit 176 may store data processed by WT node 106.
- UE 102 may be configured to utilize a cellular connection, e.g., a LTE cellular connection or any other cellular connection, to communicate with cellular manager 104, and a WLAN connection, e.g., a Wireless-Fidelity (WiFi) connection, a mmWave connection, a wireless P2P connection, or any other WLAN connection, to communicate with WLAN AP 119, which may be, for example, connected to, implemented by, and/or controlled by WT node 106.
- a cellular connection e.g., a LTE cellular connection or any other cellular connection
- WLAN connection e.g., a Wireless-Fidelity (WiFi) connection, a mmWave connection, a wireless P2P connection, or any other WLAN connection
- one or more elements of system 100 may perform the functionality of a HetNet, which may utilize a deployment of a mix of technologies, frequencies, cell sizes and/or network architectures, for example, including cellular, WLAN, and/or the like.
- the HetNet may be configured to provide a service through a first wireless communication environment, e.g., a cellular network, and to maintain the service when switching to another communication environment, e.g., WLAN.
- the HetNet architecture may enable utilizing a mixture of wireless communication environments, e.g., a WLAN environment and a cellular environment, for example, to optimally respond to rapid changes in customer demand, reduce power consumption, reduce cost, increase efficiency and/or achieve any other benefit.
- system 100 may utilize a Multi-tier, Multi-Radio Access Technology (Multi-RAT) Het-Net architecture, including a tier of small cells, e.g., pico, femto, relay stations, WiFi APs, and the like, overlaid on top of a macro cellular deployment to augment network capacity.
- Multi-RAT Multi-Radio Access Technology
- system 100 may utilize Multi-RAT small cells integrating multiple radios such as WiFi and 3GPP air interfaces in a single infrastructure device.
- system 100 may implement any other architecture and/or deployment.
- UE 102 and/or cellular manager 104 may be configured to establish one or more Evolved UMTS Terrestrial Radio Access Network (E- UTRAN) Radio Access Bearers (E-RABs) between UE 102 and S-GW 185, e.g., via cellular manager 104.
- E- UTRAN Evolved UMTS Terrestrial Radio Access Network
- E-RABs Radio Access Bearers
- UE 102, cellular manager 104 and/or WT node 106 may be configured to communicate according to a LTE/WLAN protocol aggregation (LWA) scheme, e.g., as described below.
- LWA LTE/WLAN protocol aggregation
- the LTE/WLAN protocol stack aggregation may be configured to enable LTE interworking with a WLAN protocol stack.
- the LTE/WLAN protocol stack aggregation may be configured to anchor WLAN mobility at the cellular manager 104.
- cellular manager 104 and/or WT node 106 may be configured according to a network architecture of a non-collocated LTE/WLAN aggregation, e.g., in which cellular manager 104 and WT node 106 are not collocated as part of an integrated device and/or in which interface 199 is not an internal interface.
- cellular manager 104 and/or WT node 106 may be configured according to a network architecture of a collocated LTE/WLAN aggregation, e.g., in which cellular manager 104 and WT node 106 may be collocated as part of an integrated device and/or in which interface 199 is an internal interface.
- some specifications and/or protocols may define one or more protocols (“IEEE 802.11 protocols") for establishing a connection between a WLAN STA, e.g., a mobile UE, and a WLAN AP.
- IEEE 802.11 protocols all require the wireless station and the WLAN AP to engage in an authentication process and an association process, for example, in order to establish security keys to be used for establishing a secure connection between the wireless station and the WLAN AP.
- the IEEE 802.11 protocols require that both the WLAN STA and the WLAN AP are to support and use complicated algorithms and protocols, for example, such as operations and/or procedures according to IEEE 802.
- EAP Extensible Authentication Protocol
- SAE Secure Attribute Exchange
- Finite Field Cryptography protocols operations and/or procedures according to Finite Field Cryptography protocols
- Elliptic Curve Cryptography protocols operations and/or procedures according to Elliptic Curve Cryptography protocols
- the authentication and association processes of the IEEE 802.11 protocols are time consuming, and require transmission of multiple messages over the air, which in turn, may occupy the wireless medium and may prevent transmissions by other devices.
- a key generation process of the IEEE 802.11 connection establishment process may be time consuming, and may last as long as 3-5 seconds, or even more.
- Fig. 2 schematically illustrates a procedure of setting security parameters of a WLAN connection, e.g., in accordance with an IEEE 802.11 Specification.
- a WLAN session establishment process between a WLAN station and a WLAN AP may be based on a sequence of stages, which may include several over-the-air messages, for example, a probe request/response, an authentication request/response, and an association request/response.
- a secure cellular connection e.g., an LTE connection
- a cellular node e.g., cellular manager 104
- a UE e.g., UE 102
- a secure connection between the cellular node, cellular node 104, and a WLAN node e.g., WLAN AP 119 and/or WT node 106, e.g., via interface 199
- a secure cellular connection e.g., an LTE connection
- a cellular node e.g., cellular manager 104
- a UE e.g., UE 102
- a secure connection e.g., WLAN AP 119
- WT node 106 e.g., via interface 199
- cellular manager 104, UE 102, WT node 106 and/or WLAN AP 119 may be configured to allow UE 102 and WLAN AP 119 to establish a secure WLAN connection, for example, even without performing one or more operations, communications, and/or procedures of an authentication process and/or an association process, for example, even without performing the any authentication process and/or association process, e.g., as described below.
- cellular manager 104, UE 102, WT node 106 and/or WLAN AP 119 may be configured to allow UE 102 and WLAN AP 119 to establish a secure WLAN connection, for example, even without partially or fully using the IEEE 802.11 protocols for key establishment, e.g., as described below.
- cellular manager 104, UE 102, WT node 106 and/or WLAN AP 119 may be configured to implement a cellular-assisted establishing of a secured WLAN connection between UE 102 and WLAN AP 119, e.g., as described below.
- cellular manager 104 may be configured to provide to UE 102 and WLAN AP 119 cellular-assisted cryptographic information, which may be configured to propagate to UE 102 and WLAN AP 119, e.g. in a secure manner, cryptographic information, e.g., including one or more security keys, for example, security keys in accordance with the IEEE 802.11 protocols ("the IEEE 802.11 security keys"), e.g., as described below.
- the IEEE 802.11 security keys e.g., as described below.
- one or more operations and/or communications performed by cellular manager 104, UE 102, WT node 106 and/or WLAN AP 119, e.g., as described herein may be implemented, for example, in a LTE/WLAN Aggregation (LWA), for example, as part of a 3GPP RAN2 Specification, one or more 3GPP Rel-14 Specifications, and/or any other cellular, LTE, IEEE 802.11, and/or Wi-Fi, Specification and/or protocol.
- LWA LTE/WLAN Aggregation
- cellular manager 104, UE 102, WT node 106, and/or WLAN AP 119 may be configured to allow UE 102 and/or WLAN AP 119 to take advantage of an already available secured alternative channel with cellular manager 104 to communicate cryptographic information, for example, while utilizing the secure connection between cellular manager 104 and UE 102 and/or the secure connection between cellular manager 104 and WT node 106 and/or WLAN AP 119, e.g., as described below.
- cellular manager 104 may be configured to provide cellular-assisted cryptographic information to UE 102 and to WLAN AP 119, e.g., via the cellular connection between cellular manager 104 and UE 102, and/or via interface 199 between cellular manager 104 and WT node 106.
- the ability to communicate the cryptographic information from cellular manager 104 to UE 102 and WLAN AP 119 in a secure manner may enable to avoid performing one or more operations of an association procedure and/or one or more operations of an authentication procedure.
- the ability to communicate the cryptographic information from cellular manager 104 to UE 102 and WLAN AP 119 in a secure manner may even enable, in some cases and/or deployments, completely avoiding the entire association and/or authentication procedures, for example, while avoiding performing at least a portion of, e.g., the entirety of, the 802.11 association and/or an IEEE 802.11 4-ways handshake.
- the ability to communicate the cryptographic information from cellular manager 104 to UE 102 and WLAN AP 119 in a secure manner may enable, in some cases, a very fast key establishment for establishing a secure session between UE 102 and WLAN AP 119, for example, within even less than 100 microseconds (usee).
- cellular manager 104 may be configured to provide to UE 102 and to WLAN AP 119 cellular-assisted cryptographic information, which may be configured to allow UE 102 and WLAN AP 119 to establish a secured WLAN session, e.g., as described below.
- the cellular-assisted cryptographic information may include, for example, information of a ciphering mechanism (also referred to as a "cipher suite"), for example, an encryption/decryption algorithm to be used to communicate over the secure WLAN session, e.g., as described below.
- a ciphering mechanism also referred to as a "cipher suite”
- an encryption/decryption algorithm to be used to communicate over the secure WLAN session, e.g., as described below.
- the ciphering mechanism may include, for example, a Wired Equivalent Privacy (WEP) mechanism, a Temporal Key Integrity Protocol (TKIP) mechanism, a Counter Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP) mechanism, e.g., a CCMP-128 or a CCMP-256, a Galois/Counter Mode Protocol (GCMP), e.g., a GCMP-128 or a GCMP-256, a ciphering mechanism in accordance with a WLAN standard and/or protocol, a ciphering mechanism in accordance with a Wi-Fi standard and/or protocol, a ciphering mechanism in accordance with a P2P standard and/or protocol, a ciphering mechanism in accordance with a cellular standard and/or protocol, a ciphering mechanism in accordance with a 3GPP standard and/or protocol, and/or any other ciphering protocol, mechanism, suit, and/or
- WEP Wired Equivalent Privacy
- the cellular-assisted cryptographic information may include, for example, cryptographic key information, for example, including at least one cryptographic key to be used to encrypt and/or decrypt data to be communicated over the secure WLAN connection.
- the cryptographic key information may include one or more transient keys, and/or any other type of keys, e.g., as described below.
- UE 102 and WLAN AP 119 may be configured to receive and process the cellular-assisted cryptographic information in one or more messages from cellular manager 104, e.g., as described below.
- UE 102 and WLAN AP 119 may be configured to use the cellular-assisted cryptographic information, for example, to communicate traffic over a WLAN channel in a secure manner, for example, even without a need to perform one or more, e.g., any, message exchanges prior to communicating the traffic.
- UE 102 and WLAN AP 119 may be configured to use the cellular- assisted cryptographic information, for example, to communicate traffic over a WLAN channel in a secure manner, for example, even without performing an IEEE 802.11 message exchange, e.g., an 802.11 authentication message exchange, an IEEE 802.11 association message exchange, and/or a 4-ways handshake.
- an IEEE 802.11 message exchange e.g., an 802.11 authentication message exchange, an IEEE 802.11 association message exchange, and/or a 4-ways handshake.
- UE 102 may be configured to provide an indication to the network that UE 102 is ready to receive traffic via WLAN, for example, via the cellular connection with cellular manager 104, e.g., via a Radio Resource Control (RRC) message.
- RRC Radio Resource Control
- UE 102 may be configured to provide to cellular manager 104 an indication of one or more supported ciphering mechanisms of UE 102, e.g., as described below.
- controller component 197 and/or message processor 198 may be configured to generate a message, e.g., an RRC message, and/or to trigger cellular transceiver 165 to transmit to cellular manager a message, for example, an RRC message, including an indication of one or more supported ciphering mechanisms of UE 102.
- WLAN AP 119 may be configured to provide to cellular manager 104 an indication of one or more supported ciphering mechanisms of WLAN AP 119, e.g., as described below.
- controller component 123 and/or message processor 125 may be configured to generate a message, and/or to trigger network interface 121 to send to a network node, e.g., to WT node 106 or directly to cellular manager 104, a message including an indication of one or more supported ciphering mechanisms of WLAN AP 119.
- controller 182 and/or message processor 144 may be configured to cause, trigger, instruct and/or control cellular manager 104 to process a first message, for example, the message from 102 UE including the indication of the one or more supported ciphering mechanisms of UE 102 ("the first supported ciphering mechanisms"); and/or to process a second message, for example, a message from the WT node 106 including an indication of one or more supported ciphering mechanisms of WLAN AP 119 ("the second supported ciphering mechanisms").
- cellular manager 104, UE 102, WLAN AP 119, and/or WT node 106 may be configured to communicate the messages indicating the supported ciphering mechanisms of UE 102 and WLAN AP 119, for example, as part of one or more security capability messages, for example, during a capability exchange procedure, e.g., as described below.
- controller component 182 may be configured to trigger cellular transceiver 167 to transmit a security capability request to UE 102, e.g., as part of an RRC message.
- controller component 197 and/or message processor 198 may be configured to process the security capability request from cellular manager 104, and to trigger cellular transceiver 165 to transmit the message including the first supported ciphering mechanisms, for example, in response to a cellular request message from cellular manager 104.
- controller component 182 may be configured to trigger WLAN interface 169 to send a security capability request to WT node 106, e.g., as part of an Xw Application Protocol (XwAP) message, for example, to request for the supported ciphering mechanisms of one or more WLAN APs 119.
- XwAP Xw Application Protocol
- controller component 149 and/or message processor 150 may be configured to process the security capability request from cellular manager 104, and to trigger cellular manager interface 192 to send to cellular manager 104 the message including the second supported ciphering mechanisms, for example, in response to a cellular request message from cellular manager 104.
- WT node 106 may send the security capability request to WLAN AP 119, and WLAN AP 119 may send an indication of the second supported ciphering mechanisms back to WT node 106.
- controller component 182 may be configured to determine at least one ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms, e.g., as described below.
- controller component 182 may be configured to select the ciphering mechanism to include a ciphering mechanism, which is common to both the first and second supported ciphering mechanisms, for example, ciphering mechanism, which is supported by both UE 102 and WLAN AP 119.
- UE 102 may indicate to cellular manager 104 that UE 102 may be capable of supporting a first ciphering mechanism, denoted cipherA, and a second cipher mechanism, denoted CipherB; and WT node 106 may indicate to cellular manager 104 that WLAN AP 119 may be capable of supporting the first ciphering mechanism cipherA, and a third cipher mechanism, denoted CipherC.
- the CipherA may include a Wired Equivalent Privacy (WEP) mechanism
- the CipherB may include a Temporal Key Integrity Protocol (TKIP) mechanism
- the CipherC may include a Counter Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP) mechanism.
- controller component 182 may be configured to select the ciphering mechanism to include the CipherA, which is common to the ciphering mechanisms supported by both UE 102 and WLAN AP 119.
- controller component 182 may be configured to determine the at least one ciphering key in accordance with the selected ciphering mechanism.
- cellular manager 104 may be configured to inform UE 102 and WT node 106 of the selected ciphering mechanism and the ciphering key, for example, to be used for establishing a secure WLAN connection between UE 102 and WLAN AP 119, e.g., as described below.
- controller component 182 and/or message processor 144 may be configured to trigger cellular transceiver 167 to transmit to UE 102 a message, e.g., an RRC message, including the cryptographic key and an indication of the selected ciphering mechanism, e.g., as described below.
- a message e.g., an RRC message
- controller component 182 and/or message processor 144 may be configured to trigger WLAN interface 169 to send to WT node 1106 a message, e.g., an XwAP message, including the cryptographic key and the indication of the selected ciphering mechanism, e.g., as described below.
- a message e.g., an XwAP message
- controller component 149 may be configured to trigger WT node 106 to send the cryptographic key and the indication of the selected ciphering mechanism to WLAN AP 119, e.g., if WLAN AP 119 is separate from WT node 106.
- the at least one cryptographic key may include, for example, at least one transient key to encrypt or decrypt data to be communicated over the WLAN of WLAN AP 119.
- the cryptographic key may include, for example, a unicast key, which may be configured, for example, to encrypt or decrypt a unicast message communicated between UE 102 and WLAN AP 119 via the secured WLAN connection.
- the cryptographic key may include, for example, a group-cast key, which may be configured, for example, to decrypt a group-cast message, which may be transmitted from WLAN AP 119, for example, a broadcast message addressed to a broadcast address, or a group message addressed to a group of devices, e.g., including UE 102.
- a group-cast key which may be configured, for example, to decrypt a group-cast message, which may be transmitted from WLAN AP 119, for example, a broadcast message addressed to a broadcast address, or a group message addressed to a group of devices, e.g., including UE 102.
- controller component 182 may be configured to generate the group-cast key to be used by WLAN AP 119. According to these embodiments, controller component 182 may be configured to send the group-cast key to UE 102 and to WT node 106.
- the group-cast key may be generated and provided by WLAN AP 119.
- the group-cast key may include a group-cast key, which may already be used by WLAN AP 119 for communicating group-cast messages to a group of one or more WLAN devices.
- WLAN AP 119 and/or WT node 106 may be configured to provide the group-cast key to cellular manager 104, for example, as part of the message including the supported ciphering mechanism of WLAN AP 119, or as part of any other message.
- UE 102 and WLAN AP 119 may be configured to establish a secure WLAN connection between UE 102 and WLAN AP 119, for example, according to the ciphering mechanism with the cryptographic key, e.g., as provided by cellular manager 104.
- controller component 197 may be configured to trigger UE 102 to establish the secured WLAN connection with WLAN AP 119 using the cryptographic key, for example, even when UE 102 is unassociated and unauthenticated with WLAN AP 119.
- controller component 123 may be configured to trigger WLAN AP to establish the secured WLAN connection with UE 102 according to the ciphering mechanism using the cryptographic key.
- controller component 123 may be configured to trigger WLAN AP to establish the secured WLAN connection with UE 102 using the cryptographic key, for example, even when UE 102 is unassociated and unauthenticated with WLAN AP 119.
- Fig. 3 schematically illustrates operations and communications between a wireless station, e.g., an eNB 302, a cellular manager of a secure- primary cell, e.g., an eNB 304, and a WLAN AP 319, e.g., an IEEE 802.11 AP, in accordance with some demonstrative embodiments.
- cellular manager 104 may perform one or more operations and/or functionalities of eNB 304
- UE 102 Fig. 1
- UE 102 may perform one or more operations and/or functionalities of UE 302, and/or WLAN AP 119 (Fig. 1) and/or WT node 106 (Fig. 1) may perform one or more operations and/or functionalities of WLAN AP 319.
- eNB 304 may be configured to provide WLAN AP 319 and UE 302 with cellular- assisted cryptographic information to enable UE 302 and WLAN AP 319 to establish (310) a secure WLAN connection, for example, even without performing one or more operations of, e.g., even without performing any operations of, an association and/or an authentication procedure, e.g., as described below.
- eNB 304 and WLAN AP 319 may communicate one or more security capability discovery messages 312, for example, via a secure link between eNB 304 and WLAN AP 319, e.g., via interface 199 (Fig. 1).
- WLAN AP 319 may send to eNB 304 a message including an indication of one or more supported ciphering mechanisms of WLAN AP 319, e.g., in response to a security capability request sent from eNB 304, e.g., as described above.
- eNB 304 and UE 302 may communicate one or more security capability discovery messages 314, for example, via a secure link between eNB 304 and UE 302, e.g., a RRC link.
- UE 302 may send to eNB 304 a message including an indication of one or more supported ciphering mechanisms of UE 302, e.g., in response to a security capability request sent from eNB 304, e.g., as described above.
- eNB 304 may be configured to send to WLAN AP 319 a message 316, for example, via the secure link between eNB 304 and WLAN AP 319, e.g., via interface 199 (Fig. 1).
- Message 316 may include an indication of a ciphering mechanism and one or more cryptographic keys to be used by WLAN AP 319 in establishing a secure WLAN connection with UE 302, e.g., as described above.
- eNB 304 may be configured to send to UE 302 a message 318, for example, via the secure link between eNB 304 and UE 302, e.g., via the RRC link.
- Message 318 may include an indication of the ciphering mechanism and one or more cryptographic keys to be used by UE 302 in establishing the secure WLAN connection with WLAN AP 319, e.g., as described above.
- UE 302 may begin to communicate with WLAN AP 319, e.g., within a very short time period, for example, even without performing an association procedure and/or an authentication procedure, e.g., as described above.
- UE 302 and WLAN AP 319 may be configured to communicate encrypted traffic (320) according to the ciphering mechanism using the cryptographic key of the established secured WLAN connection 310.
- cellular manager 104 may be configured to provide UE 102 with cellular-assisted ciphering information configured to support roaming of UE 102 from a first WLAN AP ("the current AP"), with which UE 102 may already be connected and/or associated, to a second WLAN AP ("the new AP"), e.g., WLAN AP 119, for example, which may have a secured connection to the cellular node 104, e.g., via WT node 106 and/or interface 199.
- the new AP e.g., WLAN AP 119
- UE 102 may be configured to notify cellular manager 104 that UE 102 wishes to move to a new WLAN AP, for example, via an RRC message.
- cellular manager 104 may be configured to utilize the established secured connection with WLAN AP 119 and UE 102, e.g., via interface 199, for example, to set the ciphering information for the WLAN AP 119 and UE 102, for example, while UE 102 is still communicating with the current AP.
- cellular manager 104 may be configured to provide the ciphering information to UE 102 and WLAN AP 119, e.g., as described above.
- UE 102 may switch to communicate the new AP, e.g., WLAN AP 119, by establishing the secure WLAN connection with WLAN AP 119, for example, using the ciphering key provided by cellular manager 104, e.g., with substantially no "off-the-air" time.
- the new AP e.g., WLAN AP 119
- the ciphering key provided by cellular manager 104, e.g., with substantially no "off-the-air" time.
- UE 102 may notify cellular node 104 that UE 102 has moved to the new AP, e.g., via an LTE RRC message.
- UE 102 may receive the message including the cryptographic key and the indication of the ciphering mechanism from cellular node 104, for example, while UE is connected to a first WLAN AP, e.g., the current AP.
- controller component 197 may be configured to trigger UE 102 to establish a secured WLAN connection with a second WLAN AP, e.g., WLAN AP 119, according to the ciphering mechanism with the cryptographic key provided by cellular manager 104, e.g., as described above.
- controller component 182 and/or message processor 144 may be configured to trigger cellular transceiver 167 to transmit to UE 102 an AP switching request, which may be configured to request UE 102 to switch from a WLAN connection with the first WLAN AP to the secured WLAN connection with the second WLAN AP, e.g., according to the ciphering mechanism using the cryptographic key.
- controller component 197 may be configured to trigger UE 102 to establish the secured WLAN connection with the second WLAN AP, for example, after receipt of the AP switching request from cellular node 104.
- the AP switching request may be included as part of the message including the cryptographic key and the indication of the ciphering mechanism from cellular node 104.
- cellular manager 104 may transit the AP switching request to UE 102 in another message, e.g., after transmitting the message including the cryptographic key and the indication of the ciphering mechanism from cellular node 104.
- Fig. 4 schematically illustrates operations and communications between a UE 402, e.g., a wireless station, an eNB 404, e.g., a cellular manager of a secure-primary cell, a first WLAN AP 429, e.g., a first IEEE 802.11 AP or any other AP, and a second WLAN AP 419, e.g., a second IEEE 802.11 AP or any other AP, in accordance with some demonstrative embodiments.
- cellular manager 104 (Fig. 1), may perform one or more operations and/or functionalities of eNB 404, UE 102 (Fig.
- UE 402 may perform one or more operations and/or functionalities of UE 402, and/or WLAN AP 119 (Fig. 1) and/or WT node 106 (Fig. 1) may perform one or more operations and/or functionalities of WLAN AP 419 and/or WLAN AP 429.
- UE 402 may communicate with the first WLAN AP 429, e.g., via a secure WLAN connection 401.
- the secure WLAN connection 401 may be established based on cellular-assisted cryptographic information from eNB 404 or from another eNB, e.g., as described above.
- the secure WLAN connection 401 may be established according to an IEEE 802.11 protocol or any other protocol, for example, using an association procedure and/or an authentication procedure.
- eNB 404 may be configured to provide WLAN AP 419 and UE 402 with cellular- assisted cryptographic information to enable UE 402 and WLAN AP 419 to establish (410) a secure WLAN connection, for example, even without performing an association and/or an authentication procedure, e.g., as described below.
- eNB 404 may be configured to provide WLAN AP 419 and UE 402 with the cellular-assisted cryptographic information, for example, while UE 402 is still connected to WLAN AP 429.
- eNB 404 and WLAN AP 419 may communicate one or more security capability discovery messages 412, for example, via a secure link between eNB 404 and WLAN AP 419, e.g., via interface 199 (Fig. 1).
- WLAN AP 419 may send to eNB 404 a message including an indication of one or more supported ciphering mechanisms of WLAN AP 419, e.g., in response to a security capability request sent from eNB 404, e.g., as described above.
- eNB 404 and UE 402 may communicate one or more security capability discovery messages 414, for example, via a secure link between eNB 404 and UE 402, e.g., a RRC link.
- UE 402 may send to eNB 404 a message including an indication of one or more supported ciphering mechanisms of UE 402, e.g., in response to a security capability request sent from eNB 404, e.g., as described above.
- eNB 404 may be configured to send to WLAN AP 419 a message 416, for example, via the secure link between eNB 404 and WLAN AP 419, e.g., via interface 199 (Fig. 1).
- Message 416 may include an indication of a ciphering mechanism and one or more cryptographic keys to be used by WLAN AP 419 in establishing a secure WLAN connection with UE 402, e.g., as described above.
- eNB 404 may be configured to send to UE 402 a message 418, for example, via the secure link between eNB 404 and UE 402, e.g., via the RRC link.
- Message 418 may include an indication of the ciphering mechanism and one or more cryptographic keys to be used by UE 402 in establishing a secure WLAN connection with WLAN AP 419, e.g., as described above.
- eNB 404 may send to UE 402 a switch AP request 417 to request UE 402 to switch to WLAN AP 419.
- UE 402 may switch to communicate with WLAN AP 419, for example, after receipt of the AP switch request 417.
- UE 402 may switch to communicate with WLAN AP 419, for example, even without performing an association procedure and/or an authentication procedure, e.g., as described above.
- UE 402 and WLAN AP 419 may be configured to communicate encrypted traffic (420) according to the ciphering mechanism using the cryptographic key of the established secured WLAN connection 410.
- FIG. 5 schematically illustrates operations and communications of cellular-assisted establishment of secure WLAN connections in a non- collocated implementation, in accordance with some demonstrative embodiments.
- an eNB 503 may include an LTE component 502, which may be configured to communicate with a WT node 506, e.g., a router, via an interface 510, e.g., an X2W interface supporting a GTP-U protocol and/or any other protocol.
- a WT node 506 e.g., a router
- an interface 510 e.g., an X2W interface supporting a GTP-U protocol and/or any other protocol.
- WT node 506 may be configured to control and/or communicate with one or more WLAN APs, e.g., a WLAN AP 519 and a WLAN AP 520.
- LTE component 502 may perform one or more functionalities of cellular manager 104 (Fig. 1)
- WT node 506 may perform one or more functionalities of WT node 106 (Fig. 1)
- WLAN APs 519 and/or 520 may perform one or more functionalities of first and second WLAN APs 119 (Fig. 1)
- interface 510 may perform the functionality of interface 199 (Fig. 1).
- LTE component 502 may be configured to communicate with a UE 504 via a cellular link 512.
- UE 504 may perform one or more functionalities of UE 102 (Fig. 1).
- LTE component 502 may be configured to establish security parameters 531 with WLAN AP 519, for example, via the secured Xw interface 510.
- the security parameters 531 may include a ciphering mechanism and at least one cryptographic key to be used by WLAN AP 519, e.g., as described above.
- LTE component 502 may be configured to establish the security parameters 531, e.g., the security parameters for WLAN AP 519, with UE 504, for example, via one or more messages 513, e.g., RRC messages, over the secured cellular link 512, e.g., as described above.
- the security parameters 531 e.g., the security parameters for WLAN AP 519
- UE 504 for example, via one or more messages 513, e.g., RRC messages, over the secured cellular link 512, e.g., as described above.
- UE 504 may be configured to establish a secure WLAN connection 514 with WLAN AP 519, for example, using the security parameters 531, e.g., as described above.
- LTE component 502 may be configured to establish security parameters 532 with WLAN AP 520, for example, via the secured Xw interface 510.
- the security parameters 532 may include a ciphering mechanism and at least one cryptographic key to be used by WLAN AP 520, e.g., as described above.
- LTE component 502 may be configured to establish the security parameters 532, e.g., the security parameters for WLAN AP 520, with UE 504, for example, via one or more additional messages 513, e.g., RRC messages, over the secured cellular link 512, e.g., as described above.
- the security parameters 532 e.g., the security parameters for WLAN AP 520
- additional messages 513 e.g., RRC messages
- UE 504 may be configured to disconnect from the WLAN AP 519, and to establish a secure WLAN connection 515 with WLAN AP 520, for example, using the security parameters 532, e.g., as described above.
- Fig. 6 schematically illustrates elements of a UE device 600, in accordance with some demonstrative embodiments.
- one or more elements of UE device 600 may perform the functionality of one or more elements of UE 102 (Fig. 1).
- one or more elements of UE device 600 may be configured to perform the functionality of one or more of cellular TRx 165 (Fig. 1), WLAN TRx 163 (Fig. 1), controller 197 (Fig., 1), message processor 198 (Fig. 1), and/or one or more other elements of UE 102 (Fig. 1).
- embodiments of a UE may be implemented into a system using any suitably configured hardware and/or software.
- Fig. 1 schematically illustrates elements of a UE device 600, in accordance with some demonstrative embodiments.
- Fig. 6 schematically illustrates elements of a UE device 600, in accordance with some demonstrative embodiments.
- one or more elements of UE device 600 may perform the functionality of one or more elements of UE 102 (Fig. 1).
- UE device 600 may include application circuitry 602, baseband circuitry 604, Radio Frequency (RF) circuitry 606, front-end module (FEM) circuitry 608, and one or more antennas 810, coupled together at least as shown.
- RF Radio Frequency
- FEM front-end module
- application circuitry 602 may be configured to perform at least part of the functionality of controller 197 (Fig. 1), and/or message processor 198 (Fig. 1); and/or baseband circuitry 604, RF circuitry 606, and/or FEM circuitry 608 may be configured to perform at least part of the functionality of cellular TRx 165 (Fig. 1), WLAN TRx 163 (Fig. 1), controller 197 (Fig. 1), and/or message processor 198 (Fig. 1).
- the application circuitry 602 may include one or more application processors.
- the application circuitry 602 may include circuitry such as, but not limited to, one or more single-core or multi-core processors.
- the processor(s) may include any combination of general-purpose processors and dedicated processors (e.g., graphics processors, application processors, etc.).
- the processors may be coupled with and/or may include memory/storage and may be configured to execute instructions stored in the memory/storage to enable various applications and/or operating systems to run on the system.
- the baseband circuitry 604 may include circuitry such as, but not limited to, one or more single-core or multi-core processors.
- the baseband circuitry 604 may include one or more baseband processors and/or control logic to process baseband signals received from a receive signal path of the RF circuitry 606 and to generate baseband signals for a transmit signal path of the RF circuitry 606.
- Baseband processing circuitry 604 may interface with the application circuitry 602, for example, for generation and processing of the baseband signals and for controlling operations of the RF circuitry 606.
- the baseband circuitry 604 may include a second generation (2G) baseband processor 604a, a third generation (3G) baseband processor 604b, a fourth generation (4G) baseband processor 604c, and/or other baseband processor(s) 604d for other existing generations, generations in development or to be developed in the future (e.g., fifth generation (5G), 6G, etc.).
- the baseband circuitry 604 e.g., one or more of baseband processors 604a-d
- the radio control functions may include, but are not limited to, signal modulation/demodulation, encoding/decoding, radio frequency shifting, etc.
- modulation/demodulation circuitry of the baseband circuitry 604 may include Fast-Fourier Transform (FFT), precoding, and/or constellation mapping/demapping functionality.
- FFT Fast-Fourier Transform
- encoding/decoding circuitry of the baseband circuitry 604 may include convolution, tail-biting convolution, turbo, Viterbi, and/or Low Density Parity Check (LDPC) encoder/decoder functionality.
- LDPC Low Density Parity Check
- the baseband circuitry 604 may include elements of a protocol stack such as, for example, elements of an evolved universal terrestrial radio access network (EUTRAN) protocol including, for example, physical (PHY), media access control (MAC), radio link control (RLC), packet data convergence protocol (PDCP), and/or radio resource control (RRC) elements.
- EUTRAN evolved universal terrestrial radio access network
- a central processing unit (CPU) 604e of the baseband circuitry 604 may be configured, for example, to run elements of the protocol stack for signaling of the PHY, MAC, RLC, PDCP and/or RRC layers.
- the baseband circuitry may include one or more audio digital signal processor(s) (DSP) 604f.
- DSP audio digital signal processor
- the audio DSP(s) 604f may be include elements for compression/decompression and echo cancellation, and/or may include other suitable processing elements in other embodiments.
- Components of the baseband circuitry 604 may be suitably combined in a single chip, a single chipset, or disposed on a same circuit board in some embodiments.
- some or all of the constituent components of the baseband circuitry 604 and the application circuitry 602 may be implemented together such as, for example, on a system on a chip (SOC).
- SOC system on a chip
- the baseband circuitry 604 may provide for communication compatible with one or more radio technologies.
- the baseband circuitry 604 may support communication with an evolved universal terrestrial radio access network (EUTRAN) and/or other wireless metropolitan area networks (WMAN), a wireless local area network (WLAN), a wireless personal area network (WPAN), and/or one or more additional or alternative networks.
- EUTRAN evolved universal terrestrial radio access network
- WMAN wireless metropolitan area networks
- WLAN wireless local area network
- WPAN wireless personal area network
- multi-mode baseband circuitry Embodiments in which the baseband circuitry 604 is configured to support radio communications of more than one wireless protocol.
- RF circuitry 606 may enable communication with wireless networks using modulated electromagnetic radiation through a non-solid medium.
- the RF circuitry 606 may include switches, filters, amplifiers, etc. to facilitate the communication with the wireless network.
- RF circuitry 606 may include a receive signal path which may include circuitry to down-convert RF signals received from the FEM circuitry 608, and to provide baseband signals to the baseband circuitry 604.
- RF circuitry 606 may also include a transmit signal path which may include circuitry to up-convert baseband signals provided by the baseband circuitry 604 and provide RF output signals to the FEM circuitry 608 for transmission.
- the RF circuitry 606 may include a receive signal path and a transmit signal path.
- the receive signal path of the RF circuitry 606 may include mixer circuitry 606a, amplifier circuitry 606b, and filter circuitry 606c.
- the transmit signal path of the RF circuitry 606 may include filter circuitry 606c and mixer circuitry 606a.
- RF circuitry 606 may also include synthesizer circuitry 606d for synthesizing a frequency for use by the mixer circuitry 606a of the receive signal path and the transmit signal path.
- the mixer circuitry 606a of the receive signal path may be configured to down-convert RF signals received from the FEM circuitry 608 based on the synthesized frequency provided by synthesizer circuitry 606d.
- the amplifier circuitry 606b may be configured to amplify the down-converted signals and the filter circuitry 606c may be, for example, a low-pass filter (LPF) or a band-pass filter (BPF), configured to remove unwanted signals from the down-converted signals to generate output baseband signals.
- Output baseband signals may be provided to the baseband circuitry 604 for further processing.
- the output baseband signals may be zero-frequency baseband signals, although this is not a requirement.
- mixer circuitry 606a of the receive signal path may comprise passive mixers, although the scope of the embodiments is not limited in this respect.
- the mixer circuitry 606a of the transmit signal path may be configured to up-convert input baseband signals based on the synthesized frequency provided by the synthesizer circuitry 606d to generate RF output signals for the FEM circuitry 608.
- the baseband signals may be provided by the baseband circuitry 604 and may be filtered by filter circuitry 606c.
- the filter circuitry 606c may include a low-pass filter (LPF), although the scope of the embodiments is not limited in this respect.
- LPF low-pass filter
- the mixer circuitry 606a of the receive signal path and the mixer circuitry 606a of the transmit signal path may include two or more mixers and may be arranged for quadrature downconversion and/or upconversion respectively.
- the mixer circuitry 606a of the receive signal path and the mixer circuitry 606a of the transmit signal path may include two or more mixers and may be arranged for image rejection (e.g., Hartley image rejection).
- the mixer circuitry 606a of the receive signal path and the mixer circuitry 606a may be arranged for direct downconversion and/or direct upconversion, respectively.
- the mixer circuitry 606a of the receive signal path and the mixer circuitry 606a of the transmit signal path may be configured for super-heterodyne operation.
- the output baseband signals and the input baseband signals may be analog baseband signals, although the scope of the embodiments is not limited in this respect.
- the output baseband signals and the input baseband signals may be digital baseband signals.
- the RF circuitry 606 may include analog-to-digital converter (ADC) and digital-to-analog converter (DAC) circuitry, and the baseband circuitry 604 may include a digital baseband interface to communicate with the RF circuitry 606.
- ADC analog-to-digital converter
- DAC digital-to-analog converter
- a separate radio IC circuitry may be provided for processing signals for each spectrum, although the scope of the embodiments is not limited in this respect.
- the synthesizer circuitry 606d may be a fractional-N synthesizer or a fractional N/N+l synthesizer, although the scope of the embodiments is not limited in this respect as other types of frequency synthesizers may be suitable.
- synthesizer circuitry 606d may be a delta-sigma synthesizer, a frequency multiplier, or a synthesizer comprising a phase-locked loop with a frequency divider.
- the synthesizer circuitry 606d may be configured to synthesize an output frequency for use by the mixer circuitry 606a of the RF circuitry 606 based on a frequency input and a divider control input. In some embodiments, the synthesizer circuitry 606d may be a fractional N/N+l synthesizer.
- frequency input may be provided by a voltage controlled oscillator (VCO), although that is not a requirement.
- VCO voltage controlled oscillator
- Divider control input may be provided by either the baseband circuitry 604 or the applications processor 602 depending on the desired output frequency.
- a divider control input (e.g., N) may be determined from a look-up table based on a channel indicated by the applications processor 602.
- synthesizer circuitry 606d of the RF circuitry 606 may include a divider, a delay-locked loop (DLL), a multiplexer and a phase accumulator.
- DLL delay-locked loop
- the divider may be a dual modulus divider (DMD) and the phase accumulator may be a digital phase accumulator (DPA).
- the DMD may be configured to divide the input signal by either N or N+l (e.g., based on a carry out) to provide a fractional division ratio.
- the DLL may include a set of cascaded, tunable, delay elements, a phase detector, a charge pump and a D- type flip-flop.
- the delay elements may be configured to break a VCO period up into Nd equal packets of phase, where Nd is the number of delay elements in the delay line. In this way, the DLL provides negative feedback to help ensure that the total delay through the delay line is one VCO cycle.
- synthesizer circuitry 606d may be configured to generate a carrier frequency as the output frequency, while in other embodiments, the output frequency may be a multiple of the carrier frequency (e.g., twice the carrier frequency, four times the carrier frequency) and used in conjunction with quadrature generator and divider circuitry to generate multiple signals at the carrier frequency with multiple different phases with respect to each other.
- the output frequency may be a LO frequency (fLO).
- the RF circuitry 606 may include an IQ/polar converter.
- FEM circuitry 608 may include a receive signal path which may include circuitry configured to operate on RF signals received from one or more antennas 810, amplify the received signals and provide the amplified versions of the received signals to the RF circuitry 606 for further processing.
- FEM circuitry 608 may also include a transmit signal path which may include circuitry configured to amplify signals for transmission provided by the RF circuitry 606 for transmission by one or more of the one or more antennas 810.
- the FEM circuitry 608 may include a TX/RX switch to switch between transmit mode and receive mode operation.
- the FEM circuitry may include a receive signal path and a transmit signal path.
- the receive signal path of the FEM circuitry may include a low-noise amplifier (LNA) to amplify received RF signals and provide the amplified received RF signals as an output (e.g., to the RF circuitry 606).
- LNA low-noise amplifier
- the transmit signal path of the FEM circuitry 608 may include a power amplifier (PA) to amplify input RF signals (e.g., provided by RF circuitry 606), and one or more filters to generate RF signals for subsequent transmission (e.g., by one or more of the one or more antennas 810.
- PA power amplifier
- the UE device 600 may include one or more additional or alternative elements such as, for example, memory/storage, display, camera, sensor, and/or input/output (I/O) interface.
- additional or alternative elements such as, for example, memory/storage, display, camera, sensor, and/or input/output (I/O) interface.
- Fig. 7 schematically illustrates a method of establishing a secured WLAN connection between a UE and a WLAN AP, in accordance with some demonstrative embodiments.
- a wireless communication system e.g., system 100 (Fig. 1); a UE, e.g., UE 102 (Fig. 1), UE 302 (Fig. 3), UE 402 (Fig. 4), UE 504 (Fig. 5), and/or UE 600 (Fig. 6); an interface, e.g., cellular TRx 165 (Fig. 1), and/or WLAN TRx 163 (Fig. 1); a message processor, e.g., message processor 198 (Fig. 1); and/or a controller, e.g., controller 197 (Fig. 1).
- a wireless communication system e.g., system 100 (Fig. 1); a UE, e.g., UE 102 (Fig. 1), UE 302 (Fig. 3), UE 402 (Fig. 4), UE 50
- the method may include transmitting, from a UE to an Evolved Node B (eNB), a first message including an indication of one or more supported ciphering mechanisms of the UE.
- controller component 197 (Fig. 1) and/or message processor 198 (Fig. 1) may cause, trigger, control and/or instruct UE 102 (Fig. 1) to transmit to cellular manager 104 (Fig. 1) a message, e.g., an RRC message, including an indication of one or more supported ciphering mechanisms of UE 102 (Fig. 1), e.g., as described above.
- the method may include processing a second message received from the eNB, the second message including a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms of the UE.
- controller component 197 (Fig. 1) and/or message processor 198 (Fig. 1) may process a second message from cellular manager 104 (Fig. 1) including a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms of UE 102 (Fig. 1), e.g., as described above.
- the method may include triggering the UE to establish a secured WLAN connection with a WLAN AP according to the ciphering mechanism with the cryptographic key.
- controller component 197 may cause, trigger, control and/or instruct UE 102 (Fig. 1) to establish a secured WLAN connection with a WLAN AP 119 (Fig. 1) according to the ciphering mechanism with the cryptographic key received from cellular manager 104 (Fig. 1), e.g., as described above.
- Fig. 8 schematically illustrates a method of providing cellular-assisted cryptographic information to a UE and a WLAN AP, in accordance with some demonstrative embodiments.
- a wireless communication system e.g., system 100 (Fig. 1); a cellular manager, for example, an eNB, e.g., cellular manager 104 (Fig. 1), eNB 304 (Fig. 3), eNB 404 (Fig. 4), and/or eNB 503 (Fig. 5); an interface, e.g., cellular TRx 167 (Fig. 1), and/or WLAN node interface 169 (Fig. 1); a message processor, e.g., message processor 144 (Fig. 1); and/or a controller, e.g., controller 182 (Fig. 1).
- a wireless communication system e.g., system 100 (Fig. 1); a cellular manager, for example, an eNB, e.g., cellular manager 104 (Fig. 1), e
- the method may include processing a first message from a UE, the first message including an indication of one or more first supported ciphering mechanisms of the UE.
- controller component 182 (Fig. 1) and/or message processor 144 (Fig. 1) may be configured to process at cellular manager 104 (Fig. 1) a message from UE 102 (Fig. 1) including an indication of one or more first supported ciphering mechanisms of UE 102 (Fig. 1), e.g., as described above.
- the method may include processing a second message from a WT node, the second message including an indication of one or more second supported ciphering mechanisms of a WLAN AP.
- controller component 182 (Fig. 1) and/or message processor 144 (Fig. 1) may be configured to process at cellular manager 104 (Fig. 1) a message from WT node 106 (Fig. 1), e.g., received via interface 199 (Fig. 1), including an indication of one or more second supported ciphering mechanisms of WLAN AP 119 (Fig. 1), e.g., as described above.
- the method may include determining a ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms.
- controller component 182 may be configured to determine at cellular manager 104 (Fig. 1) a ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms, for example, a ciphering mechanism common to the first and second supported ciphering mechanisms, e.g., as described above.
- the method may include transmitting to the UE a third message including the cryptographic key and an indication of the ciphering mechanism.
- controller component 182 (Fig. 1) and/or message processor 144 (Fig. 1) may be configured to cause, trigger, control and/or instruct cellular manager 104 (Fig. 1) to transmit a message, e.g., an RRC message, to UE 102 (Fig. 1) including the cryptographic key and the indication of the ciphering mechanism, e.g., as described above.
- the method may include sending to the WT node a fourth message including the cryptographic key and the indication of the ciphering mechanism.
- controller component 182 (Fig. 1) and/or message processor 144 (Fig. 1) may be configured to cause, trigger, control and/or instruct cellular manager 104 (Fig. 1) to send to WT node 106 (Fig. 1) a message, e.g., an XwAP message via interface 199 (Fig. 1), including the cryptographic key and the indication of the ciphering mechanism, e.g., as described above.
- Fig. 9 schematically illustrates a method of establishing a secured WLAN connection between a WLAN AP and a UE, in accordance with some demonstrative embodiments.
- a wireless communication system e.g., system 100 (Fig. 1); a WLAN AP, e.g., WLAN AP 119 (Fig. 1), WLAN AP 319 (Fig. 3), WLAN AP 419 (Fig. 4), WLAN AP 529 (Fig. 5), WLAN AP 519 (Fig. 5), and/or WLAN AP 520 (Fig.
- an interface e.g., network interface 121, and/or WLAN TRx 122 (Fig. 1); a message processor, e.g., message processor 125 (Fig. 1); and/or a controller, e.g., controller 123 (Fig. 1).
- the method may include sending, from a WLAN AP to a network node, a first message including an indication of one or more supported ciphering mechanisms of the WLAN AP.
- controller component 123 (Fig. 1) and/or message processor 125 (Fig. 1) may cause, trigger, control and/or instruct WLAN AP 119 (Fig. 1) to send to WT node 106 (Fig. 1) or to cellular manager 104 (Fig. 1) a message including an indication of one or more supported ciphering mechanisms of WLAN AP 119 (Fig. 1), e.g., as described above.
- the method may include processing at the WLAN AP a second message received from the network node, the second message including a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms.
- controller component 123 (Fig. 1) and/or message processor 125 (Fig. 1) may process a second message from cellular manager 104 (Fig. 1), e.g., received via interface 199 (Fig. 1) and/or WT node 106 (Fig. 1), including a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms of WLAN AP 119 (Fig. 1), e.g., as described above.
- the method may include triggering the WLAN AP to establish a secured WLAN connection with a UE according to the ciphering mechanism with the cryptographic key.
- controller component 123 may cause, trigger, control and/or instruct WLAN AP 119 (Fig. 1) to establish a secured WLAN connection with a UE 102 (Fig. 1) according to the ciphering mechanism with the cryptographic key received from cellular manager 104 (Fig. 1), e.g., as described above.
- Fig. 10 schematically illustrates a product of manufacture 1000, in accordance with some demonstrative embodiments.
- Product 1000 may include one or more tangible computer-readable non- transitory storage media 1002, which may include computer-executable instructions, e.g., implemented by logic 1004, operable to, when executed by at least one computer processor, enable the at least one computer processor to implement one or more operations at a cellular manager, for example, an eNB, e.g., cellular manager 104 (Fig. 1), eNB 304 (Fig. 3), eNB 404 (Fig. 4), and/or eNB 503 (Fig. 5); one or more components of a UE, e.g., UE 102 (Fig.
- a UE e.g., UE 102
- a WT node e.g., WT node 106 (Fig. 1); one or more components of a WLAN AP, e.g., WLAN AP 119 (Fig. 1), WLAN AP 319 (Fig. 3), WLAN AP 419 (Fig. 4), WLAN AP 529 (Fig. 5), WLAN AP 519 (Fig. 5), and/or WLAN AP 520 (Fig. 5); a controller, e.g., controller 182 (Fig. 1), controller 197 (Fig. 1), controller 123 (Fig. 1), and/or controller 149 (Fig.
- non-transitory machine-readable medium is directed to include all computer-readable media, with the sole exception being a transitory propagating signal.
- product 1000 and/or machine -readable storage medium 1002 may include one or more types of computer-readable storage media capable of storing data, including volatile memory, non-volatile memory, removable or non-removable memory, erasable or non-erasable memory, writeable or re-writeable memory, and the like.
- machine -readable storage medium 1002 may include, RAM, DRAM, Double- Data-Rate DRAM (DDR-DRAM), SDRAM, static RAM (SRAM), ROM, programmable ROM (PROM), erasable programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), Compact Disk ROM (CD-ROM), Compact Disk Recordable (CD-R), Compact Disk Rewriteable (CD-RW), flash memory (e.g., NOR or NAND flash memory), content addressable memory (CAM), polymer memory, phase-change memory, ferroelectric memory, silicon-oxide-nitride-oxide-silicon (SONOS) memory, a disk, a floppy disk, a hard drive, an optical disk, a magnetic disk, a card, a magnetic card, an optical card, a tape, a cassette, and the like.
- RAM random access memory
- DDR-DRAM Double- Data-Rate DRAM
- SDRAM static RAM
- ROM read-only
- the computer-readable storage media may include any suitable media involved with downloading or transferring a computer program from a remote computer to a requesting computer carried by data signals embodied in a carrier wave or other propagation medium through a communication link, e.g., a modem, radio or network connection.
- a communication link e.g., a modem, radio or network connection.
- logic 1004 may include instructions, data, and/or code, which, if executed by a machine, may cause the machine to perform a method, process and/or operations as described herein.
- the machine may include, for example, any suitable processing platform, computing platform, computing device, processing device, computing system, processing system, computer, processor, or the like, and may be implemented using any suitable combination of hardware, software, firmware, and the like.
- logic 1004 may include, or may be implemented as, software, a software module, an application, a program, a subroutine, instructions, an instruction set, computing code, words, values, symbols, and the like.
- the instructions may include any suitable type of code, such as source code, compiled code, interpreted code, executable code, static code, dynamic code, and the like.
- the instructions may be implemented according to a predefined computer language, manner or syntax, for instructing a processor to perform a certain function.
- the instructions may be implemented using any suitable high-level, low-level, object-oriented, visual, compiled and/or interpreted programming language, such as C, C++, Java, BASIC, Matlab, Pascal, Visual BASIC, assembly language, machine code, and the like.
- Example 1 includes an apparatus of a User Equipment (UE), the apparatus comprising a Wireless Local Area Network (WLAN) transceiver; a cellular transceiver to communicate with an Evolved Node B (eNB); and a controller component configured to trigger the cellular transceiver to transmit to the eNB a first message comprising an indication of one or more supported ciphering mechanisms of the UE, the controller component configured to process a second message received by the cellular transceiver from the eNB, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms, the controller component to trigger the UE to establish a secured WLAN connection with a WLAN Access Point (AP) according to the ciphering mechanism with the cryptographic key.
- AP WLAN Access Point
- Example 2 includes the subject matter of Example 1, and optionally, wherein the controller component is configured to trigger the UE to establish the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
- Example 3 includes the subject matter of Example 1 or 2, and optionally, wherein the controller component is configured to trigger the cellular transceiver to transmit the first message in response to a cellular request message received by the cellular transceiver from the eNB.
- Example 4 includes the subject matter of any one of Examples 1-3, and optionally, wherein the controller component is configured to, when the second message is received while the UE is connected to a first WLAN AP, trigger the UE to establish the secured WLAN connection with a second WLAN AP according to the ciphering mechanism with the cryptographic key.
- Example 5 includes the subject matter of Example 4, and optionally, wherein the controller component is configured to trigger the UE to establish the secured WLAN connection with the second WLAN AP after receipt of an AP switching request from the eNB.
- Example 6 includes the subject matter of Example 5, and optionally, wherein the second message comprises the AP switching request.
- Example 7 includes the subject matter of Example 5, and optionally, wherein the AP switching request is in a third message after the second message.
- Example 8 includes the subject matter of any one of Examples 1-7, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- Example 9 includes the subject matter of any one of Examples 1-7, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
- Example 10 includes the subject matter of any one of Examples 1-9, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
- Example 11 includes the subject matter of any one of Examples 1-10, and optionally, wherein the first and second messages comprise Radio Resource Control (RRC) messages.
- RRC Radio Resource Control
- Example 12 includes the subject matter of any one of Examples 1-11, and optionally, comprising one or more antennas, a memory and a processor.
- Example 13 includes an apparatus comprising circuitry and logic configured to trigger a User Equipment to transmit to an Evolved Node B (eNB) a first message comprising an indication of one or more supported ciphering mechanisms of the UE; process a second message received from the eNB, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms; and trigger the UE to establish a secured WLAN connection with a WLAN Access Point (AP) according to the ciphering mechanism with the cryptographic key.
- eNB Evolved Node B
- AP WLAN Access Point
- Example 14 includes the subject matter of Example 13, and optionally, wherein the apparatus is configured to trigger the UE to establish the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
- Example 15 includes the subject matter of Example 13 or 14, and optionally, wherein the apparatus is configured to trigger the UE to transmit the first message in response to a cellular request message received by the cellular transceiver from the eNB.
- Example 16 includes the subject matter of any one of Examples 13-15, and optionally, wherein the apparatus is configured to, when the second message is received while the UE is connected to a first WLAN AP, trigger the UE to establish the secured WLAN connection with a second WLAN AP according to the ciphering mechanism with the cryptographic key.
- Example 17 includes the subject matter of Example 16, and optionally, wherein the apparatus is configured to trigger the UE to establish the secured WLAN connection with the second WLAN AP after receipt of an AP switching request from the eNB.
- Example 18 includes the subject matter of Example 17, and optionally, wherein the second message comprises the AP switching request.
- Example 19 includes the subject matter of Example 17, and optionally, wherein the AP switching request is in a third message after the second message.
- Example 20 includes the subject matter of any one of Examples 13-19, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- Example 21 includes the subject matter of any one of Examples 13-19, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
- Example 22 includes the subject matter of any one of Examples 13-21, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
- Example 23 includes the subject matter of any one of Examples 13-22, and optionally, wherein the first and second messages comprise Radio Resource Control (RRC) messages.
- RRC Radio Resource Control
- Example 24 includes the subject matter of any one of Examples 13-23, and optionally, comprising one or more antennas, a memory and a processor.
- Example 25 includes a method to be performed by a User Equipment (UE), the method comprising transmitting to an Evolved Node B (eNB) a first message comprising an indication of one or more supported ciphering mechanisms of the UE; processing a second message received from the eNB, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms; and triggering the UE to establish a secured WLAN connection with a WLAN Access Point (AP) according to the ciphering mechanism with the cryptographic key.
- Example 26 includes the subject matter of Example 25, and optionally, comprising triggering the UE to establish the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
- Example 27 includes the subject matter of Example 25 or 26, and optionally, comprising triggering the UE to transmit the first message in response to a cellular request message received by the cellular transceiver from the eNB.
- Example 28 includes the subject matter of any one of Examples 25-27, and optionally, comprising, when the second message is received while the UE is connected to a first WLAN AP, triggering the UE to establish the secured WLAN connection with a second WLAN AP according to the ciphering mechanism with the cryptographic key.
- Example 29 includes the subject matter of Example 28, and optionally, comprising triggering the UE to establish the secured WLAN connection with the second WLAN AP after receipt of an AP switching request from the eNB.
- Example 30 includes the subject matter of Example 29, and optionally, wherein the second message comprises the AP switching request.
- Example 31 includes the subject matter of Example 29, and optionally, wherein the AP switching request is in a third message after the second message.
- Example 32 includes the subject matter of any one of Examples 25-31, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- Example 33 includes the subject matter of any one of Examples 25-31, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
- Example 34 includes the subject matter of any one of Examples 25-33, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
- Example 35 includes the subject matter of any one of Examples 25-34, and optionally, wherein the first and second messages comprise Radio Resource Control (RRC) messages.
- Example 36 includes a product comprising one or more tangible computer-readable storage media comprising computer-executable instructions operable to, when executed by at least one computer processor, enable the at least one computer processor to implement one or more operations at a User Equipment (UE), the operations comprising transmitting to an Evolved Node B (eNB) a first message comprising an indication of one or more supported ciphering mechanisms of the UE; processing a second message received from the eNB, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms; and triggering the UE to establish a secured WLAN connection with a WLAN Access Point (AP) according to the ciphering mechanism with the cryptographic key.
- UE User Equipment
- eNB Evolved Node B
- AP WLAN Access Point
- Example 37 includes the subject matter of Example 36, and optionally, wherein the operations comprise triggering the UE to establish the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
- Example 38 includes the subject matter of Example 36 or 37, and optionally, wherein the operations comprise triggering the UE to transmit the first message in response to a cellular request message received by the cellular transceiver from the eNB.
- Example 39 includes the subject matter of any one of Examples 36-38, and optionally, wherein the operations comprise, when the second message is received while the UE is connected to a first WLAN AP, triggering the UE to establish the secured WLAN connection with a second WLAN AP according to the ciphering mechanism with the cryptographic key.
- Example 40 includes the subject matter of Example 39, and optionally, wherein the operations comprise triggering the UE to establish the secured WLAN connection with the second WLAN AP after receipt of an AP switching request from the eNB.
- Example 41 includes the subject matter of Example 40, and optionally, wherein the second message comprises the AP switching request.
- Example 42 includes the subject matter of Example 40, and optionally, wherein the AP switching request is in a third message after the second message.
- Example 43 includes the subject matter of any one of Examples 36-42, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- Example 44 includes the subject matter of any one of Examples 36-42, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
- Example 45 includes the subject matter of any one of Examples 36-44, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
- Example 46 includes the subject matter of any one of Examples 36-45, and optionally, wherein the first and second messages comprise Radio Resource Control (RRC) messages.
- RRC Radio Resource Control
- Example 47 includes a system of cellular communication comprising a User Equipment (UE), the UE comprising a Wireless Local Area Network (WLAN) transceiver; a cellular transceiver to communicate with an Evolved Node B (eNB); and a controller component configured to trigger the cellular transceiver to transmit to the eNB a first message comprising an indication of one or more supported ciphering mechanisms of the UE, the controller component configured to process a second message received by the cellular transceiver from the eNB, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms, the controller component to trigger the UE to establish a secured WLAN connection with a WLAN Access Point (AP) according to the ciphering mechanism with the cryptographic key.
- UE User Equipment
- WLAN Wireless Local Area Network
- eNB Evolved Node B
- a controller component configured to trigger the cellular transceiver to transmit to the eNB a first
- Example 48 includes the subject matter of Example 47, and optionally, wherein the controller component is configured to trigger the UE to establish the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
- Example 49 includes the subject matter of Example 47 or 48, and optionally, wherein the controller component is configured to trigger the cellular transceiver to transmit the first message in response to a cellular request message received by the cellular transceiver from the eNB.
- Example 50 includes the subject matter of any one of Examples 47-49, and optionally, wherein the controller component is configured to, when the second message is received while the UE is connected to a first WLAN AP, trigger the UE to establish the secured WLAN connection with a second WLAN AP according to the ciphering mechanism with the cryptographic key.
- Example 51 includes the subject matter of Example 50, and optionally, wherein the controller component is configured to trigger the UE to establish the secured WLAN connection with the second WLAN AP after receipt of an AP switching request from the eNB.
- Example 52 includes the subject matter of Example 51, and optionally, wherein the second message comprises the AP switching request.
- Example 53 includes the subject matter of Example 51, and optionally, wherein the AP switching request is in a third message after the second message.
- Example 54 includes the subject matter of any one of Examples 47-53, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- Example 55 includes the subject matter of any one of Examples 47-53, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
- Example 56 includes the subject matter of any one of Examples 47-55, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
- Example 57 includes the subject matter of any one of Examples 47-56, and optionally, wherein the first and second messages comprise Radio Resource Control (RRC) messages.
- RRC Radio Resource Control
- Example 58 includes the subject matter of any one of Examples 47-57, and optionally, wherein the UE comprises one or more antennas, a memory and a processor.
- Example 59 includes an apparatus of a User Equipment (UE), the apparatus comprising means for transmitting to an Evolved Node B (eNB) a first message comprising an indication of one or more supported ciphering mechanisms of the UE; means for processing a second message received from the eNB, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms; and means for triggering the UE to establish a secured WLAN connection with a WLAN Access Point (AP) according to the ciphering mechanism with the cryptographic key.
- Example 60 includes the subject matter of Example 59, and optionally, comprising means for triggering the UE to establish the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
- Example 61 includes the subject matter of Example 59 or 60, and optionally, comprising means for triggering the UE to transmit the first message in response to a cellular request message received by the cellular transceiver from the eNB.
- Example 62 includes the subject matter of any one of Examples 59-61, and optionally, comprising means for, when the second message is received while the UE is connected to a first WLAN AP, triggering the UE to establish the secured WLAN connection with a second WLAN AP according to the ciphering mechanism with the cryptographic key.
- Example 63 includes the subject matter of Example 62, and optionally, comprising means for triggering the UE to establish the secured WLAN connection with the second WLAN AP after receipt of an AP switching request from the eNB.
- Example 64 includes the subject matter of Example 63, and optionally, wherein the second message comprises the AP switching request.
- Example 65 includes the subject matter of Example 63, and optionally, wherein the AP switching request is in a third message after the second message.
- Example 66 includes the subject matter of any one of Examples 59-65, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- Example 67 includes the subject matter of any one of Examples 59-65, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
- Example 68 includes the subject matter of any one of Examples 59-67, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
- Example 69 includes the subject matter of any one of Examples 59-68, and optionally, wherein the first and second messages comprise Radio Resource Control (RRC) messages.
- Example 70 includes an apparatus of an Evolved Node B (eNB) comprising a Wireless Local Area Network (WLAN) interface to communicate with at least one WLAN Termination (WT) node; a cellular transceiver to communicate with a User Equipment (UE); and a controller component configured to process a first message from the UE, the first message comprising an indication of one or more first supported ciphering mechanisms of the UE, the controller component configured to process a second message from the WT node, the second message comprising an indication of one or more second supported ciphering mechanisms of a WLAN Access Point (AP), the controller component configured to determine a ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms, the controller component configured to trigger the cellular transceiver to transmit to the UE a third
- Example 71 includes the subject matter of Example 70, and optionally, wherein the ciphering mechanism is common to both the first and second supported ciphering mechanisms.
- Example 72 includes the subject matter of Example 70 or 71, and optionally, wherein the controller component is configured to trigger the cellular transceiver to transmit a security capability request to the UE, the first message is in response to the security capability request.
- Example 73 includes the subject matter of any one of Examples 70-72, and optionally, wherein the controller component is configured to trigger the WLAN interface to send a security capability request to the WT node, the second message is in response to the security capability request.
- Example 74 includes the subject matter of any one of Examples 70-73, and optionally, wherein the controller component is configured to trigger the cellular transceiver to transmit to the UE an AP switching request to request the UE to switch from a WLAN connection with a first WLAN AP to a secured WLAN connection with a second WLAN AP using the cryptographic key.
- Example 75 includes the subject matter of Example 74, and optionally, wherein the third message comprises the AP switching request.
- Example 76 includes the subject matter of Example 74, and optionally, wherein the controller component is configured to trigger the cellular transceiver to transmit to the UE a fifth message comprising the AP switching request after the third message.
- Example 77 includes the subject matter of any one of Examples 70-76, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP.
- Example 78 includes the subject matter of any one of Examples 70-76, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
- Example 79 includes the subject matter of Example 78, and optionally, wherein the second message comprises the group-cast key.
- Example 80 includes the subject matter of any one of Examples 70-79, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated between the UE and the WLAN AP.
- Example 81 includes the subject matter of any one of Examples 70-80, and optionally, wherein the first and third messages comprise Radio Resource Control (RRC) messages.
- RRC Radio Resource Control
- Example 82 includes the subject matter of any one of Examples 70-81, and optionally, wherein the second and fourth messages comprise Xw Application protocol (XwAP) messages.
- XwAP Xw Application protocol
- Example 83 includes the subject matter of any one of Examples 70-82, and optionally, comprising one or more antennas, a memory and a processor.
- Example 84 includes an apparatus comprising circuitry and logic configured to trigger an Evolved Node B (eNB) to process a first message from a User Equipment (UE), the first message comprising an indication of one or more first supported ciphering mechanisms of the UE; process a second message from a Wireless Local Area Network (WLAN) Termination (WT) node, the second message comprising an indication of one or more second supported ciphering mechanisms of a WLAN Access Point (AP); determine a ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms; transmit to the UE a third message comprising the cryptographic key and an indication of the ciphering mechanism; and send to the WT node a fourth message comprising the cryptographic key and the indication of the ciphering mechanism.
- eNB Evolved Node B
- Example 85 includes the subject matter of Example 84, and optionally, wherein the ciphering mechanism is common to both the first and second supported ciphering mechanisms.
- Example 86 includes the subject matter of Example 84 or 85, and optionally, wherein the apparatus is configured to trigger the eNB to transmit a security capability request to the UE, the first message is in response to the security capability request.
- Example 87 includes the subject matter of any one of Examples 84-86, and optionally, wherein the apparatus is configured to trigger the eNB to send a security capability request to the WT node, the second message is in response to the security capability request.
- Example 88 includes the subject matter of any one of Examples 84-87, and optionally, wherein the apparatus is configured to trigger the eNB to transmit to the UE an AP switching request to request the UE to switch from a WLAN connection with a first WLAN AP to a secured WLAN connection with a second WLAN AP using the cryptographic key.
- Example 89 includes the subject matter of Example 88, and optionally, wherein the third message comprises the AP switching request.
- Example 90 includes the subject matter of Example 88, and optionally, wherein the apparatus is configured to trigger the eNB to transmit to the UE a fifth message comprising the AP switching request after the third message.
- Example 91 includes the subject matter of any one of Examples 84-90, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP.
- Example 92 includes the subject matter of any one of Examples 84-90, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
- Example 93 includes the subject matter of Example 92, and optionally, wherein the second message comprises the group-cast key.
- Example 94 includes the subject matter of any one of Examples 84-93, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated between the UE and the WLAN AP.
- Example 95 includes the subject matter of any one of Examples 84-94, and optionally, wherein the first and third messages comprise Radio Resource Control (RRC) messages.
- RRC Radio Resource Control
- Example 96 includes the subject matter of any one of Examples 84-95, and optionally, wherein the second and fourth messages comprise Xw Application protocol (XwAP) messages.
- XwAP Xw Application protocol
- Example 97 includes the subject matter of any one of Examples 84-96, and optionally, comprising one or more antennas, a memory and a processor.
- Example 98 includes a method to be performed at an Evolved Node B (eNB), the method comprising processing a first message from a User Equipment (UE), the first message comprising an indication of one or more first supported ciphering mechanisms of the UE; processing a second message from a Wireless Local Area Network (WLAN) Termination (WT) node, the second message comprising an indication of one or more second supported ciphering mechanisms of a WLAN Access Point (AP); determining a ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms; transmitting to the UE a third message comprising the cryptographic key and an indication of the ciphering mechanism; and sending to the WT node a fourth message comprising the cryptographic key and the indication of the ciphering mechanism.
- UE User Equipment
- WT Wireless Local Area Network
- AP Wireless Local Area Network
- AP Wireless Local Area Network
- AP Wireless Local Area Network
- AP Wireless Local Area Network
- AP Wireless
- Example 99 includes the subject matter of Example 98, and optionally, wherein the ciphering mechanism is common to both the first and second supported ciphering mechanisms.
- Example 100 includes the subject matter of Example 98 or 99, and optionally, comprising triggering the eNB to transmit a security capability request to the UE, the first message is in response to the security capability request.
- Example 101 includes the subject matter of any one of Examples 98-100, and optionally, comprising triggering the eNB to send a security capability request to the WT node, the second message is in response to the security capability request.
- Example 102 includes the subject matter of any one of Examples 98-101, and optionally, comprising triggering the eNB to transmit to the UE an AP switching request to request the UE to switch from a WLAN connection with a first WLAN AP to a secured WLAN connection with a second WLAN AP using the cryptographic key.
- Example 103 includes the subject matter of Example 102, and optionally, wherein the third message comprises the AP switching request.
- Example 104 includes the subject matter of Example 102, and optionally, comprising triggering the eNB to transmit to the UE a fifth message comprising the AP switching request after the third message.
- Example 105 includes the subject matter of any one of Examples 98-104, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP.
- Example 106 includes the subject matter of any one of Examples 98-104, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
- Example 107 includes the subject matter of Example 106, and optionally, wherein the second message comprises the group-cast key.
- Example 108 includes the subject matter of any one of Examples 98-107, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated between the UE and the WLAN AP.
- Example 109 includes the subject matter of any one of Examples 98-108, and optionally, wherein the first and third messages comprise Radio Resource Control (RRC) messages.
- RRC Radio Resource Control
- Example 110 includes the subject matter of any one of Examples 98-109, and optionally, wherein the second and fourth messages comprise Xw Application protocol (XwAP) messages.
- XwAP Xw Application protocol
- Example 111 includes a product comprising one or more tangible computer-readable storage media comprising computer-executable instructions operable to, when executed by at least one computer processor, enable the at least one computer processor to implement one or more operations at an Evolved Node B (eNB), the operations comprising processing a first message from a User Equipment (UE), the first message comprising an indication of one or more first supported ciphering mechanisms of the UE; processing a second message from a Wireless Local Area Network (WLAN) Termination (WT) node, the second message comprising an indication of one or more second supported ciphering mechanisms of a WLAN Access Point (AP); determining a ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms; transmitting to the UE a third message comprising the cryptographic key and an indication of the ciphering mechanism; and sending to the WT node a fourth message comprising the cryptographic key and the indication of the ciphering mechanism.
- eNB Evolved
- Example 112 includes the subject matter of Example 111, and optionally, wherein the ciphering mechanism is common to both the first and second supported ciphering mechanisms.
- Example 113 includes the subject matter of Example 111 or 112, and optionally, wherein the operations comprise triggering the eNB to transmit a security capability request to the UE, the first message is in response to the security capability request.
- Example 114 includes the subject matter of any one of Examples 111-113, and optionally, wherein the operations comprise triggering the eNB to send a security capability request to the WT node, the second message is in response to the security capability request.
- Example 115 includes the subject matter of any one of Examples 111-114, and optionally, wherein the operations comprise triggering the eNB to transmit to the UE an AP switching request to request the UE to switch from a WLAN connection with a first WLAN AP to a secured WLAN connection with a second WLAN AP using the cryptographic key.
- Example 116 includes the subject matter of Example 115, and optionally, wherein the third message comprises the AP switching request.
- Example 117 includes the subject matter of Example 115, and optionally, wherein the operations comprise triggering the eNB to transmit to the UE a fifth message comprising the AP switching request after the third message.
- Example 118 includes the subject matter of any one of Examples 111-117, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP.
- Example 119 includes the subject matter of any one of Examples 111-117, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
- Example 120 includes the subject matter of Example 119, and optionally, wherein the second message comprises the group-cast key.
- Example 121 includes the subject matter of any one of Examples 111-120, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated between the UE and the WLAN AP.
- Example 122 includes the subject matter of any one of Examples 111-121, and optionally, wherein the first and third messages comprise Radio Resource Control (RRC) messages.
- RRC Radio Resource Control
- Example 123 includes the subject matter of any one of Examples 111-122, and optionally, wherein the second and fourth messages comprise Xw Application protocol (XwAP) messages.
- XwAP Xw Application protocol
- Example 124 includes a system of cellular communication comprising an Evolved Node B (eNB), the eNB comprising a Wireless Local Area Network (WLAN) interface to communicate with at least one WLAN Termination (WT) node; a cellular transceiver to communicate with a User Equipment (UE); and a controller component configured to process a first message from the UE, the first message comprising an indication of one or more first supported ciphering mechanisms of the UE, the controller component configured to process a second message from the WT node, the second message comprising an indication of one or more second supported ciphering mechanisms of a WLAN Access Point (AP), the controller component configured to determine a ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms, the controller component configured to trigger the cellular transceiver to transmit to the UE a third message comprising the cryptographic key and an indication of the ciphering mechanism, and to trigger the WLAN interface to send to the WT node
- AP
- Example 125 includes the subject matter of Example 124, and optionally, wherein the ciphering mechanism is common to both the first and second supported ciphering mechanisms.
- Example 126 includes the subject matter of Example 124 or 125, and optionally, wherein the controller component is configured to trigger the cellular transceiver to transmit a security capability request to the UE, the first message is in response to the security capability request.
- Example 127 includes the subject matter of any one of Examples 124-126, and optionally, wherein the controller component is configured to trigger the WLAN interface to send a security capability request to the WT node, the second message is in response to the security capability request.
- Example 128 includes the subject matter of any one of Examples 124-127, and optionally, wherein the controller component is configured to trigger the cellular transceiver to transmit to the UE an AP switching request to request the UE to switch from a WLAN connection with a first WLAN AP to a secured WLAN connection with a second WLAN AP using the cryptographic key.
- Example 129 includes the subject matter of Example 128, and optionally, wherein the third message comprises the AP switching request.
- Example 130 includes the subject matter of Example 128, and optionally, wherein the controller component is configured to trigger the cellular transceiver to transmit to the UE a fifth message comprising the AP switching request after the third message.
- Example 131 includes the subject matter of any one of Examples 124-130, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP.
- Example 132 includes the subject matter of any one of Examples 124-130, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
- Example 133 includes the subject matter of Example 132, and optionally, wherein the second message comprises the group-cast key.
- Example 134 includes the subject matter of any one of Examples 124-133, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated between the UE and the WLAN AP.
- Example 135 includes the subject matter of any one of Examples 124-134, and optionally, wherein the first and third messages comprise Radio Resource Control (RRC) messages.
- RRC Radio Resource Control
- Example 136 includes the subject matter of any one of Examples 124-135, and optionally, wherein the second and fourth messages comprise Xw Application protocol (XwAP) messages.
- XwAP Xw Application protocol
- Example 137 includes the subject matter of any one of Examples 124-136, and optionally, wherein the eNB comprises one or more antennas, a memory and a processor.
- Example 138 includes an apparatus of an Evolved Node B (eNB), the apparatus comprising means for processing a first message from a User Equipment (UE), the first message comprising an indication of one or more first supported ciphering mechanisms of the UE; means for processing a second message from a Wireless Local Area Network (WLAN) Termination (WT) node, the second message comprising an indication of one or more second supported ciphering mechanisms of a WLAN Access Point (AP); means for determining a ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms; means for transmitting to the UE a third message comprising the cryptographic key and an indication of the ciphering mechanism; and means for sending to the WT node a fourth message comprising the cryptographic key and the indication of the ciphering mechanism.
- UE User Equipment
- WT Wireless Local Area Network
- AP Wireless Local Area Network
- AP Wireless Local Area Network
- AP Wireless Local Area Network
- AP Wireless Local Area
- Example 139 includes the subject matter of Example 138, and optionally, wherein the ciphering mechanism is common to both the first and second supported ciphering mechanisms.
- Example 140 includes the subject matter of Example 138 or 139, and optionally, comprising means for triggering the eNB to transmit a security capability request to the UE, the first message is in response to the security capability request.
- Example 141 includes the subject matter of any one of Examples 138-140, and optionally, comprising means for triggering the eNB to send a security capability request to the WT node, the second message is in response to the security capability request.
- Example 142 includes the subject matter of any one of Examples 138-141, and optionally, comprising means for triggering the eNB to transmit to the UE an AP switching request to request the UE to switch from a WLAN connection with a first WLAN AP to a secured WLAN connection with a second WLAN AP using the cryptographic key.
- Example 143 includes the subject matter of Example 142, and optionally, wherein the third message comprises the AP switching request.
- Example 144 includes the subject matter of Example 142, and optionally, comprising means for triggering the eNB to transmit to the UE a fifth message comprising the AP switching request after the third message.
- Example 145 includes the subject matter of any one of Examples 138-144, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP.
- Example 146 includes the subject matter of any one of Examples 138-144, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
- Example 147 includes the subject matter of Example 146, and optionally, wherein the second message comprises the group-cast key.
- Example 148 includes the subject matter of any one of Examples 138-147, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated between the UE and the WLAN AP.
- Example 149 includes the subject matter of any one of Examples 138-148, and optionally, wherein the first and third messages comprise Radio Resource Control (RRC) messages.
- RRC Radio Resource Control
- Example 150 includes the subject matter of any one of Examples 138-149, and optionally, wherein the second and fourth messages comprise Xw Application protocol (XwAP) messages.
- XwAP Xw Application protocol
- Example 151 includes an apparatus of a Wireless Local Area Network (WLAN) Access Point (AP), the apparatus comprising a WLAN transceiver; a network interface to communicate with a network node; and a controller component configured to trigger the network interface to send to the network node a first message comprising an indication of one or more supported ciphering mechanisms of the WLAN AP, the controller component configured to process a second message received by the network interface, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms, the controller component to trigger the WLAN AP to establish a secured WLAN connection with a User Equipment (UE) according to the ciphering mechanism with the cryptographic key.
- UE User Equipment
- Example 152 includes the subject matter of Example 151, and optionally, wherein the controller component is configured to trigger the WLAN AP to establish the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
- Example 153 includes the subject matter of Example 151 or 152, and optionally, wherein the controller component is configured to trigger the network interface to send the first message in response to a request message received by the network interface from the network node.
- Example 154 includes the subject matter of any one of Examples 151-153, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- Example 155 includes the subject matter of any one of Examples 151-153, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
- Example 156 includes the subject matter of Example 155, and optionally, wherein the first message comprises the group-cast key.
- Example 157 includes the subject matter of any one of Examples 151-156, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
- Example 158 includes the subject matter of any one of Examples 151-157, and optionally, comprising one or more antennas, a memory and a processor.
- Example 159 includes an apparatus comprising circuitry and logic configured to trigger a Wireless Local Area Network (WLAN) Access Point (AP) to send to a network node a first message comprising an indication of one or more supported ciphering mechanisms of the WLAN AP; process a second message received from the network node, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms; and trigger the WLAN AP to establish a secured WLAN connection with a User Equipment (UE) according to the ciphering mechanism with the cryptographic key.
- WLAN Wireless Local Area Network
- AP Wireless Local Area Network Access Point
- Example 160 includes the subject matter of Example 159, and optionally, wherein the apparatus is configured to trigger the WLAN AP to establish the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
- Example 161 includes the subject matter of Example 159 or 160, and optionally, wherein the apparatus is configured to trigger the WLAN AP to send the first message in response to a request message received by the network interface from the network node.
- Example 162 includes the subject matter of any one of Examples 159-161, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- Example 163 includes the subject matter of any one of Examples 159-161, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
- Example 164 includes the subject matter of Example 163, and optionally, wherein the first message comprises the group-cast key.
- Example 165 includes the subject matter of any one of Examples 159-164, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
- Example 166 includes the subject matter of any one of Examples 159-165, and optionally, comprising one or more antennas, a memory and a processor.
- Example 167 includes a method to be performed by a Wireless Local Area Network (WLAN) Access Point (AP), the method comprising sending to a network node a first message comprising an indication of one or more supported ciphering mechanisms of the WLAN AP; processing a second message received from the network node, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms; and triggering the WLAN AP to establish a secured WLAN connection with a User Equipment (UE) according to the ciphering mechanism with the cryptographic key.
- Example 168 includes the subject matter of Example 167, and optionally, comprising establishing the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
- Example 169 includes the subject matter of Example 167 or 168, and optionally, comprising sending the first message in response to a request message received by the WLAN AP from the network node.
- Example 170 includes the subject matter of any one of Examples 167-169, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- Example 171 includes the subject matter of any one of Examples 167-169, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
- Example 172 includes the subject matter of Example 171, and optionally, wherein the first message comprises the group-cast key.
- Example 173 includes the subject matter of any one of Examples 167-172, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
- Example 174 includes a product comprising one or more tangible computer-readable storage media comprising computer-executable instructions operable to, when executed by at least one computer processor, enable the at least one computer processor to implement one or more operations at a Wireless Local Area Network (WLAN) Access Point (AP), the operations comprising sending to a network node a first message comprising an indication of one or more supported ciphering mechanisms of the WLAN AP; processing a second message received from the network node, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms; and triggering the WLAN AP to establish a secured WLAN connection with a User Equipment (UE) according to the ciphering mechanism with the cryptographic key.
- UE User Equipment
- Example 175 includes the subject matter of Example 174, and optionally, wherein the operations comprise establishing the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
- Example 176 includes the subject matter of Example 174 or 175, and optionally, wherein the operations comprise sending the first message in response to a request message received by the WLAN AP from the network node.
- Example 177 includes the subject matter of any one of Examples 174-176, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- Example 178 includes the subject matter of any one of Examples 174-176, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
- Example 179 includes the subject matter of Example 178, and optionally, wherein the first message comprises the group-cast key.
- Example 180 includes the subject matter of any one of Examples 174-179, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
- Example 181 includes a system of wireless communication comprising a Wireless Local Area Network (WLAN) Access Point (AP), the WLAN AP comprising a WLAN transceiver; a network interface to communicate with a network node; and a controller component configured to trigger the network interface to send to the network node a first message comprising an indication of one or more supported ciphering mechanisms of the WLAN AP, the controller component configured to process a second message received by the network interface, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms, the controller component to trigger the WLAN AP to establish a secured WLAN connection with a User Equipment (UE) according to the ciphering mechanism with the cryptographic key.
- UE User Equipment
- Example 182 includes the subject matter of Example 181, and optionally, wherein the controller component is configured to trigger the WLAN AP to establish the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
- Example 183 includes the subject matter of Example 181 or 182, and optionally, wherein the controller component is configured to trigger the network interface to send the first message in response to a request message received by the network interface from the network node.
- Example 184 includes the subject matter of any one of Examples 181-183, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- Example 185 includes the subject matter of any one of Examples 181-183, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
- Example 186 includes the subject matter of Example 185, and optionally, wherein the first message comprises the group-cast key.
- Example 187 includes the subject matter of any one of Examples 181-186, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
- Example 188 includes the subject matter of any one of Examples 181-187, and optionally, wherein the WLAN AP comprises one or more antennas, a memory and a processor.
- Example 189 includes an apparatus of a Wireless Local Area Network (WLAN) Access Point (AP), the apparatus comprising means for sending to a network node a first message comprising an indication of one or more supported ciphering mechanisms of the WLAN AP; means for processing a second message received from the network node, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms; and means for triggering the WLAN AP to establish a secured WLAN connection with a User Equipment (UE) according to the ciphering mechanism with the cryptographic key.
- UE User Equipment
- Example 190 includes the subject matter of Example 189, and optionally, comprising means for establishing the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
- Example 191 includes the subject matter of Example 189 or 190, and optionally, comprising means for sending the first message in response to a request message received by the WLAN AP from the network node.
- Example 192 includes the subject matter of any one of Examples 189-191, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
- Example 193 includes the subject matter of any one of Examples 189-191, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
- Example 194 includes the subject matter of Example 193, and optionally, wherein the first message comprises the group-cast key.
- Example 195 includes the subject matter of any one of Examples 189-194, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Some demonstrative embodiments include devices, systems and/or methods of cellular- assisted establishing of a secured Wireless Local Area Network (WLAN) connection between a User Equipment (UE) and a WLAN Access Point (AP). For example, an Evolved Node B (eNB) may be configured to process a first message from a UE including an indication of one or more first supported ciphering mechanisms of the UE; to process a second message from a WLAN Termination (WT) node including an indication of one or more second supported ciphering mechanisms of a WLAN AP; to determine a ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms; to transmit to the UE a third message including the cryptographic key and an indication of the ciphering mechanism; and to send to the WT node a fourth message including the cryptographic key and the indication of the ciphering mechanism.
Description
APPARATUS, SYSTEM AND METHOD OF CELLULAR-ASSISTED
ESTABLISHING OF A SECURED WLAN CONNECTION BETWEEN A UE AND A
WLAN AP
CROSS REFERENCE
[001] This application claims the benefit of and priority from US Provisional Patent Application No. 62/250,333 entitled "WI-FI KEYS ESTABLISHMENT WITH SECURED PRIMARY CELL", filed November 3, 2015, the entire disclosure of which is incorporated herein by reference.
TECHNICAL FIELD
[002] Some embodiments described herein generally relate to cellular-assisted establishing of a secured Wireless Local Area Network (WLAN) connection between a User Equipment (UE) and a WLAN Access Point (AP).
BACKGROUND
[003] A wireless communication device, e.g., a mobile device, may be configured to utilize multiple wireless communication technologies.
[004] For example, a User Equipment (UE) device may be configured to utilize a cellular connection, e.g., a Universal Mobile Telecommunications System (UMTS) cellular connection or a Long Term Evolution (LTE) connection, as well as a wireless-local-area- network (WLAN) connection, e.g., a Wireless-Fidelity (WiFi) connection.
[005] There is a need for efficient interworking, integration and/or management of the cellular and WLAN radio access technologies.
BRIEF DESCRIPTION OF THE DRAWINGS
[006] For simplicity and clarity of illustration, elements shown in the figures have not necessarily been drawn to scale. For example, the dimensions of some of the elements may be exaggerated relative to other elements for clarity of presentation. Furthermore, reference numerals may be repeated among the figures to indicate corresponding or analogous elements. The figures are listed below.
[007] Fig. 1 is a schematic block diagram illustration of a system, in accordance with some demonstrative embodiments.
[008] Fig. 2 is a schematic illustration of a procedure of setting security parameters of a Wireless Local Area Network (WLAN) connection.
[009] Fig. 3 is a schematic illustration of operations and communications between a wireless station, a cellular manager, and a WLAN Access Point (AP), in accordance with some demonstrative embodiments.
[0010] Fig. 4 is a schematic illustration of operations and communications between a wireless station, a cellular manager, and first and second WLAN APs, in accordance with some demonstrative embodiments.
[0011] Fig. 5 is a schematic illustration of operations and communications of cellular- assisted establishment of secure WLAN connections in a non-collocated implementation, in accordance with some demonstrative embodiments.
[0012] Fig. 6 is a schematic illustration of elements of a User Equipment (UE), in accordance with some demonstrative embodiments.
[0013] Fig. 7 is a schematic flow-chart illustration of a method of establishing a secured WLAN connection between a UE and a WLAN AP, in accordance with some demonstrative embodiments.
[0014] Fig. 8 is a schematic flow-chart illustration of a method of providing cellular- assisted cryptographic information to a UE and a WLAN AP, in accordance with some demonstrative embodiments.
[0015] Fig. 9 is a schematic flow-chart illustration of a method of establishing a secured WLAN connection between a WLAN AP and a UE, in accordance with some demonstrative embodiments.
[0016] Fig. 10 is a schematic illustration of a product, in accordance with some demonstrative embodiments.
DETAILED DESCRIPTION
[0017] In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of some embodiments. However, it will be understood by persons of ordinary skill in the art that some embodiments may be practiced without these specific details. In other instances, well-known methods, procedures, components, units and/or circuits have not been described in detail so as not to obscure the discussion.
[0018] Discussions herein utilizing terms such as, for example, "processing", "computing", "calculating", "determining", "establishing", "analyzing", "checking", or the like, may refer to operation(s) and/or process(es) of a computer, a computing platform, a computing system, or other electronic computing device, that manipulate and/or transform data represented as physical (e.g., electronic) quantities within the computer's registers and/or memories into other data similarly represented as physical quantities within the computer's registers and/or memories or other information storage medium that may store instructions to perform operations and/or processes.
[0019] The terms "plurality" and "a plurality", as used herein, include, for example, "multiple" or "two or more". For example, "a plurality of items" includes two or more items.
[0020] References to "one embodiment," "an embodiment," "demonstrative embodiment," "various embodiments," etc., indicate that the embodiment(s) so described may include a particular feature, structure, or characteristic, but not every embodiment necessarily includes the particular feature, structure, or characteristic. Further, repeated use of the phrase "in one embodiment" does not necessarily refer to the same embodiment, although it may.
[0021] As used herein, unless otherwise specified the use of the ordinal adjectives "first," "second," "third," etc., to describe a common object, merely indicate that different instances of like objects are being referred to, and are not intended to imply that the objects so described must be in a given sequence, either temporally, spatially, in ranking, or in any other manner.
[0022] Some embodiments may be used in conjunction with various devices and systems, for example, a Personal Computer (PC), a desktop computer, a mobile computer, a laptop computer, a notebook computer, a tablet computer, a Smartphone device, a server computer, a handheld computer, a handheld device, a Personal Digital Assistant (PDA) device, a handheld PDA device, an on-board device, an off-board device, an Internet of Things (IoT) device, a sensor device, a wearable device, a hybrid device, a vehicular device, a non-
vehicular device, a mobile or portable device, a consumer device, a non-mobile or nonportable device, a wireless communication station, a wireless communication device, a wireless Access Point (AP), a wired or wireless router, a wired or wireless modem, a video device, an audio device, an audio-video (A/V) device, a wired or wireless network, a wireless area network, a cellular network, a cellular node, a cellular device, a Wireless Local Area Network (WLAN), a Multiple Input Multiple Output (MIMO) transceiver or device, a Single Input Multiple Output (SIMO) transceiver or device, a Multiple Input Single Output (MISO) transceiver or device, a device having one or more internal antennas and/or external antennas, Digital Video Broadcast (DVB) devices or systems, multi-standard radio devices or systems, a wired or wireless handheld device, e.g., a Smartphone, a Wireless Application Protocol (WAP) device, vending machines, sell terminals, and the like.
[0023] Some embodiments may be used in conjunction with devices and/or networks operating in accordance with existing 3rd Generation Partnership Project (3GPP) and/or Long Term Evolution (LTE) specifications (including 3GPP TS 36.300 ( "TS 36.300 Evolved Universal Terrestrial Radio Access (E-UTRA) and Evolved Universal Terrestrial Radio Access Network (E-UTRAN); Overall description; Stage 2, version 11.7.0 Release 11 ", September 2013); 3GPP TS 36.331 (ETSI TS 136 331; V12.3.0 (2014-09); LTE; Evolved Universal Terrestrial Radio Access (E-UTRA); Radio Resource Control (RRC); Protocol specification (3GPP TS 36.331 version 12.3.0 Release 12); and/or 3GPP TS 36.463 (3GPP TS 36.463 V0.2.0 (2015-10) Technical Specification; 3rd Generation Partnership Project; Technical Specification Group Radio Access Network; Evolved Universal Terrestrial Radio Access Network (E-UTRAN) and Wireless LAN (WLAN); Xw application protocol (XwAP) (Release 13))) and/or future versions and/or derivatives thereof, devices and/or networks operating in accordance with existing Wireless-Gigabit-Alliance (WGA) specifications (Wireless Gigabit Alliance, Inc WiGig MAC and PHY Specification Version 1.1, April 2011, Final specification) and/or future versions and/or derivatives thereof, devices and/or networks operating in accordance with existing IEEE 802.11 standards (including IEEE 802.11-201 (IEEE 802.11-2012, IEEE Standard for Information technology- Telecommunications and information exchange between systems Local and metropolitan area networks— Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications, March 29, 2012); and/or IEEEP802.11REVmc™ (IEEEP802.11REVmc™_D3.0, June 2014, Draft Standard for Information Technology - Telecommunications and Information Exchange Between Systems— Local and Metropolitan
Area Networks - Specific Requirements - Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications)), and/or future versions and/or derivatives thereof, devices and/or networks operating in accordance with existing IEEE 802.16 standards (IEEE-Std 802.16, 2009 Edition, Air Interface for Fixed Broadband Wireless Access Systems; IEEE-Std 802.16e, 2005 Edition, Physical and Medium Access Control Layers for Combined Fixed and Mobile Operation in Licensed Bands; amendment to IEEE Std 802.16-2009, developed by Task Group m) and/or future versions and/or derivatives thereof, devices and/or networks operating in accordance with existing WirelessHD™ specifications and/or future versions and/or derivatives thereof, units and/or devices which are part of the above networks, and the like.
[0024] Some embodiments may be used in conjunction with one or more types of wireless communication signals and/or systems, for example, Radio Frequency (RF), Frequency- Division Multiplexing (FDM), Orthogonal FDM (OFDM), Single Carrier Frequency Division Multiple Access (SC-FDMA), Time-Division Multiplexing (TDM), Time-Division Multiple Access (TDM A), Extended TDMA (E-TDMA), General Packet Radio Service (GPRS), extended GPRS, Code-Division Multiple Access (CDMA), Wideband CDMA (WCDMA), CDMA 2000, single-carrier CDMA, multi-carrier CDMA, Multi-Carrier Modulation (MDM), Discrete Multi-Tone (DMT), Bluetooth®, Global Positioning System (GPS), Wireless Fidelity (Wi-Fi), Wi-Max, ZigBee™, Ultra-Wideband (UWB), Global System for Mobile communication (GSM), second generation (2G), 2.5G, 3G, 3.5G, 4G, Fifth Generation (5G) mobile networks, 3GPP, Long Term Evolution (LTE) cellular system, LTE advance cellular system, High-Speed Downlink Packet Access (HSDPA), High-Speed Uplink Packet Access (HSUPA), High-Speed Packet Access (HSPA), HSPA+, Single Carrier Radio Transmission Technology (1XRTT), Evolution-Data Optimized (EV-DO), Enhanced Data rates for GSM Evolution (EDGE), and the like. Other embodiments may be used in various other devices, systems and/or networks.
[0025] The term "wireless device", as used herein, includes, for example, a device capable of wireless communication, a communication device capable of wireless communication, a communication station capable of wireless communication, a portable or non-portable device capable of wireless communication, or the like. In some demonstrative embodiments, a wireless device may be or may include a peripheral that is integrated with a computer, or a peripheral that is attached to a computer. In some demonstrative embodiments, the term "wireless device" may optionally include a wireless service.
[0026] The term "communicating" as used herein with respect to a communication signal includes transmitting the communication signal and/or receiving the communication signal. For example, a communication unit, which is capable of communicating a communication signal, may include a transmitter to transmit the communication signal to at least one other communication unit, and/or a communication receiver to receive the communication signal from at least one other communication unit. The verb communicating may be used to refer to the action of transmitting or the action of receiving. In one example, the phrase "communicating a signal" may refer to the action of transmitting the signal by a first device, and may not necessarily include the action of receiving the signal by a second device. In another example, the phrase "communicating a signal" may refer to the action of receiving the signal by a first device, and may not necessarily include the action of transmitting the signal by a second device.
[0027] As used herein, the term "circuitry" may refer to, be part of, or include, an Application Specific Integrated Circuit (ASIC), an integrated circuit, an electronic circuit, a processor (shared, dedicated, or group), and/or memory (shared, dedicated, or group), that execute one or more software or firmware programs, a combinational logic circuit, and/or other suitable hardware components that provide the described functionality. In some embodiments, the circuitry may be implemented in, or functions associated with the circuitry may be implemented by, one or more software or firmware modules. In some embodiments, circuitry may include logic, at least partially operable in hardware.
[0028] The term "logic" may refer, for example, to computing logic embedded in circuitry of a computing apparatus and/or computing logic stored in a memory of a computing apparatus. For example, the logic may be accessible by a processor of the computing apparatus to execute the computing logic to perform computing functions and/or operations. In one example, logic may be embedded in various types of memory and/or firmware, e.g., silicon blocks of various chips and/or processors. Logic may be included in, and/or implemented as part of, various circuitry, e.g. radio circuitry, receiver circuitry, control circuitry, transmitter circuitry, transceiver circuitry, processor circuitry, and/or the like. In one example, logic may be embedded in volatile memory and/or non-volatile memory, including random access memory, read only memory, programmable memory, magnetic memory, flash memory, persistent memory, and the like. Logic may be executed by one or more processors using memory, e.g., registers, stuck, buffers, and/or the like, coupled to the one or more processors, e.g., as necessary to execute the logic.
[0029] The term "antenna", as used herein, may include any suitable configuration, structure and/or arrangement of one or more antenna elements, components, units, assemblies and/or arrays. In some embodiments, the antenna may implement transmit and receive functionalities using separate transmit and receive antenna elements. In some embodiments, the antenna may implement transmit and receive functionalities using common and/or integrated transmit/receive elements. The antenna may include, for example, a phased array antenna, a single element antenna, a dipole antenna, a set of switched beam antennas, and/or the like.
[0030] The term "cell", as used herein, may include a combination of network resources, for example, downlink and optionally uplink resources. The resources may be controlled and/or allocated, for example, by a node (also referred to as a "base station"), or the like. The linking between a carrier frequency of the downlink resources and a carrier frequency of the uplink resources may be indicated in system information transmitted on the downlink resources.
[0031] Some demonstrative embodiments are described herein with respect to a LTE network. However, other embodiments may be implemented in any other suitable cellular network or system, e.g., a Universal Mobile Telecommunications System (UMTS) cellular system, a GSM network, a 3G cellular network, a 4G cellular network, a 4.5G network, a 5G cellular network, a WiMAX cellular network, and the like.
[0032] Some demonstrative embodiments are described herein with respect to a WLAN system, a WiFi system, and/or a WiGig system. However, other embodiments may be implemented in any other suitable non-cellular network.
[0033] Some demonstrative embodiments are described herein with respect to a WLAN Termination (WT) node. However, other embodiments may be implemented in any other WLAN controller, WLAN access device, WLAN Access Point (AP), WLAN access controller (AC), and/or WLAN access manager, node, and/or interface.
[0034] Some demonstrative embodiments may be used in conjunction with a Heterogeneous Network (HetNet), which may utilize a deployment of a mix of technologies, frequencies, cell sizes and/or network architectures, e.g., including cellular, millimeter wave ("mmWave" or "mmW"), and/or the like. In one example, the HetNet may include a radio access network having layers of different-sized cells ranging from large macrocells to small cells, for example, picocells and femtocells. Other embodiments may be used in conjunction with any other suitable wireless communication network.
[0035] Other embodiments may be used in conjunction with any other suitable wireless communication network.
[0036] Reference is now made to Fig. 1, which schematically illustrates a block diagram of a system 100, in accordance with some demonstrative embodiments.
[0037] As shown in Fig. 1, in some demonstrative embodiments, system 100 may include one or more wireless communication devices capable of communicating content, data, information and/or signals via one or more wireless mediums (WM) 108. For example, system 100 may include at least one User Equipment (UE) 102 capable of communicating with one or more wireless communication networks, e.g., as described below.
[0038] Wireless mediums 108 may include, for example, a radio channel, a cellular channel, an RF channel, a WiFi channel, an IR channel, and the like. One or more elements of system 100 may optionally be capable of communicating over any suitable wired communication links.
[0039] In some demonstrative embodiments, system 100 may include at least one cellular manager 104 to manage communication of a cellular network, e.g., as described below.
[0040] In some demonstrative embodiments, cellular manager 104 may include, may operate as, and/or may perform the functionality of, an Evolved Node B (eNB). For example, cellular manager 104 may be configured to perform radio resource management (RRM), radio bearer control, radio admission control (access control), connection mobility management, resource scheduling between UEs and eNB radios, e.g., Dynamic allocation of resources to UEs in both uplink and downlink, header compression, link encryption of user data streams, packet routing of user data towards a destination, e.g., another eNB or an Evolved Packet Core (EPC), scheduling and/or transmitting paging messages, e.g., incoming calls and/or connection requests, broadcast information coordination, measurement reporting, and/or any other operations, communications, and/or functionality.
[0041] In other embodiments, cellular manager 104 may include any other functionality and/or may perform the functionality of any other cellular node, network controller, base station or any other node or network device.
[0042] In one example, cellular manager 104 may be part of a UMTS. According to this example, cellular manager 104 may perform the functionality of a Radio Network Controller (RNC), which may control a plurality of Node B devices 157. For example, the node B may be configured to communicate directly with UEs, e.g., including UE 102, for example, using
a Wideband Code Division Multiple Access (WCDMA) and/or Time Division Synchronous Code Division Multiple Access (TD-SCDMA) air interface technology. The RNC may include, for example, a UMTS RNC configured to control the Node B devices 157.
[0043] In some demonstrative embodiments, system 100 may include a WLAN Termination (WT) node 106, which may be configured to terminate a WLAN network interface, e.g., as described herein.
[0044] Some demonstrative embodiments are described below with respect to a WT node to terminate a WLAN network interface. In other embodiments and additional or alternative termination node may be used to terminate a network interface of any other non-cellular RAT network, for example, a Bluetooth network, a millimeter wave (mmWave) network, and/or any other network, e.g., in addition to or instead of the WLAN network.
[0045] In some demonstrative embodiments, WT node 106 may be configured to manage access to a non-cellular network 107, for example, a WLAN, e.g., a Service Set (SS), a Basic Service Set (BSS), and Extended Service Set, a Homogenous Extended Service Set (HESS), and the like.
[0046] In some demonstrative embodiments, one or more functionalities of WT node 106 may be implemented, for example, in the form of, or as part of, a WLAN access device, for example, as part of a WLAN Access Point (AP), or a WLAN Access Controller (AC), as part of another device, or as a standalone device.
[0047] In other embodiments, WT node 106 may perform any other functionality and/or may perform at least part of the functionality of any other device capable of controlling and/or managing WLAN radio access to one or more wired networks.
[0048] In one example, WT bode 106 may include, operate as, and/or perform the functionality of, an AP, e.g., configured to communicate directly with UE 102 via a WLAN link.
[0049] In another example, WT bode 106 may include, operate as, and/or perform the functionality of, an AC. According to this example, WT node 106 may control a plurality of AP devices, e.g., including Lightweight Access Point (LAP) devices 158.
[0050] In some demonstrative embodiments, UE 102 may include, for example, a Mobile Device (MD), a Station (STA), a mobile computer, a laptop computer, a notebook computer, a tablet computer, an Ultrabook™ computer, an Internet of Things (IoT) device, a wearable
device, a sensor device, a mobile internet device, a handheld computer, a handheld device, a storage device, a PDA device, a handheld PDA device, an on-board device, an off-board device, a hybrid device (e.g., combining cellular phone functionalities with PDA device functionalities), a consumer device, a vehicular device, a non-vehicular device, a mobile or portable device, a mobile phone, a cellular telephone, a PCS device, a mobile or portable GPS device, a DVB device, a relatively small computing device, a non-desktop computer, a "Carry Small Live Large" (CSLL) device, an Ultra Mobile Device (UMD), an Ultra Mobile PC (UMPC), a Mobile Internet Device (MID), an "Origami" device or computing device, a video device, an audio device, an A/V device, a gaming device, a media player, a Smartphone, or the like.
[0051] In some demonstrative embodiments, system 100 may include at least one WLAN AP 119. In some demonstrative embodiments, WT node 106 may include, may operate as, and/or may perform one or more functionalities of WLAN AP 119, e.g., as described below. In other embodiments, WLAN AP 119 and WT node 106 may be implemented as two separate and/or independent units, elements, device and/or entities of system 100, e.g., as described below.
[0052] In some demonstrative embodiments, UE 102, cellular manager 104, WT node 106, and/or WLAN AP 119 may include one or more communication interfaces to perform communication between UE 102, cellular manager 104, WT node 106, WLAN AP 119, and/or with one or more other wireless communication devices, e.g., as described below.
[0053] Some demonstrative embodiments include an interface 199 (also referred to as "the access device interface", "the horizontal interface", "the "Xw interface", "the X2-W interface" or "the cellular/WLAN interface"), which may include circuitry and/or logic configured to interface, e.g., directly or indirectly, between a cellular network element, e.g., cellular manager 104, and a WLAN element, e.g., WT node 106, as described in detail below.
[0054] In some demonstrative embodiments, interface 199 may be implemented to interface between an eNB and a WT node, e.g., as described below. However, in other embodiments, the cellular /WLAN interface 199 may be implemented to directly interface between any other cellular device and any other WLAN device. In one example, the cellular/WLAN interface 199 may be implemented to directly interface between an eNB and a WLAN AP or WLAN AC, e.g., WLAN AP 119. In another example, the cellular/WLAN interface 199 may be implemented to directly interface between a UMTS RNC and a WT node. In another
example, the cellularAVLAN interface 199 may be implemented to directly interface between a UMTS RNC and a WLAN AP or AC, e.g., WLAN AP 119.
[0055] In some demonstrative embodiments, interface 199 may be utilized to enhance and/or increase the efficiency of interworking, integration and/or management of the cellular and WLAN radio access technologies.
[0056] In some demonstrative embodiments, interface 199 may be configured to perform and/or support one or more aggregation operations and/or functionalities, for example, to transfer traffic, e.g., in addition to transferring control plane information.
[0057] In some demonstrative embodiments, interface 199 may be utilized to improve efficiency of resource management, to provide efficient load balancing, and/or to improve mobility between Radio Access Technology (RAT) networks.
[0058] In some demonstrative embodiments, cellular manager 104 may include an interface ("Core Network (CN) interface") 146, e.g., a vertical interface, including circuitry and/or logic configured to communicate with one or more elements of a CN 183, e.g., an Evolved Packet Core (EPC).
[0059] In some demonstrative embodiments, CN interface 146 may include an SI vertical interface configured to communicate between cellular manager 104 and a Serving Gateway (S-GW) 185 according to an SI protocol, e.g., if cellular manager 104 performs the functionality of an eNB. According to this example, S-GW 187 may interface between cellular manager 104 and a Packet Data Network (PDN) Gateway (P-GW) 187.
[0060] In other embodiments, CN interface 146 may include any other vertical interface with one or more elements of CN 183. For example, cellular manger 104 may perform the functionality of an RNC, e.g., in a UMTS system. According to this example, CN interface 146 may include an Interface Unit Circuit Switch (Iu-CS) interface and/or an Interface Unit Packet Switch (Iu-PS) interface, to interface between the RNC and one or more packet- switched or circuit-switched CN elements.
[0061] In some demonstrative embodiments, cellular manager 104 may include an interface including circuitry and/or logic to communicate user plane traffic, directly or indirectly, between CN 183 and UE 102.
[0062] In some demonstrative embodiments, cellular manager 104 may communicate the user plane traffic directly with UE 102, for example, if cellular manager 104 performs the
functionality of an eNB. According to these embodiments, cellular manager 104 may include an air interface, for example, a cellular transceiver (TRx) 167, including circuitry and/or logic configured to communicate with UE 102 via a cellular link.
[0063] In other embodiments, cellular manager 104 may communicate the user plane traffic with UE 102 via Node B 157, e.g., if cellular manager 104 performs the functionality of an RNC. According to these embodiments, cellular manager 104 may include a Node B interface 161 to communicate between the RNC and Node B 157. For example, Node B interface 161 may include an Interface Unit b (Iub).
[0064] In some demonstrative embodiments, cellular manager 104 may include a WT node interface 169 (also referred to as "WLAN interface" or "WLAN control interface") including circuitry and/or logic configured to communicate with WT node 106 and/or with one or more WLAN stations (ST As), e.g., as described below. In one example, interface 169 may include an AP interface, e.g., if WT node 106 performs the functionality of an AP. In another example, interface 169 may include an AC interface, e.g., if WT node 106 performs the functionality of an AC. In another example, interface 169 may include any other non-cellular RAT interface to communicate with a node of a non-cellular RAT network.
[0065] In some demonstrative embodiments, WT node 106 may include a cell manager interface ("the cellular interface") 192 including circuitry and/or logic configured to communicate with cellular manager 104. In one example, interface 192 may include an eNB interface, e.g., if cellular manager 104 performs the functionality of an eNB. In another example, interface 192 may include a RNC interface, e.g., if cellular manager 104 performs the functionality of a RNC.
[0066] In some demonstrative embodiments, interfaces 169 and 192 may be configured to communicate between cellular manager 104 and WT node 106 via a direct link of interface 199.
[0067] In some demonstrative embodiments, interface 199 may include a Point to Point (P2P) link, e.g., as described below.
[0068] In some demonstrative embodiments, interface 199 may be implemented by any wired and/or wireless link, e.g., using any suitable, Physical Layer (PHY) components and/or protocols.
[0069] In some demonstrative embodiments, WT node 106 may include a network interface 196 including circuitry and/or logic configured to communicate network traffic with a wired network 177, e.g., the Internet and/or any other network.
[0070] In some demonstrative embodiments, WT node 106 may include a WLAN interface 193 including circuitry and/or logic configured to communicate the network traffic and/or any other traffic with UE 102 via a WLAN, directly or indirectly.
[0071] In some demonstrative embodiments, WT node 106 may communicate directly with UE 102 via WLAN link, for example, if WT node 106 includes, operates as, or performs the functionality of, a WLAN AP 119. According to these embodiments, WLAN interface 193 may include a WLAN radio 194 including circuitry and/or logic configured to communicate the network traffic and/or any other traffic directly with UE 102, e.g., via a WLAN link between WT node 106 and UE 102, for example, if WT node 106 includes, operates as, or performs the functionality of, a WLAN AP 119.
[0072] In some demonstrative embodiments, WT node 106 may indirectly communicate with UE 102, for example, if WT node 106 performs the functionality of an AC, or if WT node 106 is an entity, which is separate from the WLAN AC or WLAN AP. According to these embodiments, WLAN interface 193 may include, for example, an AP interface, e.g., a LAP interface 159, to communicate the network traffic and/or any other traffic with WLAN AP 119 and/or LAP 158.
[0073] In some demonstrative embodiments, WLAN interface 193 may include any other additional or alternative interfaces to directly and/or indirectly communicate via the WLAN.
[0074] In some demonstrative embodiments, UE 102 may include a non-cellular RAT transceiver (TRx), for example, a WLAN TRx 163, including circuitry and/or logic configured to communicate with a WLAN device, e.g., with WLAN AP 119, WT node 106 and/or with LAP 158, via the WLAN link. Some embodiments are described below with respect to a UE, e.g., UE 102, including a WLAN TRx to communicate over a WLAN. In other embodiments, the UE may include any additional or alternative non-cellular RAT TRx, e.g., a Bluetooth TRx and/or any other TRx, to communicate over any additional or alternative non-cellular RAT network.
[0075] In some demonstrative embodiments, UE 102 may include a cellular transceiver (TRx) 165 including circuitry and/or logic configured to communicate with a cellular
network, for example, via a cellular device, e.g., cellular manager 104 and/or Node B 157, via the cellular link.
[0076] In some demonstrative embodiments, WLAN AP 119 may include a network interface 121 including circuitry and/or logic configured to communicate with at least one network node. In one example, network interface 121 may include a WT node interface to communicate with WT node 106. In another example, network interface 121 may include cellular manager interface to communicate with cellular manager 104, e.g., via interface 199, for example, if WLAN AP 119 implemented by and/or collocated with WT node 106.
[0077] In some demonstrative embodiments, WLAN AP 119 may include a WLAN TRx 122 including circuitry and/or logic configured to communicate traffic with UE 102, e.g., via a WLAN link between WLAN AP 119 and UE 102.
[0078] In some demonstrative embodiments, WLAN TRx 163, cellular TRx 165, cellular TRx 167, WLAN TRx 122, and/or WLAN radio 194 may include one or more wireless transmitters, receivers and/or transceivers including circuitry and/or logic to process, encode, decode, send and/or receive wireless communication signals, RF signals, frames, blocks, transmission streams, packets, messages, data items, and/or data.
[0079] In some demonstrative embodiments, WLAN TRx 167, WLAN TRx 122, and/or WLAN radio 194 may include one or more wireless receivers (Rx) including circuitry and/or logic to receive wireless communication signals, RF signals, frames, blocks, transmission streams, packets, messages, data items, and/or data; and/or one or more wireless transmitters (Tx) including circuitry and/or logic to send wireless communication signals, RF signals, frames, blocks, transmission streams, packets, messages, data items, and/or data. For example, WLAN TRx 167, WLAN TRx 122, and/or WLAN radio 194 may include circuitry; logic; Radio Frequency (RF) elements, circuitry and/or logic; baseband elements, circuitry and/or logic; modulation elements, circuitry and/or logic; demodulation elements, circuitry and/or logic; amplifiers; analog to digital and/or digital to analog converters; filters; and/or the like.
[0080] In some demonstrative embodiments, cellular TRx 167 and/or cellular TRx 165 may include a multiple input multiple output (MIMO) transmitters receivers system (not shown), which may be capable of performing antenna beamforming methods, if desired. In other embodiments, cellular TRx 167 and/or cellular TRx 165 may include any other transmitters and/or receivers.
[0081] In some demonstrative embodiments, cellular TRx 167 and/or cellular TRx 165 may include LTE, WCDMA and/or TD-SCDMA modulator and/or demodulator circuitry (not shown) configured to modulate and/or demodulate downlink signals to be communicated over downlink channels, e.g., between cellular manager 104 and UE 102, and/or uplink signals to be communicated over uplink channels, e.g., between UE 102 and cellular manager 104. In other embodiments, cellular TRx 167 and/or cellular TRx 165 may include any other modulators and/or demodulators.
[0082] In some demonstrative embodiments, cellular TRx 167 and/or cellular TRx 165 may include a turbo decoder and/or a turbo encoder (not shown) including circuitry and/or logic for encoding and/or decoding data bits into data symbols, if desired. In some demonstrative embodiments, cellular TRx 167 and/or cellular TRx 165 may include OFDM and/or SC- FDMA modulators and/or demodulators (not shown) configured to communicate OFDM signals over downlink (DL) channels, and/or SC-FDMA signals over uplink (UL) channels.
[0083] In some demonstrative embodiments, UE 102 may establish a WLAN link with WLAN AP 119. For example, WLAN TRx 163 may perform the functionality of one or more STAs, e.g., one or more WiFi STAs, WLAN STAs, and/or DMG STAs. The WLAN link may include an uplink and/or a downlink. The WLAN downlink may include, for example, a unidirectional link from the WLAN AP 119 to the one or more STAs. The uplink may include, for example, a unidirectional link from a STA to the WLAN AP 119.
[0084] In some demonstrative embodiments, WT node 106 may be configured to operate as, and/or perform one or more functionalities of, functionality of WLAN AP 119, for example, in a collocated LTE/WLAN aggregation implementation.
[0085] In some demonstrative embodiments, WT node 106 may be configured to control and/or communicate with one or more WLAN APs 119, e.g., a plurality of WLAN APs 119, for example, as described below.
[0086] In some demonstrative embodiments, UE 102, cellular manager 104, WLAN AP 119, and/or WT node 106, may include, or may be associated with, one or more antennas. In one example, WLAN TRx 163 and/or cellular TRx 165 may be associated with at least two antennas, e.g., antennas 112 and 114, or any other number of antennas, e.g., one antenna or more than two antennas; cellular TRx 167 may be associated with at least two antennas, e.g., antennas 132 and 134, or any other number of antennas, e.g., one antenna or more than two antennas; WLAN radio 194 may be associated with one or more antennas 135; and/or WLAN
TRx 122 may be associated with one or more antennas 124.
[0087] In some demonstrative embodiments, antennas 112, 114, 132, 134, 135 and/or 124 may include any type of antennas suitable for transmitting and/or receiving wireless communication signals, blocks, frames, transmission streams, packets, messages and/or data. For example, antennas 112, 114, 132, 134, 124, and/or 135 may include any suitable configuration, structure and/or arrangement of one or more antenna elements, components, units, assemblies and/or arrays. For example, antennas 112, 114, 132, 134, 124, and/or 135 may include a phased array antenna, a dipole antenna, a single element antenna, a set of switched beam antennas, and/or the like.
[0088] In some embodiments, antennas 112, 114, 132, 134, 124, and/or 135 may implement transmit and receive functionalities using separate transmit and receive antenna elements. In some embodiments, antennas 112, 114, 132, 134, 124, and/or 135 may implement transmit and receive functionalities using common and/or integrated transmit/receive elements.
[0089] In some demonstrative embodiments, cellular manager 104 may include at least one controller component 182, UE 102 may include at least one controller component 197, WLAN AP 119 may include at least one controller component 123, and/or WT node 106 may include at least one controller component 149. Controllers 182, 197, 123, and/or 149 may be configured to trigger one or more communications, to generate and/or trigger communication of one or more messages and/or transmissions, and/or to perform one or more functionalities, operations and/or procedures, e.g., as described below.
[0090] In some demonstrative embodiments, controllers 182, 197, 123, and/or 149 may include circuitry and/or logic, e.g., one or more processors including circuitry and/or logic, memory circuitry and/or logic, Media-Access Control (MAC) circuitry and/or logic, Physical Layer (PHY) circuitry and/or logic, and/or any other circuitry and/or logic, configured to perform the functionality of controllers 182, 197, 123, and/or 149, respectively. Additionally or alternatively, one or more functionalities of controllers 182, 197, and/or 149 may be implemented by logic, which may be executed by a machine and/or one or more processors, e.g., as described below.
[0091] In one example, controller 182 may include circuitry and/or logic, for example, one or more processors including circuitry and/or logic, configured to cause, request and/or trigger cellular manager 104 to perform one or more operations, communications and/or functionalities, e.g., as described herein. In one example, controller 197 may include circuitry
and/or logic, for example, one or more processors including circuitry and/or logic, configured to cause, request and/or trigger UE 102 to perform one or more operations, communications and/or functionalities, e.g., as described herein. In one example, controller 123 may include circuitry and/or logic, for example, one or more processors including circuitry and/or logic, configured to cause, request and/or trigger WLAN AP 119 to perform one or more operations, communications and/or functionalities, e.g., as described herein. In one example, controller 149 may include circuitry and/or logic, for example, one or more processors including circuitry and/or logic, configured to cause, request and/or trigger WT node 106 to perform one or more operations, communications and/or functionalities, e.g., as described herein.
[0092] In some demonstrative embodiments, cellular manager 104 may include a message processor 144 configured to generate, process and/or access one or messages communicated by cellular manager 104. In one example, message processor 144 may be configured to generate one or more messages to be transmitted by cellular manager 104, and/or message processor 144 may be configured to access and/or to process one or more messages received by cellular manager 104, e.g., as described below.
[0093] In some demonstrative embodiments, UE 102 may include a message processor 198 configured to generate, process and/or access one or messages communicated by UE 102. In one example, message processor 198 may be configured to generate one or more messages to be transmitted by UE 102, and/or message processor 198 may be configured to access and/or to process one or more messages received by UE 102, e.g., as described below.
[0094] In some demonstrative embodiments, WLAN AP 119 may include a message processor 125 configured to generate, process and/or access one or messages communicated by WLAN AP 119. In one example, message processor 125 may be configured to generate one or more messages to be transmitted by WLAN AP 119, and/or message processor 125 may be configured to access and/or to process one or more messages received by WLAN AP 119, e.g., as described below.
[0095] In some demonstrative embodiments, WT node 106 may include a message processor 150 configured to generate, process and/or access one or messages communicated by WT node 106. In one example, message processor 150 may be configured to generate one or more messages to be transmitted by WT node 106, and/or message processor 150 may be
configured to access and/or to process one or more messages received by WT node 106, e.g., as described below.
[0096] In some demonstrative embodiments, message processors 144, 198, 125, and/or 150 may include circuitry, e.g., processor circuitry, memory circuitry, Media-Access Control (MAC) circuitry, Physical Layer (PHY) circuitry, and/or any other circuitry, configured to perform the functionality of message processors 144, 198, 125, and/or 150. Additionally or alternatively, one or more functionalities of message processors 144, 198, 125, and/or 150 may be implemented by logic, which may be executed by a machine and/or one or more processors, e.g., as described below.
[0097] In some demonstrative embodiments, at least part of the functionality of message processor 144 may be implemented as part of cellular TRx 167 and/or WT node interface 169; at least part of the functionality of message processor 198 may be implemented as part of cellular TRx 165 and/or WLAN TRx 163; at least part of the functionality of message processor 125 may be implemented as part of WLAN TRx 122; and/or at least part of the functionality of message processor 150 may be implemented as part of interface 192 and/or interface 193.
[0098] In some demonstrative embodiments, at least part of the functionality of message processor 144 may be implemented as part of controller 182, at least part of the functionality of message processor 198 may be implemented as part of controller 197, at least part of the functionality of message processor 125 may be implemented as part of controller 123, and/or at least part of the functionality of message processor 150 may be implemented as part of controller 149.
[0099] In other embodiments, at least part of the functionality of message processor 144 may be implemented as part of any other element of cellular manager 104, at least part of the functionality of message processor 198 may be implemented as part of any other element of UE 102, at least part of the functionality of message processor 125 may be implemented as part of any other element of WLAN AP 119, and/or at least part of the functionality of message processor 150 may be implemented as part of any other element of WT node 106.
[00100] In some demonstrative embodiments, at least part of the functionality of controller 197, and/or message processor 198 may be implemented by an integrated circuit, for example, a chip, e.g., a System on Chip (SoC). In one example, the chip or SoC may be configured to perform one or more functionalities of cellular transceiver 165 and/or WLAN
TRx 163. For example, the chip or SoC may include one or more elements of controller 197, message processor 198, and/or one or more elements of cellular transceiver 165 and/or WLAN TRx 163. In one example, controller 197, message processor 198, cellular transceiver 163, and WLAN TRx 163 may be implemented as part of the chip or SoC. In other embodiments, controller 197, message processor 198, cellular transceiver 165 and/or WLAN TRx 163 may be implemented by one or more additional or alternative elements of UE 102.
[00101] In some demonstrative embodiments, at least part of the functionality of controller 182 and/or message processor 144 may be implemented by an integrated circuit, for example, a chip, e.g., a System on Chip (SoC). In one example, the chip or SoC may be configured to perform one or more functionalities of cellular transceiver 167 and/or WT node interface 169. For example, the chip or SoC may include one or more elements of controller 182, message processor 144, and/or one or more elements of cellular transceiver 167 and/or WT node interface 169. In one example, controller 182, message processor 144, cellular transceiver 167, and WT node interface 169 may be implemented as part of the chip or SoC. In other embodiments, controller 182, message processor 144, cellular transceiver 167 and/or WT node interface 169 may be implemented by one or more additional or alternative elements of cellular manager 104.
[00102] In some demonstrative embodiments, at least part of the functionality of controller 149 and/or message processor 150 may be implemented by an integrated circuit, for example, a chip, e.g., a System on Chip (SoC). In one example, the chip or SoC may be configured to perform one or more functionalities of WLAN interface 193 and/or cellular manager interface 192. For example, the chip or SoC may include one or more elements of controller 149, message processor 150, and/or one or more elements of WLAN interface 193 and/or cellular manager interface 192. In one example, controller 149, message processor 150, WLAN interface 193, and cellular manager interface 192 may be implemented as part of the chip or SoC. In other embodiments, controller 149, message processor 150, WLAN interface 193 and/or cellular manager interface 192 may be implemented by one or more additional or alternative elements of WT node 106.
[00103] In some demonstrative embodiments, at least part of the functionality of controller 123 and/or message processor 125 may be implemented by an integrated circuit, for example, a chip, e.g., a System on Chip (SoC). In one example, the chip or SoC may be configured to perform one or more functionalities of network interface 121 and/or WLAN TRx 122. For example, the chip or SoC may include one or more elements of controller 123, message
processor 125, and/or one or more elements of WLAN TRx 122 and/or network interface 1212. In one example, controller 123, message processor 125, WLAN TRx 122, and network interface 121 may be implemented as part of the chip or SoC. In other embodiments, controller 123, message processor 125, WLAN TRx 122, and/or network interface 121 may be implemented by one or more additional or alternative elements of WLAN AP 119.
[00104] In some demonstrative embodiments, cellular manager 104, WT node 106, WLAN AP 119, and/or UE 102 may also include, for example, one or more of a processor, an input unit, an output unit, a memory unit, and/or a storage unit. For example, cellular manager 104 may include a processor 173 and/or a memory 174; WT node 106 may include a processor 175 and/or a memory 176; WLAN AP may include a processor 129 and/or a memory 127; and/or UE 102 may include a memory 151, a processor 152, an input unit 153, an output unit 154, and/or a storage unit 155. UE 102, cellular manager 104, WLAN AP 119, and/or WT node 106 may optionally include other suitable hardware components and/or software components. In some demonstrative embodiments, some or all of the components of one or more of UE 102, cellular manager 104, WLAN AP 119, and/or WT node 106 may be enclosed in a common housing or packaging, and may be interconnected or operably associated using one or more wired or wireless links. In other embodiments, components of one or more of UE 102, cellular manager 104, WLAN AP 119, and/or WT node 106 may be distributed among multiple or separate devices.
[00105] In some demonstrative embodiments, processors 173, 175, 129, and/or 152 may include, for example, a Central Processing Unit (CPU), a Digital Signal Processor (DSP), one or more processor cores, a single-core processor, a dual-core processor, a multiple-core processor, a microprocessor, a host processor, a controller, a plurality of processors or controllers, a chip, a microchip, one or more circuits, circuitry, a logic unit, an Integrated Circuit (IC), an Application-Specific IC (ASIC), or any other suitable multi-purpose or specific processor or controller. For example, processor 173 may execute instructions, for example, of an Operating System (OS) of cellular manager 104 and/or of one or more suitable applications; processor 175 may execute instructions of an OS of WT node 106 and/or of one or more suitable applications; processor 129 may execute instructions of an OS of WLAN AP 119 and/or of one or more suitable applications; and/or processor 152 may execute instructions of an OS of UE 102 and/or of one or more suitable applications.
[00106] In some demonstrative embodiments, input unit 153 may include, for example, a keyboard, a keypad, a mouse, a touch-screen, a touch-pad, a track-ball, a stylus, a
microphone, or other suitable pointing device or input device. Output unit 154 includes, for example, a monitor, a screen, a touch-screen, a flat panel display, a Light Emitting Diode (LED) display unit, a Liquid Crystal Display (LCD) display unit, a plasma display unit, one or more audio speakers or earphones, or other suitable output devices.
[00107] In some demonstrative embodiments, memory unit 174, 176 and/or 151 may include, for example, a Random Access Memory (RAM), a Read Only Memory (ROM), a Dynamic RAM (DRAM), a Synchronous DRAM (SD-RAM), a flash memory, a volatile memory, a non-volatile memory, a cache memory, a buffer, a short term memory unit, a long term memory unit, or other suitable memory units. Storage unit 155 includes, for example, a hard disk drive, a floppy disk drive, a Compact Disk (CD) drive, a CD-ROM drive, a DVD drive, or other suitable removable or non-removable storage units. For example, memory unit 174 may store data processed by cellular manager 104; memory unit 151 may store data processed by UE 102; memory unit 127 may store data processed by WLAN AP 119; and/or memory unit 176 may store data processed by WT node 106.
[00108] In some demonstrative embodiments, UE 102 may be configured to utilize a cellular connection, e.g., a LTE cellular connection or any other cellular connection, to communicate with cellular manager 104, and a WLAN connection, e.g., a Wireless-Fidelity (WiFi) connection, a mmWave connection, a wireless P2P connection, or any other WLAN connection, to communicate with WLAN AP 119, which may be, for example, connected to, implemented by, and/or controlled by WT node 106.
[00109] In some demonstrative embodiments, one or more elements of system 100 may perform the functionality of a HetNet, which may utilize a deployment of a mix of technologies, frequencies, cell sizes and/or network architectures, for example, including cellular, WLAN, and/or the like.
[00110] For example, the HetNet may be configured to provide a service through a first wireless communication environment, e.g., a cellular network, and to maintain the service when switching to another communication environment, e.g., WLAN. The HetNet architecture may enable utilizing a mixture of wireless communication environments, e.g., a WLAN environment and a cellular environment, for example, to optimally respond to rapid changes in customer demand, reduce power consumption, reduce cost, increase efficiency and/or achieve any other benefit.
[00111] In one example, system 100 may utilize a Multi-tier, Multi-Radio Access Technology (Multi-RAT) Het-Net architecture, including a tier of small cells, e.g., pico, femto, relay stations, WiFi APs, and the like, overlaid on top of a macro cellular deployment to augment network capacity.
[00112] In another example, system 100 may utilize Multi-RAT small cells integrating multiple radios such as WiFi and 3GPP air interfaces in a single infrastructure device.
[00113] In other embodiments, system 100 may implement any other architecture and/or deployment.
[00114] In some demonstrative embodiments, UE 102 and/or cellular manager 104 may be configured to establish one or more Evolved UMTS Terrestrial Radio Access Network (E- UTRAN) Radio Access Bearers (E-RABs) between UE 102 and S-GW 185, e.g., via cellular manager 104.
[00115] In some demonstrative embodiments, UE 102, cellular manager 104 and/or WT node 106 may be configured to communicate according to a LTE/WLAN protocol aggregation (LWA) scheme, e.g., as described below.
[00116] In some demonstrative embodiments, the LTE/WLAN protocol stack aggregation may be configured to enable LTE interworking with a WLAN protocol stack.
[00117] In some demonstrative embodiments, the LTE/WLAN protocol stack aggregation may be configured to anchor WLAN mobility at the cellular manager 104.
[00118] In some demonstrative embodiments, cellular manager 104 and/or WT node 106 may be configured according to a network architecture of a non-collocated LTE/WLAN aggregation, e.g., in which cellular manager 104 and WT node 106 are not collocated as part of an integrated device and/or in which interface 199 is not an internal interface.
[00119] In some demonstrative embodiments, cellular manager 104 and/or WT node 106 may be configured according to a network architecture of a collocated LTE/WLAN aggregation, e.g., in which cellular manager 104 and WT node 106 may be collocated as part of an integrated device and/or in which interface 199 is an internal interface.
[00120] Current solutions for establishing a secure connection between a WLAN station (STA) and a WLAN AP assume that the connection establishment between the WLAN STA and the WLAN AP is applied over the air, which is a shared media and therefore not secured. Accordingly, current solutions require performing an association procedure and/or an
authentication procedure, for example, before allowing communication of secure traffic between the WLAN AP and the WLAN STA.
[00121] For example, some specifications and/or protocols, for example, the IEEE 802.11 Specifications, may define one or more protocols ("IEEE 802.11 protocols") for establishing a connection between a WLAN STA, e.g., a mobile UE, and a WLAN AP. The IEEE 802.11 protocols all require the wireless station and the WLAN AP to engage in an authentication process and an association process, for example, in order to establish security keys to be used for establishing a secure connection between the wireless station and the WLAN AP. For example, the IEEE 802.11 protocols require that both the WLAN STA and the WLAN AP are to support and use complicated algorithms and protocols, for example, such as operations and/or procedures according to IEEE 802. IX Specifications, operations and/or procedures according to an Extensible Authentication Protocol (EAP), operations and/or procedures according to Secure Attribute Exchange (SAE) protocols, operations and/or procedures according to Finite Field Cryptography protocols, and/or operations and/or procedures according to Elliptic Curve Cryptography protocols, as well as one or more authentication devices in the network, for example, an Authentication, Authorization, and Accounting (AAA) server.
[00122] The authentication and association processes of the IEEE 802.11 protocols are time consuming, and require transmission of multiple messages over the air, which in turn, may occupy the wireless medium and may prevent transmissions by other devices. In one example, a key generation process of the IEEE 802.11 connection establishment process may be time consuming, and may last as long as 3-5 seconds, or even more.
[00123] Reference is made to Fig. 2, which schematically illustrates a procedure of setting security parameters of a WLAN connection, e.g., in accordance with an IEEE 802.11 Specification. For example, as shown in Fig. 2, a WLAN session establishment process between a WLAN station and a WLAN AP may be based on a sequence of stages, which may include several over-the-air messages, for example, a probe request/response, an authentication request/response, and an association request/response.
[00124] In some demonstrative embodiments, in some scenarios, use cases, implementations and/or deployments, a secure cellular connection, e.g., an LTE connection, between a cellular node, e.g., cellular manager 104, and a UE, e.g., UE 102, and/or a secure connection between the cellular node, cellular node 104, and a WLAN node, e.g., WLAN AP 119 and/or WT
node 106, e.g., via interface 199, may be utilized to assist in establishing a secure WLAN connection between the UE, e.g., UE 102, and the WLAN node, e.g., WLAN AP 119, for example, even without performing one or more operations of an authentication process and/or an association process, for example, even without performing the authentication process and/or the association process, e.g., as described below.
[00125] In some demonstrative embodiments, cellular manager 104, UE 102, WT node 106 and/or WLAN AP 119 may be configured to allow UE 102 and WLAN AP 119 to establish a secure WLAN connection, for example, even without performing one or more operations, communications, and/or procedures of an authentication process and/or an association process, for example, even without performing the any authentication process and/or association process, e.g., as described below.
[00126] In some demonstrative embodiments, cellular manager 104, UE 102, WT node 106 and/or WLAN AP 119 may be configured to allow UE 102 and WLAN AP 119 to establish a secure WLAN connection, for example, even without partially or fully using the IEEE 802.11 protocols for key establishment, e.g., as described below.
[00127] In some demonstrative embodiments, cellular manager 104, UE 102, WT node 106 and/or WLAN AP 119 may be configured to implement a cellular-assisted establishing of a secured WLAN connection between UE 102 and WLAN AP 119, e.g., as described below.
[00128] In some demonstrative embodiments, cellular manager 104 may be configured to provide to UE 102 and WLAN AP 119 cellular-assisted cryptographic information, which may be configured to propagate to UE 102 and WLAN AP 119, e.g. in a secure manner, cryptographic information, e.g., including one or more security keys, for example, security keys in accordance with the IEEE 802.11 protocols ("the IEEE 802.11 security keys"), e.g., as described below.
[00129] In some demonstrative embodiments, one or more operations and/or communications performed by cellular manager 104, UE 102, WT node 106 and/or WLAN AP 119, e.g., as described herein may be implemented, for example, in a LTE/WLAN Aggregation (LWA), for example, as part of a 3GPP RAN2 Specification, one or more 3GPP Rel-14 Specifications, and/or any other cellular, LTE, IEEE 802.11, and/or Wi-Fi, Specification and/or protocol.
[00130] In some demonstrative embodiments, cellular manager 104, UE 102, WT node 106, and/or WLAN AP 119 may be configured to allow UE 102 and/or WLAN AP 119 to take
advantage of an already available secured alternative channel with cellular manager 104 to communicate cryptographic information, for example, while utilizing the secure connection between cellular manager 104 and UE 102 and/or the secure connection between cellular manager 104 and WT node 106 and/or WLAN AP 119, e.g., as described below.
[00131] In some demonstrative embodiments, cellular manager 104 may be configured to provide cellular-assisted cryptographic information to UE 102 and to WLAN AP 119, e.g., via the cellular connection between cellular manager 104 and UE 102, and/or via interface 199 between cellular manager 104 and WT node 106.
[00132] In some demonstrative embodiments, the ability to communicate the cryptographic information from cellular manager 104 to UE 102 and WLAN AP 119 in a secure manner may enable to avoid performing one or more operations of an association procedure and/or one or more operations of an authentication procedure. For example, the ability to communicate the cryptographic information from cellular manager 104 to UE 102 and WLAN AP 119 in a secure manner may even enable, in some cases and/or deployments, completely avoiding the entire association and/or authentication procedures, for example, while avoiding performing at least a portion of, e.g., the entirety of, the 802.11 association and/or an IEEE 802.11 4-ways handshake.
[00133] In some demonstrative embodiments, the ability to communicate the cryptographic information from cellular manager 104 to UE 102 and WLAN AP 119 in a secure manner may enable, in some cases, a very fast key establishment for establishing a secure session between UE 102 and WLAN AP 119, for example, within even less than 100 microseconds (usee).
[00134] In some demonstrative embodiments, cellular manager 104 may be configured to provide to UE 102 and to WLAN AP 119 cellular-assisted cryptographic information, which may be configured to allow UE 102 and WLAN AP 119 to establish a secured WLAN session, e.g., as described below.
[00135] In some demonstrative embodiments, the cellular-assisted cryptographic information may include, for example, information of a ciphering mechanism (also referred to as a "cipher suite"), for example, an encryption/decryption algorithm to be used to communicate over the secure WLAN session, e.g., as described below.
[00136] In some demonstrative embodiments, the ciphering mechanism may include, for example, a Wired Equivalent Privacy (WEP) mechanism, a Temporal Key Integrity Protocol
(TKIP) mechanism, a Counter Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP) mechanism, e.g., a CCMP-128 or a CCMP-256, a Galois/Counter Mode Protocol (GCMP), e.g., a GCMP-128 or a GCMP-256, a ciphering mechanism in accordance with a WLAN standard and/or protocol, a ciphering mechanism in accordance with a Wi-Fi standard and/or protocol, a ciphering mechanism in accordance with a P2P standard and/or protocol, a ciphering mechanism in accordance with a cellular standard and/or protocol, a ciphering mechanism in accordance with a 3GPP standard and/or protocol, and/or any other ciphering protocol, mechanism, suit, and/or procedure.
[00137] In some demonstrative embodiments, the cellular-assisted cryptographic information may include, for example, cryptographic key information, for example, including at least one cryptographic key to be used to encrypt and/or decrypt data to be communicated over the secure WLAN connection. In one example, the cryptographic key information may include one or more transient keys, and/or any other type of keys, e.g., as described below.
[00138] In some demonstrative embodiments, UE 102 and WLAN AP 119 may be configured to receive and process the cellular-assisted cryptographic information in one or more messages from cellular manager 104, e.g., as described below.
[00139] In some demonstrative embodiments, UE 102 and WLAN AP 119 may be configured to use the cellular-assisted cryptographic information, for example, to communicate traffic over a WLAN channel in a secure manner, for example, even without a need to perform one or more, e.g., any, message exchanges prior to communicating the traffic.
[00140] For example, UE 102 and WLAN AP 119 may be configured to use the cellular- assisted cryptographic information, for example, to communicate traffic over a WLAN channel in a secure manner, for example, even without performing an IEEE 802.11 message exchange, e.g., an 802.11 authentication message exchange, an IEEE 802.11 association message exchange, and/or a 4-ways handshake.
[00141] In some demonstrative embodiments, UE 102 may be configured to provide an indication to the network that UE 102 is ready to receive traffic via WLAN, for example, via the cellular connection with cellular manager 104, e.g., via a Radio Resource Control (RRC) message.
[00142] In some demonstrative embodiments, UE 102 may be configured to provide to cellular manager 104 an indication of one or more supported ciphering mechanisms of UE 102, e.g., as described below.
[00143] In some demonstrative embodiments, controller component 197 and/or message processor 198 may be configured to generate a message, e.g., an RRC message, and/or to trigger cellular transceiver 165 to transmit to cellular manager a message, for example, an RRC message, including an indication of one or more supported ciphering mechanisms of UE 102.
[00144] In some demonstrative embodiments, WLAN AP 119 may be configured to provide to cellular manager 104 an indication of one or more supported ciphering mechanisms of WLAN AP 119, e.g., as described below.
[00145] In some demonstrative embodiments, controller component 123 and/or message processor 125 may be configured to generate a message, and/or to trigger network interface 121 to send to a network node, e.g., to WT node 106 or directly to cellular manager 104, a message including an indication of one or more supported ciphering mechanisms of WLAN AP 119.
[00146] In some demonstrative embodiments, controller 182 and/or message processor 144 may be configured to cause, trigger, instruct and/or control cellular manager 104 to process a first message, for example, the message from 102 UE including the indication of the one or more supported ciphering mechanisms of UE 102 ("the first supported ciphering mechanisms"); and/or to process a second message, for example, a message from the WT node 106 including an indication of one or more supported ciphering mechanisms of WLAN AP 119 ("the second supported ciphering mechanisms").
[00147] In some demonstrative embodiments, cellular manager 104, UE 102, WLAN AP 119, and/or WT node 106 may be configured to communicate the messages indicating the supported ciphering mechanisms of UE 102 and WLAN AP 119, for example, as part of one or more security capability messages, for example, during a capability exchange procedure, e.g., as described below.
[00148] In some demonstrative embodiments, controller component 182 may be configured to trigger cellular transceiver 167 to transmit a security capability request to UE 102, e.g., as part of an RRC message.
[00149] In some demonstrative embodiments, controller component 197 and/or message processor 198 may be configured to process the security capability request from cellular manager 104, and to trigger cellular transceiver 165 to transmit the message including the first supported ciphering mechanisms, for example, in response to a cellular request message from cellular manager 104.
[00150] In some demonstrative embodiments, controller component 182 may be configured to trigger WLAN interface 169 to send a security capability request to WT node 106, e.g., as part of an Xw Application Protocol (XwAP) message, for example, to request for the supported ciphering mechanisms of one or more WLAN APs 119.
[00151] In some demonstrative embodiments, controller component 149 and/or message processor 150 may be configured to process the security capability request from cellular manager 104, and to trigger cellular manager interface 192 to send to cellular manager 104 the message including the second supported ciphering mechanisms, for example, in response to a cellular request message from cellular manager 104. In one example, WT node 106 may send the security capability request to WLAN AP 119, and WLAN AP 119 may send an indication of the second supported ciphering mechanisms back to WT node 106.
[00152] In some demonstrative embodiments, controller component 182 may be configured to determine at least one ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms, e.g., as described below.
[00153] In some demonstrative embodiments, controller component 182 may be configured to select the ciphering mechanism to include a ciphering mechanism, which is common to both the first and second supported ciphering mechanisms, for example, ciphering mechanism, which is supported by both UE 102 and WLAN AP 119.
[00154] In one example, UE 102 may indicate to cellular manager 104 that UE 102 may be capable of supporting a first ciphering mechanism, denoted cipherA, and a second cipher mechanism, denoted CipherB; and WT node 106 may indicate to cellular manager 104 that WLAN AP 119 may be capable of supporting the first ciphering mechanism cipherA, and a third cipher mechanism, denoted CipherC. For example, the CipherA may include a Wired Equivalent Privacy (WEP) mechanism, the CipherB may include a Temporal Key Integrity Protocol (TKIP) mechanism, and/or the CipherC may include a Counter Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP) mechanism. According to this example, controller component 182 may be configured to select the ciphering mechanism to
include the CipherA, which is common to the ciphering mechanisms supported by both UE 102 and WLAN AP 119.
[00155] In some demonstrative embodiments, controller component 182 may be configured to determine the at least one ciphering key in accordance with the selected ciphering mechanism.
[00156] In some demonstrative embodiments, cellular manager 104 may be configured to inform UE 102 and WT node 106 of the selected ciphering mechanism and the ciphering key, for example, to be used for establishing a secure WLAN connection between UE 102 and WLAN AP 119, e.g., as described below.
[00157] In some demonstrative embodiments, controller component 182 and/or message processor 144 may be configured to trigger cellular transceiver 167 to transmit to UE 102 a message, e.g., an RRC message, including the cryptographic key and an indication of the selected ciphering mechanism, e.g., as described below.
[00158] In some demonstrative embodiments, controller component 182 and/or message processor 144 may be configured to trigger WLAN interface 169 to send to WT node 1106 a message, e.g., an XwAP message, including the cryptographic key and the indication of the selected ciphering mechanism, e.g., as described below.
[00159] In some demonstrative embodiments, controller component 149 may be configured to trigger WT node 106 to send the cryptographic key and the indication of the selected ciphering mechanism to WLAN AP 119, e.g., if WLAN AP 119 is separate from WT node 106.
[00160] In some demonstrative embodiments, the at least one cryptographic key may include, for example, at least one transient key to encrypt or decrypt data to be communicated over the WLAN of WLAN AP 119.
[00161] In some demonstrative embodiments, the cryptographic key may include, for example, a unicast key, which may be configured, for example, to encrypt or decrypt a unicast message communicated between UE 102 and WLAN AP 119 via the secured WLAN connection.
[00162] In some demonstrative embodiments, the cryptographic key may include, for example, a group-cast key, which may be configured, for example, to decrypt a group-cast message, which may be transmitted from WLAN AP 119, for example, a broadcast message
addressed to a broadcast address, or a group message addressed to a group of devices, e.g., including UE 102.
[00163] In some demonstrative embodiments, controller component 182 may be configured to generate the group-cast key to be used by WLAN AP 119. According to these embodiments, controller component 182 may be configured to send the group-cast key to UE 102 and to WT node 106.
[00164] In some demonstrative embodiments, the group-cast key may be generated and provided by WLAN AP 119. For example, the group-cast key may include a group-cast key, which may already be used by WLAN AP 119 for communicating group-cast messages to a group of one or more WLAN devices. According to these embodiments, WLAN AP 119 and/or WT node 106 may be configured to provide the group-cast key to cellular manager 104, for example, as part of the message including the supported ciphering mechanism of WLAN AP 119, or as part of any other message.
[00165] In some demonstrative embodiments, UE 102 and WLAN AP 119 may be configured to establish a secure WLAN connection between UE 102 and WLAN AP 119, for example, according to the ciphering mechanism with the cryptographic key, e.g., as provided by cellular manager 104.
[00166] In some demonstrative embodiments, controller component 197 may be configured to trigger UE 102 to establish the secured WLAN connection with WLAN AP 119 using the cryptographic key, for example, even when UE 102 is unassociated and unauthenticated with WLAN AP 119.
[00167] In some demonstrative embodiments, controller component 123 may be configured to trigger WLAN AP to establish the secured WLAN connection with UE 102 according to the ciphering mechanism using the cryptographic key.
[00168] In some demonstrative embodiments, controller component 123 may be configured to trigger WLAN AP to establish the secured WLAN connection with UE 102 using the cryptographic key, for example, even when UE 102 is unassociated and unauthenticated with WLAN AP 119.
[00169] Reference is made to Fig. 3, which schematically illustrates operations and communications between a wireless station, e.g., an eNB 302, a cellular manager of a secure- primary cell, e.g., an eNB 304, and a WLAN AP 319, e.g., an IEEE 802.11 AP, in accordance with some demonstrative embodiments. For example, cellular manager 104 (Fig.
1), may perform one or more operations and/or functionalities of eNB 304, UE 102 (Fig. 1) may perform one or more operations and/or functionalities of UE 302, and/or WLAN AP 119 (Fig. 1) and/or WT node 106 (Fig. 1) may perform one or more operations and/or functionalities of WLAN AP 319.
[00170] In some demonstrative embodiments, as shown in Fig. 3, eNB 304 may be configured to provide WLAN AP 319 and UE 302 with cellular- assisted cryptographic information to enable UE 302 and WLAN AP 319 to establish (310) a secure WLAN connection, for example, even without performing one or more operations of, e.g., even without performing any operations of, an association and/or an authentication procedure, e.g., as described below.
[00171] In some demonstrative embodiments, as shown in Fig. 3, eNB 304 and WLAN AP 319 may communicate one or more security capability discovery messages 312, for example, via a secure link between eNB 304 and WLAN AP 319, e.g., via interface 199 (Fig. 1). For example, WLAN AP 319 may send to eNB 304 a message including an indication of one or more supported ciphering mechanisms of WLAN AP 319, e.g., in response to a security capability request sent from eNB 304, e.g., as described above.
[00172] In some demonstrative embodiments, as shown in Fig. 3, eNB 304 and UE 302 may communicate one or more security capability discovery messages 314, for example, via a secure link between eNB 304 and UE 302, e.g., a RRC link. For example, UE 302 may send to eNB 304 a message including an indication of one or more supported ciphering mechanisms of UE 302, e.g., in response to a security capability request sent from eNB 304, e.g., as described above.
[00173] In some demonstrative embodiments, eNB 304 may be configured to send to WLAN AP 319 a message 316, for example, via the secure link between eNB 304 and WLAN AP 319, e.g., via interface 199 (Fig. 1). Message 316 may include an indication of a ciphering mechanism and one or more cryptographic keys to be used by WLAN AP 319 in establishing a secure WLAN connection with UE 302, e.g., as described above.
[00174] In some demonstrative embodiments, eNB 304 may be configured to send to UE 302 a message 318, for example, via the secure link between eNB 304 and UE 302, e.g., via the RRC link. Message 318 may include an indication of the ciphering mechanism and one or more cryptographic keys to be used by UE 302 in establishing the secure WLAN connection with WLAN AP 319, e.g., as described above.
[00175] In some demonstrative embodiments, as shown in Fig. 3, UE 302 may begin to communicate with WLAN AP 319, e.g., within a very short time period, for example, even without performing an association procedure and/or an authentication procedure, e.g., as described above.
[00176] In some demonstrative embodiments, as shown in Fig. 3, UE 302 and WLAN AP 319 may be configured to communicate encrypted traffic (320) according to the ciphering mechanism using the cryptographic key of the established secured WLAN connection 310.
[00177] Referring back to Fig. 1, in some demonstrative embodiments cellular manager 104 may be configured to provide UE 102 with cellular-assisted ciphering information configured to support roaming of UE 102 from a first WLAN AP ("the current AP"), with which UE 102 may already be connected and/or associated, to a second WLAN AP ("the new AP"), e.g., WLAN AP 119, for example, which may have a secured connection to the cellular node 104, e.g., via WT node 106 and/or interface 199.
[00178] In some demonstrative embodiments, UE 102 may be configured to notify cellular manager 104 that UE 102 wishes to move to a new WLAN AP, for example, via an RRC message.
[00179] In some demonstrative embodiments, cellular manager 104 may be configured to utilize the established secured connection with WLAN AP 119 and UE 102, e.g., via interface 199, for example, to set the ciphering information for the WLAN AP 119 and UE 102, for example, while UE 102 is still communicating with the current AP.
[00180] In some demonstrative embodiments, cellular manager 104 may be configured to provide the ciphering information to UE 102 and WLAN AP 119, e.g., as described above.
[00181] In some demonstrative embodiments, for example, after the one or more ciphering keys are established for UE 102 and WLAN AP 119, UE 102 may switch to communicate the new AP, e.g., WLAN AP 119, by establishing the secure WLAN connection with WLAN AP 119, for example, using the ciphering key provided by cellular manager 104, e.g., with substantially no "off-the-air" time.
[00182] In some demonstrative embodiments, if needed, UE 102 may notify cellular node 104 that UE 102 has moved to the new AP, e.g., via an LTE RRC message.
[00183] In some demonstrative embodiments, UE 102 may receive the message including the cryptographic key and the indication of the ciphering mechanism from cellular node 104,
for example, while UE is connected to a first WLAN AP, e.g., the current AP. According to these embodiments, controller component 197 may be configured to trigger UE 102 to establish a secured WLAN connection with a second WLAN AP, e.g., WLAN AP 119, according to the ciphering mechanism with the cryptographic key provided by cellular manager 104, e.g., as described above.
[00184] In some demonstrative embodiments, controller component 182 and/or message processor 144 may be configured to trigger cellular transceiver 167 to transmit to UE 102 an AP switching request, which may be configured to request UE 102 to switch from a WLAN connection with the first WLAN AP to the secured WLAN connection with the second WLAN AP, e.g., according to the ciphering mechanism using the cryptographic key.
[00185] In some demonstrative embodiments, controller component 197 may be configured to trigger UE 102 to establish the secured WLAN connection with the second WLAN AP, for example, after receipt of the AP switching request from cellular node 104.
[00186] In some demonstrative embodiments, the AP switching request may be included as part of the message including the cryptographic key and the indication of the ciphering mechanism from cellular node 104.
[00187] In some demonstrative embodiments, cellular manager 104 may transit the AP switching request to UE 102 in another message, e.g., after transmitting the message including the cryptographic key and the indication of the ciphering mechanism from cellular node 104.
[00188] Reference is made to Fig. 4, which schematically illustrates operations and communications between a UE 402, e.g., a wireless station, an eNB 404, e.g., a cellular manager of a secure-primary cell, a first WLAN AP 429, e.g., a first IEEE 802.11 AP or any other AP, and a second WLAN AP 419, e.g., a second IEEE 802.11 AP or any other AP, in accordance with some demonstrative embodiments. For example, cellular manager 104 (Fig. 1), may perform one or more operations and/or functionalities of eNB 404, UE 102 (Fig. 1) may perform one or more operations and/or functionalities of UE 402, and/or WLAN AP 119 (Fig. 1) and/or WT node 106 (Fig. 1) may perform one or more operations and/or functionalities of WLAN AP 419 and/or WLAN AP 429.
[00189] In some demonstrative embodiments, as shown in Fig. 4, UE 402 may communicate with the first WLAN AP 429, e.g., via a secure WLAN connection 401. In one example, the secure WLAN connection 401 may be established based on cellular-assisted cryptographic
information from eNB 404 or from another eNB, e.g., as described above. In other embodiments, the secure WLAN connection 401 may be established according to an IEEE 802.11 protocol or any other protocol, for example, using an association procedure and/or an authentication procedure.
[00190] In some demonstrative embodiments, as shown in Fig. 4, eNB 404 may be configured to provide WLAN AP 419 and UE 402 with cellular- assisted cryptographic information to enable UE 402 and WLAN AP 419 to establish (410) a secure WLAN connection, for example, even without performing an association and/or an authentication procedure, e.g., as described below.
[00191] In some demonstrative embodiments, as shown in Fig. 4, eNB 404 may be configured to provide WLAN AP 419 and UE 402 with the cellular-assisted cryptographic information, for example, while UE 402 is still connected to WLAN AP 429.
[00192] In some demonstrative embodiments, as shown in Fig. 4, eNB 404 and WLAN AP 419 may communicate one or more security capability discovery messages 412, for example, via a secure link between eNB 404 and WLAN AP 419, e.g., via interface 199 (Fig. 1). For example, WLAN AP 419 may send to eNB 404 a message including an indication of one or more supported ciphering mechanisms of WLAN AP 419, e.g., in response to a security capability request sent from eNB 404, e.g., as described above.
[00193] In some demonstrative embodiments, as shown in Fig. 4, eNB 404 and UE 402 may communicate one or more security capability discovery messages 414, for example, via a secure link between eNB 404 and UE 402, e.g., a RRC link. For example, UE 402 may send to eNB 404 a message including an indication of one or more supported ciphering mechanisms of UE 402, e.g., in response to a security capability request sent from eNB 404, e.g., as described above.
[00194] In some demonstrative embodiments, eNB 404 may be configured to send to WLAN AP 419 a message 416, for example, via the secure link between eNB 404 and WLAN AP 419, e.g., via interface 199 (Fig. 1). Message 416 may include an indication of a ciphering mechanism and one or more cryptographic keys to be used by WLAN AP 419 in establishing a secure WLAN connection with UE 402, e.g., as described above.
[00195] In some demonstrative embodiments, eNB 404 may be configured to send to UE 402 a message 418, for example, via the secure link between eNB 404 and UE 402, e.g., via the RRC link. Message 418 may include an indication of the ciphering mechanism and one or
more cryptographic keys to be used by UE 402 in establishing a secure WLAN connection with WLAN AP 419, e.g., as described above.
[00196] In some demonstrative embodiments, as shown in Fig. 4, eNB 404 may send to UE 402 a switch AP request 417 to request UE 402 to switch to WLAN AP 419.
[00197] In some demonstrative embodiments, as shown in Fig. 4, UE 402 may switch to communicate with WLAN AP 419, for example, after receipt of the AP switch request 417. For example, UE 402 may switch to communicate with WLAN AP 419, for example, even without performing an association procedure and/or an authentication procedure, e.g., as described above.
[00198] In some demonstrative embodiments, as shown in Fig. 4, UE 402 and WLAN AP 419 may be configured to communicate encrypted traffic (420) according to the ciphering mechanism using the cryptographic key of the established secured WLAN connection 410.
[00199] Reference is made to Fig. 5, which schematically illustrates operations and communications of cellular-assisted establishment of secure WLAN connections in a non- collocated implementation, in accordance with some demonstrative embodiments.
[00200] In some demonstrative embodiments, in a non-collocated implementation, as shown in Fig. 5, an eNB 503 may include an LTE component 502, which may be configured to communicate with a WT node 506, e.g., a router, via an interface 510, e.g., an X2W interface supporting a GTP-U protocol and/or any other protocol.
[00201] In some demonstrative embodiments, WT node 506 may be configured to control and/or communicate with one or more WLAN APs, e.g., a WLAN AP 519 and a WLAN AP 520.
[00202] In one example, LTE component 502 may perform one or more functionalities of cellular manager 104 (Fig. 1), WT node 506 may perform one or more functionalities of WT node 106 (Fig. 1), WLAN APs 519 and/or 520 may perform one or more functionalities of first and second WLAN APs 119 (Fig. 1), and/or interface 510 may perform the functionality of interface 199 (Fig. 1).
[00203] In some demonstrative embodiments, LTE component 502 may be configured to communicate with a UE 504 via a cellular link 512. For example UE 504 may perform one or more functionalities of UE 102 (Fig. 1).
[00204] In some demonstrative embodiments, LTE component 502 may be configured to establish security parameters 531 with WLAN AP 519, for example, via the secured Xw interface 510. For example, the security parameters 531 may include a ciphering mechanism and at least one cryptographic key to be used by WLAN AP 519, e.g., as described above.
[00205] In some demonstrative embodiments, LTE component 502 may be configured to establish the security parameters 531, e.g., the security parameters for WLAN AP 519, with UE 504, for example, via one or more messages 513, e.g., RRC messages, over the secured cellular link 512, e.g., as described above.
[00206] In some demonstrative embodiments, UE 504 may be configured to establish a secure WLAN connection 514 with WLAN AP 519, for example, using the security parameters 531, e.g., as described above.
[00207] In some demonstrative embodiments, LTE component 502 may be configured to establish security parameters 532 with WLAN AP 520, for example, via the secured Xw interface 510. For example, the security parameters 532 may include a ciphering mechanism and at least one cryptographic key to be used by WLAN AP 520, e.g., as described above.
[00208] In some demonstrative embodiments, LTE component 502 may be configured to establish the security parameters 532, e.g., the security parameters for WLAN AP 520, with UE 504, for example, via one or more additional messages 513, e.g., RRC messages, over the secured cellular link 512, e.g., as described above.
[00209] In some demonstrative embodiments, UE 504 may be configured to disconnect from the WLAN AP 519, and to establish a secure WLAN connection 515 with WLAN AP 520, for example, using the security parameters 532, e.g., as described above.
[00210] Reference is made to Fig. 6, which schematically illustrates elements of a UE device 600, in accordance with some demonstrative embodiments. For example, one or more elements of UE device 600 may perform the functionality of one or more elements of UE 102 (Fig. 1). In one example, one or more elements of UE device 600 may be configured to perform the functionality of one or more of cellular TRx 165 (Fig. 1), WLAN TRx 163 (Fig. 1), controller 197 (Fig., 1), message processor 198 (Fig. 1), and/or one or more other elements of UE 102 (Fig. 1). In some demonstrative embodiments, embodiments of a UE may be implemented into a system using any suitably configured hardware and/or software. Fig. 6 illustrates, for one embodiment, example components of UE device 600.
[00211] In some demonstrative embodiments, UE device 600 may include application circuitry 602, baseband circuitry 604, Radio Frequency (RF) circuitry 606, front-end module (FEM) circuitry 608, and one or more antennas 810, coupled together at least as shown.
[00212] In one example, application circuitry 602 may be configured to perform at least part of the functionality of controller 197 (Fig. 1), and/or message processor 198 (Fig. 1); and/or baseband circuitry 604, RF circuitry 606, and/or FEM circuitry 608 may be configured to perform at least part of the functionality of cellular TRx 165 (Fig. 1), WLAN TRx 163 (Fig. 1), controller 197 (Fig. 1), and/or message processor 198 (Fig. 1).
[00213] In some demonstrative embodiments, the application circuitry 602 may include one or more application processors. For example, the application circuitry 602 may include circuitry such as, but not limited to, one or more single-core or multi-core processors. The processor(s) may include any combination of general-purpose processors and dedicated processors (e.g., graphics processors, application processors, etc.). The processors may be coupled with and/or may include memory/storage and may be configured to execute instructions stored in the memory/storage to enable various applications and/or operating systems to run on the system.
[00214] In some demonstrative embodiments, the baseband circuitry 604 may include circuitry such as, but not limited to, one or more single-core or multi-core processors. The baseband circuitry 604 may include one or more baseband processors and/or control logic to process baseband signals received from a receive signal path of the RF circuitry 606 and to generate baseband signals for a transmit signal path of the RF circuitry 606. Baseband processing circuitry 604 may interface with the application circuitry 602, for example, for generation and processing of the baseband signals and for controlling operations of the RF circuitry 606. For example, in some embodiments, the baseband circuitry 604 may include a second generation (2G) baseband processor 604a, a third generation (3G) baseband processor 604b, a fourth generation (4G) baseband processor 604c, and/or other baseband processor(s) 604d for other existing generations, generations in development or to be developed in the future (e.g., fifth generation (5G), 6G, etc.). The baseband circuitry 604 (e.g., one or more of baseband processors 604a-d) may handle various radio control functions that enable communication with one or more radio networks via the RF circuitry 606. The radio control functions may include, but are not limited to, signal modulation/demodulation, encoding/decoding, radio frequency shifting, etc. In some embodiments, modulation/demodulation circuitry of the baseband circuitry 604 may include Fast-Fourier
Transform (FFT), precoding, and/or constellation mapping/demapping functionality. In some embodiments, encoding/decoding circuitry of the baseband circuitry 604 may include convolution, tail-biting convolution, turbo, Viterbi, and/or Low Density Parity Check (LDPC) encoder/decoder functionality. Embodiments of modulation/demodulation and encoder/decoder functionality are not limited to these examples and may include other suitable functionality in other embodiments.
[00215] In some demonstrative embodiments, the baseband circuitry 604 may include elements of a protocol stack such as, for example, elements of an evolved universal terrestrial radio access network (EUTRAN) protocol including, for example, physical (PHY), media access control (MAC), radio link control (RLC), packet data convergence protocol (PDCP), and/or radio resource control (RRC) elements. A central processing unit (CPU) 604e of the baseband circuitry 604 may be configured, for example, to run elements of the protocol stack for signaling of the PHY, MAC, RLC, PDCP and/or RRC layers. In some embodiments, the baseband circuitry may include one or more audio digital signal processor(s) (DSP) 604f. The audio DSP(s) 604f may be include elements for compression/decompression and echo cancellation, and/or may include other suitable processing elements in other embodiments. Components of the baseband circuitry 604 may be suitably combined in a single chip, a single chipset, or disposed on a same circuit board in some embodiments. In some embodiments, some or all of the constituent components of the baseband circuitry 604 and the application circuitry 602 may be implemented together such as, for example, on a system on a chip (SOC).
[00216] In some demonstrative embodiments, the baseband circuitry 604 may provide for communication compatible with one or more radio technologies. For example, in some embodiments, the baseband circuitry 604 may support communication with an evolved universal terrestrial radio access network (EUTRAN) and/or other wireless metropolitan area networks (WMAN), a wireless local area network (WLAN), a wireless personal area network (WPAN), and/or one or more additional or alternative networks. Embodiments in which the baseband circuitry 604 is configured to support radio communications of more than one wireless protocol may be referred to as multi-mode baseband circuitry.
[00217] In some demonstrative embodiments, RF circuitry 606 may enable communication with wireless networks using modulated electromagnetic radiation through a non-solid medium. In various embodiments, the RF circuitry 606 may include switches, filters, amplifiers, etc. to facilitate the communication with the wireless network. RF circuitry 606
may include a receive signal path which may include circuitry to down-convert RF signals received from the FEM circuitry 608, and to provide baseband signals to the baseband circuitry 604. RF circuitry 606 may also include a transmit signal path which may include circuitry to up-convert baseband signals provided by the baseband circuitry 604 and provide RF output signals to the FEM circuitry 608 for transmission.
[00218] In some demonstrative embodiments, the RF circuitry 606 may include a receive signal path and a transmit signal path. The receive signal path of the RF circuitry 606 may include mixer circuitry 606a, amplifier circuitry 606b, and filter circuitry 606c. The transmit signal path of the RF circuitry 606 may include filter circuitry 606c and mixer circuitry 606a. RF circuitry 606 may also include synthesizer circuitry 606d for synthesizing a frequency for use by the mixer circuitry 606a of the receive signal path and the transmit signal path. In some embodiments, the mixer circuitry 606a of the receive signal path may be configured to down-convert RF signals received from the FEM circuitry 608 based on the synthesized frequency provided by synthesizer circuitry 606d. The amplifier circuitry 606b may be configured to amplify the down-converted signals and the filter circuitry 606c may be, for example, a low-pass filter (LPF) or a band-pass filter (BPF), configured to remove unwanted signals from the down-converted signals to generate output baseband signals. Output baseband signals may be provided to the baseband circuitry 604 for further processing. In some embodiments, the output baseband signals may be zero-frequency baseband signals, although this is not a requirement. In some embodiments, mixer circuitry 606a of the receive signal path may comprise passive mixers, although the scope of the embodiments is not limited in this respect.
[00219] In some demonstrative embodiments, the mixer circuitry 606a of the transmit signal path may be configured to up-convert input baseband signals based on the synthesized frequency provided by the synthesizer circuitry 606d to generate RF output signals for the FEM circuitry 608. The baseband signals may be provided by the baseband circuitry 604 and may be filtered by filter circuitry 606c. The filter circuitry 606c may include a low-pass filter (LPF), although the scope of the embodiments is not limited in this respect.
[00220] In some demonstrative embodiments, the mixer circuitry 606a of the receive signal path and the mixer circuitry 606a of the transmit signal path may include two or more mixers and may be arranged for quadrature downconversion and/or upconversion respectively. In some embodiments, the mixer circuitry 606a of the receive signal path and the mixer circuitry 606a of the transmit signal path may include two or more mixers and may be arranged for
image rejection (e.g., Hartley image rejection). In some embodiments, the mixer circuitry 606a of the receive signal path and the mixer circuitry 606a may be arranged for direct downconversion and/or direct upconversion, respectively. In some embodiments, the mixer circuitry 606a of the receive signal path and the mixer circuitry 606a of the transmit signal path may be configured for super-heterodyne operation.
[00221] In some demonstrative embodiments, the output baseband signals and the input baseband signals may be analog baseband signals, although the scope of the embodiments is not limited in this respect. In some alternate embodiments, the output baseband signals and the input baseband signals may be digital baseband signals. In these alternate embodiments, the RF circuitry 606 may include analog-to-digital converter (ADC) and digital-to-analog converter (DAC) circuitry, and the baseband circuitry 604 may include a digital baseband interface to communicate with the RF circuitry 606.
[00222] In some dual-mode embodiments, a separate radio IC circuitry may be provided for processing signals for each spectrum, although the scope of the embodiments is not limited in this respect.
[00223] In some demonstrative embodiments, the synthesizer circuitry 606d may be a fractional-N synthesizer or a fractional N/N+l synthesizer, although the scope of the embodiments is not limited in this respect as other types of frequency synthesizers may be suitable. For example, synthesizer circuitry 606d may be a delta-sigma synthesizer, a frequency multiplier, or a synthesizer comprising a phase-locked loop with a frequency divider.
[00224] In some demonstrative embodiments, the synthesizer circuitry 606d may be configured to synthesize an output frequency for use by the mixer circuitry 606a of the RF circuitry 606 based on a frequency input and a divider control input. In some embodiments, the synthesizer circuitry 606d may be a fractional N/N+l synthesizer.
[00225] In some demonstrative embodiments, frequency input may be provided by a voltage controlled oscillator (VCO), although that is not a requirement. Divider control input may be provided by either the baseband circuitry 604 or the applications processor 602 depending on the desired output frequency. In some embodiments, a divider control input (e.g., N) may be determined from a look-up table based on a channel indicated by the applications processor 602.
[00226] In some demonstrative embodiments, synthesizer circuitry 606d of the RF circuitry 606 may include a divider, a delay-locked loop (DLL), a multiplexer and a phase accumulator. In some embodiments, the divider may be a dual modulus divider (DMD) and the phase accumulator may be a digital phase accumulator (DPA). In some embodiments, the DMD may be configured to divide the input signal by either N or N+l (e.g., based on a carry out) to provide a fractional division ratio. In some example embodiments, the DLL may include a set of cascaded, tunable, delay elements, a phase detector, a charge pump and a D- type flip-flop. In these embodiments, the delay elements may be configured to break a VCO period up into Nd equal packets of phase, where Nd is the number of delay elements in the delay line. In this way, the DLL provides negative feedback to help ensure that the total delay through the delay line is one VCO cycle.
[00227] In some demonstrative embodiments, synthesizer circuitry 606d may be configured to generate a carrier frequency as the output frequency, while in other embodiments, the output frequency may be a multiple of the carrier frequency (e.g., twice the carrier frequency, four times the carrier frequency) and used in conjunction with quadrature generator and divider circuitry to generate multiple signals at the carrier frequency with multiple different phases with respect to each other. In some embodiments, the output frequency may be a LO frequency (fLO). In some embodiments, the RF circuitry 606 may include an IQ/polar converter.
[00228] In some demonstrative embodiments, FEM circuitry 608 may include a receive signal path which may include circuitry configured to operate on RF signals received from one or more antennas 810, amplify the received signals and provide the amplified versions of the received signals to the RF circuitry 606 for further processing. FEM circuitry 608 may also include a transmit signal path which may include circuitry configured to amplify signals for transmission provided by the RF circuitry 606 for transmission by one or more of the one or more antennas 810.
[00229] In some demonstrative embodiments, the FEM circuitry 608 may include a TX/RX switch to switch between transmit mode and receive mode operation. The FEM circuitry may include a receive signal path and a transmit signal path. The receive signal path of the FEM circuitry may include a low-noise amplifier (LNA) to amplify received RF signals and provide the amplified received RF signals as an output (e.g., to the RF circuitry 606). The transmit signal path of the FEM circuitry 608 may include a power amplifier (PA) to amplify
input RF signals (e.g., provided by RF circuitry 606), and one or more filters to generate RF signals for subsequent transmission (e.g., by one or more of the one or more antennas 810.
[00230] In some embodiments, the UE device 600 may include one or more additional or alternative elements such as, for example, memory/storage, display, camera, sensor, and/or input/output (I/O) interface.
[00231] Reference is made to Fig. 7, which schematically illustrates a method of establishing a secured WLAN connection between a UE and a WLAN AP, in accordance with some demonstrative embodiments. In some embodiments, one or more of the operations of the method of Fig. 7 may be performed by a wireless communication system, e.g., system 100 (Fig. 1); a UE, e.g., UE 102 (Fig. 1), UE 302 (Fig. 3), UE 402 (Fig. 4), UE 504 (Fig. 5), and/or UE 600 (Fig. 6); an interface, e.g., cellular TRx 165 (Fig. 1), and/or WLAN TRx 163 (Fig. 1); a message processor, e.g., message processor 198 (Fig. 1); and/or a controller, e.g., controller 197 (Fig. 1).
[00232] As indicated at block 702, the method may include transmitting, from a UE to an Evolved Node B (eNB), a first message including an indication of one or more supported ciphering mechanisms of the UE. For example, controller component 197 (Fig. 1) and/or message processor 198 (Fig. 1), may cause, trigger, control and/or instruct UE 102 (Fig. 1) to transmit to cellular manager 104 (Fig. 1) a message, e.g., an RRC message, including an indication of one or more supported ciphering mechanisms of UE 102 (Fig. 1), e.g., as described above.
[00233] As indicated at block 704, the method may include processing a second message received from the eNB, the second message including a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms of the UE. For example, controller component 197 (Fig. 1) and/or message processor 198 (Fig. 1) may process a second message from cellular manager 104 (Fig. 1) including a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms of UE 102 (Fig. 1), e.g., as described above.
[00234] As indicated at block 706, the method may include triggering the UE to establish a secured WLAN connection with a WLAN AP according to the ciphering mechanism with the cryptographic key. For example, controller component 197 (Fig. 1) may cause, trigger, control and/or instruct UE 102 (Fig. 1) to establish a secured WLAN connection with a
WLAN AP 119 (Fig. 1) according to the ciphering mechanism with the cryptographic key received from cellular manager 104 (Fig. 1), e.g., as described above.
[00235] Reference is made to Fig. 8, which schematically illustrates a method of providing cellular-assisted cryptographic information to a UE and a WLAN AP, in accordance with some demonstrative embodiments. In some embodiments, one or more of the operations of the method of Fig. 8 may be performed by a wireless communication system, e.g., system 100 (Fig. 1); a cellular manager, for example, an eNB, e.g., cellular manager 104 (Fig. 1), eNB 304 (Fig. 3), eNB 404 (Fig. 4), and/or eNB 503 (Fig. 5); an interface, e.g., cellular TRx 167 (Fig. 1), and/or WLAN node interface 169 (Fig. 1); a message processor, e.g., message processor 144 (Fig. 1); and/or a controller, e.g., controller 182 (Fig. 1).
[00236] As indicated at block 802, the method may include processing a first message from a UE, the first message including an indication of one or more first supported ciphering mechanisms of the UE. For example, controller component 182 (Fig. 1) and/or message processor 144 (Fig. 1) may be configured to process at cellular manager 104 (Fig. 1) a message from UE 102 (Fig. 1) including an indication of one or more first supported ciphering mechanisms of UE 102 (Fig. 1), e.g., as described above.
[00237] As indicated at block 804, the method may include processing a second message from a WT node, the second message including an indication of one or more second supported ciphering mechanisms of a WLAN AP. For example, controller component 182 (Fig. 1) and/or message processor 144 (Fig. 1) may be configured to process at cellular manager 104 (Fig. 1) a message from WT node 106 (Fig. 1), e.g., received via interface 199 (Fig. 1), including an indication of one or more second supported ciphering mechanisms of WLAN AP 119 (Fig. 1), e.g., as described above.
[00238] As indicated at block 806, the method may include determining a ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms. For example, controller component 182 (Fig. 1) may be configured to determine at cellular manager 104 (Fig. 1) a ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms, for example, a ciphering mechanism common to the first and second supported ciphering mechanisms, e.g., as described above.
[00239] As indicated at block 808, the method may include transmitting to the UE a third message including the cryptographic key and an indication of the ciphering mechanism. For example, controller component 182 (Fig. 1) and/or message processor 144 (Fig. 1) may be
configured to cause, trigger, control and/or instruct cellular manager 104 (Fig. 1) to transmit a message, e.g., an RRC message, to UE 102 (Fig. 1) including the cryptographic key and the indication of the ciphering mechanism, e.g., as described above.
[00240] As indicated at block 810, the method may include sending to the WT node a fourth message including the cryptographic key and the indication of the ciphering mechanism. For example, controller component 182 (Fig. 1) and/or message processor 144 (Fig. 1) may be configured to cause, trigger, control and/or instruct cellular manager 104 (Fig. 1) to send to WT node 106 (Fig. 1) a message, e.g., an XwAP message via interface 199 (Fig. 1), including the cryptographic key and the indication of the ciphering mechanism, e.g., as described above.
[00241] Reference is made to Fig. 9, which schematically illustrates a method of establishing a secured WLAN connection between a WLAN AP and a UE, in accordance with some demonstrative embodiments. In some embodiments, one or more of the operations of the method of Fig. 9 may be performed by a wireless communication system, e.g., system 100 (Fig. 1); a WLAN AP, e.g., WLAN AP 119 (Fig. 1), WLAN AP 319 (Fig. 3), WLAN AP 419 (Fig. 4), WLAN AP 529 (Fig. 5), WLAN AP 519 (Fig. 5), and/or WLAN AP 520 (Fig. 5); an interface, e.g., network interface 121, and/or WLAN TRx 122 (Fig. 1); a message processor, e.g., message processor 125 (Fig. 1); and/or a controller, e.g., controller 123 (Fig. 1).
[00242] As indicated at block 902, the method may include sending, from a WLAN AP to a network node, a first message including an indication of one or more supported ciphering mechanisms of the WLAN AP. For example, controller component 123 (Fig. 1) and/or message processor 125 (Fig. 1) may cause, trigger, control and/or instruct WLAN AP 119 (Fig. 1) to send to WT node 106 (Fig. 1) or to cellular manager 104 (Fig. 1) a message including an indication of one or more supported ciphering mechanisms of WLAN AP 119 (Fig. 1), e.g., as described above.
[00243] As indicated at block 904, the method may include processing at the WLAN AP a second message received from the network node, the second message including a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms. For example, controller component 123 (Fig. 1) and/or message processor 125 (Fig. 1) may process a second message from cellular manager 104 (Fig. 1), e.g., received via interface 199 (Fig. 1) and/or WT node 106 (Fig. 1), including a
cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms of WLAN AP 119 (Fig. 1), e.g., as described above.
[00244] As indicated at block 906, the method may include triggering the WLAN AP to establish a secured WLAN connection with a UE according to the ciphering mechanism with the cryptographic key. For example, controller component 123 (Fig. 1) may cause, trigger, control and/or instruct WLAN AP 119 (Fig. 1) to establish a secured WLAN connection with a UE 102 (Fig. 1) according to the ciphering mechanism with the cryptographic key received from cellular manager 104 (Fig. 1), e.g., as described above.
[00245] Reference is made to Fig. 10, which schematically illustrates a product of manufacture 1000, in accordance with some demonstrative embodiments. Product 1000 may include one or more tangible computer-readable non- transitory storage media 1002, which may include computer-executable instructions, e.g., implemented by logic 1004, operable to, when executed by at least one computer processor, enable the at least one computer processor to implement one or more operations at a cellular manager, for example, an eNB, e.g., cellular manager 104 (Fig. 1), eNB 304 (Fig. 3), eNB 404 (Fig. 4), and/or eNB 503 (Fig. 5); one or more components of a UE, e.g., UE 102 (Fig. 1), UE 302 (Fig. 3), UE 402 (Fig. 4), UE 504 (Fig. 5), and/or UE 600 (Fig. 6); one or more components of a WT node, e.g., WT node 106 (Fig. 1); one or more components of a WLAN AP, e.g., WLAN AP 119 (Fig. 1), WLAN AP 319 (Fig. 3), WLAN AP 419 (Fig. 4), WLAN AP 529 (Fig. 5), WLAN AP 519 (Fig. 5), and/or WLAN AP 520 (Fig. 5); a controller, e.g., controller 182 (Fig. 1), controller 197 (Fig. 1), controller 123 (Fig. 1), and/or controller 149 (Fig. 1); and/or a message processor, e.g., message processor 144 (Fig. 1), message processor 198 (Fig. 1), message processor 125 (Fig. 1), and/or message processor 150 (Fig. 1), and/or to perform, trigger and/or implement one or more operations and/or functionalities described above with reference to Figs. 3, 4, 5, 6, 7, 8, and/or 9, and/or one or more operations and/or functionalities described herein. The phrase "non-transitory machine-readable medium" is directed to include all computer-readable media, with the sole exception being a transitory propagating signal.
[00246] In some demonstrative embodiments, product 1000 and/or machine -readable storage medium 1002 may include one or more types of computer-readable storage media capable of storing data, including volatile memory, non-volatile memory, removable or non-removable memory, erasable or non-erasable memory, writeable or re-writeable memory, and the like. For example, machine -readable storage medium 1002 may include, RAM, DRAM, Double- Data-Rate DRAM (DDR-DRAM), SDRAM, static RAM (SRAM), ROM, programmable
ROM (PROM), erasable programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), Compact Disk ROM (CD-ROM), Compact Disk Recordable (CD-R), Compact Disk Rewriteable (CD-RW), flash memory (e.g., NOR or NAND flash memory), content addressable memory (CAM), polymer memory, phase-change memory, ferroelectric memory, silicon-oxide-nitride-oxide-silicon (SONOS) memory, a disk, a floppy disk, a hard drive, an optical disk, a magnetic disk, a card, a magnetic card, an optical card, a tape, a cassette, and the like. The computer-readable storage media may include any suitable media involved with downloading or transferring a computer program from a remote computer to a requesting computer carried by data signals embodied in a carrier wave or other propagation medium through a communication link, e.g., a modem, radio or network connection.
[00247] In some demonstrative embodiments, logic 1004 may include instructions, data, and/or code, which, if executed by a machine, may cause the machine to perform a method, process and/or operations as described herein. The machine may include, for example, any suitable processing platform, computing platform, computing device, processing device, computing system, processing system, computer, processor, or the like, and may be implemented using any suitable combination of hardware, software, firmware, and the like.
[00248] In some demonstrative embodiments, logic 1004 may include, or may be implemented as, software, a software module, an application, a program, a subroutine, instructions, an instruction set, computing code, words, values, symbols, and the like. The instructions may include any suitable type of code, such as source code, compiled code, interpreted code, executable code, static code, dynamic code, and the like. The instructions may be implemented according to a predefined computer language, manner or syntax, for instructing a processor to perform a certain function. The instructions may be implemented using any suitable high-level, low-level, object-oriented, visual, compiled and/or interpreted programming language, such as C, C++, Java, BASIC, Matlab, Pascal, Visual BASIC, assembly language, machine code, and the like.
EXAMPLES
[00249] The following examples pertain to further embodiments.
[00250] Example 1 includes an apparatus of a User Equipment (UE), the apparatus comprising a Wireless Local Area Network (WLAN) transceiver; a cellular transceiver to communicate with an Evolved Node B (eNB); and a controller component configured to trigger the cellular transceiver to transmit to the eNB a first message comprising an indication
of one or more supported ciphering mechanisms of the UE, the controller component configured to process a second message received by the cellular transceiver from the eNB, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms, the controller component to trigger the UE to establish a secured WLAN connection with a WLAN Access Point (AP) according to the ciphering mechanism with the cryptographic key.
[00251] Example 2 includes the subject matter of Example 1, and optionally, wherein the controller component is configured to trigger the UE to establish the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
[00252] Example 3 includes the subject matter of Example 1 or 2, and optionally, wherein the controller component is configured to trigger the cellular transceiver to transmit the first message in response to a cellular request message received by the cellular transceiver from the eNB.
[00253] Example 4 includes the subject matter of any one of Examples 1-3, and optionally, wherein the controller component is configured to, when the second message is received while the UE is connected to a first WLAN AP, trigger the UE to establish the secured WLAN connection with a second WLAN AP according to the ciphering mechanism with the cryptographic key.
[00254] Example 5 includes the subject matter of Example 4, and optionally, wherein the controller component is configured to trigger the UE to establish the secured WLAN connection with the second WLAN AP after receipt of an AP switching request from the eNB.
[00255] Example 6 includes the subject matter of Example 5, and optionally, wherein the second message comprises the AP switching request.
[00256] Example 7 includes the subject matter of Example 5, and optionally, wherein the AP switching request is in a third message after the second message.
[00257] Example 8 includes the subject matter of any one of Examples 1-7, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
[00258] Example 9 includes the subject matter of any one of Examples 1-7, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
[00259] Example 10 includes the subject matter of any one of Examples 1-9, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
[00260] Example 11 includes the subject matter of any one of Examples 1-10, and optionally, wherein the first and second messages comprise Radio Resource Control (RRC) messages.
[00261] Example 12 includes the subject matter of any one of Examples 1-11, and optionally, comprising one or more antennas, a memory and a processor.
[00262] Example 13 includes an apparatus comprising circuitry and logic configured to trigger a User Equipment to transmit to an Evolved Node B (eNB) a first message comprising an indication of one or more supported ciphering mechanisms of the UE; process a second message received from the eNB, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms; and trigger the UE to establish a secured WLAN connection with a WLAN Access Point (AP) according to the ciphering mechanism with the cryptographic key.
[00263] Example 14 includes the subject matter of Example 13, and optionally, wherein the apparatus is configured to trigger the UE to establish the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
[00264] Example 15 includes the subject matter of Example 13 or 14, and optionally, wherein the apparatus is configured to trigger the UE to transmit the first message in response to a cellular request message received by the cellular transceiver from the eNB.
[00265] Example 16 includes the subject matter of any one of Examples 13-15, and optionally, wherein the apparatus is configured to, when the second message is received while the UE is connected to a first WLAN AP, trigger the UE to establish the secured WLAN connection with a second WLAN AP according to the ciphering mechanism with the cryptographic key.
[00266] Example 17 includes the subject matter of Example 16, and optionally, wherein the apparatus is configured to trigger the UE to establish the secured WLAN connection with the second WLAN AP after receipt of an AP switching request from the eNB.
[00267] Example 18 includes the subject matter of Example 17, and optionally, wherein the second message comprises the AP switching request.
[00268] Example 19 includes the subject matter of Example 17, and optionally, wherein the AP switching request is in a third message after the second message.
[00269] Example 20 includes the subject matter of any one of Examples 13-19, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
[00270] Example 21 includes the subject matter of any one of Examples 13-19, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
[00271] Example 22 includes the subject matter of any one of Examples 13-21, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
[00272] Example 23 includes the subject matter of any one of Examples 13-22, and optionally, wherein the first and second messages comprise Radio Resource Control (RRC) messages.
[00273] Example 24 includes the subject matter of any one of Examples 13-23, and optionally, comprising one or more antennas, a memory and a processor.
[00274] Example 25 includes a method to be performed by a User Equipment (UE), the method comprising transmitting to an Evolved Node B (eNB) a first message comprising an indication of one or more supported ciphering mechanisms of the UE; processing a second message received from the eNB, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms; and triggering the UE to establish a secured WLAN connection with a WLAN Access Point (AP) according to the ciphering mechanism with the cryptographic key.
[00275] Example 26 includes the subject matter of Example 25, and optionally, comprising triggering the UE to establish the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
[00276] Example 27 includes the subject matter of Example 25 or 26, and optionally, comprising triggering the UE to transmit the first message in response to a cellular request message received by the cellular transceiver from the eNB.
[00277] Example 28 includes the subject matter of any one of Examples 25-27, and optionally, comprising, when the second message is received while the UE is connected to a first WLAN AP, triggering the UE to establish the secured WLAN connection with a second WLAN AP according to the ciphering mechanism with the cryptographic key.
[00278] Example 29 includes the subject matter of Example 28, and optionally, comprising triggering the UE to establish the secured WLAN connection with the second WLAN AP after receipt of an AP switching request from the eNB.
[00279] Example 30 includes the subject matter of Example 29, and optionally, wherein the second message comprises the AP switching request.
[00280] Example 31 includes the subject matter of Example 29, and optionally, wherein the AP switching request is in a third message after the second message.
[00281] Example 32 includes the subject matter of any one of Examples 25-31, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
[00282] Example 33 includes the subject matter of any one of Examples 25-31, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
[00283] Example 34 includes the subject matter of any one of Examples 25-33, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
[00284] Example 35 includes the subject matter of any one of Examples 25-34, and optionally, wherein the first and second messages comprise Radio Resource Control (RRC) messages.
[00285] Example 36 includes a product comprising one or more tangible computer-readable storage media comprising computer-executable instructions operable to, when executed by at least one computer processor, enable the at least one computer processor to implement one or more operations at a User Equipment (UE), the operations comprising transmitting to an Evolved Node B (eNB) a first message comprising an indication of one or more supported ciphering mechanisms of the UE; processing a second message received from the eNB, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms; and triggering the UE to establish a secured WLAN connection with a WLAN Access Point (AP) according to the ciphering mechanism with the cryptographic key.
[00286] Example 37 includes the subject matter of Example 36, and optionally, wherein the operations comprise triggering the UE to establish the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
[00287] Example 38 includes the subject matter of Example 36 or 37, and optionally, wherein the operations comprise triggering the UE to transmit the first message in response to a cellular request message received by the cellular transceiver from the eNB.
[00288] Example 39 includes the subject matter of any one of Examples 36-38, and optionally, wherein the operations comprise, when the second message is received while the UE is connected to a first WLAN AP, triggering the UE to establish the secured WLAN connection with a second WLAN AP according to the ciphering mechanism with the cryptographic key.
[00289] Example 40 includes the subject matter of Example 39, and optionally, wherein the operations comprise triggering the UE to establish the secured WLAN connection with the second WLAN AP after receipt of an AP switching request from the eNB.
[00290] Example 41 includes the subject matter of Example 40, and optionally, wherein the second message comprises the AP switching request.
[00291] Example 42 includes the subject matter of Example 40, and optionally, wherein the AP switching request is in a third message after the second message.
[00292] Example 43 includes the subject matter of any one of Examples 36-42, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
[00293] Example 44 includes the subject matter of any one of Examples 36-42, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
[00294] Example 45 includes the subject matter of any one of Examples 36-44, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
[00295] Example 46 includes the subject matter of any one of Examples 36-45, and optionally, wherein the first and second messages comprise Radio Resource Control (RRC) messages.
[00296] Example 47 includes a system of cellular communication comprising a User Equipment (UE), the UE comprising a Wireless Local Area Network (WLAN) transceiver; a cellular transceiver to communicate with an Evolved Node B (eNB); and a controller component configured to trigger the cellular transceiver to transmit to the eNB a first message comprising an indication of one or more supported ciphering mechanisms of the UE, the controller component configured to process a second message received by the cellular transceiver from the eNB, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms, the controller component to trigger the UE to establish a secured WLAN connection with a WLAN Access Point (AP) according to the ciphering mechanism with the cryptographic key.
[00297] Example 48 includes the subject matter of Example 47, and optionally, wherein the controller component is configured to trigger the UE to establish the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
[00298] Example 49 includes the subject matter of Example 47 or 48, and optionally, wherein the controller component is configured to trigger the cellular transceiver to transmit the first message in response to a cellular request message received by the cellular transceiver from the eNB.
[00299] Example 50 includes the subject matter of any one of Examples 47-49, and optionally, wherein the controller component is configured to, when the second message is received while the UE is connected to a first WLAN AP, trigger the UE to establish the secured WLAN connection with a second WLAN AP according to the ciphering mechanism with the cryptographic key.
[00300] Example 51 includes the subject matter of Example 50, and optionally, wherein the controller component is configured to trigger the UE to establish the secured WLAN connection with the second WLAN AP after receipt of an AP switching request from the eNB.
[00301] Example 52 includes the subject matter of Example 51, and optionally, wherein the second message comprises the AP switching request.
[00302] Example 53 includes the subject matter of Example 51, and optionally, wherein the AP switching request is in a third message after the second message.
[00303] Example 54 includes the subject matter of any one of Examples 47-53, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
[00304] Example 55 includes the subject matter of any one of Examples 47-53, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
[00305] Example 56 includes the subject matter of any one of Examples 47-55, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
[00306] Example 57 includes the subject matter of any one of Examples 47-56, and optionally, wherein the first and second messages comprise Radio Resource Control (RRC) messages.
[00307] Example 58 includes the subject matter of any one of Examples 47-57, and optionally, wherein the UE comprises one or more antennas, a memory and a processor.
[00308] Example 59 includes an apparatus of a User Equipment (UE), the apparatus comprising means for transmitting to an Evolved Node B (eNB) a first message comprising an indication of one or more supported ciphering mechanisms of the UE; means for processing a second message received from the eNB, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms; and means for triggering the UE to establish a secured WLAN connection with a WLAN Access Point (AP) according to the ciphering mechanism with the cryptographic key.
[00309] Example 60 includes the subject matter of Example 59, and optionally, comprising means for triggering the UE to establish the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
[00310] Example 61 includes the subject matter of Example 59 or 60, and optionally, comprising means for triggering the UE to transmit the first message in response to a cellular request message received by the cellular transceiver from the eNB.
[00311] Example 62 includes the subject matter of any one of Examples 59-61, and optionally, comprising means for, when the second message is received while the UE is connected to a first WLAN AP, triggering the UE to establish the secured WLAN connection with a second WLAN AP according to the ciphering mechanism with the cryptographic key.
[00312] Example 63 includes the subject matter of Example 62, and optionally, comprising means for triggering the UE to establish the secured WLAN connection with the second WLAN AP after receipt of an AP switching request from the eNB.
[00313] Example 64 includes the subject matter of Example 63, and optionally, wherein the second message comprises the AP switching request.
[00314] Example 65 includes the subject matter of Example 63, and optionally, wherein the AP switching request is in a third message after the second message.
[00315] Example 66 includes the subject matter of any one of Examples 59-65, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
[00316] Example 67 includes the subject matter of any one of Examples 59-65, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
[00317] Example 68 includes the subject matter of any one of Examples 59-67, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
[00318] Example 69 includes the subject matter of any one of Examples 59-68, and optionally, wherein the first and second messages comprise Radio Resource Control (RRC) messages.
[00319] Example 70 includes an apparatus of an Evolved Node B (eNB) comprising a Wireless Local Area Network (WLAN) interface to communicate with at least one WLAN Termination (WT) node; a cellular transceiver to communicate with a User Equipment (UE); and a controller component configured to process a first message from the UE, the first message comprising an indication of one or more first supported ciphering mechanisms of the UE, the controller component configured to process a second message from the WT node, the second message comprising an indication of one or more second supported ciphering mechanisms of a WLAN Access Point (AP), the controller component configured to determine a ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms, the controller component configured to trigger the cellular transceiver to transmit to the UE a third message comprising the cryptographic key and an indication of the ciphering mechanism, and to trigger the WLAN interface to send to the WT node a fourth message comprising the cryptographic key and the indication of the ciphering mechanism.
[00320] Example 71 includes the subject matter of Example 70, and optionally, wherein the ciphering mechanism is common to both the first and second supported ciphering mechanisms.
[00321] Example 72 includes the subject matter of Example 70 or 71, and optionally, wherein the controller component is configured to trigger the cellular transceiver to transmit a security capability request to the UE, the first message is in response to the security capability request.
[00322] Example 73 includes the subject matter of any one of Examples 70-72, and optionally, wherein the controller component is configured to trigger the WLAN interface to send a security capability request to the WT node, the second message is in response to the security capability request.
[00323] Example 74 includes the subject matter of any one of Examples 70-73, and optionally, wherein the controller component is configured to trigger the cellular transceiver to transmit to the UE an AP switching request to request the UE to switch from a WLAN connection with a first WLAN AP to a secured WLAN connection with a second WLAN AP using the cryptographic key.
[00324] Example 75 includes the subject matter of Example 74, and optionally, wherein the third message comprises the AP switching request.
[00325] Example 76 includes the subject matter of Example 74, and optionally, wherein the controller component is configured to trigger the cellular transceiver to transmit to the UE a fifth message comprising the AP switching request after the third message.
[00326] Example 77 includes the subject matter of any one of Examples 70-76, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP.
[00327] Example 78 includes the subject matter of any one of Examples 70-76, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
[00328] Example 79 includes the subject matter of Example 78, and optionally, wherein the second message comprises the group-cast key.
[00329] Example 80 includes the subject matter of any one of Examples 70-79, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated between the UE and the WLAN AP.
[00330] Example 81 includes the subject matter of any one of Examples 70-80, and optionally, wherein the first and third messages comprise Radio Resource Control (RRC) messages.
[00331] Example 82 includes the subject matter of any one of Examples 70-81, and optionally, wherein the second and fourth messages comprise Xw Application protocol (XwAP) messages.
[00332] Example 83 includes the subject matter of any one of Examples 70-82, and optionally, comprising one or more antennas, a memory and a processor.
[00333] Example 84 includes an apparatus comprising circuitry and logic configured to trigger an Evolved Node B (eNB) to process a first message from a User Equipment (UE), the first message comprising an indication of one or more first supported ciphering mechanisms of the UE; process a second message from a Wireless Local Area Network (WLAN) Termination (WT) node, the second message comprising an indication of one or more second supported ciphering mechanisms of a WLAN Access Point (AP); determine a ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms; transmit to the UE a third message comprising the cryptographic key and an
indication of the ciphering mechanism; and send to the WT node a fourth message comprising the cryptographic key and the indication of the ciphering mechanism.
[00334] Example 85 includes the subject matter of Example 84, and optionally, wherein the ciphering mechanism is common to both the first and second supported ciphering mechanisms.
[00335] Example 86 includes the subject matter of Example 84 or 85, and optionally, wherein the apparatus is configured to trigger the eNB to transmit a security capability request to the UE, the first message is in response to the security capability request.
[00336] Example 87 includes the subject matter of any one of Examples 84-86, and optionally, wherein the apparatus is configured to trigger the eNB to send a security capability request to the WT node, the second message is in response to the security capability request.
[00337] Example 88 includes the subject matter of any one of Examples 84-87, and optionally, wherein the apparatus is configured to trigger the eNB to transmit to the UE an AP switching request to request the UE to switch from a WLAN connection with a first WLAN AP to a secured WLAN connection with a second WLAN AP using the cryptographic key.
[00338] Example 89 includes the subject matter of Example 88, and optionally, wherein the third message comprises the AP switching request.
[00339] Example 90 includes the subject matter of Example 88, and optionally, wherein the apparatus is configured to trigger the eNB to transmit to the UE a fifth message comprising the AP switching request after the third message.
[00340] Example 91 includes the subject matter of any one of Examples 84-90, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP.
[00341] Example 92 includes the subject matter of any one of Examples 84-90, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
[00342] Example 93 includes the subject matter of Example 92, and optionally, wherein the second message comprises the group-cast key.
[00343] Example 94 includes the subject matter of any one of Examples 84-93, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated between the UE and the WLAN AP.
[00344] Example 95 includes the subject matter of any one of Examples 84-94, and optionally, wherein the first and third messages comprise Radio Resource Control (RRC) messages.
[00345] Example 96 includes the subject matter of any one of Examples 84-95, and optionally, wherein the second and fourth messages comprise Xw Application protocol (XwAP) messages.
[00346] Example 97 includes the subject matter of any one of Examples 84-96, and optionally, comprising one or more antennas, a memory and a processor.
[00347] Example 98 includes a method to be performed at an Evolved Node B (eNB), the method comprising processing a first message from a User Equipment (UE), the first message comprising an indication of one or more first supported ciphering mechanisms of the UE; processing a second message from a Wireless Local Area Network (WLAN) Termination (WT) node, the second message comprising an indication of one or more second supported ciphering mechanisms of a WLAN Access Point (AP); determining a ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms; transmitting to the UE a third message comprising the cryptographic key and an indication of the ciphering mechanism; and sending to the WT node a fourth message comprising the cryptographic key and the indication of the ciphering mechanism.
[00348] Example 99 includes the subject matter of Example 98, and optionally, wherein the ciphering mechanism is common to both the first and second supported ciphering mechanisms.
[00349] Example 100 includes the subject matter of Example 98 or 99, and optionally, comprising triggering the eNB to transmit a security capability request to the UE, the first message is in response to the security capability request.
[00350] Example 101 includes the subject matter of any one of Examples 98-100, and optionally, comprising triggering the eNB to send a security capability request to the WT node, the second message is in response to the security capability request.
[00351] Example 102 includes the subject matter of any one of Examples 98-101, and optionally, comprising triggering the eNB to transmit to the UE an AP switching request to request the UE to switch from a WLAN connection with a first WLAN AP to a secured WLAN connection with a second WLAN AP using the cryptographic key.
[00352] Example 103 includes the subject matter of Example 102, and optionally, wherein the third message comprises the AP switching request.
[00353] Example 104 includes the subject matter of Example 102, and optionally, comprising triggering the eNB to transmit to the UE a fifth message comprising the AP switching request after the third message.
[00354] Example 105 includes the subject matter of any one of Examples 98-104, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP.
[00355] Example 106 includes the subject matter of any one of Examples 98-104, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
[00356] Example 107 includes the subject matter of Example 106, and optionally, wherein the second message comprises the group-cast key.
[00357] Example 108 includes the subject matter of any one of Examples 98-107, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated between the UE and the WLAN AP.
[00358] Example 109 includes the subject matter of any one of Examples 98-108, and optionally, wherein the first and third messages comprise Radio Resource Control (RRC) messages.
[00359] Example 110 includes the subject matter of any one of Examples 98-109, and optionally, wherein the second and fourth messages comprise Xw Application protocol (XwAP) messages.
[00360] Example 111 includes a product comprising one or more tangible computer-readable storage media comprising computer-executable instructions operable to, when executed by at least one computer processor, enable the at least one computer processor to implement one or more operations at an Evolved Node B (eNB), the operations comprising processing a first message from a User Equipment (UE), the first message comprising an indication of one or
more first supported ciphering mechanisms of the UE; processing a second message from a Wireless Local Area Network (WLAN) Termination (WT) node, the second message comprising an indication of one or more second supported ciphering mechanisms of a WLAN Access Point (AP); determining a ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms; transmitting to the UE a third message comprising the cryptographic key and an indication of the ciphering mechanism; and sending to the WT node a fourth message comprising the cryptographic key and the indication of the ciphering mechanism.
[00361] Example 112 includes the subject matter of Example 111, and optionally, wherein the ciphering mechanism is common to both the first and second supported ciphering mechanisms.
[00362] Example 113 includes the subject matter of Example 111 or 112, and optionally, wherein the operations comprise triggering the eNB to transmit a security capability request to the UE, the first message is in response to the security capability request.
[00363] Example 114 includes the subject matter of any one of Examples 111-113, and optionally, wherein the operations comprise triggering the eNB to send a security capability request to the WT node, the second message is in response to the security capability request.
[00364] Example 115 includes the subject matter of any one of Examples 111-114, and optionally, wherein the operations comprise triggering the eNB to transmit to the UE an AP switching request to request the UE to switch from a WLAN connection with a first WLAN AP to a secured WLAN connection with a second WLAN AP using the cryptographic key.
[00365] Example 116 includes the subject matter of Example 115, and optionally, wherein the third message comprises the AP switching request.
[00366] Example 117 includes the subject matter of Example 115, and optionally, wherein the operations comprise triggering the eNB to transmit to the UE a fifth message comprising the AP switching request after the third message.
[00367] Example 118 includes the subject matter of any one of Examples 111-117, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP.
[00368] Example 119 includes the subject matter of any one of Examples 111-117, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
[00369] Example 120 includes the subject matter of Example 119, and optionally, wherein the second message comprises the group-cast key.
[00370] Example 121 includes the subject matter of any one of Examples 111-120, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated between the UE and the WLAN AP.
[00371] Example 122 includes the subject matter of any one of Examples 111-121, and optionally, wherein the first and third messages comprise Radio Resource Control (RRC) messages.
[00372] Example 123 includes the subject matter of any one of Examples 111-122, and optionally, wherein the second and fourth messages comprise Xw Application protocol (XwAP) messages.
[00373] Example 124 includes a system of cellular communication comprising an Evolved Node B (eNB), the eNB comprising a Wireless Local Area Network (WLAN) interface to communicate with at least one WLAN Termination (WT) node; a cellular transceiver to communicate with a User Equipment (UE); and a controller component configured to process a first message from the UE, the first message comprising an indication of one or more first supported ciphering mechanisms of the UE, the controller component configured to process a second message from the WT node, the second message comprising an indication of one or more second supported ciphering mechanisms of a WLAN Access Point (AP), the controller component configured to determine a ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms, the controller component configured to trigger the cellular transceiver to transmit to the UE a third message comprising the cryptographic key and an indication of the ciphering mechanism, and to trigger the WLAN interface to send to the WT node a fourth message comprising the cryptographic key and the indication of the ciphering mechanism.
[00374] Example 125 includes the subject matter of Example 124, and optionally, wherein the ciphering mechanism is common to both the first and second supported ciphering mechanisms.
[00375] Example 126 includes the subject matter of Example 124 or 125, and optionally, wherein the controller component is configured to trigger the cellular transceiver to transmit a security capability request to the UE, the first message is in response to the security capability request.
[00376] Example 127 includes the subject matter of any one of Examples 124-126, and optionally, wherein the controller component is configured to trigger the WLAN interface to send a security capability request to the WT node, the second message is in response to the security capability request.
[00377] Example 128 includes the subject matter of any one of Examples 124-127, and optionally, wherein the controller component is configured to trigger the cellular transceiver to transmit to the UE an AP switching request to request the UE to switch from a WLAN connection with a first WLAN AP to a secured WLAN connection with a second WLAN AP using the cryptographic key.
[00378] Example 129 includes the subject matter of Example 128, and optionally, wherein the third message comprises the AP switching request.
[00379] Example 130 includes the subject matter of Example 128, and optionally, wherein the controller component is configured to trigger the cellular transceiver to transmit to the UE a fifth message comprising the AP switching request after the third message.
[00380] Example 131 includes the subject matter of any one of Examples 124-130, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP.
[00381] Example 132 includes the subject matter of any one of Examples 124-130, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
[00382] Example 133 includes the subject matter of Example 132, and optionally, wherein the second message comprises the group-cast key.
[00383] Example 134 includes the subject matter of any one of Examples 124-133, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated between the UE and the WLAN AP.
[00384] Example 135 includes the subject matter of any one of Examples 124-134, and optionally, wherein the first and third messages comprise Radio Resource Control (RRC) messages.
[00385] Example 136 includes the subject matter of any one of Examples 124-135, and optionally, wherein the second and fourth messages comprise Xw Application protocol (XwAP) messages.
[00386] Example 137 includes the subject matter of any one of Examples 124-136, and optionally, wherein the eNB comprises one or more antennas, a memory and a processor.
[00387] Example 138 includes an apparatus of an Evolved Node B (eNB), the apparatus comprising means for processing a first message from a User Equipment (UE), the first message comprising an indication of one or more first supported ciphering mechanisms of the UE; means for processing a second message from a Wireless Local Area Network (WLAN) Termination (WT) node, the second message comprising an indication of one or more second supported ciphering mechanisms of a WLAN Access Point (AP); means for determining a ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms; means for transmitting to the UE a third message comprising the cryptographic key and an indication of the ciphering mechanism; and means for sending to the WT node a fourth message comprising the cryptographic key and the indication of the ciphering mechanism.
[00388] Example 139 includes the subject matter of Example 138, and optionally, wherein the ciphering mechanism is common to both the first and second supported ciphering mechanisms.
[00389] Example 140 includes the subject matter of Example 138 or 139, and optionally, comprising means for triggering the eNB to transmit a security capability request to the UE, the first message is in response to the security capability request.
[00390] Example 141 includes the subject matter of any one of Examples 138-140, and optionally, comprising means for triggering the eNB to send a security capability request to the WT node, the second message is in response to the security capability request.
[00391] Example 142 includes the subject matter of any one of Examples 138-141, and optionally, comprising means for triggering the eNB to transmit to the UE an AP switching request to request the UE to switch from a WLAN connection with a first WLAN AP to a secured WLAN connection with a second WLAN AP using the cryptographic key.
[00392] Example 143 includes the subject matter of Example 142, and optionally, wherein the third message comprises the AP switching request.
[00393] Example 144 includes the subject matter of Example 142, and optionally, comprising means for triggering the eNB to transmit to the UE a fifth message comprising the AP switching request after the third message.
[00394] Example 145 includes the subject matter of any one of Examples 138-144, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP.
[00395] Example 146 includes the subject matter of any one of Examples 138-144, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
[00396] Example 147 includes the subject matter of Example 146, and optionally, wherein the second message comprises the group-cast key.
[00397] Example 148 includes the subject matter of any one of Examples 138-147, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated between the UE and the WLAN AP.
[00398] Example 149 includes the subject matter of any one of Examples 138-148, and optionally, wherein the first and third messages comprise Radio Resource Control (RRC) messages.
[00399] Example 150 includes the subject matter of any one of Examples 138-149, and optionally, wherein the second and fourth messages comprise Xw Application protocol (XwAP) messages.
[00400] Example 151 includes an apparatus of a Wireless Local Area Network (WLAN) Access Point (AP), the apparatus comprising a WLAN transceiver; a network interface to communicate with a network node; and a controller component configured to trigger the network interface to send to the network node a first message comprising an indication of one or more supported ciphering mechanisms of the WLAN AP, the controller component configured to process a second message received by the network interface, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms, the controller component to trigger the WLAN
AP to establish a secured WLAN connection with a User Equipment (UE) according to the ciphering mechanism with the cryptographic key.
[00401] Example 152 includes the subject matter of Example 151, and optionally, wherein the controller component is configured to trigger the WLAN AP to establish the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
[00402] Example 153 includes the subject matter of Example 151 or 152, and optionally, wherein the controller component is configured to trigger the network interface to send the first message in response to a request message received by the network interface from the network node.
[00403] Example 154 includes the subject matter of any one of Examples 151-153, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
[00404] Example 155 includes the subject matter of any one of Examples 151-153, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
[00405] Example 156 includes the subject matter of Example 155, and optionally, wherein the first message comprises the group-cast key.
[00406] Example 157 includes the subject matter of any one of Examples 151-156, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
[00407] Example 158 includes the subject matter of any one of Examples 151-157, and optionally, comprising one or more antennas, a memory and a processor.
[00408] Example 159 includes an apparatus comprising circuitry and logic configured to trigger a Wireless Local Area Network (WLAN) Access Point (AP) to send to a network node a first message comprising an indication of one or more supported ciphering mechanisms of the WLAN AP; process a second message received from the network node, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms; and trigger the WLAN AP
to establish a secured WLAN connection with a User Equipment (UE) according to the ciphering mechanism with the cryptographic key.
[00409] Example 160 includes the subject matter of Example 159, and optionally, wherein the apparatus is configured to trigger the WLAN AP to establish the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
[00410] Example 161 includes the subject matter of Example 159 or 160, and optionally, wherein the apparatus is configured to trigger the WLAN AP to send the first message in response to a request message received by the network interface from the network node.
[00411] Example 162 includes the subject matter of any one of Examples 159-161, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
[00412] Example 163 includes the subject matter of any one of Examples 159-161, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
[00413] Example 164 includes the subject matter of Example 163, and optionally, wherein the first message comprises the group-cast key.
[00414] Example 165 includes the subject matter of any one of Examples 159-164, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
[00415] Example 166 includes the subject matter of any one of Examples 159-165, and optionally, comprising one or more antennas, a memory and a processor.
[00416] Example 167 includes a method to be performed by a Wireless Local Area Network (WLAN) Access Point (AP), the method comprising sending to a network node a first message comprising an indication of one or more supported ciphering mechanisms of the WLAN AP; processing a second message received from the network node, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms; and triggering the WLAN AP to establish a secured WLAN connection with a User Equipment (UE) according to the ciphering mechanism with the cryptographic key.
[00417] Example 168 includes the subject matter of Example 167, and optionally, comprising establishing the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
[00418] Example 169 includes the subject matter of Example 167 or 168, and optionally, comprising sending the first message in response to a request message received by the WLAN AP from the network node.
[00419] Example 170 includes the subject matter of any one of Examples 167-169, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
[00420] Example 171 includes the subject matter of any one of Examples 167-169, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
[00421] Example 172 includes the subject matter of Example 171, and optionally, wherein the first message comprises the group-cast key.
[00422] Example 173 includes the subject matter of any one of Examples 167-172, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
[00423] Example 174 includes a product comprising one or more tangible computer-readable storage media comprising computer-executable instructions operable to, when executed by at least one computer processor, enable the at least one computer processor to implement one or more operations at a Wireless Local Area Network (WLAN) Access Point (AP), the operations comprising sending to a network node a first message comprising an indication of one or more supported ciphering mechanisms of the WLAN AP; processing a second message received from the network node, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms; and triggering the WLAN AP to establish a secured WLAN connection with a User Equipment (UE) according to the ciphering mechanism with the cryptographic key.
[00424] Example 175 includes the subject matter of Example 174, and optionally, wherein the operations comprise establishing the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
[00425] Example 176 includes the subject matter of Example 174 or 175, and optionally, wherein the operations comprise sending the first message in response to a request message received by the WLAN AP from the network node.
[00426] Example 177 includes the subject matter of any one of Examples 174-176, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
[00427] Example 178 includes the subject matter of any one of Examples 174-176, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
[00428] Example 179 includes the subject matter of Example 178, and optionally, wherein the first message comprises the group-cast key.
[00429] Example 180 includes the subject matter of any one of Examples 174-179, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
[00430] Example 181 includes a system of wireless communication comprising a Wireless Local Area Network (WLAN) Access Point (AP), the WLAN AP comprising a WLAN transceiver; a network interface to communicate with a network node; and a controller component configured to trigger the network interface to send to the network node a first message comprising an indication of one or more supported ciphering mechanisms of the WLAN AP, the controller component configured to process a second message received by the network interface, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms, the controller component to trigger the WLAN AP to establish a secured WLAN connection with a User Equipment (UE) according to the ciphering mechanism with the cryptographic key.
[00431] Example 182 includes the subject matter of Example 181, and optionally, wherein the controller component is configured to trigger the WLAN AP to establish the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
[00432] Example 183 includes the subject matter of Example 181 or 182, and optionally, wherein the controller component is configured to trigger the network interface to send the
first message in response to a request message received by the network interface from the network node.
[00433] Example 184 includes the subject matter of any one of Examples 181-183, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
[00434] Example 185 includes the subject matter of any one of Examples 181-183, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
[00435] Example 186 includes the subject matter of Example 185, and optionally, wherein the first message comprises the group-cast key.
[00436] Example 187 includes the subject matter of any one of Examples 181-186, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
[00437] Example 188 includes the subject matter of any one of Examples 181-187, and optionally, wherein the WLAN AP comprises one or more antennas, a memory and a processor.
[00438] Example 189 includes an apparatus of a Wireless Local Area Network (WLAN) Access Point (AP), the apparatus comprising means for sending to a network node a first message comprising an indication of one or more supported ciphering mechanisms of the WLAN AP; means for processing a second message received from the network node, the second message comprising a cryptographic key and an indication of a ciphering mechanism of the one or more supported ciphering mechanisms; and means for triggering the WLAN AP to establish a secured WLAN connection with a User Equipment (UE) according to the ciphering mechanism with the cryptographic key.
[00439] Example 190 includes the subject matter of Example 189, and optionally, comprising means for establishing the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
[00440] Example 191 includes the subject matter of Example 189 or 190, and optionally, comprising means for sending the first message in response to a request message received by the WLAN AP from the network node.
[00441] Example 192 includes the subject matter of any one of Examples 189-191, and optionally, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
[00442] Example 193 includes the subject matter of any one of Examples 189-191, and optionally, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
[00443] Example 194 includes the subject matter of Example 193, and optionally, wherein the first message comprises the group-cast key.
[00444] Example 195 includes the subject matter of any one of Examples 189-194, and optionally, wherein the cryptographic key comprises at least one transient key to encrypt or decrypt data communicated over the secured WLAN connection.
[00445] Functions, operations, components and/or features described herein with reference to one or more embodiments, may be combined with, or may be utilized in combination with, one or more other functions, operations, components and/or features described herein with reference to one or more other embodiments, or vice versa.
[00446] While certain features have been illustrated and described herein, many modifications, substitutions, changes, and equivalents may occur to those skilled in the art. It is, therefore, to be understood that the appended claims are intended to cover all such modifications and changes as fall within the true spirit of the disclosure.
Claims
1. An apparatus of a User Equipment (UE), the apparatus comprising:
a Wireless Local Area Network (WLAN) transceiver;
a cellular transceiver to communicate with an Evolved Node B (eNB); and a controller component configured to trigger the cellular transceiver to transmit to the eNB a first message comprising an indication of one or more supported ciphering mechanisms of the UE, the controller component configured to process a second message received by the cellular transceiver from the eNB, the second message comprising a cryptographic key and an indication of a ciphering mechanism of said one or more supported ciphering mechanisms, said controller component to trigger said UE to establish a secured WLAN connection with a WLAN Access Point (AP) according to the ciphering mechanism with the cryptographic key.
2. The apparatus of claim 1 , wherein the controller component is configured to trigger said UE to establish the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
3. The apparatus of claim 1, wherein the controller component is configured to trigger said cellular transceiver to transmit the first message in response to a cellular request message received by the cellular transceiver from the eNB.
4. The apparatus of claim 1, wherein the controller component is configured to, when the second message is received while said UE is connected to a first WLAN AP, trigger said UE to establish the secured WLAN connection with a second WLAN AP according to the ciphering mechanism with the cryptographic key.
5. The apparatus of claim 4, wherein the controller component is configured to trigger said UE to establish the secured WLAN connection with the second WLAN AP after receipt of an AP switching request from the eNB.
6. The apparatus of claim 5, wherein the second message comprises the AP switching request.
7. The apparatus of any one of claims 1-6, wherein the cryptographic key comprises a unicast key to encrypt or decrypt a unicast message communicated between the UE and the WLAN AP via the secured WLAN connection.
8. The apparatus of any one of claims 1-6, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
9. The apparatus of any one of claims 1-6, wherein the first and second messages comprise Radio Resource Control (RRC) messages.
10. The apparatus of any one of claims 1-6 comprising one or more antennas, a memory and a processor.
11. A system of cellular communication comprising an apparatus of an Evolved Node B (eNB), the apparatus comprising:
a Wireless Local Area Network (WLAN) interface to communicate with at least one WLAN Termination (WT) node;
a cellular transceiver to communicate with a User Equipment (UE); and
a controller component configured to process a first message from the UE, the first message comprising an indication of one or more first supported ciphering mechanisms of the UE, the controller component configured to process a second message from the WT node, the second message comprising an indication of one or more second supported ciphering mechanisms of a WLAN Access Point (AP), the controller component configured to determine a ciphering key, and a ciphering mechanism based on the first and second supported ciphering mechanisms, the controller component configured to trigger the cellular transceiver to transmit to the UE a third message comprising the cryptographic key and an indication of the ciphering mechanism, and to trigger the WLAN interface to send to the WT node a fourth message comprising the cryptographic key and the indication of the ciphering mechanism.
12. The system of claim 11, wherein the ciphering mechanism is common to both the first and second supported ciphering mechanisms.
13. The system of claim 11, wherein the controller component is configured to trigger said cellular transceiver to transmit a security capability request to the UE, the first message is in response to the security capability request.
14. The system of claim 11, wherein the controller component is configured to trigger said WLAN interface to send a security capability request to the WT node, the second message is in response to the security capability request.
15. The system of claim 11, wherein the controller component is configured to trigger the cellular transceiver to transmit to the UE an AP switching request to request the UE to switch from a WLAN connection with a first WLAN AP to a secured WLAN connection with a second WLAN AP using the cryptographic key.
16. The system of claim 15, wherein the third message comprises the AP switching request.
17. The system of any one of claims 11-16, wherein the second and fourth messages comprise Xw Application protocol (XwAP) messages.
18. The system of any one of claims 11-16, wherein the apparatus comprises one or more antennas, a memory and a processor.
19. A method to be performed by a Wireless Local Area Network (WLAN) Access Point (AP), the method comprising:
sending to a network node a first message comprising an indication of one or more supported ciphering mechanisms of the WLAN AP;
processing a second message received from the network node, the second message comprising a cryptographic key and an indication of a ciphering mechanism of said one or more supported ciphering mechanisms; and
triggering said WLAN AP to establish a secured WLAN connection with a User Equipment (UE) according to the ciphering mechanism with the cryptographic key.
20. The method of claim 19 comprising establishing the secured WLAN connection using the cryptographic key when the UE is unassociated and unauthenticated with the WLAN AP.
21. The method of claim 19 comprising sending the first message in response to a request message received by the WLAN AP from the network node.
22. The method of claim 19, wherein the cryptographic key comprises a group-cast key to decrypt a group-cast message from the WLAN AP.
23. The method of claim 22, wherein the first message comprises the group-cast key.
24. A product comprising one or more tangible computer-readable storage media comprising computer-executable instructions operable to, when executed by at least one computer processor, enable the at least one computer processor to perform the method of any one of claims 19-23.
25. An apparatus comprising means for causing a WLAN AP to perform the method of any one of claims 19-23.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201562250333P | 2015-11-03 | 2015-11-03 | |
US62/250,333 | 2015-11-03 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2017078657A1 true WO2017078657A1 (en) | 2017-05-11 |
Family
ID=58662612
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2015/000349 WO2017078657A1 (en) | 2015-11-03 | 2015-12-24 | Apparatus, system and method of cellular-assisted establishing of a secured wlan connection between a ue and a wlan ap |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2017078657A1 (en) |
Cited By (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10230605B1 (en) | 2018-09-04 | 2019-03-12 | Cisco Technology, Inc. | Scalable distributed end-to-end performance delay measurement for segment routing policies |
US10235226B1 (en) | 2018-07-24 | 2019-03-19 | Cisco Technology, Inc. | System and method for message management across a network |
US10285155B1 (en) | 2018-09-24 | 2019-05-07 | Cisco Technology, Inc. | Providing user equipment location information indication on user plane |
US10284429B1 (en) | 2018-08-08 | 2019-05-07 | Cisco Technology, Inc. | System and method for sharing subscriber resources in a network environment |
US10299128B1 (en) | 2018-06-08 | 2019-05-21 | Cisco Technology, Inc. | Securing communications for roaming user equipment (UE) using a native blockchain platform |
US10374749B1 (en) | 2018-08-22 | 2019-08-06 | Cisco Technology, Inc. | Proactive interference avoidance for access points |
US10491376B1 (en) | 2018-06-08 | 2019-11-26 | Cisco Technology, Inc. | Systems, devices, and techniques for managing data sessions in a wireless network using a native blockchain platform |
US10601724B1 (en) | 2018-11-01 | 2020-03-24 | Cisco Technology, Inc. | Scalable network slice based queuing using segment routing flexible algorithm |
US10652152B2 (en) | 2018-09-04 | 2020-05-12 | Cisco Technology, Inc. | Mobile core dynamic tunnel end-point processing |
US10779188B2 (en) | 2018-09-06 | 2020-09-15 | Cisco Technology, Inc. | Uplink bandwidth estimation over broadband cellular networks |
US10949557B2 (en) | 2018-08-20 | 2021-03-16 | Cisco Technology, Inc. | Blockchain-based auditing, instantiation and maintenance of 5G network slices |
WO2021071551A1 (en) * | 2019-10-10 | 2021-04-15 | Kakaire James Kirunda | Mobile wireless broadband network interface card (mwbnic) and k-net |
US11228905B2 (en) * | 2017-07-28 | 2022-01-18 | Huawei Technologies Co., Ltd. | Security implementation method, related apparatus, and system |
US11558288B2 (en) | 2018-09-21 | 2023-01-17 | Cisco Technology, Inc. | Scalable and programmable mechanism for targeted in-situ OAM implementation in segment routing networks |
RU2800888C1 (en) * | 2019-10-10 | 2023-07-31 | Галактик Телеком Груп, Ллк | Mobile wireless broadband interface card (mwbnic) and k-network |
US12021701B2 (en) | 2015-07-23 | 2024-06-25 | Cisco Technology, Inc. | Refresh of the binding tables between data-link-layer and network-layer addresses on mobility in a data center environment |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20110138548A (en) * | 2010-06-21 | 2011-12-28 | 삼성전자주식회사 | Mehthod and apparatus for managing security in a mobiel communication system supporting emergency call |
WO2014100929A1 (en) * | 2012-12-24 | 2014-07-03 | Nokia Corporation | Methods and apparatus for differencitating security configurations in a radio local area network |
WO2015096138A1 (en) * | 2013-12-27 | 2015-07-02 | 华为技术有限公司 | Offload method, user equipment, base station and access point |
EP2922325A1 (en) * | 2012-12-19 | 2015-09-23 | Huawei Technologies Co., Ltd. | Method and apparatus for communication security processing |
WO2015148434A1 (en) * | 2014-03-24 | 2015-10-01 | Intel IP Corporation | Apparatus, system and method of securing communications of a user equipment (ue) in a wireless local area network |
-
2015
- 2015-12-24 WO PCT/US2015/000349 patent/WO2017078657A1/en active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20110138548A (en) * | 2010-06-21 | 2011-12-28 | 삼성전자주식회사 | Mehthod and apparatus for managing security in a mobiel communication system supporting emergency call |
EP2922325A1 (en) * | 2012-12-19 | 2015-09-23 | Huawei Technologies Co., Ltd. | Method and apparatus for communication security processing |
WO2014100929A1 (en) * | 2012-12-24 | 2014-07-03 | Nokia Corporation | Methods and apparatus for differencitating security configurations in a radio local area network |
WO2015096138A1 (en) * | 2013-12-27 | 2015-07-02 | 华为技术有限公司 | Offload method, user equipment, base station and access point |
WO2015148434A1 (en) * | 2014-03-24 | 2015-10-01 | Intel IP Corporation | Apparatus, system and method of securing communications of a user equipment (ue) in a wireless local area network |
Cited By (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US12021701B2 (en) | 2015-07-23 | 2024-06-25 | Cisco Technology, Inc. | Refresh of the binding tables between data-link-layer and network-layer addresses on mobility in a data center environment |
US11228905B2 (en) * | 2017-07-28 | 2022-01-18 | Huawei Technologies Co., Ltd. | Security implementation method, related apparatus, and system |
US10673618B2 (en) | 2018-06-08 | 2020-06-02 | Cisco Technology, Inc. | Provisioning network resources in a wireless network using a native blockchain platform |
US10742396B2 (en) | 2018-06-08 | 2020-08-11 | Cisco Technology, Inc. | Securing communications for roaming user equipment (UE) using a native blockchain platform |
US10361843B1 (en) | 2018-06-08 | 2019-07-23 | Cisco Technology, Inc. | Native blockchain platform for improving workload mobility in telecommunication networks |
US10491376B1 (en) | 2018-06-08 | 2019-11-26 | Cisco Technology, Inc. | Systems, devices, and techniques for managing data sessions in a wireless network using a native blockchain platform |
US10505718B1 (en) | 2018-06-08 | 2019-12-10 | Cisco Technology, Inc. | Systems, devices, and techniques for registering user equipment (UE) in wireless networks using a native blockchain platform |
US10299128B1 (en) | 2018-06-08 | 2019-05-21 | Cisco Technology, Inc. | Securing communications for roaming user equipment (UE) using a native blockchain platform |
US10235226B1 (en) | 2018-07-24 | 2019-03-19 | Cisco Technology, Inc. | System and method for message management across a network |
US10284429B1 (en) | 2018-08-08 | 2019-05-07 | Cisco Technology, Inc. | System and method for sharing subscriber resources in a network environment |
US10949557B2 (en) | 2018-08-20 | 2021-03-16 | Cisco Technology, Inc. | Blockchain-based auditing, instantiation and maintenance of 5G network slices |
US10374749B1 (en) | 2018-08-22 | 2019-08-06 | Cisco Technology, Inc. | Proactive interference avoidance for access points |
US11606298B2 (en) | 2018-09-04 | 2023-03-14 | Cisco Technology, Inc. | Mobile core dynamic tunnel end-point processing |
US10230605B1 (en) | 2018-09-04 | 2019-03-12 | Cisco Technology, Inc. | Scalable distributed end-to-end performance delay measurement for segment routing policies |
US10652152B2 (en) | 2018-09-04 | 2020-05-12 | Cisco Technology, Inc. | Mobile core dynamic tunnel end-point processing |
US11201823B2 (en) | 2018-09-04 | 2021-12-14 | Cisco Technology, Inc. | Mobile core dynamic tunnel end-point processing |
US10779188B2 (en) | 2018-09-06 | 2020-09-15 | Cisco Technology, Inc. | Uplink bandwidth estimation over broadband cellular networks |
US11864020B2 (en) | 2018-09-06 | 2024-01-02 | Cisco Technology, Inc. | Uplink bandwidth estimation over broadband cellular networks |
US11558288B2 (en) | 2018-09-21 | 2023-01-17 | Cisco Technology, Inc. | Scalable and programmable mechanism for targeted in-situ OAM implementation in segment routing networks |
US10660061B2 (en) | 2018-09-24 | 2020-05-19 | Cisco Technology, Inc. | Providing user equipment location information indication on user plane |
US10285155B1 (en) | 2018-09-24 | 2019-05-07 | Cisco Technology, Inc. | Providing user equipment location information indication on user plane |
US11627094B2 (en) | 2018-11-01 | 2023-04-11 | Cisco Technology, Inc. | Scalable network slice based queuing using segment routing flexible algorithm |
US10601724B1 (en) | 2018-11-01 | 2020-03-24 | Cisco Technology, Inc. | Scalable network slice based queuing using segment routing flexible algorithm |
WO2021071551A1 (en) * | 2019-10-10 | 2021-04-15 | Kakaire James Kirunda | Mobile wireless broadband network interface card (mwbnic) and k-net |
RU2800888C1 (en) * | 2019-10-10 | 2023-07-31 | Галактик Телеком Груп, Ллк | Mobile wireless broadband interface card (mwbnic) and k-network |
CN114514792A (en) * | 2019-10-10 | 2022-05-17 | 银河电讯集团 | Mobile Wireless Broadband Network Interface Card (MWBNIC) and K network |
US12126394B2 (en) | 2020-04-14 | 2024-10-22 | Galactic Telecom Group, Llc | Mobile Wireless Broadband Network Interface Card (MWBNIC) and K-net |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2017078657A1 (en) | Apparatus, system and method of cellular-assisted establishing of a secured wlan connection between a ue and a wlan ap | |
US10045255B2 (en) | Apparatus, system and method of processing PDCP PDUs of an E-RAB | |
US10327143B2 (en) | Apparatus, system and method of communicating between a cellular manager and a user equipment (UE) via a WLAN node | |
CN105850169B (en) | Apparatus, system and method for secure communication of User Equipment (UE) in wireless local area network | |
US10015203B2 (en) | Apparatus, system and method of differentiating between an IMS connection and a non-IMS connection | |
US20150109997A1 (en) | Apparatus, system and method of interfacing between a cellular manager and a wlan access device | |
AU2018202590A1 (en) | Apparatus, system and method of securing communications of a user equipment (ue) in a wireless local area network | |
US10869257B2 (en) | Apparatus, system and method of cellular-assisted WLAN regulatory information | |
US10306550B2 (en) | Apparatus, system and method of wireless local area network (WLAN) setting of a user equipment (UE) | |
CN108886686B (en) | Apparatus, system, and method for selectively updating key information for secure WLAN connections between a UE and a WLAN AP | |
WO2017172450A1 (en) | Packet data convergence protocol optimizations for lte-wlan aggregation | |
WO2017026976A1 (en) | Apparatus, system and method of cellular-assisted fine time measurement | |
WO2017142580A1 (en) | Apparatus, system and method of user equipment (ue) relaying via non-cellular radio access technology (rat) | |
WO2016164066A1 (en) | Apparatus, system and method of traffic steering at a user equipment (ue) |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 15907909 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 15907909 Country of ref document: EP Kind code of ref document: A1 |