CN-122029890-A - Method and apparatus for operation in an ESS mixed with enhanced data privacy APs and non-EDP APs

Abstract

Depending on the capabilities of the AP with respect to EDP features, the non-AP stations use different identifiers. For example, when an AP supports one of the EDP features, this feature may be used, allowing non-AP STAs to have continuous service within the ESS even if the STA's MAC address changes dynamically. Thus, privacy is enhanced. On the other hand, whenever a STA in the ESS associates with an AP of the ESS that does not support the EDP feature, a reference MAC address previously set for the STA may be used. Since the ESS knows the reference MAC address for that STA, the service can be continuously provided (although privacy is reduced). Then, once the STA again associates with the AP of the ESS that supports the EDP feature, the high level privacy can be restored while maintaining continuous service.

Inventors

• J. Severn
• S. Barron
• Left inside P.

Assignees

• 佳能株式会社

Dates

Publication Date

20260512

Application Date

20241004

Priority Date

20231006

Claims (18)

1. 1. A method of communication in a wireless network comprising a set of base stations, BSSs, managed by respective APs, the method comprising, at a non-AP station: obtaining capability information from one of the APs, and An identifier for identifying the non-AP station is used in association with the AP, wherein the identifier is either a first identifier or a second identifier depending on the obtained capability information of the AP.
2. 2. The method of claim 1, wherein the capability information comprises one or more of: the ability to identify a random MAC address or IRM for the set of BSSs or not, Capability for operating or not operating device ID indication for the set of BSSs, and The ability to use random and varying MAC addresses within the set of BSSs, or RCM addresses, to operate or not operate fast BSS transitions, or FTs.
3. 3. The method of claim 1, wherein the identifier comprises a MAC address of the non-AP station.
4. 4. The method of claim 1, wherein the first identifier comprises a reference MAC address used by the non-AP station when first associated with the set of BSSs.
5. 5. The method of claim 4, wherein the first identifier is used when the capability information indicates that the AP does not support a mechanism that recognizes a non-AP station within the set of BSSs even if its MAC address changes.
6. 6. The method of claim 4, further comprising locally storing a current MAC address of the non-AP station as a reference MAC address when first associated with the set of BSSs.
7. 7. The method of claim 1, wherein the second identifier comprises one of: The identifiable random MAC address or IRM associated with the non-AP station provided by the non-AP station during the previous association with the AP in the set of BSSs, A device ID associated with the non-AP station received from an AP in the set of BSSs, and The current random and varying MAC address of the non-AP station, the RCM address.
8. 8. The method of claim 7, wherein the second identifier is used when the capability information indicates that the AP supports a mechanism that recognizes a non-AP station even if a MAC address of the non-AP station changes.
9. 9. The method of claim 1, wherein associating with the AP comprises transmitting an association or reassociation request frame, a MAC header of the association or reassociation request frame including a TA field set to the first identifier or the second identifier depending on the obtained capability information of the AP.
10. 10. The method of claim 1, wherein associating with the AP comprises initiating a fast BSS transition from a current AP to the AP.
11. 11. The method of claim 1, comprising using a legacy fast BSS transition as defined in IEEE Std 802.11-2020 where the first identifier is selected based on the obtained capability information and using an enhanced fast BSS transition where the second identifier is selected based on the obtained capability information, wherein the enhanced fast BSS transition derives a pairwise master key for the non-AP station using a persistent station identifier that is different from a current MAC address of the non-AP station.
12. 12. The method of claim 1, further comprising communicating with the AP using user cache persistence information associated with the non-AP stations and shared between the BSSs.
13. 13. The method of claim 12, wherein the user cache persistence information includes a cryptographic key used to generate a pairwise temporary key used to cryptographically operate messages exchanged between the non-AP station and the AP.
14. 14. The method of claim 1, further comprising retrieving, at the AP, user cache persistence information using the first identifier or the second identifier used by the non-AP station when associated with the AP.
15. 15. The method of claim 14, wherein the user cache persistence information is retrieved locally from the AP or from another AP or a controller of the set of BSSs.
16. 16. The method of any of claims 1-15, wherein the set of BSSs is an extended service set, ESS.
17. 17. A wireless communication station, a network controller, and an access point comprising at least one microprocessor configured to perform the method of claim 1.
18. 18. A non-transitory computer readable medium storing a program which, when executed by a microprocessor or computer system in a wireless device, causes the wireless device to perform the method of claim 1.

Description

Method and apparatus for operation in an ESS mixed with enhanced data privacy APs and non-EDP APs Technical Field The present disclosure relates to wireless communications, and more particularly to users and networks operating with enhanced data privacy features. Background The approaches described in this background section could be pursued, but are not necessarily approaches that have been previously conceived or pursued. Thus, unless otherwise indicated herein, the approaches described in this section are not prior art to the claims in this application and are not admitted to be prior art by inclusion in this section. Moreover, all embodiments are not necessarily intended to solve all or even any of the problems presented in this section. In a wireless network, an Extended service set (Extended SERVICE SET, ESS) is a set of Basic Service Sets (BSSs) interconnected by a distribution system (distribution system, DS), each BSS managed by an Access Point (AP). The ESS advantageously provides centralized management of BSSs, enabling service at the ESS level, and mobility for stations (because stations can roam between different BSSs of the ESS without losing connectivity). The ESS level mechanism or service relies on user-cached persistence information (user CACHED PERSISTENT information) that allows the ESS BSS to serve any station in the same manner. Information specific to each station is stored in the ESS and shared between BSSs (typically during the life of the ESS, or whenever a station is periodically returned to the ESS). Thus, even after a station disassociates from an ESS, information is maintained in memory within the ESS (in all BSSs, or in any BSS that shares information when a station re-associates with another BSS). Because of the MAC address of the user's device (non-AP station or STA), mechanisms or services that rely on the user's cached persistence information stored in the ESS may be provided to the user over time. In effect, as a user changes (roams) from one AP to another AP within the ESS, or as the user's device disconnects and later reconnects to the ESS (after a disassociation period), the MAC address of its STA is used as a permanent identifier to identify and discern the user by the AP, and then to retrieve its user cache information associated with its MAC address to provide a mechanism or service. Exemplary mechanisms for caching persistent information based on users include fast BSS transitions (Fast BSS Transition, FT) as defined in the IEEE 802.11r-2008 standard (RTM), now included in IEEE Std 802.11-2020. In FT, a user encryption key (encryption key) is stored and shared between BSSs (forming a mobile domain), thereby avoiding renegotiation of the user encryption key when associated with the next AP. Other exemplary mechanisms include pre-association client bootstrapping (bootstrapping a station to a user cache information persistence desired frequency band when the station is reconnected to the network after disconnection), control access to internet content, and automation systems. Today, evolution of wireless systems is driven by the requirements of user requirements and General Data Protection Regulations (GDPR) to bring leading privacy concerns. The global wireless industry is faced with an increasing need to protect users' Personally Identifiable Information (PII) from increasingly complex user tracking and user profile building activities while continuing to improve wireless services and user experiences. The PII corresponds to any data that is used to identify an individual, or identification or contact information of an individual may be derived. For example, in the context of the IEEE 802.11 family of standards, PII may be the use of a unique identifier (such as a MAC address or SSID, etc.) that may be directly connected to a single device or group of devices, and thus to the owners of such devices. In the following, PII is referred to as a privacy parameter or PE (privacy enhanced) parameter. The IEEE 802.11 working group has then proposed a first procedure to limit the risk of users being tracked, which consists in dynamically modifying the MAC address of the user device. This mechanism, known as the random and varying MAC (Randomized AND CHANGING MAC, RCM) procedure, was originally introduced as a privacy-enhancing feature in the 802.11aq Pre-association service discovery task group (Pre-Association Service Discovery Task Group) and was ultimately included in the standard IEEE Std 802.11-2020. The mechanism includes periodically changing the MAC address of the non-AP station to a random value when the non-AP station is not associated with the network (or equivalently, with an AP). While the introduction of RCM mechanisms greatly enhances the privacy of users, it has an impact on mechanisms based on user caching of persistent information. In particular, as the MAC address changes over time, the APs within the ESS (or mobility domain) are no longer able to ensure c