Network access control

US 10,230,522 B1
Filed: 03/24/2016
Issued: 03/12/2019
Est. Priority Date: 03/24/2016
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by an access point comprising at least one processor, a first request to establish a first Wi-Fi connection with the access point, from an Internet of Things (IoT) device;

receiving, by the access point, a second request to establish a second Wi-Fi connection from a mobile device;

sending, by the access point, to an administration device a first pre-shared key (PSK) request associated with the first request;

sending, by the access point, to the administration device a second PSK request associated with the second request;

receiving, by the access point and from the administration device, a first PSK comprising a first access configuration to connect to the access point, wherein the first access configuration includes first data that causes the access point to limit at least one of network access duration, time of day access, predetermined data usage limits, bandwidth allocation, relative device priority, Internet access limits, or parental controls;

receiving, by the access point, from the administration device a second PSK with a second access configuration to connect to the access point, wherein the second access configuration includes second data that causes the access point to limit at least one of network access duration, time of day access, predetermined data usage limits, bandwidth allocation, relative device priority, Internet access limits, or parental controls;

sending, by the access point, to the IoT device a first response including at least in part the first PSK;

sending, by the access point, to the mobile device a second response including at least in part, the second PSK;

receiving, by the access point, a first login request from the IoT device, wherein the first login request includes the first PSK;

receiving, by the access point, a second login request from the mobile device, wherein the second login request includes the second PSK;

establishing, by the access point, the first Wi-Fi connection with the first access configuration; and

establishing, by the access point, the second Wi-Fi connection with the second access configuration.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This disclosure describes methods, apparatus, and systems related to controlled access data allocation. A device may receive a first request from a first device to establish a first connection with a wireless network. The device may receive a second request from a second device to establish a second connection with the wireless network. The device may determine a first access data for the first device, wherein the first access data is associated with a first access configuration. The device may determine a second access data for the second device, wherein the second access data is associated with a second access configuration, wherein the second access configuration is different from the first access configuration. The device may send the first access data to the first device. The device may send the second access data to the second device. The device may establish the first connection with the first device, wherein the first connection is at the first access configuration. The device may establish the second connection with the second device, wherein the second connection is at the second access configuration.

Citations

20 Claims

1. A method comprising:
- receiving, by an access point comprising at least one processor, a first request to establish a first Wi-Fi connection with the access point, from an Internet of Things (IoT) device;
  
  receiving, by the access point, a second request to establish a second Wi-Fi connection from a mobile device;
  
  sending, by the access point, to an administration device a first pre-shared key (PSK) request associated with the first request;
  
  sending, by the access point, to the administration device a second PSK request associated with the second request;
  
  receiving, by the access point and from the administration device, a first PSK comprising a first access configuration to connect to the access point, wherein the first access configuration includes first data that causes the access point to limit at least one of network access duration, time of day access, predetermined data usage limits, bandwidth allocation, relative device priority, Internet access limits, or parental controls;
  
  receiving, by the access point, from the administration device a second PSK with a second access configuration to connect to the access point, wherein the second access configuration includes second data that causes the access point to limit at least one of network access duration, time of day access, predetermined data usage limits, bandwidth allocation, relative device priority, Internet access limits, or parental controls;
  
  sending, by the access point, to the IoT device a first response including at least in part the first PSK;
  
  sending, by the access point, to the mobile device a second response including at least in part, the second PSK;
  
  receiving, by the access point, a first login request from the IoT device, wherein the first login request includes the first PSK;
  
  receiving, by the access point, a second login request from the mobile device, wherein the second login request includes the second PSK;
  
  establishing, by the access point, the first Wi-Fi connection with the first access configuration; and
  
  establishing, by the access point, the second Wi-Fi connection with the second access configuration.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, further comprising:
    - receiving, by the access point, from a computing device a third request to establish a third Wi-Fi connection with the access point, wherein the third request include identification information associated with the computing device;
      
      determining, by the access point, a third access configuration based at least in part on the identification information;
      
      determining, by the access point, a third PSK associated with the third access configuration;
      
      sending, by the access point, the third PSK to the computing device; and
      
      establishing, by the access point, the third Wi-Fi connection in accordance with the third access configuration.
  - 3. The method of claim 1, further comprising:
    - receiving, by the access point, a non-Wi-Fi protected setup (WPS) request to establish a fourth Wi-Fi connection with a second IoT device;
      
      determining, by the access point, a shortened PSK;
      
      associating, by the access point, the shortened PSK with the second IoT device;
      
      associating, by the access point, the shortened PSK with a fourth access configuration;
      
      sending, by the access point, the shortened PSK to the second IoT device;
      
      receiving, by the access point, a login request from the second IoT device, wherein the request includes at least in part the shortened PSK; and
      
      establishing, by the access point, a fourth Wi-Fi connection with the fourth access configuration.
  - 4. The method of claim 1, further comprising:
    - determining, by the access point, at least one condition occurred during the first Wi-Fi connection, wherein the at least one condition includes at least one of;
      
      a modification to the first access configuration, a revocation of access to the first Wi-Fi connection, or a temporary disabling of access to the first Wi-Fi connection; and
      
      determining, by the access point, an adjusted Wi-Fi connection based at least in part on the at least one condition.

5. A device, comprising:
- at least one memory that stores computer-executable instructions; and
  
  at least one processor configured to access the at least one memory, wherein the at least one processor is configured to execute the computer-executable instructions to;
  
  receive a first request from a first device to establish a first connection with a wireless network;
  
  receive a second request from a second device to establish a second connection with the wireless network;
  
  determine first access data for the first device, wherein the first access data is associated with a first access configuration that includes one or more first restrictions associated with access to the wireless network by the first device;
  
  determine second access data for the second device, wherein the second access data is associated with a second access configuration that includes one or more second restrictions associated with access to the wireless network by the second device, wherein the second access configuration is different from the first access configuration;
  
  send the first access data to the first device;
  
  send the second access data to the second device;
  
  establish the first connection with the first device, wherein the first connection is at the first access configuration; and
  
  establish the second connection with the second device, wherein the second connection is at the second access configuration.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 6. The device of claim 5, wherein the computer-executable instructions further include instructions to:
    - send a access data request to a web server, wherein the access data request includes, at least in part, device information associated with the first device; and
      
      receive a access data response message including the first access data.
  - 7. The device of claim 6, wherein the device information includes at least one of a service set identifier (SSID) of the wireless network, a device media access control (MAC) address, a time of access request, or a device location identifier.
  - 8. The device of claim 5, wherein the computer-executable instructions to determine the first access data further includes computer-executable instructions to randomly determine the first access data.
  - 9. The device of claim 5, wherein the at least one processor is further configured to execute the computer-executable instructions to determine the first request is an initial request or a repeated request.
  - 10. The device of claim 5, wherein the at least one processor is further configured to execute the computer-executable instructions to send the first access data to the first device using at least one of a cellular network, an IEEE 802.11 protocol, near field communication (NFC), an IEEE 802.15 protocol, short message service (SMS), instant messaging (IM), supersonic signals, subsonic signals, non-voice audio signals, or voice commands.
  - 11. The device of claim 5, wherein the one or more first restrictions include restrictions on one or more of:
    - network access duration, time of day access, predetermined data usage limits, bandwidth allocation, relative device priority, Internet access limits, or parental controls.
  - 12. The device of claim 5, wherein the computer-executable instructions to determine the first access data further includes computer-executable instructions to select the first access data from a plurality of provisioned access data.
  - 13. The device of claim 5, wherein the first access configuration is associated with a group of devices.
  - 14. The device of claim 5, wherein the at least one processor is further configured to execute the computer-executable instructions to perform at least one of modifying the first access configuration, revoking access to the first connection or the second connection, or temporarily disabling access to the first connection or the second connection.

15. A method, comprising:
- receiving, by a first device, a request for access data associated with establishing a wireless connection between a second device and a third device;
  
  determining the access data configured for the second device to authenticate data received wirelessly from the third device, wherein the access data includes one or more restrictions associated with the wireless connection between the second device and the third device; and
  
  sending to the second device the access data.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, further comprising determining the access data includes at least one of network access duration, time of day access, predetermined data usage limits, bandwidth allocation, relative device priority, Internet access limits, or parental controls.
  - 17. The method of claim 15, further comprising determining that the request for access data includes device information associated with the second device.
  - 18. The method of claim 17, further comprising determining that the device information includes at least one of a service set identifier (SSID), a device media access control (MAC) address, a time of access request, or a device location identifier.
  - 19. The method of claim 15, further comprising performing at least one of determining a modified access configuration, revoking access to the wireless connection, or temporarily disabling access to the wireless connection.
  - 20. The method of claim 15, further comprising sending, by the first device, the access data using at least one of a cellular network, an IEEE 802.11 protocol, near field communication (NFC), an IEEE 802.15 protocol, short message service (SMS), instant messaging (IM), supersonic signals, subsonic signals, non-voice audio signals, or voice commands.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Roths, Andrew Jay, Solsona-Palomar, Marc
Primary Examiner(s)
Avery, Jeremiah L

Application Number

US15/079,989
Time in Patent Office

1,083 Days
Field of Search

None
US Class Current
CPC Class Codes

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 67/12   specially adapted for propr...

H04L 9/0819   Key transport or distributi...

H04L 9/083   involving central third par...

H04L 9/0833   involving conference or gro...

H04L 9/3226   using a predetermined code,...

H04W 12/04   Key management, e.g. using ...

H04W 12/043   using a trusted network nod...

H04W 12/069   using certificates or pre-s...

H04W 12/50   Secure pairing of devices

H04W 12/60   Context-dependent security

H04W 12/61   Time-dependent

H04W 76/10   Connection setup

Network access control

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Network access control

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links