Enabling secured wireless access at hotspot by providing user-specific access credential for secure SSID during sign-up process conducted over open wireless network

US 10,299,126 B2
Filed: 03/28/2018
Issued: 05/21/2019
Est. Priority Date: 06/22/2012
Status: Active Grant

First Claim

Patent Images

1. A method of enabling secured wireless access at a hotspot, the method comprising:

providing an open wireless network having no network-level encryption and allowing open association therewith by a client device;

providing a secure wireless network employing network-level encryption and requiring successful completion of an authentication process before allowing association therewith by the client device;

establishing an encrypted connection between the client device and a login portal of the hotspot over the open wireless network;

requiring a user of the client device to perform a predetermined sign-up process at the login portal via the encrypted connection;

adding a user-specific access credential as a valid access credential in a credential database, wherein the credential database stores a plurality of valid access credentials acceptable for gaining secure wireless access at the hotspot;

transmitting instructions from the login portal to the client device via the encrypted connection, the instructions instructing the user of the client device to switch the client device to a service set identifier (SSID) of the secure wireless network and to authenticate with the secure wireless network utilizing the user-specific access credential, wherein the instructions are displayed to the user by the client device and include both the service set identifier (SSID) of the secure wireless network and the user-specific access credential that is acceptable for associating with that service set identifier (SSID); and

providing secured wireless access to the client device over the secure wireless network after the user has associated the client device with the secure wireless network by following the instructions.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A hotspot provides an open wireless network and a secure wireless network. The open wireless network has no network-level encryption and allows open association therewith. The secure wireless network employs network-level encryption and requires authentication of a received access credential from a client device before allowing association therewith. A system for authorizing the client device for secured access at the hotspot includes an access controller configured to establish an encrypted connection between the client device and a login portal of the hotspot over the open wireless network, and to store a user-specific access credential transmitted via the encrypted connection as a valid access credential in a credential database. The credential database is accessed by wireless access points of the hotspot to authenticate the received access credential from the client device in response to a request from the client device to associate with the secure wireless network.

Citations

20 Claims

1. A method of enabling secured wireless access at a hotspot, the method comprising:
- providing an open wireless network having no network-level encryption and allowing open association therewith by a client device;
  
  providing a secure wireless network employing network-level encryption and requiring successful completion of an authentication process before allowing association therewith by the client device;
  
  establishing an encrypted connection between the client device and a login portal of the hotspot over the open wireless network;
  
  requiring a user of the client device to perform a predetermined sign-up process at the login portal via the encrypted connection;
  
  adding a user-specific access credential as a valid access credential in a credential database, wherein the credential database stores a plurality of valid access credentials acceptable for gaining secure wireless access at the hotspot;
  
  transmitting instructions from the login portal to the client device via the encrypted connection, the instructions instructing the user of the client device to switch the client device to a service set identifier (SSID) of the secure wireless network and to authenticate with the secure wireless network utilizing the user-specific access credential, wherein the instructions are displayed to the user by the client device and include both the service set identifier (SSID) of the secure wireless network and the user-specific access credential that is acceptable for associating with that service set identifier (SSID); and
  
  providing secured wireless access to the client device over the secure wireless network after the user has associated the client device with the secure wireless network by following the instructions.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein at least a part of the user-specific access credential is a password.
  - 3. The method of claim 1, wherein at least a part of the user-specific access credential is a username.
  - 4. The method of claim 1, wherein at least a part of the user-specific access credential is transmitted from the client device to the login portal via the encrypted connection during the predetermined sign-up process.
  - 5. The method of claim 1, wherein the user-specific access credential comprises a username and a password chosen by the user of the client device.
  - 6. The method of claim 1, further comprising allowing the client device to access an external network over the secure wireless network after the client device has successfully associated with the secure wireless network until an access expiry time is reached.
  - 7. The method of claim 1, further comprising causing a web browser running on the client device to establish a hypertext transfer protocol secure (HTTPS) connection with the login portal over the open wireless network after the client device has associated with the open wireless network.
  - 8. The method of claim 1, further comprising:
    - receiving a request from the client device to associate with the secure wireless network after the user-specific access credential has been added to the credential database;
      
      receiving the user-specific access credential from the client device as a part of the authentication process performed before the client device is allowed to associate with the secure wireless network;
      
      accessing the credential database to check whether the user-specific access credential received from the client device during the authentication process corresponds to one of the valid access credentials stored in the credential database; and
      
      allowing the client device to associate with the secure wireless network only when the user-specific access credential received from the client device during the authentication process corresponds to one of the valid access credentials stored in the credential database.
  - 9. The method of claim 1, further comprising:
    - preventing the client device from accessing a particular network resource over the open wireless network; and
      
      allowing the client device to access the particular network resource over the secure wireless network after the user has associated the client device with the secure wireless network by following the instructions.
  - 10. The method of claim 1, further comprising disconnecting the client device from the secure wireless network in response to a predetermined time period expiring.

11. A non-transitory computer-readable medium comprising processor executable instructions that, when executed by one or more processors, cause the one or more processors to perform steps of:
- providing an open wireless network having no network-level encryption and allowing open association therewith by a client device at a hotspot;
  
  providing a secure wireless network employing network-level encryption and requiring successful completion of an authentication process before allowing association therewith by the client device;
  
  establishing an encrypted connection between the client device and a login portal of the hotspot over the open wireless network;
  
  requiring a user of the client device to perform a predetermined sign-up process at the login portal via the encrypted connection;
  
  adding a user-specific access credential as a valid access credential in a credential database, wherein the credential database stores a plurality of valid access credentials acceptable for gaining secure wireless access at the hotspot;
  
  transmitting instructions from the login portal to the client device via the encrypted connection, the instructions instructing the user of the client device to switch the client device to a service set identifier (SSID) of the secure wireless network and to authenticate with the secure wireless network utilizing the user-specific access credential, wherein the instructions are displayed to the user by the client device and include both the service set identifier (SSID) of the secure wireless network and the user-specific access credential that is acceptable for associating with that service set identifier (SSID); and
  
  providing secured wireless access to the client device over the secure wireless network after the user has associated the client device with the secure wireless network by following the instructions.

12. A system enabling secured wireless access at a hotspot, the system comprising:
- one or more access points providing an open wireless network having no network-level encryption and allowing open association therewith by a client device;
  
  one or more access points providing a secure wireless network employing network-level encryption and requiring successful completion of an authentication process before allowing association therewith by the client device;
  
  a computer server having one or more processors executing software in order to provide a login portal; and
  
  a storage device coupled to the computer server and storing a credential database, the credential database storing a plurality of valid access credentials acceptable for gaining secure wireless access at the hotspot;
  
  wherein the login portal is configured to establish an encrypted connection with the client device over the open wireless network and to require a user of the client device to perform a predetermined sign-up process via the encrypted connection;
  
  the login portal is configured to add a user-specific access credential as a valid access credential in the credential database;
  
  the login portal is configured to transmit instructions to the client device via the encrypted connection, the instructions instructing the user of the client device to switch the client device to a service set identifier (SSID) of the secure wireless network and to authenticate with the secure wireless network utilizing the user-specific access credential;
  
  wherein the instructions are displayed to the user by the client device and include both the service set identifier (SSID) of the secure wireless network and the user-specific access credential that is acceptable for associating with that service set identifier (SSID); and
  
  the one or more access points providing the secure wireless network are configured to provide secured wireless access to the client device over the secure wireless network after the user has associated the client device with the secure wireless network by following the instructions.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. The system of claim 12, wherein at least a part of the user-specific access credential is a password.
  - 14. The system of claim 12, wherein at least a part of the user-specific access credential is a username.
  - 15. The system of claim 12, wherein at least a part of the user-specific access credential is transmitted from the client device to the login portal via the encrypted connection during the predetermined sign-up process.
  - 16. The system of claim 12, further comprising:
    - a firewall coupled to the one or more access points providing the secure wireless network and the computer server providing the login portal;
      
      wherein the firewall is configured to allow the client device to access an external network over the secure wireless network after the client device has successfully associated with the secure wireless network until an access expiry time is reached.
  - 17. The system of claim 16, wherein:
    - the firewall is further coupled to the one or more access points providing the open wireless network;
      
      the computer server is a web server providing a web-based login portal; and
      
      the firewall is configured to cause a web browser running on the client device to establish a hypertext transfer protocol secure (HTTPS) connection over the open wireless network with the login portal after the client device has associated with the open wireless network.
  - 18. The system of claim 12,wherein the one or more access points providing the secure wireless network are further configured to:
    - receive a request from the client device to associate with the secure wireless network after the user-specific access credential has been added to the credential database;
      
      receive the user-specific access credential from the client device as a part of the authentication process performed before the client device is allowed to associate with the secure wireless network;
      
      access the credential database to check whether the user-specific access credential received from the client device during the authentication process corresponds to one of the valid access credentials stored in the credential database; and
      
      allow the client device to associate with the secure wireless network only when the user-specific access credential received from the client device during the authentication process corresponds to one of the valid access credentials stored in the credential database.
  - 19. The system of claim 12, further comprising one or more firewalls configured to prevent the client device from accessing a particular network resource over the open wireless network, and to allow the client device to access the particular network resource over the secure wireless network after the user has associated the client device with the secure wireless network by following the instructions.
  - 20. The system of claim 12, wherein the login portal is configured to send a command to the one or more access points providing the secure wireless network in response to a predetermined time duration expiring, the command causing the client device to be disconnected from the secure wireless network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Guest-tek Interactive Entertainment Ltd.
Original Assignee
Guest-tek Interactive Entertainment Ltd.
Inventors
Bryksa, Ellison W., MacMillan, Andrew T.
Primary Examiner(s)
Davis, Zachary A.

Application Number

US15/939,039
Publication Number

US 20180279125A1
Time in Patent Office

419 Days
Field of Search
US Class Current
CPC Class Codes

G06Q 10/02   Reservations, e.g. for tick...

G06Q 2220/00   Business processing using c...

H04L 63/083   using passwords cryptograph...

H04L 63/105   Multiple levels of security

H04L 63/108   when the policy decisions a...

H04L 63/168   above the transport layer

H04W 12/06   Authentication

H04W 12/082   using revocation of authori...

H04W 12/084   using delegated authorisati...

H04W 12/088   using filters or firewalls

H04W 84/12   WLAN [Wireless Local Area N...

Enabling secured wireless access at hotspot by providing user-specific access credential for secure SSID during sign-up process conducted over open wireless network

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Enabling secured wireless access at hotspot by providing user-specific access credential for secure SSID during sign-up process conducted over open wireless network

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links