Cross access login controller

US 10,547,617 B2
Filed: 09/29/2017
Issued: 01/28/2020
Est. Priority Date: 11/17/2010
Status: Active Grant

First Claim

Patent Images

1. A method of authorizing network access, comprising:

by a controller with a processor and memory, the controller in communication with a first network for controlling access to the first network;

receiving via the first network, from a user equipment having a user registered in a visitor network, an access request to access the first network, wherein the access request includes a MAC address of the user equipment;

performing a query, using the received MAC address, in a subscriber repository;

if, based on a result of the query, the received MAC address is not found in the subscriber repository;

sending a credential request to the user equipment;

receiving a credential from the user equipment;

generating a single use code;

causing storage of the single use code in the subscriber repository, correlated to the received MAC address;

sending the single use code to the user equipment via a trusted channel;

receiving a new code and a new credential via the visitor network;

comparing the new code and the single use code; and

based on a result of the comparing, if the new code matches the single use code, registering the new credential for re-use by the user equipment.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods here may be used for authorizing network access including using a controller with a processor and memory, the controller in communication with a first network for controlling access to the first network. From a user equipment having a user registered in a visitor network, an access request to access the first network is received, wherein the access request includes a MAC address of the user equipment. Based on a query performed in a subscriber repository, if the received MAC address is not found, a credential request is sent to the user equipment, and a credential is received from the user equipment. A single use code is generated, stored in the subscriber repository, and sent to the user equipment via a trusted channel. A new code and a new credential are received via the visitor network, and are compared. If the new code and the single use code match, the new credential is registered for re-use by the user equipment.

Citations

17 Claims

1. A method of authorizing network access, comprising:
- by a controller with a processor and memory, the controller in communication with a first network for controlling access to the first network;
  
  receiving via the first network, from a user equipment having a user registered in a visitor network, an access request to access the first network, wherein the access request includes a MAC address of the user equipment;
  
  performing a query, using the received MAC address, in a subscriber repository;
  
  if, based on a result of the query, the received MAC address is not found in the subscriber repository;
  
  sending a credential request to the user equipment;
  
  receiving a credential from the user equipment;
  
  generating a single use code;
  
  causing storage of the single use code in the subscriber repository, correlated to the received MAC address;
  
  sending the single use code to the user equipment via a trusted channel;
  
  receiving a new code and a new credential via the visitor network;
  
  comparing the new code and the single use code; and
  
  based on a result of the comparing, if the new code matches the single use code, registering the new credential for re-use by the user equipment.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 whereinsending to the user equipment the single use code via the trusted channel comprises:
    - sending the single use code to the user equipment in a voice communication.
  - 3. The method of claim 1, wherein the credential received from the user equipment comprises a cellular phone number.
  - 4. The method of claim 1, wherein the trusted channel comprises a short message service (SMS) communication.
  - 5. The method of claim 1, wherein the trusted channel comprises a MMS communication.
  - 6. The method of claim 1, wherein the sending the single use code comprises sending the single use code in an email.
  - 7. The method of claim 1, wherein sending the credential request to the user equipment further comprises:
    - directing the user equipment to a registration webpage.

8. A non-transitory computer-readable medium having computer-executable instructions stored thereon which, when executed by one or more computer processors of a controller in communication with a first network for controlling access to the first network, cause the one or more computer processors to perform steps of a method for authorizing network access, the method comprising:
- receiving via the first network, from a user equipment having a user registered in a visitor network, an access request to access the first network, wherein the access request includes a MAC address of the user equipment;
  
  performing a query, using the received MAC address, in a subscriber repository;
  
  if, based on a result of the query, the received MAC address is not found in the subscriber repository;
  
  sending a credential request to the user equipment;
  
  receiving a credential from the user equipment;
  
  generating a single use code;
  
  causing storage of the single use code in the subscriber repository, correlated to the received MAC address;
  
  sending the single use code to the user equipment via a trusted channel;
  
  receiving a new code and a new credential via the visitor network;
  
  comparing the new code and the single use code; and
  
  based on a result of the comparing, if the new code matches the single use code, registering the new credential for re-use by the user equipment.
- View Dependent Claims (9, 10)
- - 9. The non-transitory computer readable medium of claim 8, wherein sending the credential request to the user equipment further comprises directing the user equipment to utilize a registration webpage.
  - 10. The non-transitory computer readable medium of claim 8, wherein the credential received from the user equipment comprises a cellular phone number.

11. A system for authorizing network access, comprisinga controller with a processor and memory, the controller in communication with a first network for controlling access to the first network, the controller configured to:
- receive via the first network, from a user equipment having a user registered in a visitor network, an access request to access the first network, wherein the access request includes a MAC address of the user equipment;
  
  perform a query, using the received MAC address, in a subscriber repository;
  
  if, based on a result of the query, the received MAC address is not found in the subscriber repository;
  
  send a credential request to the user equipment;
  
  receive a credential from the user equipment;
  
  generate a single use code;
  
  cause storage of the single use code in the subscriber repository, correlated to the received MAC address;
  
  send the single use code to the user equipment via a trusted channel;
  
  receive a new code and a new credential via the visitor network;
  
  compare the new code and the single use code; and
  
  based on a result of the compare, if the new code matches the single use code, register the new credential for re-use by the user equipment.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The system of claim 11, wherein the credential received from the user equipment comprises a cellular phone number.
  - 13. The system of claim 11, wherein to send the single use code to the user equipment via the trusted channel comprises sending the single use code to the user equipment in a voice communication.
  - 14. The system of claim 11, wherein the trusted channel comprises a short message service (SMS) communication.
  - 15. The system of claim 11, wherein the trusted channel comprises a MMS communication.
  - 16. The system of claim 11, wherein to send the single use code to the user equipment comprises sending the single use code in an email.
  - 17. The system of claim 11, wherein to send the credential request to the user equipment further comprises directing the user equipment to a registration webpage.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ruckus IP Holdings LLC
Original Assignee
ARRIS Enterprises LLC (CommScope Holding Company, Inc.)
Inventors
Givoni, Doron, Pogorelik, Oleg
Primary Examiner(s)
To, Baotran N

Application Number

US15/721,537
Publication Number

US 20180278615A1
Time in Patent Office

851 Days
Field of Search

726 2, 726 3, 726 5
US Class Current
CPC Class Codes

G06F 2221/2111   Location-sensitive, e.g. ge...

H04L 63/08   for authentication of entit...

H04L 63/0815   providing single-sign-on or...

H04L 63/0876   based on the identity of th...

H04L 63/0892   by using authentication-aut...

H04L 63/10   for controlling access to d...

H04L 63/107   wherein the security polici...

H04L 63/18   using different networks or...

H04W 12/068   using credential vaults, e....

H04W 12/08   Access security

Cross access login controller

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Cross access login controller

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links