Systems and methods for controlling access to a public data network from a visited access provider
First Claim
1. A method of controlling access to a public data network from a visited access provider, comprising receiving from a client device a message indicative of a request to access the public data network;
- supporting a temporary connection between the client device and a user-selected credit provider, the temporary connection comprising a transmission of substitute user credentials from the user-selected credit provider in response to transmission of original user credentials from the client device;
receiving the substitute user credentials from the client device;
communicating the substitute user credentials to the user-selected credit provider to authenticate the client device;
responsive to successful authentication of the client device by the user-selected credit provider on the basis of the substitute user credentials, authorizing the client device to access the public data network.
1 Assignment
0 Petitions
Accused Products
Abstract
To allow a user to access a public data network from a region of service operated by a visited access provider, the visited provider is supplied with an identity of a credit provider. The user is redirected to the credit provider, resulting in establishment of a temporary connection with the credit provider. During this temporary connection, the user supplies original user credentials and, in return, receives substitute user credentials if the original user credentials are valid. The substitute user credentials are supplied to the visited provider, which proceeds to have the user authenticated by the credit provider on the basis of the substitute user credentials. In this way, the visited provider authenticates the user with the credit provider before allowing the user to access the public data network, but a secure exchange of the original user credentials between the user and the credit provider prevents unauthorized access to this information by the visited provider.
-
Citations
57 Claims
-
1. A method of controlling access to a public data network from a visited access provider, comprising
receiving from a client device a message indicative of a request to access the public data network; -
supporting a temporary connection between the client device and a user-selected credit provider, the temporary connection comprising a transmission of substitute user credentials from the user-selected credit provider in response to transmission of original user credentials from the client device;
receiving the substitute user credentials from the client device;
communicating the substitute user credentials to the user-selected credit provider to authenticate the client device;
responsive to successful authentication of the client device by the user-selected credit provider on the basis of the substitute user credentials, authorizing the client device to access the public data network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A network, comprising:
-
a network server entity adapted to receive from a client device a message indicative of a user-selected credit provider;
a gateway entity adapted to support a temporary connection between the client device and the user-selected credit provider, the temporary connection comprising a transmission of substitute user credentials from the user-selected credit provider in response to transmission of original user credentials from the client device;
the network server entity being further adapted to receive the substitute user credentials from the client device;
an authentication entity adapted to communicate the substitute user credentials to the user-selected credit provider to authenticate the client device;
the network server entity being further adapted to authorize the client device to access the public data network in response to successful authentication of the client device by the user-selected credit provider on the basis of the substitute user credentials. - View Dependent Claims (18)
-
-
19. A network, comprising:
-
means for receiving from a client device a message indicative of a user-selected credit provider;
means for supporting a temporary connection between the client device and the user-selected credit provider, the temporary connection comprising a transmission of substitute user credentials from the user-selected credit provider in response to transmission of original user credentials from the client device;
means for receiving the substitute user credentials from the client device;
means for communicating the substitute user credentials to the user-selected credit provider to authenticate the client device;
means for authorizing the client device to access the public data network in response to successful authentication of the client device by the user-selected credit provider on the basis of the substitute user credentials.
-
-
20. A method of authenticating users having a business relationship with a credit provider, comprising:
-
receiving original user credentials from a client device;
sending to the client device substitute user credentials associated with the original user credentials;
receiving the substitute user credentials from a visited provider of access to a public data network;
authenticating the client device on the basis of the substitute user credentials;
responsive to successful authentication of the client device on the basis of the substitute user credentials, indicating to the visited provider of access to the public data network that the client device has been successfully authenticated. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. A credit provider having a business relationship with a plurality of users, comprising:
-
a network server entity adapted to;
receive original user credentials from a client device;
send to the client device substitute user credentials associated with the original user credentials;
an authentication entity adapted to;
receive the substitute user credentials from a visited provider of access to a public data network;
authenticate the client device on the basis of the substitute user credentials;
indicate to the visited provider of access to the public data network that the client device has been successfully authenticated in response to successful authentication of the client device on the basis of the substitute user credentials.
-
-
36. A credit provider having a business relationship with a plurality of users, comprising:
-
means for receiving original user credentials from a client device;
means for sending to the client device substitute user credentials associated with the original user credentials;
means for receiving the substitute user credentials from a visited provider of access to a public data network;
means for authenticating the client device on the basis of the substitute user credentials;
means for responsive to successful authentication of the client device on the basis of the substitute user credentials, indicating to the visited provider of access to the public data network that the client device has been successfully authenticated.
-
-
37. A method of accessing a public data network from a region of service operated by a visited access provider, comprising
supplying to the visited access provider an identity of a credit provider; -
establishing a temporary connection with the credit provider;
receiving substitute user credentials from the credit provider during the temporary connection in response to supplying the credit provider with original user credentials provider during the temporary connection;
supplying the substitute user credentials to the visited access provider for authentication of the client device by the credit provider on the basis of the substitute user credentials. - View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49)
-
-
50. Apparatus for accessing a public data network from a region of service operated by a visited access provider, comprising
means for supplying to the visited access provider an identity of a credit provider; -
means for establishing a temporary connection with the credit provider;
means for receiving substitute user credentials from the credit provider during the temporary connection in response to supplying the credit provider with original user credentials provider during the temporary connection;
means for supplying the substitute user credentials to the visited access provider for authentication of the client device by the credit provider on the basis of the substitute user credentials.
-
-
51. A graphical user interface for guiding a user through a process of accessing a public data network from a region of service operated by a visited access provider, comprising:
-
a browser capable of interfacing with the user;
a control entity operative to;
output via the browser content from the visited access provider;
responsive to identification via the browser of a credit provider, output via the browser content from the credit provider;
responsive to identification via the browser of user credentials of a user having a business relationship with the credit provider, access content of user-selected locations on the public data network. - View Dependent Claims (52, 53, 54, 55, 56)
-
-
57. A computer program product for use with a client device in accessing a public data network from a region of service operated by a visited access provider, the computer program product comprising a computer usable medium having computer readable program code thereon, the computer readable program code including:
-
program code for implementing a browser to interface with the user;
program code for outputting via the browser content from the visited access provider;
program code for outputting via the browser content from a credit provider in response to receiving via the browser an identification of the credit provider;
program code for accessing via the browser content of user-selected locations on the public data network in response to receiving via the browser an identification of user credentials of a user having a business relationship with the credit provider.
-
Specification