System and method for decentralized trust-based service provisioning

US 20060190991A1
Filed: 02/22/2005
Published: 08/24/2006
Est. Priority Date: 02/22/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising:

transmitting a first message to a server from an authorized user in order to provision access to a network by a guest user without any need of centralized control by an administrator, the first message including a guest identifier;

receiving a guest password from the server for subsequent use by a guest user;

authenticating the guest user using the guest identifier and the guest password; and

allowing the guest user access to the network if the guest user is authenticated.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment of the invention, a network is adapted with a wireless network switch in communication with a plurality of access points, which are in communication with one or more wireless units. A guest user is provided access to the network by a wireless unit of an authorized user transmitting a first message to a targeted server of the network. The first message is configured to provision access to a network for the guest user. After generation of the guest password, it is subsequently provided to the guest user for authentication purposes. This enables guest access to be provisioned without any need of centralized control by an administrator.

Citations

18 Claims

1. A method comprising:
- transmitting a first message to a server from an authorized user in order to provision access to a network by a guest user without any need of centralized control by an administrator, the first message including a guest identifier;
  
  receiving a guest password from the server for subsequent use by a guest user;
  
  authenticating the guest user using the guest identifier and the guest password; and
  
  allowing the guest user access to the network if the guest user is authenticated.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the first message is a HTTP Request in response to receiving addressing information associated with the server from a wireless local area network (WLAN) switch.
  - 3. The method of claim 1, wherein prior to transmitting the first message, the method further comprises:
    - transmitting a DNS Query message from a wireless unit to an access point;
      
      routing the DNS Query message from the access point to a wireless local area network (WLAN) switch;
      
      routing a DNS Response message, including the addressing information associated with the server, from the WLAN switch to the wireless unit; and
      
      exchanging messages between the wireless unit and the server to generate the first message.
  - 4. The method of claim 1, wherein the exchange of messages comprises:
    - transmitting a HTTP Request message to download a display page from the server; and
      
      displaying the display page for the authorized user to enter the guest identifier being part of the first message.
  - 5. The method of claim 1, wherein the receiving of the guest password further comprises displaying the guest password for the authorized user to provide to the guest user.
  - 6. The method of claim 1, wherein authenticating the guest user comprises entering an identifier for the guest user and a password for the guest user at the wireless unit;
    - transmitting the identifier and the password for the guest user to the server;
      
      comparing the identifier and the password for the guest user with the guest identifier and the guest password; and
      
      authenticating the guest user if the identifier matches the guest identifier and the password matches the guest password.
  - 7. The method of claim 1, wherein the first message further comprises an access time period being a parameter that identified a period of time that the guest user is allowed access to the network.

8. A method for provisioning services through trust-based operations, comprising:
- initiating a request for a service to be provisioned for a guest user, the request including a guest identifier and an access time period being a parameter to identify a period of time that the guest user is provisioned the service;
  
  receiving a guest password in response to the request;
  
  requesting the service by the guest user by providing the guest identifier and the password; and
  
  authenticating the guest user using the guest identifier and the guest password with the guest user provisioned with the services upon authentication.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The method of claim 8, wherein the request is a first HTTP Request in response to receiving addressing information associated with a server from a wireless local area network (WLAN) switch.
  - 10. The method of claim 9, wherein prior to initiating the request, the method further comprises:
    - transmitting a DNS Query message from a wireless unit to an access point;
      
      routing the DNS Query message from the access point to a wireless local area network (WLAN) switch;
      
      routing a DNS Response message, including the addressing information associated with the server, from the WLAN switch to the wireless unit; and
      
      exchanging messages between the wireless unit and the server to generate the request.
  - 11. The method of claim 10, wherein the exchange of messages comprises:
    - transmitting a second HTTP Request message to download a display page from the server; and
      
      displaying the display page for an authorized user to enter the guest identifier being part of the request.
  - 12. The method of claim 8, wherein the receiving of the guest password further comprises displaying the guest password to be subsequently provided to the guest user.
  - 13. The method of claim 8, wherein the receiving of the guest password further comprises transmitting the guest password to the guest user using the guest identifier.
  - 14. The method of claim 8, wherein authenticating the guest user comprises entering an identifier for the guest user and a password for the guest user at the wireless unit;
    - transmitting the identifier and the password to the server;
      
      comparing the identifier and the password with the guest identifier and the guest password; and
      
      authenticating the guest user if the identifier matches the guest identifier and the password matches the guest password.
  - 15. The method of claim 8, wherein the request further comprises an access time period being a parameter that identified a period of time that the guest user is allowed access to the network.

16. A method comprising:
- notification of a server of a location of an authorized user of a network; and
  
  programming a wireless network switch to restrict network access by a guest user to one or more access points physically proximate to the location of the user.
- View Dependent Claims (17, 18)
- - 17. The method of claim 16, wherein the programming of the wireless network switch includes activation of a plurality of access points covering the location of the authorized user and allowing access to resources of the network while the guest user is within the location and preventing access by the guest user to the network when leaving the location.
  - 18. The method of claim 16, wherein the programming of the wireless network switch includes activation of a plurality of access points covering the location of the authorized user and allowing access to only a public network while the guest user is within the location.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Inventors
Iyer, Pradeep J.

Application Number

US11/063,305
Publication Number

US 20060190991A1
Time in Patent Office

Days
Field of Search
US Class Current

726/3
CPC Class Codes

H04L 63/083   using passwords cryptograph...

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 12/61   Time-dependent

H04W 84/12   WLAN [Wireless Local Area N...

System and method for decentralized trust-based service provisioning

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for decentralized trust-based service provisioning

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links