APPARATUS AND METHODS FOR DEVICE AUTHORIZATION IN A PREMISES NETWORK

US 20110107436A1
Filed: 11/02/2009
Published: 05/05/2011
Est. Priority Date: 11/02/2009
Status: Active Grant

First Claim

Patent Images

1. In a content delivery network, an apparatus for limiting access to a premises network, comprising:

at least one first interface;

at least one second interface;

a storage apparatus; and

a processor, said processor configured to run one or more computer applications thereon;

wherein at least one of said one or more computer applications comprises an application for authorizing a plurality of client devices to access said premises network; and

wherein at least one other one of said one or more computer applications comprises an application for revoking access to said premises network by identified ones of said plurality of client devices.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Apparatus and methods for enabling protected premises networking capabilities. In one embodiment, a white list of devices authorized to access a premises network and a black list of device not authorized to access a premises network are utilized. The black and white lists may be stored at a database in communication with an authorization manager or may be stored at the manager itself. When a client device is connected to a premise, the manager determines, based on the premises and/or device identity, whether the device is entitled to access. The authorization manager makes this determination based on whether the device is on the white or black list. If the device is on neither list, the manager may add the device to the white list upon appropriate verification. The manager may also facilitate removal of a device from the white list to the black list upon request or automatically.

218 Citations

38 Claims

1. In a content delivery network, an apparatus for limiting access to a premises network, comprising:
- at least one first interface;
  
  at least one second interface;
  
  a storage apparatus; and
  
  a processor, said processor configured to run one or more computer applications thereon;
  
  wherein at least one of said one or more computer applications comprises an application for authorizing a plurality of client devices to access said premises network; and
  
  wherein at least one other one of said one or more computer applications comprises an application for revoking access to said premises network by identified ones of said plurality of client devices.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The apparatus of claim 1, wherein said apparatus comprises a headend entity of said content delivery network, said first interface comprises an interface to said content delivery network by which said apparatus may interface with said plurality of client devices, and said second interface comprises an interface to a plurality of apparatus at a headend of said content delivery network.
  - 3. The apparatus of claim 1, wherein said plurality of client devices are authorized by placing a unique identifier associated with individual ones of said plurality of client devices into a list of authorized devices.
  - 4. The apparatus of claim 3, wherein said unique identifier comprises at least one of a MAC address or an IP address.
  - 5. The apparatus of claim 3, wherein said list of authorized devices further comprises an identifier associated with said premises network.
  - 6. The apparatus of claim 1, wherein said access to said premises network by said identified ones of said plurality of client devices comprises placing a unique identifier associated with said identified ones of said plurality of client devices onto a list of unauthorized devices;
    - andwherein said unique identifiers associated with said identified ones of said plurality of client devices are placed on said list of unauthorized devices by an authorized user of said premises network.
  - 7. The apparatus of claim 1, wherein said storage apparatus is configured to store at least a plurality of information regarding individual ones of said plurality of client devices authorized and not authorized to access said premises network.
  - 8. The apparatus of claim 1, wherein said apparatus is further configured to communicate with a database for storing at least a plurality of information regarding individual ones of said plurality of client devices authorized and not authorized to access said premises network.
  - 9. The apparatus of claim 1, wherein said content delivery network comprises a cable television or satellite network, said premises network comprises a MoCA-compliant network comprising installed coaxial cable within said premises, and said apparatus is disposed at a headend of said cable or satellite network.
  - 10. The apparatus of claim 1, wherein said content delivery network is utilized to provide content to said plurality of client devices using internet protocol (IP)-based delivery mechanisms.

11. Consumer premises equipment (CPE) for use in a cable network, comprising:
- an RF front-end interface;
  
  at least one back-end interface;
  
  a storage apparatus; and
  
  a processor configured to run at least one application thereon, said application configured to;
  
  authorize first ones of a plurality of client devices to access a premises network; and
  
  revoke access to said premises network by second ones of said plurality of client devices.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The CPE of claim 11, wherein said at least one back end interface comprises an interface to said plurality of client devices in said premises network.
  - 13. The CPE of claim 11, wherein said storage apparatus comprises one or more databases having information relating to individual ones of said plurality of client devices being authorized and not authorized to access said premises network.
  - 14. The CPE of claim 13, wherein said authorization of said first ones of said plurality of client devices comprises reviewing said one or more databases for said first ones of said client devices and determining based at least in part on said information, that said first ones of said plurality of client devices are authorized to access said premises network.
  - 15. The CPE of claim 13, wherein said revocation of said second ones of said plurality of client devices comprises adding information relating to said second ones of said client devices to said one or more databases, said added information indicating that said second ones of said plurality of client devices are not authorized to access said premises network.
  - 16. The CPE of claim 11, further in communication with at least one database comprising a list of client devices which are authorized to access said premises network, and a list of client devices which are not authorized to access said premises network;
    - wherein said authorization comprises searching said at least one database to determine on which of said lists said first ones of said plurality of client devices are listed; and
      
      wherein said revocation comprises adding said second ones of said plurality of client devices to said list of client devices which are not authorized to access said premises network.
  - 17. The CPE of claim 11, wherein said at least one application comprises a distributed application, having at least one component thereof run at a headend entity of said cable network.
  - 18. The CPE of claim 11, wherein said premises network comprises a MoCA-compliant premises network.
  - 19. The CPE of claim 11, wherein content is delivered to said CPE from said content delivery network via IP protocol.

20. A method of providing access to a premises network, comprising:
- receiving information identifying at least one client device and at least one premises network;
  
  updating one or more lists of devices to include said entered information;
  
  receiving a request for access to said at least one premises network from said at least one client device connected thereto; and
  
  in response to said request, granting or denying access to said at least one premises network to said at least one client device.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 21. The method of claim 20, wherein said information identifying said at least one client device comprises a MAC address associated with said at least one client device;
    - and said information identifying said at least one premises network comprises a subscriber account number, and said act of updating comprises adding said MAC address and said subscriber account number one of said one or more lists.
  - 22. The method of claim 21, wherein said request comprises at least said MAC address associated with said at least one client device and said subscriber account number.
  - 23. The method of claim 20, wherein said one or more lists comprising at least a white list of authorized devices, and a black list of unauthorized devices.
  - 24. The method of claim 23, further comprising searching said white list and said black list using at least said information identifying at least one client device and at least one premises network.
  - 25. The method of claim 24, wherein said act of granting or denying access is based at least in part on whether said at least one client device is found on said white or said black list.
  - 26. The method of claim 20, wherein said act of granting access to said at least one premises network comprises presenting said at least one client device a user interface for accessing data and content.
  - 27. The method of claim 26, wherein said user interface for accessing data and content comprises an electronic programming guide (EPG).
  - 28. The method of claim 20, wherein said act of denying access to said at least one premises network comprises presenting said at least one client device a message indicating a reason for said denial of access.
  - 29. The method of claim 20, wherein said act of updating further comprises apprising at least one headend billing entity of the addition of said at least one client device to said listing of authorized devices for said at least one premises network.
  - 30. The method of claim 20, further comprising verifying said information identifying at least one client device and at least one premises network.
  - 31. The method of claim 20, wherein said premises network comprises a MoCA-compliant home network.

32. A computer readable apparatus comprising a medium configured to store a computer program, said computer program, when executed:
- receives a request for access to at least one premises network from at least one client device connected thereto;
  
  searches a list of authorized devices and a list of unauthorized devices; and
  
  grants or denies access to said at least one premises network to said at least one client device based at least in part on a result of said search.
- View Dependent Claims (33, 34, 35, 36)
- - 33. The apparatus of claim 32, wherein said computer program is further configured to, if said at least one device is not found at either said list of authorized devices or said list of unauthorized devices, enable said user to add said at least one device to either list.
  - 34. The apparatus of claim 33, wherein said at least one device is added to either of said list of authorized devices or said list of unauthorized devices by the addition of descriptive information regarding said at least one device said list of authorized devices or said list of unauthorized devices.
  - 35. The apparatus of claim 32, wherein said computer program is further configured to, prior to receipt of said request, enable a user to add descriptive information regarding said at least one device to either of said list of authorized devices or said list of unauthorized devices.
  - 36. The apparatus of claim 35, wherein said addition of said descriptive information regarding said at least one device to either of said list of authorized devices or said list of unauthorized devices comprises verification of said descriptive information against pre-stored information.

37. A method of ensuring protected access to cable television network content to a MoCA-compliant premises network, comprising:
- receiving a request from a user device for access to said content from said premises network;
  
  determining whether said user device is specifically authorized to access said content via said premises network;
  
  if said user device is specifically authorized to access said content via said premises network, providing access thereto, said access to said content being provided via installed coaxial cable installed within said premises;
  
  if said user device is not specifically authorized to access said content via said premises network, determining whether said user device is specifically unauthorized to access said content via said premises network;
  
  if said user device is specifically unauthorized to access said content via said premises network, denying access thereto; and
  
  if said user device is not specifically authorized and not specifically unauthorized to access said content via said premises network;
  
  requesting a user of said user device provide a MAC address of said user device and a subscriber account number associated with said network premises;
  
  verifying said provided MAC address and said subscriber account number; and
  
  authorizing said user device to access said content via said network.
- View Dependent Claims (38)
- - 38. The method of claim 37, wherein said act of determining whether said user device is specifically authorized to access said premises network comprises searching a list of authorized devices, and said act of determining whether said user device is specifically unauthorized to access said premises network comprises searching a list of unauthorized devices.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Time Warner Cable Enterprises LLC (Charter Communications Incorporated)
Original Assignee
Time Warner Cable Enterprises LLC (Charter Communications Incorporated)
Inventors
Bell, David, Sarosi, George W., Cholas, Chris, Markley, Jeffrey P.

Granted Patent

US 8,745,758 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/29
CPC Class Codes

H04L 63/10   for controlling access to d...

H04L 63/101   Access control lists [ACL]

H04N 21/2541   Rights Management protectin...

H04N 21/2585   Generation of a revocation ...

APPARATUS AND METHODS FOR DEVICE AUTHORIZATION IN A PREMISES NETWORK

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

218 Citations

38 Claims

Specification

Use Cases

Quick Links

Others

APPARATUS AND METHODS FOR DEVICE AUTHORIZATION IN A PREMISES NETWORK

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

218 Citations

38 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others