MANAGEMENT OF ACCESS TO SERVICE IN AN ACCESS POINT

US 20140370852A1
Filed: 08/28/2014
Published: 12/18/2014
Est. Priority Date: 10/15/2009
Status: Active Grant

First Claim

Patent Images

1. An access point device, comprising:

a processor; and

a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising;

receiving first access data from an access management server device via a set of network devices of a network, wherein the first access data defines a first set of devices authorized to access the set of network devices of the network via the access point device;

receiving a request from a device to access the set of network devices via the access point device;

determining that the device is not authorized to access the set of network devices via the access point device based on the first access data;

forwarding a credential of the device to the access point management server device in response to the determining that the device is not authorized;

receiving, from the access point management server device, authorization data indicating that the device is authorized to access the set of network devices via the access point device based on validation of the credential against second access data;

receiving the second access data from the access point management server device, wherein the second access data defines a second set of devices authorized to access the set of network devices via the access point device; and

controlling access to the set of network devices based on the second access data as opposed to the first access data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

System(s) and method(s) are provided to configure access rights to wireless resources and telecommunication service(s) supplied through a set of access points (APs). Access to wireless resources is authorized by access attributes in access control list(s) (ACL(s)) while a profile of service attributes linked to the ACL(s) regulate provision of telecommunication service(s). Access and service attributes can be automatically or dynamically configured, at least in part, in response to changes in data that directly or indirectly affects an operation environment in which the set of APs is deployed. Automatic or dynamic configuration of access or service attributes enable control or coordination of wireless service provided through the set of APs; degree of control or coordination is determined at least in part by enablement or disablement of disparate services for disparate devices at disparate access points at disparate times and with disparate service priority.

34 Citations

View as Search Results

20 Claims

1. An access point device, comprising:
- a processor; and
  
  a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising;
  
  receiving first access data from an access management server device via a set of network devices of a network, wherein the first access data defines a first set of devices authorized to access the set of network devices of the network via the access point device;
  
  receiving a request from a device to access the set of network devices via the access point device;
  
  determining that the device is not authorized to access the set of network devices via the access point device based on the first access data;
  
  forwarding a credential of the device to the access point management server device in response to the determining that the device is not authorized;
  
  receiving, from the access point management server device, authorization data indicating that the device is authorized to access the set of network devices via the access point device based on validation of the credential against second access data;
  
  receiving the second access data from the access point management server device, wherein the second access data defines a second set of devices authorized to access the set of network devices via the access point device; and
  
  controlling access to the set of network devices based on the second access data as opposed to the first access data.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The access point device of claim 1, wherein and the second set of devices comprises the device.
  - 3. The access point device of claim 1, wherein the operations further comprise:
    - receiving third access data from the access point management server device, wherein the third access data defines a third set of devices authorized to access the set of network devices via the access point device; and
      
      controlling access to the set of network devices based on the third access data as opposed to the second access data.
  - 4. The access point device of claim 1, wherein the second access data defines network service parameters for respective devices of the second set of devices.
  - 5. The access point device of claim 4, wherein the network service parameters define levels of service to provide to the respective devices.
  - 6. The access point device of claim 5, wherein at least two of the respective devices are associated with different levels of service.

7. A method, comprising:
- controlling, by an access point device comprising a processor, access to a set of network devices of a network via the access point device based on first access data stored in memory of the access point device, wherein the first access data defines a first set of devices authorized to access the set of network devices via the access point device;
  
  receiving, by the access point device, second access data from an access management server device via the set of network devices, wherein the second access data defines a second set of devices authorized to access the set of network devices via the access point device;
  
  replacing, by the access point device, the first access data with the second access data in the memory in response to the receiving the second access data;
  
  controlling, by the access point device, access to the set of network devices based on the second access data;
  
  validating, by the access point device, a credential of a device requesting establishment of attachment signaling with the access point device based on the second access control data; and
  
  forwarding, by the access point device, the credential of the device to the access point management server device in response to the credential of the device failing the validating.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
- - 8. The method of claim 7, wherein the controlling comprises:
    - denying, by the access point device, access to the set of network devices by a device included in the first set of devices and not included in the second set of devices.
  - 9. The method of claim 7, wherein the controlling comprises:
    - authorizing, by the access point device, access to the set of network devices by a device included in the second set of devices and not included in the first set of devices.
  - 10. The method of claim 7, further comprising:
    - receiving, by the access point device from the access point management server device, validation data representative of an indication of a successful validation of the credential of the mobile device based on third access control data;
      
      updating, by the access point device, the second access control data based on the third access control data to generate updated second access control data in response to receiving the third access control data from the access point management server device; and
      
      controlling, by the access point device, access to the set of network devices based on the updated second access control data.
  - 11. The method of claim 10, wherein the third access control data defines a third set of devices authorized to access the set of network devices via the access point device.
  - 12. The method of claim 7, wherein the second access control data defines network service parameters for respective devices of the second set of devices.
  - 13. The method of claim 12, wherein the network service parameters define levels of service to provide to the respective devices, and wherein at least two of the respective devices are associated with different network service parameters.
  - 14. The method of claim 12, further comprising:
    - providing, by the access point device, a first level of service to a first device of the second set of devices based on the network service parameters; and
      
      providing, by the access point device, a second level of service to a second device of the second set of devices based on the network service parameters.

15. A system, comprising:
- a processor; and
  
  a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising;
  
  determining a change has occurred to first access control data based on information stored in an access information data store, wherein the first access control data defines a first set of devices authorized to access a network device of a network via an access point device;
  
  generating second access control data based on the change, wherein the second access control data defines a second set of devices authorized to access the network device via the access point device; and
  
  transmitting the second access control data to the access point device in association request to replace the first access control data with the second access control data in memory associated with the access point device.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The system of claim 15, wherein the information stored in the access information data store comprises information defining devices authorized to access the network device via the access point and the information is periodically updated.
  - 17. The system of claim 16, wherein the operations further comprise:
    - monitoring the information of the access information data store to identify the change, wherein the determining comprises periodically comparing the first access information to the information in the access information data store.
  - 18. The system of claim 15, wherein the operations further comprise:
    - receiving a notification regarding the change to the first access control data based on an update to the information stored in the access information data store, wherein the determining comprises determining the change has occurred to the first access control data in response to the receiving the notification.
  - 19. The system of claim 15, wherein the operations further comprise:
    - receiving, by the system and from the access point device, a credential of a device and a request to connect to the access point device, wherein the device is not identified in the second access control data;
      
      in response to the request, accessing the access information data store and validating authorization of the device to connect to the access point device based on the credential and the information in the access information data store; and
      
      sending verification data to the access point device that validates the authorization of the device to connect to the access point device.
  - 20. The system of claim 15, wherein the operations further comprise:
    - inferring a modification to the second access control data based on historical data regarding user patterns; and
      
      sending the modification to the second access control data to the access point device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Wohlert, Randolph, Majmundar, Milap

Granted Patent

US 9,509,701 B2
Time in Patent Office

Days
Field of Search
US Class Current

455/411
CPC Class Codes

H04L 63/083   using passwords cryptograph...

H04L 63/0861   using biometrical features,...

H04L 63/101   Access control lists [ACL]

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

H04W 12/082   using revocation of authori...

H04W 48/16   Discovering, processing acc...

H04W 84/045   using private Base Stations...

H04W 88/08   Access point devices

MANAGEMENT OF ACCESS TO SERVICE IN AN ACCESS POINT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

34 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

MANAGEMENT OF ACCESS TO SERVICE IN AN ACCESS POINT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

34 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links