LAN that allows non-authenticated external terminal station to access a predetermined device in LAN

US 7,444,511 B2
Filed: 09/26/2001
Issued: 10/28/2008
Est. Priority Date: 10/05/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A LAN system for causing a base station that is inside a LAN to determine whether or not to authenticate a terminal station outside of said LAN and to permit said terminal station to access a predetermined server or network-connected device when said terminal station has not been authenticated,wherein said base station comprises:

an interface portion for making a communication with said terminal station and extracting authentication request information and a reception packet therefrom;

a first authentication managing portion for determining whether or not to authenticate said terminal station for said LAN corresponding to a response from an inner LAN authenticating server responding to said authentication request information received from said interface portion and setting a result of the determination to a first packet distributing table; and

a first packet distributing portion for referencing registered contents of said first packet distributing table for the packet received from said interface portion, transferring the packet received from said interface portion to said LAN when said contents of said first packet distributing table represent that said terminal station has been authenticated for said LAN, and transmitting the packet received from said interface portion to said predetermined server or network-connected device when said contents of said first packet distributing table represent that said terminal station has not been authenticated for said LAN.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The wireless base station determines whether or not each wireless terminal station accessing to the wireless base station is authenticated for the access to the LAN. Thereafter, the wireless base station stores the result of the determination to the packet distributing table. When the wireless base station receives a packet from any wireless terminal station, the wireless base station determines whether or not the wireless terminal station transmitted the packet is authenticated. If the wireless terminal station is authenticated, the packet is transmitted to the LAN. On the other hand, if the wireless terminal station is not authenticated, the packet is transmitted to the server or the gateway.

Citations

10 Claims

1. A LAN system for causing a base station that is inside a LAN to determine whether or not to authenticate a terminal station outside of said LAN and to permit said terminal station to access a predetermined server or network-connected device when said terminal station has not been authenticated,wherein said base station comprises:
- an interface portion for making a communication with said terminal station and extracting authentication request information and a reception packet therefrom;
  
  a first authentication managing portion for determining whether or not to authenticate said terminal station for said LAN corresponding to a response from an inner LAN authenticating server responding to said authentication request information received from said interface portion and setting a result of the determination to a first packet distributing table; and
  
  a first packet distributing portion for referencing registered contents of said first packet distributing table for the packet received from said interface portion, transferring the packet received from said interface portion to said LAN when said contents of said first packet distributing table represent that said terminal station has been authenticated for said LAN, and transmitting the packet received from said interface portion to said predetermined server or network-connected device when said contents of said first packet distributing table represent that said terminal station has not been authenticated for said LAN.
- View Dependent Claims (2, 3, 4)
- - 2. The LAN system as set forth in claim 1,wherein said base station further comprises:
    - a second authentication managing portion;
      
      a second packet distributing portion; and
      
      a second packet distributing table for storing a plurality of destinations,wherein said second authentication managing portion is configured for determining whether or not to authenticate said terminal station corresponding to said authentication request information and setting a result of a concerned determination to said second packet distributing portion when the result of the determination of said first authentication managing portion represents that said terminal station has not been authenticated for said LAN,wherein said first packet distributing portion is configured for transferring the packet received from said terminal station to said second packet distributing portion when said registered contents of said first packet distributing table represent that said terminal station has not been authenticated for said LAN, andwherein said second packet distributing portion is configured for referencing the registered contents of said second packet distributing table for the packet received from said first packet distributing portion and transmitting the packet received from said terminal station to an appropriate server or network-connected device corresponding to a destination to which the packet is distributed.
  - 3. The LAN system as set forth in claim 2,wherein said second authentication managing portion is configured for issuing an authentication request to an inner LAN authenticating server and setting a response to the authentication request to said second packet distributing table.
  - 4. The LAN system as set forth in claim 1,wherein said first authentication managing portion is configured for issuing an authentication request to an inner LAN authenticating server and setting a response to the authentication request to said first packet distributing table.

5. A LAN base station for determining whether or not to authenticate a terminal station outside of a LAN and permitting said terminal station to access a predetermined server or network-connected device when said terminal station has not been authenticated, said LAN base station comprising:
- an interface portion for making a communication with said terminal station and extracting authentication request information and a reception packet therefrom;
  
  a first authentication managing portion for determining whether or not to authenticate said terminal station for said LAN corresponding to a response from an inner LAN authenticating server responding said authentication request information received from said interface portion and setting a result of the determination to a first packet distributing table; and
  
  a first packet distributing portion for referencing registered contents of said first packet distributing table for the packet received from said interface portion, transferring the packet received from said interface portion to said LAN when the contents of said first packet distributing table represent that said terminal station has been authenticated for said LAN, and transmitting the packet received from said terminal station to said predetermined server or network-connected device when the registered contents of said first packet.distributing table represent that said terminal station has not been authenticated for said LAN.
- View Dependent Claims (6, 7, 8)
- - 6. The LAN base station as set forth in claim 5, further comprising:
    - a second authentication managing portion;
      
      a second packet distributing portion; and
      
      a second packet distributing table for storing a plurality of destinations,wherein said second authentication managing portion is configured for determining whether or not to authenticate said terminal station corresponding to said authentication request information and setting a result of a concerned determination to said second packet distributing portion when the result of the determination of said first authentication managing portion represents that said terminal station has not been authenticated for said LAN,wherein said first packet distributing portion is configured for transferring the packet received from said terminal station to said second packet distributing portion when said registered contents of said first packet distributing table represent that said terminal station has not been authenticated for said LAN, andwherein said second packet distributing portion is configured for referencing the registered contents of said second packet distributing table for the packet received from said first packet distributing portion and transmitting the packet received from said terminal station to an appropriate server or network-connected device corresponding to a destination to which the packet is distributed.
  - 7. The LAN base station as set forth in claim 6,wherein said second authentication managing portion is configured for issuing an authentication request to an inner LAN authenticating server and setting response to the authentication request to said second packet distributing table.
  - 8. The LAN base station as set forth in claim 5,wherein said second authentication managing portion is configured for issuing an authentication request to an inner LAN authenticating server and setting response to the authentication request to said first packet distributing table.

9. A method for distributing a packet from a terminal station that accesses a LAN base station from the outside of a LAN, said method comprising the steps of:
- determining whether or not to authenticate said terminal station for said LAN corresponding to a response from an inner LAN authenticating server responding to an authentication request issued from said terminal station;
  
  registering an authentication permission with a first packet distributing table when a result of the determination represents that said terminal station has been authenticated;
  
  registering an authentication refusal with said first packet distributing table when the result of the determination represents that said terminal station has not been authenticated;
  
  sending an authentication permission response to said terminal station after registering said authentication permission or said authentication refusal with said first packet distributing table;
  
  receiving a packet from said terminal station and determining which of said authentication permission and said authentication refusal is registered with said first packet distributing table for said terminal station;
  
  transmitting the packet to said LAN when said authentication permission is registered with said first packet distributing table for said terminal; and
  
  transmitting the packet to a server or network-connected device when said authentication refusal is registered with said first packet distributing table for said terminal.
- View Dependent Claims (10)
- - 10. The packet distributing method as set forth in claim 9,wherein said base station has a second packet distributing table for storing a plurality of destinations to which packets are distributed, andwherein said method further comprises the step of:
    - referencing the registered contents of said second packet distributing table for the packet received from said terminal station and transmitting the packet received from said terminal station to an appropriate server or network-connected device corresponding to a destination corresponding to the registered contents of said second packet distributing table when said authentication refusal is registered with said first packet distributing table for said terminal.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NEC Corporation
Original Assignee
NEC Corporation
Inventors
Morimoto, Shinichi
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
Simitoski; Michael J

Application Number

US09/963,261
Publication Number

US 20020041689A1
Time in Patent Office

2,589 Days
Field of Search

713/168, 713/153, 713/170, 709/225, 709/239, 726/23
US Class Current

713/168
CPC Class Codes

H04L 63/08 for authentication of entit...

H04L 63/101 Access control lists [ACL]

LAN that allows non-authenticated external terminal station to access a predetermined device in LAN

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

LAN that allows non-authenticated external terminal station to access a predetermined device in LAN

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links