Method of user access authorization in wireless local area network
First Claim
1. A method of user access authorization in a wireless local area network, comprising:
- when a Wireless Local Area Network (WLAN) user terminal is accessing a WLAN operational network,an authentication procedure including authenticating the WLAN user terminal;
an authorization procedure to access the WLAN operational network before a service authorization including;
verifying whether to allow the WLAN user terminal to access the WLAN operational network according to authorization conditions, anddetermining access rules of the WLAN user terminal according to the authorization conditions if the WLAN user terminal is allowed to access the WLAN operational network, wherein the access rules including a limitation rule on the access of the WLAN user terminal to the WLAN operational network, wherein the service authorization determines whether the WLAN terminal user has access to a service;
implementing restriction on the access to the WLAN operational network of the WLAN user terminal according to the access rules;
sending the determined access rules to one or more than one related entity implementing the access rules so as to implement the restriction on the access of the WLAN user terminal;
after the WLAN user terminal sends an access request to the WLAN operational network, the WLAN operational network first performing the legality authentication of the currently accessing WLAN user terminal, if the WLAN user terminal passes the legality authentication, judging whether the WLAN user terminal is allowed to access according to the authorization conditions; and
otherwise, sending the information of the access failure to the WLAN user terminal.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention discloses a method of user access authorization in wireless local area networks. The method comprises: when a Wireless Local Area Network (WLAN) user terminal is accessing a WLAN operational network, the WLAN operational network, while authenticating this WLAN user terminal, judging whether to allow this WLAN user terminal to access according to authorization conditions having an impact on the access of this WLAN user terminal, if yes, the WLAN operational network will determine the access rules of this WLAN user terminal according to the said authorization conditions; otherwise, the WLAN operational network will notify the WLAN user terminal about the failure. By adopting the method of the present invention, different users can be controlled to access the network according to different authorization conditions, and be restricted by different access rules after getting accessed. As a result, the access control capability of a wireless local area network is enhanced and the working efficiency of the network is improved.
-
Citations
24 Claims
-
1. A method of user access authorization in a wireless local area network, comprising:
-
when a Wireless Local Area Network (WLAN) user terminal is accessing a WLAN operational network, an authentication procedure including authenticating the WLAN user terminal; an authorization procedure to access the WLAN operational network before a service authorization including; verifying whether to allow the WLAN user terminal to access the WLAN operational network according to authorization conditions, and determining access rules of the WLAN user terminal according to the authorization conditions if the WLAN user terminal is allowed to access the WLAN operational network, wherein the access rules including a limitation rule on the access of the WLAN user terminal to the WLAN operational network, wherein the service authorization determines whether the WLAN terminal user has access to a service; implementing restriction on the access to the WLAN operational network of the WLAN user terminal according to the access rules; sending the determined access rules to one or more than one related entity implementing the access rules so as to implement the restriction on the access of the WLAN user terminal; after the WLAN user terminal sends an access request to the WLAN operational network, the WLAN operational network first performing the legality authentication of the currently accessing WLAN user terminal, if the WLAN user terminal passes the legality authentication, judging whether the WLAN user terminal is allowed to access according to the authorization conditions; and otherwise, sending the information of the access failure to the WLAN user terminal. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for controlling an access of a subscriber in a wireless local area network, comprising:
-
receiving a request for accessing a wireless local area network(WLAN) operational network from a user terminal; an access authentication procedure in response to the access request, the access authentication procedure comprising authenticating the subscriber of the user terminal; and an access authorization procedure to the WLAN operational network upon the success of the access authentication and before a service authorization, the access authorization procedure comprising; checking whether the subscriber is allowed to access based on an access authorization condition of the user terminal; determining access rules being applied to the subscriber based on the access authorization condition so as to control the access of the user terminal, wherein the access rules include restrictions regarding the access of the subscriber to the WLAN operational network, wherein the service authorization determines whether the WLAN terminal user has access to a service; implementing restriction on the access of the user terminal according to the access rules; sending the determined access rules to one or more than one related entity implementing the access rules so as to implement the restriction on the access of the WLAN user terminal; after the WLAN user terminal sends an access request to the WLAN operational network, the WLAN operational network first performing the legality authentication of the currently accessing WLAN user terminal, if the WLAN user terminal passes the legality authentication, judging whether the WLAN user terminal is allowed to access according to the authorization conditions; and otherwise, sending the information of the access failure to the WLAN user terminal. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A system in a wireless local area network (WLAN) operational network comprising:
-
an access authentication and authorization device capable of communicating with a user terminal and configured to implement a method comprising; when a subscriber of the user terminal is accessing the WLAN operational network, an access authentication procedure for authenticating the subscriber; and an access authorization procedure before a service authorization comprising; verifying whether the subscriber is allowed to access the WLAN operational network according to an access authorization condition of the subscriber, deciding an access policy being applied to the user terminal according to the access authorization condition if the subscriber is allowed to access the WLAN operational network; and implementing restriction on the access to the WLAN operational network of the user terminal according to the access policy, wherein the access policy includes limitation on the access of the subscriber to the WLAN operational network, wherein the access authorization procedure occurs after the success of the access authentication procedure, and wherein the service authorization determines whether the WLAN terminal user has access to a service; sending the determined access rules to one or more than one related entity implementing the access rules so as to implement the restriction on the access of the WLAN user terminal; after the WLAN user terminal sends an access request to the WLAN operational network, the WLAN operational network first performing the legality authentication of the currently accessing WLAN user terminal, if the WLAN user terminal passes the legality authentication, judging whether the WLAN user terminal is allowed to access according to the authorization conditions; and otherwise, sending the information of the access failure to the WLAN user terminal. - View Dependent Claims (18, 19, 20, 21, 22)
-
-
23. A system comprising:
-
a subscriber terminal communicable with a wireless local area network (WLAN) operational network and configured to send a request to the WLAN operational network for accessing the WLAN operational network, wherein the WLAN operational network is configured to perform an access authentication procedure and an access authorization procedure before a service authorization for a subscriber of the subscriber terminal upon receiving the request, and wherein the access authorization procedure includes; checking whether the subscriber is allowed to access the WLAN operational network according to an access authorization condition of the subscriber; deciding access rules applied to the subscriber based on the access authorization condition, wherein the subscriber terminal is further configured to receive a response from the WLAN, and the response includes at least one of an access authentication result and an access authorization result; implement restriction on the access of the subscriber terminal according to the access rules, wherein the service authorization determines whether the WLAN terminal user has access to a service; implement restriction on the access of the user terminal according to the access rules; send the determined access rules to one or more than one related entity implementing the access rules so as to implement the restriction on the access of the WLAN user terminal; after the WLAN user terminal sends an access request to the WLAN operational network, the WLAN operational network first performing the legality authentication of the currently accessing WLAN user terminal, if the WLAN user terminal passes the legality authentication, judge whether the WLAN user terminal is allowed to access according to the authorization conditions; and otherwise, send the information of the access failure to the WLAN user terminal. - View Dependent Claims (24)
-
Specification