Method and apparatus for controlling wireless network access privileges based on wireless client location
First Claim
1. A method for controlling access privileges in a wireless network having a plurality of access points based on the location of a wireless client that is connected to the network via radio-frequency signals sent between the wireless client and one of the plurality of access points wherein the one access point interacts with a RADIUS server to obtain access to the network, the method comprising:
- (a) computing, using a location system that is associated with the network and does not involve the wireless client, the location of the wireless client with an RF fingerprinting method from measured properties of radio frequency signals generated by the wireless client and received at a plurality of sensors connected to the network;
(b) receiving information that identifies the wireless client;
(c) generating a set of access privileges based on the location and the identifying information of the wireless client; and
(d) sending the access privileges to the RADIUS server and using the RADIUS server to cause the one access point to apply the access privileges to the wireless client before the wireless client accesses the network via the one access point.
4 Assignments
0 Petitions
Accused Products
Abstract
An access point through which a wireless device attaches to a wireless network determines the access privileges that will be accorded to the device based on a criteria set, such as the ID and physical location of the device requesting network access, the access point through which the device is connected to the network and user credentials. The location of the device is determined by a location determination system using the signal strength of the device signal. The location information and ID information is provided to an access server that uses the criteria set to retrieve access privileges from a privilege database. The retrieved access privileges are then applied to the wireless device by means of the access point and other devices in the wireless network.
137 Citations
30 Claims
-
1. A method for controlling access privileges in a wireless network having a plurality of access points based on the location of a wireless client that is connected to the network via radio-frequency signals sent between the wireless client and one of the plurality of access points wherein the one access point interacts with a RADIUS server to obtain access to the network, the method comprising:
-
(a) computing, using a location system that is associated with the network and does not involve the wireless client, the location of the wireless client with an RF fingerprinting method from measured properties of radio frequency signals generated by the wireless client and received at a plurality of sensors connected to the network; (b) receiving information that identifies the wireless client; (c) generating a set of access privileges based on the location and the identifying information of the wireless client; and (d) sending the access privileges to the RADIUS server and using the RADIUS server to cause the one access point to apply the access privileges to the wireless client before the wireless client accesses the network via the one access point. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. Apparatus for controlling access privileges in a wireless network having a plurality of access points based on the location of a wireless client that is connected to the network via radio-frequency signals sent between the wireless client and one of the plurality of access points wherein the one access point interacts with a RADIUS server to obtain access to the network, the apparatus comprising:
-
a location system that is associated with the network and does not involve the wireless client and computes the location of the wireless client with an RF fingerprinting method from measured properties of radio frequency signals generated by the wireless client and received at a plurality of sensors connected to the network; an access server that receives information that identifies the wireless client; a policy server that generates a set of access privileges based on the location and the identifying information of the wireless client; and a mechanism that comprises means for sending the access privileges to the RADIUS server and means for using the RADIUS server to cause the one access point to apply the access privileges to the wireless client before the wireless client accesses the network via the access point. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. Apparatus for controlling access privileges in a wireless network having a plurality of access points based on the location of a wireless client that is connected to the network via radio-frequency signals sent between the wireless client and one of the plurality of access points wherein the one access point interacts with a RADIUS server to obtain access to the network, the apparatus comprising:
-
means associated with the network and that does not involve the wireless client for computing the location of the wireless client with an RF fingerprinting method from measured properties of radio frequency signals generated by the wireless client and received at a plurality of sensors connected to the network; means for receiving information that identifies the wireless client; means for generating a set of access privileges based on the location and the identifying information of the wireless client; and means for sending the access privileges to the RADIUS server and means for using the RADIUS server to cause the one access point to apply the access privileges to the wireless client before the wireless client accesses the network via the access point.
-
-
30. A computer program product for controlling access privileges in a wireless network having a plurality of access points based on the location of a wireless client that is connected to the network via radio-frequency signals sent between the wireless client and one of the plurality of access points wherein the one access point interacts with a RADIUS server to obtain access to the network, the computer program product comprising a computer usable tangible storage medium having computer readable program code thereon, including:
-
program code operable in a location system that is associated with the network and does not involve the wireless client for computing the location of the wireless client with an RF fingerprinting method from measured properties of radio frequency signals generated by the wireless client and received at a plurality of sensors connected to the network; program code for receiving information that identifies the wireless client; program code for generating a set of access privileges based on the location and the identifying information of the wireless client; and program code for sending the access privileges to the RADIUS server and program code for using the RADIUS server to cause the one access point to apply the access privileges to the wireless client before the wireless client accesses the network via the access point.
-
Specification