System and method for controlling network access in wireless environment

US 7,620,997 B2
Filed: 12/22/2003
Issued: 11/17/2009
Est. Priority Date: 12/22/2003
Status: Active Grant

First Claim

Patent Images

1. A service comprising:

determining that a mobile computer has lost connectivity to a first access point of a network;

when the mobile computer roams to a second access point of the network, determining whether the second access point is authorized for first secure communication and if so,releasing access of the computer to first secure data on the network through the second access point, and otherwise releasing access of the computer to data other than the first secure data on the network through the second access point, wherein the mobile computer is authenticated at the first access point, prior to losing connectivity thereto, wherein releasing access to secure data on the network through the second access point comprises releasing access to a set of secure data which differs from the secure data released when the mobile computer is connected to the first access point.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

When an authenticated wireless computer loses connectivity to a wireless access point of a network and roams to another access point, the wireless computer (e.g., a hypervisor in the computer) determines whether the new access point is authorized for secure communication and if so, releases access to secure data on the network through the new access point.

15 Citations

View as Search Results

8 Claims

1. A service comprising:
- determining that a mobile computer has lost connectivity to a first access point of a network;
  
  when the mobile computer roams to a second access point of the network, determining whether the second access point is authorized for first secure communication and if so,releasing access of the computer to first secure data on the network through the second access point, and otherwise releasing access of the computer to data other than the first secure data on the network through the second access point, wherein the mobile computer is authenticated at the first access point, prior to losing connectivity thereto, wherein releasing access to secure data on the network through the second access point comprises releasing access to a set of secure data which differs from the secure data released when the mobile computer is connected to the first access point.
- View Dependent Claims (2, 3, 4)
- - 2. The service of claim 1, wherein the service is undertaken by the mobile computer.
  - 3. The service of claim 2, wherein the service is undertaken by a hypervisor in the mobile computer.
  - 4. The service of claim 1, wherein the service is undertaken by at least one network resource outside the mobile computer.

5. A system including a mobile computer and a network including secure data, comprising:
- means for determining that the mobile computer has lost connectivity to a first access point of the network;
  
  means for determining whether a second access point of the network to which the mobile computer has roamed is authorized for secure communication; and
  
  means for permitting the mobile computer to access secure data on the network through the second access point if the second access point is authorized for secure communication, and otherwise granting access to the computer to data other than the secure data through the second access point, wherein the means are embodied by a hypervisor in the mobile computer.
- View Dependent Claims (6)
- - 6. The system of claim 5, wherein the mobile computer is authenticated at the first access point, prior to losing connectivity thereto.

7. A method comprising:
- establishing communication between a mobile computer and a network through an access point; and
  
  based on at least one of;
  
  a location, or an identification, of the access point, either granting the computer access to secure assets in the network or granting the computer access to other than the secure assets in the network, wherein the act of selectively granting is undertaken by a hypervisor in the mobile computer.
- View Dependent Claims (8)
- - 8. The method of claim 7, wherein the computer is configured to access a first set of network assets when communicating through a first access point and a second set of network assets when communicating through a second access point.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lenovo PC International Limited (Lenovo Group Ltd.)
Original Assignee
Lenovo Singapore Pte Limited (Lenovo Group Ltd.)
Inventors
Ovies, Hernando, Cromer, Daryl Carvis, Locker, Howard Jeffrey, Springfield, Randall Scott, Challener, David Carroll
Primary Examiner(s)
Simitoski; Michael J

Application Number

US10/748,919
Publication Number

US 20050138424A1
Time in Patent Office

2,157 Days
Field of Search

726 3- 4, 726 6- 7, 726/29, 380/247, 380/258, 709/225, 713/166
US Class Current

726/29
CPC Class Codes

H04L 63/08   for authentication of entit...

H04W 12/06   Authentication

H04W 88/08   Access point devices

System and method for controlling network access in wireless environment

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

15 Citations

8 Claims

Specification

Use Cases

Quick Links

Others

System and method for controlling network access in wireless environment

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

8 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others