Authorization and authentication of user access to a distributed network communication system with roaming feature
First Claim
1. A method for providing access to a network, wherein a plurality of access points operated by a network provider are coupled to the network, the method comprising:
- in response to a request from client software on a client computer operated by a user and communicatively coupled to a first access point of the plurality of access points, automatically transmitting, through the first access point, a HTTP redirect message from a device operated by the network provider and coupled to the network to the client software on the client computer, the HTTP redirect message including an activation response message included in one or more HTML comments of the HTTP redirect message, wherein the activation response message is not displayed by a web browser, wherein the activation response message comprises information that indicates a URL of the network provider usable by the client software on the client computer to communicate a username and a password to the network provider, wherein the URL is associated with a first network address associated with the network provider, wherein the first network address is different from a second network address associated with the client computer;
receiving, from the client software on the client computer, the username and the password at the first network address, wherein the username and the password are usable to authorize access to the network for a user account of a roaming partner, wherein the roaming partner having a relationship with the user account such that the roaming partner is operable to signal the network provider to permit or deny access to the network;
sending the username and the password from the network provider to the roaming partner to determine whether or not the user account is authenticated;
receiving an authentication response from the roaming partner;
if the authentication response from the roaming partner indicates that the user account is authenticated by the roaming partner, the network provider authorizing access to the network for the user account; and
if the authentication response indicates that the user account is not authenticated by the roaming partner, the network provider denying access to the network for the user account.
0 Assignments
0 Petitions
Accused Products
Abstract
A system and method for providing roaming access on a network are disclosed. The network includes a plurality of wireless and/or wired access points. A user may access the network by using client software on a client computer (e.g., a portable computing device) to initiate an access procedure. In response, a network management device operated by a network provider may return an activation response message to the client. The client may send the user'"'"'s username and password to the network provider. The network provider may rely on a roaming partner, another network provider with whom the user subscribes for internet access, for authentication of the user. Industry-standard methods such as RADIUS, CHAP, or EAP may be used for authentication. The providers may exchange pricing and service information and account information for the authentication session. A customer may select a pricing and service option from a list of available options.
-
Citations
29 Claims
-
1. A method for providing access to a network, wherein a plurality of access points operated by a network provider are coupled to the network, the method comprising:
-
in response to a request from client software on a client computer operated by a user and communicatively coupled to a first access point of the plurality of access points, automatically transmitting, through the first access point, a HTTP redirect message from a device operated by the network provider and coupled to the network to the client software on the client computer, the HTTP redirect message including an activation response message included in one or more HTML comments of the HTTP redirect message, wherein the activation response message is not displayed by a web browser, wherein the activation response message comprises information that indicates a URL of the network provider usable by the client software on the client computer to communicate a username and a password to the network provider, wherein the URL is associated with a first network address associated with the network provider, wherein the first network address is different from a second network address associated with the client computer; receiving, from the client software on the client computer, the username and the password at the first network address, wherein the username and the password are usable to authorize access to the network for a user account of a roaming partner, wherein the roaming partner having a relationship with the user account such that the roaming partner is operable to signal the network provider to permit or deny access to the network; sending the username and the password from the network provider to the roaming partner to determine whether or not the user account is authenticated; receiving an authentication response from the roaming partner; if the authentication response from the roaming partner indicates that the user account is authenticated by the roaming partner, the network provider authorizing access to the network for the user account; and if the authentication response indicates that the user account is not authenticated by the roaming partner, the network provider denying access to the network for the user account. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A program product comprising a computer readable memory device including program logic embedded therein, which when executed by a processing system coupled to a plurality of access points, the processing system:
-
automatically transmits, via a first access point of the plurality of access points and in response to a request from client software on a client computer operated by a user and communicatively coupled to the first access point, a HTTP redirect message from a device operated by the network provider and coupled to the network to the client software on the client computer, the HTTP redirect message including an activation response message included in one or more HTML comments of the HTTP redirect message, wherein the activation response message is not displayed by a web browser, wherein the activation response message comprises information that indicates a URL of the network provider usable by the client software on the client computer to communicate a username and a password to the network provider, wherein the URL is associated with a first network address associated with the network provider, wherein the first network address is different from a second network address associated with the client computer; receives, from the client software on the client computer, the username and the password at the first network address, wherein the username and the password are usable to authorize access to the network for a user account of a roaming partner, wherein the roaming partner having a relationship with the user account such that the roaming partner is operable to signal the network provider to permit or deny access to the network; sends the username and the password from the network provider to the roaming partner to determine whether or not the user account is authenticated; receives an authentication response from the roaming partner; if the authentication response from the roaming partner indicates that the user account is authenticated by the roaming partner, the network provider authorizes access to the network for the user account; and if the authentication response indicates that the user account is not authenticated by the roaming partner, the network provider denies access to the network for the user account.
-
-
12. A system operated by a first network provider, comprising:
-
a first network; at least one access point coupled to the first network; a first device coupled to the first network and configured to be coupled to a second network; and a second device coupled to at least one of the first network and the second network; wherein the first device is configured to control access between the first network and the second network; wherein the first device is configured such that the first device; in response to a request from a client computer operated by a user and communicatively coupled to the at least one access point, automatically transmits, through the at least one access point, a HTTP redirect message to the client computer, wherein the activation response message includes information that indicates a URL of the first network provider usable by the client computer to communicate a username and a password to the first network provider, the HTTP redirect message including an activation response message included in one or more HTML comments of the HTTP redirect message, wherein the activation response message is not displayed by a web browser, wherein the URL is associated with a first network address associated with the first network provider, wherein the first network address is different from a second network address associated with the client computer; wherein the second device is configured to communicate using at least the first network address and is configured such that the second device; receives, from the client computer and through the at least one access point, the username and the password at the first network address, wherein the username and the password are usable to authorize access to the second network for a user account of a roaming partner, wherein the roaming partner having a relationship with the user account such that the roaming partner is operable to signal the first network provider to permit or deny access to the second network; sends the username and the password to the roaming partner to determine whether or not the user account is authorized for access to the second network; receives an authentication response from the roaming partner; if the authentication response from the roaming partner indicates that the user account is authenticated by the roaming partner, transmits a message to the first device, wherein the message indicates that the client computer can access the second network, whereby the client computer is permitted access to the second network; and if the authentication response indicates that the user account is not authenticated by the roaming partner, denies the client computer access to the second network. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A computer readable memory device comprising instructions, which when executed on a processing system associated with a first network address, the processing system:
-
transmitting a request to a second network address, wherein the second network address is different from the first network address, wherein the processing system belongs to a subnet of a first network operated by a network provider and the second network address does not belong to the subnet of the first network; receives a HTTP redirect message from a device operated by the network provider and coupled to the first network, the HTTP redirect message including an activation response message contained in one or more HTML comments of the HTTP redirect message, wherein the activation response message is not displayed by a web browser, wherein the activation response message includes information that indicates a URL of the network provider, wherein the URL is associated with a third network address associated with the network provider, wherein the third network address is different from each of the first network address and the second network address; transmits a username and a password to the third network address, wherein the username and password are associated with a user account of a roaming partner having a relationship with the user account such that the roaming partner enables access to third-party networks not operated by the roaming partner to determine whether or not the user account is authorized for access of a second network coupled to the first network; and receives an authorization response from the first network provider, wherein the authorization response includes information indicating whether or not the processing system can access the second network. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29)
-
Specification