System and method for automatic network logon over a wireless network

US 8,266,681 B2
Filed: 08/29/2006
Issued: 09/11/2012
Est. Priority Date: 08/29/2006
Status: Active Grant

First Claim

Patent Images

1. A method for accessing one or more resources in a computer network, the method comprising:

receiving, from a client device connected to the computer network via one or more wireless access points, a first set of authentication data transmitted automatically by the client device to access a first set of network resources, the authentication data comprising machine identification data uniquely identifying the client device;

assigning a first authentication level to the client device, the first authentication level allowing access to a first set of network resources;

providing access to the client device to the first set of network resources based on the first authentication level;

sending one or more programs to the client device based upon the first set of authentication data, at least one program comprising an executable logon script that configures the client device according to the logon script;

receiving a second set of authentication data from the client device after the client device has executed the one or more programs, wherein the second set of authentication data comprises user identification data associated with a user of the client device; and

assigning a second authentication level to the client device, the second authentication level providing access to the second set of network resources, wherein providing access to the client device to the second set of network resources corresponding to the second authentication level, comprises;

if the second set of authentication data is valid, the second authentication level is greater than the first authentication level and the second set of network resources comprises at least one additional resource in addition to the first set of network resources; and

if the second set of authentication data is not valid, such that the user identification data is not recognized, the second authentication level is less than the first authentication level and the second set of network resources comprises a subset of the first set of network resources, the subset comprising at least one resource but less than all resources of the first set of resources.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for providing access to one or more resources in a computer network, establishing a connection between a user and the computer network via at least one wireless access point, generating an authentication level for the user associated with accessing the one or more resources, sending a program to the client device, receiving authentication data from the user, and changing the authorization level of the user based upon the authentication data received from the user.

239 Citations

25 Claims

1. A method for accessing one or more resources in a computer network, the method comprising:
- receiving, from a client device connected to the computer network via one or more wireless access points, a first set of authentication data transmitted automatically by the client device to access a first set of network resources, the authentication data comprising machine identification data uniquely identifying the client device;
  
  assigning a first authentication level to the client device, the first authentication level allowing access to a first set of network resources;
  
  providing access to the client device to the first set of network resources based on the first authentication level;
  
  sending one or more programs to the client device based upon the first set of authentication data, at least one program comprising an executable logon script that configures the client device according to the logon script;
  
  receiving a second set of authentication data from the client device after the client device has executed the one or more programs, wherein the second set of authentication data comprises user identification data associated with a user of the client device; and
  
  assigning a second authentication level to the client device, the second authentication level providing access to the second set of network resources, wherein providing access to the client device to the second set of network resources corresponding to the second authentication level, comprises;
  
  if the second set of authentication data is valid, the second authentication level is greater than the first authentication level and the second set of network resources comprises at least one additional resource in addition to the first set of network resources; and
  
  if the second set of authentication data is not valid, such that the user identification data is not recognized, the second authentication level is less than the first authentication level and the second set of network resources comprises a subset of the first set of network resources, the subset comprising at least one resource but less than all resources of the first set of resources.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein receiving the second set of authentication data from the client device comprises receiving a username and password.
  - 3. The method of claim 1, wherein receiving the second set of authentication data from the client device comprises receiving data stored in a computer readable medium.
  - 4. The method of claim 1, wherein receiving the second set of authentication data from the client device comprises receiving biometric data.
  - 5. The method of claim 1, wherein providing access to a first set of network resources comprises providing access to one or more computer readable media.
  - 6. The method of claim 1, wherein providing access to a first set of network resources comprises providing access to one or more printers.
  - 7. The method of claim 1, wherein receiving a second set of authentication data from the client device comprises receiving a second set of authentication data from the client device in response to a client device executing one or more logon scripts.

8. A computer system, comprising:
- a processor; and
  
  a storage device readable by the computer system, embodying logic executable by the processor, the logic operable when executed on the processor to;
  
  receive, from a client device connected to a network via one or more wireless access points, a first set of authentication data transmitted automatically by the client device to access a first set of network resources, the authentication data comprising machine identification data uniquely identifying the client device;
  
  assign a first authentication level to the client device, the first authentication level allowing access to a first set of network resources;
  
  provide access to the client device to the first set of network resources based on the first authentication level;
  
  send one or more programs to the client device based upon the first set of authentication data, at least one program comprising an executable logon script that configures the client device according to the logon script;
  
  receive a second set of authentication data from the client device after the client device has executed the one or more programs, wherein the second set of authentication data comprises user identification data associated with a user of the client device; and
  
  assign a second authentication level to the client device, the second authentication level providing access to the second set of network resources, wherein providing access to the client device to the second set of network resources corresponding to the second authentication level, comprises;
  
  if the second set of authentication data is valid, the second authentication level is greater than the first authentication level and the second set of network resources comprises at least one additional resource in addition to the first set of network resources; and
  
  if the second set of authentication data is not valid, such that the user identification data is not recognized, the second authentication level is less than the first authentication level and the second set of network resources comprises a subset of the first set of network resources, the subset comprising at least one resource but less than all resources of the first set of resources.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The apparatus of claim 8, wherein the second set of authentication data comprises a username and password.
  - 10. The apparatus of claim 8, wherein the second set of authentication data comprises data stored in a computer readable medium.
  - 11. The apparatus of claim 8, wherein the second set of authentication data comprises biometric data.
  - 12. The apparatus of claim 8, wherein the first set of resources comprises a computer readable medium.
  - 13. The apparatus of claim 8, wherein the first set of resources comprises a printer.
  - 14. The apparatus of claim 8, wherein the second set of resources comprises a computer readable medium.
  - 15. The apparatus of claim 8, wherein the second set of resources comprises a printer.

16. A method for providing access to one or more resources in a computer network, the method comprising:
- receiving, from a client device connected to the computer network via one or more wireless access points, machine identification data uniquely identifying the client device, the machine identification data transmitted automatically by the client device;
  
  generating an authentication level for the client device, the authentication level associated with accessing one or more resources in the computer network;
  
  sending one or more programs to the client device, at least one program comprising an executable logon script that configures the client device according to the logon script;
  
  receiving authentication data from the client device during the connection after the client device has executed the one or more programs, wherein the authentication data comprises user identification data associated with a user of the client device; and
  
  changing the authentication level of the user based upon the authentication data received during the connection, wherein;
  
  if the authentication data is valid, the authentication level is increased and the client device is allowed to access at least one additional resource in addition to the one or more resource in the computer network; and
  
  if the authentication data is not valid, such that the user identification data is not recognized, the authentication level is decreased and the client device is allowed to access at least one resource that is at least one resource less than the one or more resource in the computer network.
- View Dependent Claims (17, 18, 19)
- - 17. The method of claim 16, wherein receiving authentication data comprises receiving a username and password.
  - 18. The method of claim 16, wherein receiving authentication data comprises receiving data scored in a computer readable medium.
  - 19. The method of claim 16, wherein receiving authentication data comprises receiving biometric data.

20. A computer system, comprising:
- a processor; and
  
  a storage device readable by the computer system, embodying logic executable by the processor, the logic operable, when executed by the processor, to;
  
  receive, from a client device connected to a computer network via one or more wireless access points, machine identification data uniquely identifying the client device, the machine identification data transmitted automatically by the client device;
  
  generate an authentication level for the client device, the authentication level associated with accessing one or more resources in the computer network;
  
  send one or more programs to the client device, at least one program comprising an executable logon script that configures the client device according to the logon script;
  
  receive authentication data from the client device during the connection after the client device has executed the one or more programs, wherein the authentication data comprises user identification data associated with a user of the client device; and
  
  change the authentication level of the user based upon the authentication data received during the connection, wherein;
  
  if the authentication data is valid, the authentication level is increased and the client device is allowed to access at least one additional resource in addition to the one or more resource in the computer network; and
  
  if the authentication data is not valid, such that the user identification data is not recognized, the authentication level is decreased and the client device is allowed to access at least one resource that is at least one resource less than the one or more resource in the computer network.
- View Dependent Claims (21, 22, 23, 24, 25)
- - 21. The apparatus of claim 20, wherein the authentication data comprises a username and password.
  - 22. The apparatus of claim 20, wherein the authentication data comprises data stored in a computer readable medium.
  - 23. The apparatus of claim 20, wherein the authentication data comprises biometric data.
  - 24. The apparatus of claim 20, wherein the one or more resources comprise a computer readable medium.
  - 25. The apparatus of claim 20, wherein the one or more resources comprise a printer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Inventors
Deshpande, Sumit B., Gudipudi, Srinivas, Shankar, Rohit, Short, Theodore R., Zhu, Yidong, Swarangi, Muralidhar S., Pore, Ravi R.
Primary Examiner(s)
Shiferaw, Eleni
Assistant Examiner(s)
Branske, Hilary

Application Number

US11/468,209
Publication Number

US 20080060061A1
Time in Patent Office

2,205 Days
Field of Search

726/3, 726/4, 726/5, 726/6, 726/7, 726/8, 726/9, 726/10, 380/255, 380/270, 380/272, 380/273, 713/150, 713/153, 713/155, 713/168, 713/170, 713/182, 713/185, 713/186
US Class Current

726/5
CPC Class Codes

H04L 63/0823   using certificates cryptogr...

H04L 63/083   using passwords cryptograph...

H04L 63/0861   using biometrical features,...

H04L 63/20   for managing network securi...

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 12/50   Secure pairing of devices

H04W 84/04   Large scale networks; Deep ...

System and method for automatic network logon over a wireless network

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

239 Citations

25 Claims

Specification

Use Cases

Quick Links

Others

System and method for automatic network logon over a wireless network

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

239 Citations

25 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others