Flexible WLAN access point architecture capable of accommodating different user devices

US 8,272,037 B2
Filed: 03/12/2004
Issued: 09/18/2012
Est. Priority Date: 03/14/2003
Status: Active Grant

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A method for controlling user terminal access to a wireless local area network, comprising the steps of:

receiving from a user terminal a request to access the wireless local area network;

transmitting to the user terminal an identity request message;

receiving from the user terminal a response to the identity request message;

determining whether the user terminal is IEEE 802.1x compliant in response to the response to the identity request message;

selecting an authenticating mechanism utilizing IEEE 802.1x if said user terminal is IEEE 802.1x compliant;

selecting an authentication mechanism, compatible with the user terminal, in response to a determination that the user terminal is not IEEE 802.1x compliant, for allowing user terminal access to the wireless local area network; and

if the user terminal is not IEEE 802.1x compliant, redirecting an authentication request to an HTTP server for utilizing a browser based authentication protocol.

View all claims

3 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

The invention provides an apparatus and a method for improving the control of access by a terminal device in a WLAN environment having an access point for determining whether the device utilizes an IEEE 802.1x protocol by the access point communicating to the device, a packet, whereby if the devices utilizes a IEEE 802.1x protocol the device appropriately responds and otherwise the access point determines that the terminal device protocol does not employ a IEEE 802.1x protocol and selects an authentication mechanism compatible with the terminal device. If the device is not an IEEE 802.1x client, an IP packet filtering is configured to redirect a user HTTP request to a local server, and when the HTTP requests are thereby redirected, the HTTP server presents the terminal device with information specifically related to the browser based authentication.

58 Citations

View as Search Results

20 Claims

1. A method for controlling user terminal access to a wireless local area network, comprising the steps of:
- receiving from a user terminal a request to access the wireless local area network;
  
  transmitting to the user terminal an identity request message;
  
  receiving from the user terminal a response to the identity request message;
  
  determining whether the user terminal is IEEE 802.1x compliant in response to the response to the identity request message;
  
  selecting an authenticating mechanism utilizing IEEE 802.1x if said user terminal is IEEE 802.1x compliant;
  
  selecting an authentication mechanism, compatible with the user terminal, in response to a determination that the user terminal is not IEEE 802.1x compliant, for allowing user terminal access to the wireless local area network; and
  
  if the user terminal is not IEEE 802.1x compliant, redirecting an authentication request to an HTTP server for utilizing a browser based authentication protocol.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method according to claim 1, further comprising the steps of, if the user terminal is IEEE 802.1x compliant, transmitting an authentication request to an authentication server and receiving an authentication response utilizing IEEE 802.1x protocol, and controlling user terminal access to the wireless local area network in response to the authentication response.
  - 3. The method according to claim 1, further comprising the step of configuring a packet filtering module to redirect the authentication request to the HTTP server.
  - 4. The method according to claim 3, further comprising the step of maintaining state information in the wireless local area network for use by the packet filtering module and the HTTP server.
  - 5. The method according to claim 4, wherein the state information includes one of a first state indicative of ongoing authentication process, a second state indicative of authentication failure, a third state indicative of authentication success, and a fourth state indicative of a IEEE 802.1x noncompliant user terminal.

6. An access point in communication with a user terminal in a wireless local area network, comprising:
- means to determine if the user terminal utilizes an IEEE 802.1x protocol;
  
  means for employing the IEEE 802.1x. protocol in said access point, if said user terminal utilizes the IEEE 802.1x. protocol; and
  
  ,means for employing an authentication means compatible with the user terminal if the user terminal employs a protocol other than the IEEE 802.1x protocol;
  
  wherein the means to determine includes means for communicating to the user terminal a Request-Identity extensible authentication protocol packet and if the user terminal utilizes the IEEE 802.1x protocol the access point receives a Response-Identity extensible authentication protocol packet.
- View Dependent Claims (7, 8)
- - 7. The access point in claim 6, further comprises means to configure an internet protocol packet filtering means to redirect the user terminal request to a local server if the user terminal does not utilize said IEEE 802.1x protocol.
  - 8. The access point in claim 6, further comprises means to communicate IEEE 802.1x protocol exchanges and means to establish internet protocol packet filtering through an internet protocol packet filter means and state information to control the user terminal access during and after an IEEE 802.1x based authentication process if the access point detects that the user terminal is IEEE 802.1x protocol compliant.

9. A method for controlling access by a user terminal in a wireless local area network by determining whether the user terminal utilizes an IEEE 802.1x protocol comprising the steps of:
- an access point communicating to the user terminal a request to identify, and if the user terminal utilizes an IEEE 802.1x protocol, acknowledging the request to identify, otherwise the access point determining that the user terminal is not IEEE 802.1x compliant and selecting an authentication mechanism compatible with the user terminal;
  
  wherein the access point determines that the user terminal is not IEEE 802.1x compliant when it does not receive an extensible authentication protocol identity response packet after a timeout value.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The method according to claim 9, further comprising the step of the access point detecting that if the user terminal is not IEEE 802.1x compliant, then configuring an internet protocol packet filter and redirecting a user request to a local server.
  - 11. The method according to claim 9, further comprising the step of the access point transitioning to a state corresponding to browser based authentication protocol if the user terminal is not IEEE 802.1x compliant.
  - 12. The method according to claim 10, further comprising the step of the local server communicating to the user terminal information specifically related to a browser based authentication protocol.
  - 13. The method according to claim 12, further comprising the step of the access point transitioning to a state, if the user terminal utilizes the IEEE 802.1x protocol, that indicates that the user terminal is IEEE 802.1x compliant and thereafter processing all communication utilizing the IEEE 802.1x protocol.
  - 14. The method according to claim 12, further comprising the step of the access point transitioning to a state corresponding to browser based authentication protocol if authentication fails.

15. A method for controlling access of a user terminal in a wireless local area network by determining whether the user terminal utilizes an IEEE 802.1x protocol, comprising the steps of:
- communicating through an access point to the user terminal a request to identify, and if the user terminal utilizes an IEEE 802.1x protocol, acknowledging the request to identify, otherwise determining by the access point that the user terminal is not IEEE 802.1x compliant, selecting an authentication mechanism compatible with the user terminal, detecting in the access point if the user terminal is not IEEE 802.1x compliant, then configuring an internet protocol packet filter means, and redirecting a user request to a local server.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method according to claim 15, further comprising the step of determining in the access point that the user terminal is not IEEE 802.1x compliant if the user terminal does not receive an extensible authentication protocol identity response packet after a preset time.
  - 17. The method according to claim 15, further comprising the step of communicating from the local server to the user terminal, information specifically related to a browser based authentication protocol.
  - 18. The method according to claim 15, further comprising the step of transitioning to a state, in the access point if the user terminal utilizes the IEEE 802.1x protocol, that indicates that the user terminal is IEEE 802.1x compliant and thereafter processing all communication utilizing the IEEE 802.1x protocol.
  - 19. The method according to claim 15, further comprising the step of transitioning to a state in the access point corresponding to browser based authentication protocol if the user terminal is not IEEE 802.1x compliant.
  - 20. The method according to claim 18, further comprising the step of transitioning to the state in the access point corresponding to browser based authentication protocol if authentication fails.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Tranquility IP LLC (IP Edge LLC)
Original Assignee
Thomson Licensing (Vantiva SA)
Inventors
Zhang, Junbiao, Mathur, Saurabh
Primary Examiner(s)
ZIA, SYED

Application Number

US10/549,465
Publication Number

US 20060179475A1
Time in Patent Office

3,112 Days
Field of Search

None
US Class Current

726/3
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/205   involving negotiation or de...

H04L 67/02   based on web technology, e....

H04L 67/04   specially adapted for termi...

H04L 67/303   Terminal profiles

H04L 67/563   Data redirection of data ne...

H04L 69/08   Protocols for interworking;...

H04L 69/18   Multiprotocol handlers, e.g...

H04W 12/062   Pre-authentication

H04W 48/14   using user query or user de...

H04W 80/00   Wireless network protocols ...

H04W 84/12   WLAN [Wireless Local Area N...

H04W 88/10   adapted for operation in mu...

Flexible WLAN access point architecture capable of accommodating different user devices

First Claim

3 Assignments

Litigations

0 Petitions

Accused Products

Abstract

58 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Flexible WLAN access point architecture capable of accommodating different user devices

First Claim

3 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

58 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links